Stefan Bejan created KAFKA-10717:
------------------------------------
Summary: ACL authorization log when consumer requires all topics
Key: KAFKA-10717
URL: https://issues.apache.org/jira/browse/KAFKA-10717
Project: Kafka
Issue Type: Improvement
Components: log
Affects Versions: 2.5.1
Environment: kafka 2.5.1
.net confluent consumer (nuget 1.5.2)
Reporter: Stefan Bejan
When a consumer requires metadata (describe) on all the topics - for example on
startup, it receives information about the topics it has access to, in
accordance with its ACL permissions, as expected.
However, the kafka broker logs that the user is not authorized to describe all
the other topics. If there is a large number of topics in the system and one
particular user has describe access to a small subset, a lot of entries are
inserted in {{kafka-authorizer.log}} file. Moreover, this happens for each
consumer, each time they refresh the metadata (by default, each 5 minutes).
This issue has been reproduced using Confluent .NET consumer
([https://github.com/confluentinc/confluent-kafka-dotnet/issues/1457]) and
using a client connection from Kafka Tool 2.0.8.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
