Gábor Nagy created KAFKA-14135:
----------------------------------
Summary: KafkaConfig value sasl.server.callback.handler.class is
set to null even when custom class is used
Key: KAFKA-14135
URL: https://issues.apache.org/jira/browse/KAFKA-14135
Project: Kafka
Issue Type: Bug
Components: config, security
Affects Versions: 3.2.0
Reporter: Gábor Nagy
Attachments: KafkaConfigPrintoutPartial.png,
ServerPropertiesPartial.png
As mentioned in the summary, the value `sasl.server.callback.handler.class` is
set to `null` in the terminal printout of the KafkaConfig object, even though a
custom handler class has been configured, and has been confirmed to be used by
Kafka (by testing the callback's behavior).
This issue can (has) lead to hours of unnecessary debugging, as well as
potential security issues, since not knowing if you brokers are using, for
example, the insecure SASL/OAUTHBEARER default handler bundled with Kafka, or
some custom implementation, can lead to security breaches.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
