Anatoly created KAFKA-18744:
-------------------------------
Summary: When I add sasl.login.callback.handler.class it is used
for initial login but not used when ticket is about to expire
Key: KAFKA-18744
URL: https://issues.apache.org/jira/browse/KAFKA-18744
Project: Kafka
Issue Type: Bug
Components: clients
Affects Versions: 3.8.1
Reporter: Anatoly
I want to use kerberos login/password to authenticate in my kafka cluster.
I created following CallbackHandler
{code:java}
public class LoginCallbackHandler implements AuthenticateCallbackHandler {
private char[] password;
@Override
public void handle(Callback[] callbacks) {
for (Callback callback : callbacks) {
if (callback instanceof PasswordCallback pc) {
pc.setPassword(password);
break;
}
}
}
}{code}
and added it via "sasl.login.callback.handler.class" property. My process now
can authenticates in kafka and sends/receives messages while initial login
ticket is valid. When it expires kafka client is not able to re-login to
kerberos because the LoginCallbackHandler is not used on re-login.
I created pr that can fix it https://github.com/apache/kafka/pull/18589
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
