[
https://issues.apache.org/jira/browse/KAFKA-8530?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jason Gustafson resolved KAFKA-8530.
------------------------------------
Resolution: Fixed
Fix Version/s: 2.4.0
> Consumer should handle authorization errors in OffsetFetch
> ----------------------------------------------------------
>
> Key: KAFKA-8530
> URL: https://issues.apache.org/jira/browse/KAFKA-8530
> Project: Kafka
> Issue Type: Bug
> Components: consumer
> Reporter: Jason Gustafson
> Assignee: Jason Gustafson
> Priority: Major
> Fix For: 2.4.0
>
>
> Found this in a test failure:
> {code:java}
> 10:40:43 kafka.api.PlaintextEndToEndAuthorizationTest >
> testNoConsumeWithoutDescribeAclViaSubscribe FAILED
> 10:40:43 java.lang.Exception: Unexpected exception,
> expected<org.apache.kafka.common.errors.TopicAuthorizationException> but
> was<org.apache.kafka.common.KafkaException>
> 10:40:43
> 10:40:43 Caused by:
> 10:40:43 org.apache.kafka.common.KafkaException: Unexpected error in fetch
> offset response for partition e2etopic-0: Not authorized to access topics:
> [Topic authorization failed.]{code}
> The problem is that we are not checking for authorization errors in the
> offset fetch response. Rather than throwing {{TopicAuthorizationException}},
> we currently raise a plain {{KafkaException}}. The test case works most of
> the time because we usually see the authorization error when the first
> Metadata request is sent. It's unclear why that didn't happen here. Possibly
> there is a race condition setting the initial ACLs.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
