[
https://issues.apache.org/jira/browse/KAFKA-10615?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Gérald Quintana updated KAFKA-10615:
------------------------------------
Summary: Plain authentication failure log detail (was: Authentication
failure log detail)
> Plain authentication failure log detail
> ---------------------------------------
>
> Key: KAFKA-10615
> URL: https://issues.apache.org/jira/browse/KAFKA-10615
> Project: Kafka
> Issue Type: Improvement
> Components: security
> Affects Versions: 2.4.1
> Reporter: Gérald Quintana
> Priority: Major
>
> When using the PlainLoginModule and a client application is providing a wrong
> password, you get endless error logs telling:
> {code:java}
> [2020-10-15 07:00:05,263] INFO [SocketServer brokerId=4] Failed
> authentication with myhost.mycompany.fr/192.168.35.194 (Authentication
> failed: Invalid username or password)
> (org.apache.kafka.common.network.Selector)
> [2020-10-15 07:00:06,400] INFO [SocketServer brokerId=4] Failed
> authentication with myhost.mycompany.fr/192.168.35.194 (Authentication
> failed: Invalid username or password)
> (org.apache.kafka.common.network.Selector){code}
>
> When this client is running in Kubernetes the hostname and IP have no meaning
> because they represent the Kubernetes host. So it's very hard for us to find
> the misconfigured application.
> I'd like to have the username in the error message so as to make it easier to
> find the source of the error.
> From a security a point view it may be interesting to know that a given user
> is used to brute force a password or may have been pawned.
> I seems easy to do it in
> [https://github.com/apache/kafka/blob/trunk/clients/src/main/java/org/apache/kafka/common/security/plain/internals/PlainSaslServer.java#L107]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
