epted, can I contribute to the code as well?
Best regards
Pawel
On 9 March 2017 at 08:27, Paweł Tomasik wrote:
> Hi
> I've found a security issue in the kafka SASL implementation.
> It seems that ticket refreshments are not necessary to keep
> client-broker connection up.
>
following JIRA:
>
> https://issues.apache.org/jira/browse/KAFKA-3866
>
> Maybe you can check if it solves the issue you identified? If not, feel
> free to add a comment to that JIRA.
>
> Thanks,
> Ismael
>
> On Thu, Mar 9, 2017 at 7:27 AM, Paweł Tomasik wrote:
>
>
Hi
I've found a security issue in the kafka SASL implementation.
It seems that ticket refreshments are not necessary to keep
client-broker connection up.
Test scenario:
Client sucessfully connects to the broker using SASL_SSL security
protocol. Kerberos server is provided by Windows Server 2012 an
