Manikumar,
Yeah, that seems bad. Seems like maybe instead of moving to server-side
processing we should make the metadata request limit results to topics the
principal is authorized for? I suspect this is important anyway since
generally it seems we don't want to reveal errors when there's unauthorized
resources, but instead mask that error as something else or not return an
error at all?
-Ewen
On Fri, Jul 8, 2016 at 10:24 AM, Manikumar Reddy <manikumar.re...@gmail.com>
wrote:
> Hi,
>
> consumer.subscribe(Pattern p , ..) method implementation tries to get
> metadata of all the topics.
> This will throw TopicAuthorizationException on internal topics and other
> unauthorized topics.
> We may need to move the pattern matching to sever side.
> Is this know issue?. If not, I will raise JIRA.
>
> logs:
> [2016-07-07 22:48:06,317] WARN Error while fetching metadata with
> correlation id 1 : {__consumer_offsets=TOPIC_AUTHORIZATION_FAILED}
> (org.apache.kafka.clients.NetworkClient)
> [2016-07-07 22:48:06,318] ERROR Unknown error when running consumer:
> (kafka.tools.ConsoleConsumer$)
> org.apache.kafka.common.errors.TopicAuthorizationException: Not authorized
> to access topics: [__consumer_offsets]
>
>
> Thanks,
> Manikumar
>
--
Thanks,
Ewen
