[KAFKA-13241] Name resolution should be disabled during SASL authentication - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Minor
Resolution: Unresolved
Affects Version/s: 2.8.0
Fix Version/s: None
Component/s: network
Labels:
None
Environment:
Redhat linux

Language:
- Java

Description

 LoginManager loginManager = loginManagers.get(clientSaslMechanism);
                authenticatorCreator = () -> buildClientAuthenticator(configs,
                        saslCallbackHandlers.get(clientSaslMechanism),
                        id,
                        socket.getInetAddress().getHostName(),
                        loginManager.serviceName(),
                        transportLayer,
                        subjects.get(clientSaslMechanism));

When using SASL authentication, kafka will always try to do hostname resolution when build client authenticator, this is unnecessary, if we use ip to connect to kafka server, and didn't config kafka server hostname resolution, kafka client will suck here for about 10s, and then timeout with java.net.UnknownHostException but client can auth success anyway.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: AndrewDi

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 27/Aug/21 10:05

Updated:: 27/Aug/21 10:05

Time Tracking

Estimated:

Remaining:

Logged:

Not Specified