[
https://issues.apache.org/jira/browse/KAFKA-18440?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17912414#comment-17912414
]
Chia-Ping Tsai commented on KAFKA-18440:
----------------------------------------
[~dajac] Should we ship this PR to 4.0.0? This is a (small) bug fix. The case
of using controller as bootstrap without permission is rare so this bug is not
critical. Hence, I think it is fine to delay it until 4.0.1
> Admin does not convert the AuthorizationException to fatal error in using
> bootstrap controllers
> -----------------------------------------------------------------------------------------------
>
> Key: KAFKA-18440
> URL: https://issues.apache.org/jira/browse/KAFKA-18440
> Project: Kafka
> Issue Type: Bug
> Reporter: Chia-Ping Tsai
> Assignee: PoAn Yang
> Priority: Blocker
> Fix For: 4.0.0, 3.9.1, 3.8.2
>
>
> Admin use DescribeClusterRequest to build metadata when using bootstrap
> controllers, and controller APIs may return ClusterAuthorizationException
> when users have no "ALTER" permission (see
> https://github.com/apache/kafka/pull/14306#discussion_r1312367762).
> However, admin does not convert the authorized exception to fatal exception
> (https://github.com/apache/kafka/blob/trunk/clients/src/main/java/org/apache/kafka/clients/admin/internals/AdminMetadataManager.java#L276),
> so it keeps sending the request to controller until timeout.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
