You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am using profile configuration and have a profile called "qa-kafka" that contains my credentials and the necessary region where I connect to MSK.
When authenticating Kafka using an OAuth Bearer Token, it creates an instance of IAMOAuthBearerLoginCallbackHandler and then configures it. The MSKCredentialProvider instance is configured correctly:
However, the awsRegionProvider field is unconditionally configured as a DefaultAwsRegionProviderChain instance. As a result, the profile there is default:
I do not have a default profile configured; now my kafka authentication fails with
[INFO ] [AdminClient clientId=<xxx>] Failed authentication with <yyy>.kafka.us-west-2.amazonaws.com/a.b.c.d (channelId=-3) (An error: (java.security.PrivilegedActionException: javax.security.sasl.SaslException: AWS region could not be resolved. [Caused by java.io.IOException: AWS region could not be resolved.]) occurred when evaluating SASL token received from the Kafka Broker. Kafka Client will go to AUTHENTICATION_FAILED state.)
This seems to be a bug. The region provider should use the same profile as the credential provider.
The text was updated successfully, but these errors were encountered:
I am using profile configuration and have a profile called "qa-kafka" that contains my credentials and the necessary region where I connect to MSK.
When authenticating Kafka using an OAuth Bearer Token, it creates an instance of
IAMOAuthBearerLoginCallbackHandlerand then configures it. TheMSKCredentialProviderinstance is configured correctly:However, the
awsRegionProviderfield is unconditionally configured as aDefaultAwsRegionProviderChaininstance. As a result, the profile there isdefault:I do not have a default profile configured; now my kafka authentication fails with
[INFO ] [AdminClient clientId=<xxx>] Failed authentication with <yyy>.kafka.us-west-2.amazonaws.com/a.b.c.d (channelId=-3) (An error: (java.security.PrivilegedActionException: javax.security.sasl.SaslException: AWS region could not be resolved. [Caused by java.io.IOException: AWS region could not be resolved.]) occurred when evaluating SASL token received from the Kafka Broker. Kafka Client will go to AUTHENTICATION_FAILED state.)This seems to be a bug. The region provider should use the same profile as the credential provider.
The text was updated successfully, but these errors were encountered: