Type of change

• Bugfix

Description

I set up an SASL authentication with the KafkaAuthnHandler. The ApiVersions and SaslHandshake request work just fine. However, the SaslAuthenticate request is sent but not received by netty. After some debugging, I found that the auto-read config is disabled by the KafkaProxyFrontendHandler.

After authentication, kafka client will send an ApiVersions request again that will transition the state from AUTHN_SUCCESS to API_VERSIONS, which I think is inappropriate.

An OpaqueRequestFrame will also be treated as an unexpected message.

    @Override
    public void channelRead(ChannelHandlerContext ctx, Object msg) throws Exception {
        if (msg instanceof BareSaslRequest) {
            handleBareRequest(ctx, (BareSaslRequest) msg);
        }
        else if (msg instanceof DecodedRequestFrame) {
            handleFramedRequest(ctx, (DecodedRequestFrame<?>) msg);
        }
        else {
            throw new IllegalStateException("Unexpected message " + msg.getClass());
        }
    }

Additional Context

Set up custom SASL mechanisms with the KafkaAuthnHandler.

Checklist

• Write tests
• Make sure all tests pass
• Review performance test results. Ensure that any degradations to performance numbers are understood and justified.
• Make sure all Sonar-Lint warnings are addressed or are justifiably ignored.
• Update documentation
• Reference relevant issue(s) and close them after merging
• For user facing changes, update CHANGELOG.md (remember to include changes affecting the API of the test artefacts too).