Behavioral Changes in Apache Kafka

Learn about the change in certain functionality of Kafka that has resulted in a change in behavior from the previously released version to this version of Cloudera Runtime.

Summary:

The javax.security.auth.useSubjectCredsOnly JVM property is set to true by default. As a result, connectors are required to use their own credentials. This default change is true for newly provisioned clusters. On upgraded clusters, useSubjectCredsOnly remains set to false to ensure backwards compatibility.

Previous behavior:

The javax.security.auth.useSubjectCredsOnly JVM property was set to false

New behavior:

The javax.security.auth.useSubjectCredsOnly JVM property is set to true by default. As a result, connectors are required to use their own credentials. If you are migrating connectors from a cluster running a previous version of Runtime to a new cluster running 7.2.18 or later, you must ensure that credentials are added to the connector configuration when migrated. Otherwise, migrated connectors may not work on the new cluster.