Hi, with a producer config like:
bootstrap.servers=example.servicebus.windows.net:9093
security.protocol=SASL_SSL
sasl.mechanism=SCRAM-SHA-256
sasl.jaas.config=org.apache.kafka.common.security.scram.ScramLoginModule required username="$ConnectionString" password="Endpoint=sb://example.servicebus.windows.net/;SharedAccessKeyName=RootManageSharedAccessKey;SharedAccessKey=hahagoodluck=";
I'm unable to connect to Event Hub. But with PLAIN, I can. This works:
bootstrap.servers=example.servicebus.windows.net:9093
security.protocol=SASL_SSL
sasl.mechanism=PLAIN
sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required username="$ConnectionString" password="Endpoint=sb://example.servicebus.windows.net/;SharedAccessKeyName=RootManageSharedAccessKey;SharedAccessKey=hahagoodluck=";
Unfortunately PLAIN auth is not allowed here.
When trying to use SCRAM I get an "EOF" error.
2025-08-08 09:05:38 DEBUG SaslClientAuthenticator:351 - Set SASL client state to RECEIVE_HANDSHAKE_RESPONSE
2025-08-08 09:05:38 DEBUG Selector:607 - [Producer clientId=KafkaExampleProducer] Connection with example.servicebus.windows.net/20.72.245.61 disconnected
java.io.EOFException: EOF during read
at org.apache.kafka.common.network.SslTransportLayer.read(SslTransportLayer.java:581)
at org.apache.kafka.common.network.NetworkReceive.readFrom(NetworkReceive.java:94)
at org.apache.kafka.common.security.authenticator.SaslClientAuthenticator.receiveResponseOrToken(SaslClientAuthenticator.java:412)
at org.apache.kafka.common.security.authenticator.SaslClientAuthenticator.receiveKafkaResponse(SaslClientAuthenticator.java:502)
at org.apache.kafka.common.security.authenticator.SaslClientAuthenticator.authenticate(SaslClientAuthenticator.java:223)
at org.apache.kafka.common.network.KafkaChannel.prepare(KafkaChannel.java:173)
at org.apache.kafka.common.network.Selector.pollSelectionKeys(Selector.java:547)
at org.apache.kafka.common.network.Selector.poll(Selector.java:483)
at org.apache.kafka.clients.NetworkClient.poll(NetworkClient.java:539)
at org.apache.kafka.clients.producer.internals.Sender.runOnce(Sender.java:331)
at org.apache.kafka.clients.producer.internals.Sender.run(Sender.java:238)
at java.base/java.lang.Thread.run(Thread.java:840)
2025-08-08 09:05:38 DEBUG NetworkClient:882 - [Producer clientId=KafkaExampleProducer] Node -1 disconnected.
2025-08-08 09:05:38 WARN NetworkClient:741 - [Producer clientId=KafkaExampleProducer] Connection to node -1 (example.servicebus.windows.net/20.82.245.61:9093) terminated during authentication. This may happen due to any of the following reasons: (1) Authentication failed due to invalid credentials with brokers older than 1.0.0, (2) Firewall blocking Kafka TLS traffic (eg it may only allow HTTPS traffic), (3) Transient network issue.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 41%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 50%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVR%3C/text%3E%3C/svg%3E)