Uploaded image for project: 'Flink'
  1. Flink
  2. FLINK-10075

HTTP connections to a secured REST endpoint flood the log

    Details

      Description

      When connecting with a browser (or other client tool) to a secured REST endpoint, the decoder throws many exceptions indicating that the received data is not an SSL record.
      This massively floods the log, drowning out everything else (see below).

      Proposed Solution

      If a NotSslRecordException is caught, Netty should send a response HTTP 301 with a new location of https://host:port/

      The response would need to bypass the SSL handler because it must come in plain text.

      Fallback Solution

      If the proper solution cannot work, we should reduce the log level for that particular exception to TRACE.

      Sample Log Output

      Log message that is written per each request (there are many per web UI page)

      2018-08-06 19:07:57,734 WARN  org.apache.flink.runtime.dispatcher.DispatcherRestEndpoint    - Unhandled exception
      org.apache.flink.shaded.netty4.io.netty.handler.codec.DecoderException: org.apache.flink.shaded.netty4.io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record: 474554
      202f7061727469616c732f6f766572766965772e68746d6c20485454502f312e310d0a486f73743a206c6f63616c686f73743a383038310d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a4163636570743a
      20746578742f68746d6c0d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b6520
      4765636b6f29204368726f6d652f34372e302e323532362e313131205361666172692f3533372e33360d0a526566657265723a20687474703a2f2f6c6f63616c686f73743a383038312f0d0a4163636570742d456e636f64
      696e673a20677a69702c206465666c6174652c20736463680d0a4163636570742d4c616e67756167653a20656e2d55532c656e3b713d302e382c64653b713d302e360d0a49662d4d6f6469666965642d53696e63653a204d
      6f6e2c2030362041756720323031382031353a34343a313720474d540d0a0d0a
              at org.apache.flink.shaded.netty4.io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:459)
              at org.apache.flink.shaded.netty4.io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:265)
              at org.apache.flink.shaded.netty4.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362)
              at org.apache.flink.shaded.netty4.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348)
              at org.apache.flink.shaded.netty4.io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:340)
              at org.apache.flink.shaded.netty4.io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1434)
              at org.apache.flink.shaded.netty4.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362)
              at org.apache.flink.shaded.netty4.io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348)
              at org.apache.flink.shaded.netty4.io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:965)
              at org.apache.flink.shaded.netty4.io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:163)
              at org.apache.flink.shaded.netty4.io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:645)
              at org.apache.flink.shaded.netty4.io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:580)
              at org.apache.flink.shaded.netty4.io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:497)
              at org.apache.flink.shaded.netty4.io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:459)
              at org.apache.flink.shaded.netty4.io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:884)
              at org.apache.flink.shaded.netty4.io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
              at java.lang.Thread.run(Thread.java:745)
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                azagrebin Andrey Zagrebin
                Reporter:
                StephanEwen Stephan Ewen
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: