Uploaded image for project: 'Geode'
  1. Geode
  2. GEODE-3911

Authentication failures produce exception stacktraces in log files.

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Won't Fix
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: pulse, security
    • Labels:

      Description

      When running pulse along with the `SimpleSecurityManager` I notice quite a few authentication failure stacktraces like:

      [warning 2017/10/26 07:14:27.773 PDT locator1 <RMI TCP Connection(9)-10.118.33.247> tid=0x7d] Authentication failed for token submission [org.apache.geode.internal.security.shiro.GeodeAuthenticationToken - cluster,data, rememberMe=false].  Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException).
      org.apache.geode.security.AuthenticationFailedException: invalid username/password
              at org.apache.geode.examples.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:41)
              at org.apache.geode.internal.security.shiro.CustomAuthRealm.doGetAuthenticationInfo(CustomAuthRealm.java:52)
              at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
              at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
              at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
              at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
              at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
              at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
              at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
              at org.apache.geode.internal.security.IntegratedSecurityService.login(IntegratedSecurityService.java:139)
              at org.apache.geode.internal.security.shiro.JMXShiroAuthenticator.authenticate(JMXShiroAuthenticator.java:60)
              at javax.management.remote.rmi.RMIServerImpl.doNewClient(RMIServerImpl.java:232)
              at javax.management.remote.rmi.RMIServerImpl.newClient(RMIServerImpl.java:199)
              at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
              at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
              at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
              at java.lang.reflect.Method.invoke(Method.java:498)
              at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:346)
              at sun.rmi.transport.Transport$1.run(Transport.java:200)
              at sun.rmi.transport.Transport$1.run(Transport.java:197)
              at java.security.AccessController.doPrivileged(Native Method)
              at sun.rmi.transport.Transport.serviceCall(Transport.java:196)
              at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:568)
              at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:826)
              at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.lambda$run$0(TCPTransport.java:683)
              at java.security.AccessController.doPrivileged(Native Method)
              at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:682)
              at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
              at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
              at java.lang.Thread.run(Thread.java:745)
      

      We shouldn't need to dump these out, but just log a message.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              jens.deppe Jens Deppe
            • Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: