Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-10629

security diagnostics info being dropped in exceptions seen by client

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Cannot Reproduce
    • Affects Version/s: 2.4.0
    • Fix Version/s: 2.7.0
    • Component/s: ipc
    • Labels:
      None

      Description

      When there are some security problems, not all the info goes back to the client, which sees

      Caused by: org.apache.hadoop.ipc.RemoteException: GSS initiate failed
      	at org.apache.hadoop.security.SaslRpcClient.saslConnect(SaslRpcClient.java:373) ~[hadoop-common-2.4.0.jar:na]
      

      It's only server-side the diagnostics surface, here some javax crypto issues

      2014-05-24 14:17:34,314 INFO org.apache.hadoop.ipc.Server: Socket Reader #1 for port 9090: readAndProcess from client 192.168.1.86 threw exception [javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: Failure unspecified at GSS-API level (Mechanism level: Encryption type AES256 CTS mode with HMAC SHA1-96 is not supported/enabled)]]
      

      -the inner exception text isn't making it back to the client...

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              stevel@apache.org Steve Loughran
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: