Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-11868

Invalid user logins trigger large backtraces in server log

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.8.0, 2.7.1, 3.0.0-alpha1
    • Component/s: None
    • Labels:
      None
    • Hadoop Flags:
      Reviewed

      Description

      WARN sso.CookieValidatorHelpers: Cookie has expired by 25364187 msec
      WARN server.AuthenticationFilter: Authentication exception: Invalid Cookie
      166 org.apache.hadoop.security.authentication.client.AuthenticationException: Invalid Bouncer Cookie
      167     at KerberosAuthenticationHandler.bouncerAuthenticate(KerberosAuthenticationHandler.java:94)
      168     at AuthenticationHandler.authenticate(KerberosAuthenticationHandler.java:82)
      169     at org.apache.hadoop.security.authentication.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:507)
      170     at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1212)
      171     at org.apache.hadoop.yarn.server.timeline.webapp.CrossOriginFilter.doFilter(CrossOriginFilter.java:95)
      172     at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1212)
      173     at org.mortbay.servlet.UserAgentFilter.doFilter(UserAgentFilter.java:78)
      174     at GzipFilter.doFilter(GzipFilter.java:188)
      175     at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1212)
      176     at org.apache.hadoop.http.HttpServer2$QuotingInputFilter.doFilter(HttpServer2.java:1224)
      177     at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1212)
      178     at org.apache.hadoop.http.NoCacheFilter.doFilter(NoCacheFilter.java:45)
      179     at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1212)
      180     at org.apache.hadoop.http.NoCacheFilter.doFilter(NoCacheFilter.java:45)
      181     at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1212)
      182     at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:399)
      183     at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
      184     at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
      185     at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
      186     at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:450)
      187     at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:230)
      188     at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
      189     at org.mortbay.jetty.Server.handle(Server.java:326)
      190     at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
      191     at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:928)
      192     at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:549)
      193     at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
      194     at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
      195     at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:410)
      196     at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
       WARN sso.CookieValidatorHelpers: Cookie has expired by 25373197 msec
      

        Activity

        Hide
        hudson Hudson added a comment -

        FAILURE: Integrated in Hadoop-Mapreduce-trunk #2122 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/2122/)
        HADOOP-11868. Invalid user logins trigger large backtraces in server log. Contributed by Chang Li (jlowe: rev 0ebe84d30af2046775884c9fb1e054da31582657)

        • hadoop-common-project/hadoop-common/CHANGES.txt
        • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
        Show
        hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Mapreduce-trunk #2122 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/2122/ ) HADOOP-11868 . Invalid user logins trigger large backtraces in server log. Contributed by Chang Li (jlowe: rev 0ebe84d30af2046775884c9fb1e054da31582657) hadoop-common-project/hadoop-common/CHANGES.txt hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
        Hide
        hudson Hudson added a comment -

        FAILURE: Integrated in Hadoop-Mapreduce-trunk-Java8 #173 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Java8/173/)
        HADOOP-11868. Invalid user logins trigger large backtraces in server log. Contributed by Chang Li (jlowe: rev 0ebe84d30af2046775884c9fb1e054da31582657)

        • hadoop-common-project/hadoop-common/CHANGES.txt
        • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
        Show
        hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Mapreduce-trunk-Java8 #173 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Java8/173/ ) HADOOP-11868 . Invalid user logins trigger large backtraces in server log. Contributed by Chang Li (jlowe: rev 0ebe84d30af2046775884c9fb1e054da31582657) hadoop-common-project/hadoop-common/CHANGES.txt hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
        Hide
        hudson Hudson added a comment -

        SUCCESS: Integrated in Hadoop-Yarn-trunk #906 (See https://builds.apache.org/job/Hadoop-Yarn-trunk/906/)
        HADOOP-11868. Invalid user logins trigger large backtraces in server log. Contributed by Chang Li (jlowe: rev 0ebe84d30af2046775884c9fb1e054da31582657)

        • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
        • hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        hudson Hudson added a comment - SUCCESS: Integrated in Hadoop-Yarn-trunk #906 (See https://builds.apache.org/job/Hadoop-Yarn-trunk/906/ ) HADOOP-11868 . Invalid user logins trigger large backtraces in server log. Contributed by Chang Li (jlowe: rev 0ebe84d30af2046775884c9fb1e054da31582657) hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        hudson Hudson added a comment -

        FAILURE: Integrated in Hadoop-Yarn-trunk-Java8 #172 (See https://builds.apache.org/job/Hadoop-Yarn-trunk-Java8/172/)
        HADOOP-11868. Invalid user logins trigger large backtraces in server log. Contributed by Chang Li (jlowe: rev 0ebe84d30af2046775884c9fb1e054da31582657)

        • hadoop-common-project/hadoop-common/CHANGES.txt
        • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
        Show
        hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Yarn-trunk-Java8 #172 (See https://builds.apache.org/job/Hadoop-Yarn-trunk-Java8/172/ ) HADOOP-11868 . Invalid user logins trigger large backtraces in server log. Contributed by Chang Li (jlowe: rev 0ebe84d30af2046775884c9fb1e054da31582657) hadoop-common-project/hadoop-common/CHANGES.txt hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
        Hide
        hudson Hudson added a comment -

        FAILURE: Integrated in Hadoop-Hdfs-trunk-Java8 #163 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Java8/163/)
        HADOOP-11868. Invalid user logins trigger large backtraces in server log. Contributed by Chang Li (jlowe: rev 0ebe84d30af2046775884c9fb1e054da31582657)

        • hadoop-common-project/hadoop-common/CHANGES.txt
        • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
        Show
        hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Hdfs-trunk-Java8 #163 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Java8/163/ ) HADOOP-11868 . Invalid user logins trigger large backtraces in server log. Contributed by Chang Li (jlowe: rev 0ebe84d30af2046775884c9fb1e054da31582657) hadoop-common-project/hadoop-common/CHANGES.txt hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
        Hide
        hudson Hudson added a comment -

        FAILURE: Integrated in Hadoop-Hdfs-trunk #2104 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/2104/)
        HADOOP-11868. Invalid user logins trigger large backtraces in server log. Contributed by Chang Li (jlowe: rev 0ebe84d30af2046775884c9fb1e054da31582657)

        • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
        • hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Hdfs-trunk #2104 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/2104/ ) HADOOP-11868 . Invalid user logins trigger large backtraces in server log. Contributed by Chang Li (jlowe: rev 0ebe84d30af2046775884c9fb1e054da31582657) hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        jlowe Jason Lowe added a comment -

        Thanks to Chang for the contribution and to Mit and Jonathan for additional review! I committed this to trunk, branch-2, and branch-2.7.

        Show
        jlowe Jason Lowe added a comment - Thanks to Chang for the contribution and to Mit and Jonathan for additional review! I committed this to trunk, branch-2, and branch-2.7.
        Hide
        hudson Hudson added a comment -

        FAILURE: Integrated in Hadoop-trunk-Commit #7641 (See https://builds.apache.org/job/Hadoop-trunk-Commit/7641/)
        HADOOP-11868. Invalid user logins trigger large backtraces in server log. Contributed by Chang Li (jlowe: rev 0ebe84d30af2046775884c9fb1e054da31582657)

        • hadoop-common-project/hadoop-common/CHANGES.txt
        • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
        Show
        hudson Hudson added a comment - FAILURE: Integrated in Hadoop-trunk-Commit #7641 (See https://builds.apache.org/job/Hadoop-trunk-Commit/7641/ ) HADOOP-11868 . Invalid user logins trigger large backtraces in server log. Contributed by Chang Li (jlowe: rev 0ebe84d30af2046775884c9fb1e054da31582657) hadoop-common-project/hadoop-common/CHANGES.txt hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
        Hide
        hadoopqa Hadoop QA added a comment -



        -1 overall



        Vote Subsystem Runtime Comment
        -1 patch 0m 0s The patch command could not apply the patch during dryrun.



        Subsystem Report/Notes
        Patch URL http://issues.apache.org/jira/secure/attachment/12726911/YARN-3520.patch
        Optional Tests javadoc javac unit findbugs checkstyle
        git revision trunk / 0ebe84d
        Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/6155//console

        This message was automatically generated.

        Show
        hadoopqa Hadoop QA added a comment - -1 overall Vote Subsystem Runtime Comment -1 patch 0m 0s The patch command could not apply the patch during dryrun. Subsystem Report/Notes Patch URL http://issues.apache.org/jira/secure/attachment/12726911/YARN-3520.patch Optional Tests javadoc javac unit findbugs checkstyle git revision trunk / 0ebe84d Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/6155//console This message was automatically generated.
        Hide
        jlowe Jason Lowe added a comment -

        +1, committing this.

        Show
        jlowe Jason Lowe added a comment - +1, committing this.
        Hide
        lichangleo Chang Li added a comment -

        Jason Lowe could you please help do a final review of this patch and help commit it? Thanks

        Show
        lichangleo Chang Li added a comment - Jason Lowe could you please help do a final review of this patch and help commit it? Thanks
        Hide
        jeagles Jonathan Eagles added a comment -

        +1. While this jira is regarding a custom KerberosAuthenticationHandler, I agree with the excessive logging. Failing to login shouldn't cause an exception. Exceptions in the log should be confined to unexpected conditions that are unhandled.

        Show
        jeagles Jonathan Eagles added a comment - +1. While this jira is regarding a custom KerberosAuthenticationHandler, I agree with the excessive logging. Failing to login shouldn't cause an exception. Exceptions in the log should be confined to unexpected conditions that are unhandled.
        Hide
        mitdesai Mit Desai added a comment -

        lgtm +1 (non-binding)

        This change is related to logging so there is no need for tests.

        Show
        mitdesai Mit Desai added a comment - lgtm +1 (non-binding) This change is related to logging so there is no need for tests.
        Hide
        hadoopqa Hadoop QA added a comment -

        -1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12726911/YARN-3520.patch
        against trunk revision 8ddbb8d.

        +1 @author. The patch does not contain any @author tags.

        -1 tests included. The patch doesn't appear to include any new or modified tests.
        Please justify why no new tests are needed for this patch.
        Also please list what manual steps were performed to verify this patch.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 javadoc. There were no new javadoc warning messages.

        +1 eclipse:eclipse. The patch built with eclipse:eclipse.

        +1 findbugs. The patch does not introduce any new Findbugs (version 2.0.3) warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-auth.

        Test results: https://builds.apache.org/job/PreCommit-YARN-Build/7425//testReport/
        Console output: https://builds.apache.org/job/PreCommit-YARN-Build/7425//console

        This message is automatically generated.

        Show
        hadoopqa Hadoop QA added a comment - -1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12726911/YARN-3520.patch against trunk revision 8ddbb8d. +1 @author . The patch does not contain any @author tags. -1 tests included . The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch. +1 javac . The applied patch does not increase the total number of javac compiler warnings. +1 javadoc . There were no new javadoc warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 2.0.3) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-auth. Test results: https://builds.apache.org/job/PreCommit-YARN-Build/7425//testReport/ Console output: https://builds.apache.org/job/PreCommit-YARN-Build/7425//console This message is automatically generated.
        Hide
        lichangleo Chang Li added a comment -

        Mit Desai, Jonathan Eagles, could you please help review this patach. Thanks!

        Show
        lichangleo Chang Li added a comment - Mit Desai , Jonathan Eagles , could you please help review this patach. Thanks!

          People

          • Assignee:
            lichangleo Chang Li
            Reporter:
            lichangleo Chang Li
          • Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development