Hadoop Common
  1. Hadoop Common
  2. HADOOP-6589

Better error messages for RPC clients when authentication fails

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.21.0
    • Component/s: ipc, security
    • Labels:
      None
    • Hadoop Flags:
      Reviewed

      Description

      Currently when authentication fails, RPC server simply closes the connection. Sending certain error messages back to the client may help user debug the problem. Of course, those error messages that are sent back shouldn't compromise system security.

      1. c6589-06.patch
        19 kB
        Kan Zhang
      2. c6589-y20.patch
        20 kB
        Owen O'Malley

        Issue Links

          Activity

          Transition Time In Source Status Execution Times Last Executer Last Execution Date
          Open Open Patch Available Patch Available
          4d 3h 32m 1 Kan Zhang 26/Feb/10 23:25
          Patch Available Patch Available Resolved Resolved
          6h 52m 1 Owen O'Malley 27/Feb/10 06:17
          Resolved Resolved Closed Closed
          178d 14h 24m 1 Tom White 24/Aug/10 20:42
          Tom White made changes -
          Status Resolved [ 5 ] Closed [ 6 ]
          Tom White made changes -
          Fix Version/s 0.21.0 [ 12313563 ]
          Fix Version/s 0.22.0 [ 12314296 ]
          Hide
          Hudson added a comment -

          Integrated in Hadoop-Common-trunk-Commit #193 (See http://hudson.zones.apache.org/hudson/job/Hadoop-Common-trunk-Commit/193/)
          . Provide better error messages when RPC authentication fails.
          (Kan Zhang via omalley)

          Show
          Hudson added a comment - Integrated in Hadoop-Common-trunk-Commit #193 (See http://hudson.zones.apache.org/hudson/job/Hadoop-Common-trunk-Commit/193/ ) . Provide better error messages when RPC authentication fails. (Kan Zhang via omalley)
          Hide
          Hudson added a comment -

          Integrated in Hadoop-Common-trunk #262 (See http://hudson.zones.apache.org/hudson/job/Hadoop-Common-trunk/262/)
          . Provide better error messages when RPC authentication fails.
          (Kan Zhang via omalley)

          Show
          Hudson added a comment - Integrated in Hadoop-Common-trunk #262 (See http://hudson.zones.apache.org/hudson/job/Hadoop-Common-trunk/262/ ) . Provide better error messages when RPC authentication fails. (Kan Zhang via omalley)
          Owen O'Malley made changes -
          Attachment c6589-y20.patch [ 12437321 ]
          Hide
          Owen O'Malley added a comment -

          Here is the patch for Yahoo 0.20s branch.

          Show
          Owen O'Malley added a comment - Here is the patch for Yahoo 0.20s branch.
          Owen O'Malley made changes -
          Status Patch Available [ 10002 ] Resolved [ 5 ]
          Hadoop Flags [Reviewed]
          Fix Version/s 0.22.0 [ 12314296 ]
          Resolution Fixed [ 1 ]
          Hide
          Owen O'Malley added a comment -

          I just committed this. Thanks, Kan!

          Show
          Owen O'Malley added a comment - I just committed this. Thanks, Kan!
          Hide
          Hadoop QA added a comment -

          +1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12437275/c6589-06.patch
          against trunk revision 916779.

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 6 new or modified tests.

          +1 javadoc. The javadoc tool did not generate any warning messages.

          +1 javac. The applied patch does not increase the total number of javac compiler warnings.

          +1 findbugs. The patch does not introduce any new Findbugs warnings.

          +1 release audit. The applied patch does not increase the total number of release audit warnings.

          +1 core tests. The patch passed core unit tests.

          +1 contrib tests. The patch passed contrib unit tests.

          Test results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/397/testReport/
          Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/397/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
          Checkstyle results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/397/artifact/trunk/build/test/checkstyle-errors.html
          Console output: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/397/console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - +1 overall. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12437275/c6589-06.patch against trunk revision 916779. +1 @author. The patch does not contain any @author tags. +1 tests included. The patch appears to include 6 new or modified tests. +1 javadoc. The javadoc tool did not generate any warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. +1 findbugs. The patch does not introduce any new Findbugs warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. +1 core tests. The patch passed core unit tests. +1 contrib tests. The patch passed contrib unit tests. Test results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/397/testReport/ Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/397/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html Checkstyle results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/397/artifact/trunk/build/test/checkstyle-errors.html Console output: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/397/console This message is automatically generated.
          Kan Zhang made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Kan Zhang made changes -
          Attachment c6589-06.patch [ 12437275 ]
          Hide
          Kan Zhang added a comment -

          this patch introduced a mechanism for RPC server to send status, exception class and error message to RPC client during the SASL authentication process.

          Show
          Kan Zhang added a comment - this patch introduced a mechanism for RPC server to send status, exception class and error message to RPC client during the SASL authentication process.
          Kan Zhang made changes -
          Link This issue is related to HADOOP-6419 [ HADOOP-6419 ]
          Kan Zhang made changes -
          Link This issue is related to HADOOP-4487 [ HADOOP-4487 ]
          Kan Zhang made changes -
          Field Original Value New Value
          Component/s ipc [ 12310688 ]
          Component/s security [ 12312526 ]
          Kan Zhang created issue -

            People

            • Assignee:
              Kan Zhang
              Reporter:
              Kan Zhang
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development