[ZOOKEEPER-1510] Should not log SASL errors for non-secure usage - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: 3.4.3
Fix Version/s: 3.4.4, 3.5.0
Component/s: java client
Labels:
None

Hadoop Flags:

Reviewed

Description

Since SASL support was added, all connections with non-secure clients have started logging messages like:

2012-07-01 02:13:34,986 WARN org.apache.zookeeper.client.ZooKeeperSaslClient: SecurityException: java.lang.SecurityException: Unable to locate a login configuration occurred when trying to find JAAS configuration.
2012-07-01 02:13:34,986 INFO org.apache.zookeeper.client.ZooKeeperSaslClient: Client will not SASL-authenticate because the default JAAS configuration section 'Client' could not be found. If you are not using SASL, you may ignore this. On the other hand, if you expected SASL to work, please fix your JAAS configuration.

Despite the "you may ignore this" qualifier, I've seen a lot of users confused by this message. Instead, it would be better to either log at DEBUG level, or piggy back the SASL information onto the "Opening socket connection" message (eg "Opening socket connection to X:2181. Will not use SASL because no configuration was located.")

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

zookeeper-1510.txt
16/Jul/12 20:02
4 kB
Todd Lipcon
zookeeper-1510.txt
01/Aug/12 18:59
4 kB
Patrick D. Hunt

Issue Links

is related to

ZOOKEEPER-1512 Reduce log level of missing ZookeeperSaslClient Security Exception

Open

ZOOKEEPER-1623 Authentication using SASL

Open

Activity

People

Assignee:: Todd Lipcon

Reporter:: Todd Lipcon

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 16/Jul/12 19:45

Updated:: 25/Sep/13 16:00

Resolved:: 01/Aug/12 21:41