[jira] [Commented] (ZOOKEEPER-1543) Bad sessionId/password combo should return auth failure

["Leader Ni (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-1543?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13447267#comment-13447267 ] 

Leader Ni commented on ZOOKEEPER-1543:
--------------------------------------

You mean zookeeper need to differentiate AUTH_FAILURE from SESSION_EXPIRED？
We know, zookeeper will have two password, one is in client connection, and another is is digest auth check.
The first password may the thing you said. You know, usually, we will not change this password. So, What's the meanning of telling client the AUTH_FAILURE.
And the second password---the password in digest, i'm sure server will tell client the auth_failure.
                
> Bad sessionId/password combo should return auth failure
> -------------------------------------------------------
>
>                 Key: ZOOKEEPER-1543
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1543
>             Project: ZooKeeper
>          Issue Type: Improvement
>          Components: server
>    Affects Versions: 3.4.3, 3.3.6, 3.5.0
>         Environment: All
>            Reporter: Ben Bangert
>
> When connecting to a server with a valid session id, but invalid password, Zookeeper disconnects with a SESSION_EXPIRED error. This is blatantly false, its actually the wrong password. Returning a SESSION_EXPIRED in this case is also not documented anywhere.
> This makes debugging this issue an absolute nightmare, since the server has already lead you down the wrong track (trying to figure out why the session is expired, but it isn't).
> There's already an AUTH_FAILURE error, why not return that?

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira