You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Steve Loughran (JIRA)" <ji...@apache.org> on 2015/11/19 17:10:12 UTC
[jira] [Resolved] (HADOOP-10629) security diagnostics info being
dropped in exceptions seen by client
[ https://issues.apache.org/jira/browse/HADOOP-10629?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Steve Loughran resolved HADOOP-10629.
-------------------------------------
Resolution: Cannot Reproduce
Fix Version/s: 2.7.0
Given the logs I am staring at do have the GSS Exception text, I can conclude that everything is now being logged. Consider it fixed at some point in the past.
{code}[2015-11-19 15:55:28,003] [main] WARN ipc.Client - Exception encountered while connecting to the server : javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)]
[2015-11-19 15:55:58,014] [main] WARN ipc.Client - Exception encountered while connecting to the server : javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)]
[2015-11-19 15:56:28,024] [main] WARN ipc.Client - Exception encountered while connecting to the server : javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)]
{code}
> security diagnostics info being dropped in exceptions seen by client
> --------------------------------------------------------------------
>
> Key: HADOOP-10629
> URL: https://issues.apache.org/jira/browse/HADOOP-10629
> Project: Hadoop Common
> Issue Type: Improvement
> Components: ipc
> Affects Versions: 2.4.0
> Reporter: Steve Loughran
> Fix For: 2.7.0
>
>
> When there are some security problems, not all the info goes back to the client, which sees
> {code}
> Caused by: org.apache.hadoop.ipc.RemoteException: GSS initiate failed
> at org.apache.hadoop.security.SaslRpcClient.saslConnect(SaslRpcClient.java:373) ~[hadoop-common-2.4.0.jar:na]
> {code}
> It's only server-side the diagnostics surface, here some javax crypto issues
> {code}
> 2014-05-24 14:17:34,314 INFO org.apache.hadoop.ipc.Server: Socket Reader #1 for port 9090: readAndProcess from client 192.168.1.86 threw exception [javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: Failure unspecified at GSS-API level (Mechanism level: Encryption type AES256 CTS mode with HMAC SHA1-96 is not supported/enabled)]]
> {code}
> -the inner exception text isn't making it back to the client...
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)