You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hbase.apache.org by ap...@apache.org on 2012/11/07 03:24:38 UTC
svn commit: r1406420 -
/hbase/branches/0.94/security/src/main/java/org/apache/hadoop/hbase/ipc/SecureServer.java
Author: apurtell
Date: Wed Nov 7 02:24:37 2012
New Revision: 1406420
URL: http://svn.apache.org/viewvc?rev=1406420&view=rev
Log:
Amend HBASE-7097. Change per-request logging in SecureServer to TRACE level
Modified:
hbase/branches/0.94/security/src/main/java/org/apache/hadoop/hbase/ipc/SecureServer.java
Modified: hbase/branches/0.94/security/src/main/java/org/apache/hadoop/hbase/ipc/SecureServer.java
URL: http://svn.apache.org/viewvc/hbase/branches/0.94/security/src/main/java/org/apache/hadoop/hbase/ipc/SecureServer.java?rev=1406420&r1=1406419&r2=1406420&view=diff
==============================================================================
--- hbase/branches/0.94/security/src/main/java/org/apache/hadoop/hbase/ipc/SecureServer.java (original)
+++ hbase/branches/0.94/security/src/main/java/org/apache/hadoop/hbase/ipc/SecureServer.java Wed Nov 7 02:24:37 2012
@@ -172,9 +172,10 @@ public abstract class SecureServer exten
token = ((SecureConnection)connection).saslServer.wrap(buf.array(),
buf.arrayOffset(), buf.remaining());
}
- if (LOG.isDebugEnabled())
- LOG.debug("Adding saslServer wrapped token of size " + token.length
+ if (LOG.isTraceEnabled()) {
+ LOG.trace("Adding saslServer wrapped token of size " + token.length
+ " as call response.");
+ }
buf.clear();
DataOutputStream saslOut = new DataOutputStream(response);
saslOut.writeInt(token.length);
@@ -277,8 +278,9 @@ public abstract class SecureServer exten
UserGroupInformation current = UserGroupInformation
.getCurrentUser();
String fullName = current.getUserName();
- if (LOG.isDebugEnabled())
- LOG.debug("Kerberos principal name is " + fullName);
+ if (LOG.isTraceEnabled()) {
+ LOG.trace("Kerberos principal name is " + fullName);
+ }
final String names[] = HBaseSaslRpcServer.splitKerberosName(fullName);
if (names.length != 3) {
throw new AccessControlException(
@@ -299,13 +301,15 @@ public abstract class SecureServer exten
throw new AccessControlException(
"Unable to find SASL server implementation for "
+ authMethod.getMechanismName());
- if (LOG.isDebugEnabled())
- LOG.debug("Created SASL server with mechanism = "
+ if (LOG.isTraceEnabled()) {
+ LOG.trace("Created SASL server with mechanism = "
+ authMethod.getMechanismName());
+ }
}
- if (LOG.isDebugEnabled())
- LOG.debug("Have read input token of size " + saslToken.length
+ if (LOG.isTraceEnabled()) {
+ LOG.trace("Have read input token of size " + saslToken.length
+ " for processing by saslServer.evaluateResponse()");
+ }
replyToken = saslServer.evaluateResponse(saslToken);
} catch (IOException e) {
IOException sendToClient = e;
@@ -326,28 +330,33 @@ public abstract class SecureServer exten
throw e;
}
if (replyToken != null) {
- if (LOG.isDebugEnabled())
- LOG.debug("Will send token of size " + replyToken.length
+ if (LOG.isTraceEnabled()) {
+ LOG.trace("Will send token of size " + replyToken.length
+ " from saslServer.");
+ }
doSaslReply(SaslStatus.SUCCESS, new BytesWritable(replyToken), null,
null);
}
if (saslServer.isComplete()) {
- LOG.debug("SASL server context established. Negotiated QoP is "
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("SASL server context established. Negotiated QoP is "
+ saslServer.getNegotiatedProperty(Sasl.QOP));
+ }
String qop = (String) saslServer.getNegotiatedProperty(Sasl.QOP);
useWrap = qop != null && !"auth".equalsIgnoreCase(qop);
ticket = getAuthorizedUgi(saslServer.getAuthorizationID());
- LOG.debug("SASL server successfully authenticated client: " + ticket);
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("SASL server successfully authenticated client: " + ticket);
+ }
rpcMetrics.authenticationSuccesses.inc();
AUDITLOG.info(AUTH_SUCCESSFUL_FOR + ticket);
saslContextEstablished = true;
}
} else {
- if (LOG.isDebugEnabled())
- LOG.debug("Have read input token of size " + saslToken.length
+ if (LOG.isTraceEnabled()) {
+ LOG.trace("Have read input token of size " + saslToken.length
+ " for processing by saslServer.unwrap()");
-
+ }
if (!useWrap) {
processOneRpc(saslToken);
} else {
@@ -558,8 +567,9 @@ public abstract class SecureServer exten
int unwrappedDataLength = unwrappedDataLengthBuffer.getInt();
if (unwrappedDataLength == HBaseClient.PING_CALL_ID) {
- if (LOG.isDebugEnabled())
- LOG.debug("Received ping message");
+ if (LOG.isTraceEnabled()) {
+ LOG.trace("Received ping message");
+ }
unwrappedDataLengthBuffer.clear();
continue; // ping message
}
@@ -599,8 +609,8 @@ public abstract class SecureServer exten
new DataInputStream(new ByteArrayInputStream(buf));
int id = dis.readInt(); // try to read an id
- if (LOG.isDebugEnabled()) {
- LOG.debug(" got #" + id);
+ if (LOG.isTraceEnabled()) {
+ LOG.trace(" got #" + id);
}
Writable param = ReflectionUtils.newInstance(paramClass, conf); // read param
@@ -631,7 +641,9 @@ public abstract class SecureServer exten
}
rpcMetrics.authorizationSuccesses.inc();
} catch (AuthorizationException ae) {
- LOG.debug("Connection authorization failed: "+ae.getMessage(), ae);
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Connection authorization failed: "+ae.getMessage(), ae);
+ }
rpcMetrics.authorizationFailures.inc();
SecureCall failedCall = new SecureCall(AUTHORIZATION_FAILED_CALLID, null, this,
null, 0);
@@ -673,7 +685,6 @@ public abstract class SecureServer exten
this.authorize =
conf.getBoolean(HADOOP_SECURITY_AUTHORIZATION, false);
this.isSecurityEnabled = UserGroupInformation.isSecurityEnabled();
- LOG.debug("security enabled="+isSecurityEnabled);
if (isSecurityEnabled) {
HBaseSaslRpcServer.init(conf);