You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@zookeeper.apache.org by Se...@ubs.com on 2011/06/17 12:23:13 UTC
How to check if the zookeeper client is authenticated?
Hello
I am using default "digest" AuthenticationProvider. How can I understand
that the client is authenticated and is ready to create the nodes?
Thanks
Re: How to check if the zookeeper client is authenticated?
Posted by Patrick Hunt <ph...@apache.org>.
Semyon, please consider opening a jira, both wrt documenting the
current behavior, and perhaps a second if you think the behavior
should be changed.
Regards,
Patrick
On Mon, Jun 20, 2011 at 4:33 AM, Camille Fournier <sk...@gmail.com> wrote:
> It is not easy and obvious, no. You won't be told if auth succeeded,
> the best you can do is immediately call a simple synchronous method
> and ensure it doesn't raise authfailed.
>
> C
>
> On Monday, June 20, 2011, <Se...@ubs.com> wrote:
>> Hi guys,
>>
>> Thank you for your response.
>>
>> I read the zk's source code of Friday and found out that in case of failed authentication the KeeperState is changed to KeeperState.AuthFailed but in case of successful one nothing happens - neither any triggers are called nor status is changed. KeeperState remains the same as before the call of authentication. So, it is not obvious if the authentication is completed and not or if it was called or not at all.
>>
>> In the ClientCnxn.SendThread class, method readResponse(), line 766:
>>
>> ....
>> if (replyHdr.getXid() == -4) {
>> // -4 is the xid for AuthPacket
>> if(replyHdr.getErr() == KeeperException.Code.AUTHFAILED.intValue()) {
>> zooKeeper.state = States.AUTH_FAILED;
>> eventThread.queueEvent( new WatchedEvent(Watcher.Event.EventType.None,
>> Watcher.Event.KeeperState.AuthFailed, null) );
>> }
>> if (LOG.isDebugEnabled()) {
>> LOG.debug("Got auth sessionid:0x"
>> + Long.toHexString(sessionId));
>> }
>> return;
>> }
>> ....
>>
>> If it is successful - nothing is called.
>> Is it supposed how it should behave? If it is then I have to catch the exception, process it (if it is actually authentication exception) and re-try my call (e.g. create znode) until it is successful. Not easy and obvious, isn't it?
>>
>> Regards,
>> Semyon
>>
>>
>> -----Original Message-----
>> From: Patrick Hunt [mailto:phunt@apache.org]
>> Sent: Friday, June 17, 2011 7:35 PM
>> To: user@zookeeper.apache.org
>> Subject: Re: How to check if the zookeeper client is authenticated?
>>
>> In general i'm pretty happy with our docs, however Auth docs are an area where we could use some help.... ;-) Would be great if someone wanted to work on this.
>>
>> On Fri, Jun 17, 2011 at 11:28 AM, Mahadev Konar <ma...@apache.org> wrote:
>>> Hey Semyon,
>>> You will get an event in your watcher :
>>>
>>> KeeperState.AuthFailed
>>>
>>> in case that happens.
>>>
>>> I think this probably needs more documentation since its not obvious.
>>> Semyon, mind creating a jira and if possible upload a patch for it?
>>>
>>> thanks
>>> mahadev
>>>
>>> On Fri, Jun 17, 2011 at 3:23 AM, <Se...@ubs.com> wrote:
>>>>
>>>> Hello
>>>>
>>>> I am using default "digest" AuthenticationProvider. How can I
>>>> understand that the client is authenticated and is ready to create the nodes?
>>>>
>>>> Thanks
>>>>
>>>> Visit our website at http://www.ubs.com
>>>>
>>>> This message contains confidential information and is intended only
>>>> for the individual named. If you are not the named addressee you
>>>> should not disseminate, distribute or copy this e-mail. Please notify
>>>> the sender immediately by e-mail if you have received this e-mail by
>>>> mistake and delete this e-mail from your system.
>>>>
>>>> E-mails are not encrypted and cannot be guaranteed to be secure or
>>>> error-free as information could be intercepted, corrupted, lost,
>>>> destroyed, arrive late or incomplete, or contain viruses. The sender
>>>> therefore does not accept liability for any errors or omissions in
>>>> the contents of this message which arise as a result of e-mail transmission.
>>>> If verification is required please request a hard-copy version. This
>>>> message is provided for informational purposes and should not be
>>>> construed as a solicitation or offer to buy or sell any securities or
>>>> related financial instruments.
>>>>
>>>> UBS Limited is a company limited by shares incorporated in the United
>>>> Kingdom registered in England and Wales with number 2035362.
>>>> Registered office: 1 Finsbury Avenue, London EC2M 2PP. UBS Limited
>>>> is authorised and regulated by the Financial Services Authority.
>>>>
>>>> UBS AG is a public company incorporated with limited liability in
>>>> Switzerland domiciled in the Canton of Basel-City and the Canton of
>>>> Zurich respectively registered at the Commercial Registry offices in
>>>> those Cantons with Identification No: CH-270.3.004.646-4 and having
>>>> respective head offices at Aeschenvorstadt 1, 4051 Basel and
>>>> Bahnhofstrasse 45, 8001 Zurich, Switzerland. Registered in the
>>>> United Kingdom as a foreign company with No: FC021146 and having a UK
>>>> Establishment registered at Companies House, Cardiff, with No:
>>>> BR 004507. The principal office of UK Establishment: 1 Finsbury
>>>> Avenue, London EC2M 2PP. In the United Kingdom, UBS AG is authorised
>>>> and regulated by the Financial Services Authority.
>>>>
>>>> UBS reserves the right to retain all messages. Messages are protected
>>>> and accessed only in legally justified cases.
>>>>
>>>
>>>
>>>
>>> --
>>> thanks
>>> mahadev
>>> @mahadevkonar
>>>
>> Visit our website at http://www.ubs.com
>>
>> This message contains confidential information and is intended only
>> for the individual named. If you are not the named addressee you
>> should not disseminate, distribute or copy this e-mail. Please
>> notify the sender immediately by e-mail if you have received this
>> e-mail by mistake and delete this e-mail from your system.
>>
>> E-mails are not encrypted and cannot be guaranteed to be secure or
>> error-free as information could be intercepted, corrupted, lost,
>> destroyed, arrive late or incomplete, or contain viruses. The sender
>> therefore does not accept liability for a
>
Re: How to check if the zookeeper client is authenticated?
Posted by Camille Fournier <sk...@gmail.com>.
It is not easy and obvious, no. You won't be told if auth succeeded,
the best you can do is immediately call a simple synchronous method
and ensure it doesn't raise authfailed.
C
On Monday, June 20, 2011, <Se...@ubs.com> wrote:
> Hi guys,
>
> Thank you for your response.
>
> I read the zk's source code of Friday and found out that in case of failed authentication the KeeperState is changed to KeeperState.AuthFailed but in case of successful one nothing happens - neither any triggers are called nor status is changed. KeeperState remains the same as before the call of authentication. So, it is not obvious if the authentication is completed and not or if it was called or not at all.
>
> In the ClientCnxn.SendThread class, method readResponse(), line 766:
>
> ....
> if (replyHdr.getXid() == -4) {
> // -4 is the xid for AuthPacket
> if(replyHdr.getErr() == KeeperException.Code.AUTHFAILED.intValue()) {
> zooKeeper.state = States.AUTH_FAILED;
> eventThread.queueEvent( new WatchedEvent(Watcher.Event.EventType.None,
> Watcher.Event.KeeperState.AuthFailed, null) );
> }
> if (LOG.isDebugEnabled()) {
> LOG.debug("Got auth sessionid:0x"
> + Long.toHexString(sessionId));
> }
> return;
> }
> ....
>
> If it is successful - nothing is called.
> Is it supposed how it should behave? If it is then I have to catch the exception, process it (if it is actually authentication exception) and re-try my call (e.g. create znode) until it is successful. Not easy and obvious, isn't it?
>
> Regards,
> Semyon
>
>
> -----Original Message-----
> From: Patrick Hunt [mailto:phunt@apache.org]
> Sent: Friday, June 17, 2011 7:35 PM
> To: user@zookeeper.apache.org
> Subject: Re: How to check if the zookeeper client is authenticated?
>
> In general i'm pretty happy with our docs, however Auth docs are an area where we could use some help.... ;-) Would be great if someone wanted to work on this.
>
> On Fri, Jun 17, 2011 at 11:28 AM, Mahadev Konar <ma...@apache.org> wrote:
>> Hey Semyon,
>> You will get an event in your watcher :
>>
>> KeeperState.AuthFailed
>>
>> in case that happens.
>>
>> I think this probably needs more documentation since its not obvious.
>> Semyon, mind creating a jira and if possible upload a patch for it?
>>
>> thanks
>> mahadev
>>
>> On Fri, Jun 17, 2011 at 3:23 AM, <Se...@ubs.com> wrote:
>>>
>>> Hello
>>>
>>> I am using default "digest" AuthenticationProvider. How can I
>>> understand that the client is authenticated and is ready to create the nodes?
>>>
>>> Thanks
>>>
>>> Visit our website at http://www.ubs.com
>>>
>>> This message contains confidential information and is intended only
>>> for the individual named. If you are not the named addressee you
>>> should not disseminate, distribute or copy this e-mail. Please notify
>>> the sender immediately by e-mail if you have received this e-mail by
>>> mistake and delete this e-mail from your system.
>>>
>>> E-mails are not encrypted and cannot be guaranteed to be secure or
>>> error-free as information could be intercepted, corrupted, lost,
>>> destroyed, arrive late or incomplete, or contain viruses. The sender
>>> therefore does not accept liability for any errors or omissions in
>>> the contents of this message which arise as a result of e-mail transmission.
>>> If verification is required please request a hard-copy version. This
>>> message is provided for informational purposes and should not be
>>> construed as a solicitation or offer to buy or sell any securities or
>>> related financial instruments.
>>>
>>> UBS Limited is a company limited by shares incorporated in the United
>>> Kingdom registered in England and Wales with number 2035362.
>>> Registered office: 1 Finsbury Avenue, London EC2M 2PP. UBS Limited
>>> is authorised and regulated by the Financial Services Authority.
>>>
>>> UBS AG is a public company incorporated with limited liability in
>>> Switzerland domiciled in the Canton of Basel-City and the Canton of
>>> Zurich respectively registered at the Commercial Registry offices in
>>> those Cantons with Identification No: CH-270.3.004.646-4 and having
>>> respective head offices at Aeschenvorstadt 1, 4051 Basel and
>>> Bahnhofstrasse 45, 8001 Zurich, Switzerland. Registered in the
>>> United Kingdom as a foreign company with No: FC021146 and having a UK
>>> Establishment registered at Companies House, Cardiff, with No:
>>> BR 004507. The principal office of UK Establishment: 1 Finsbury
>>> Avenue, London EC2M 2PP. In the United Kingdom, UBS AG is authorised
>>> and regulated by the Financial Services Authority.
>>>
>>> UBS reserves the right to retain all messages. Messages are protected
>>> and accessed only in legally justified cases.
>>>
>>
>>
>>
>> --
>> thanks
>> mahadev
>> @mahadevkonar
>>
> Visit our website at http://www.ubs.com
>
> This message contains confidential information and is intended only
> for the individual named. If you are not the named addressee you
> should not disseminate, distribute or copy this e-mail. Please
> notify the sender immediately by e-mail if you have received this
> e-mail by mistake and delete this e-mail from your system.
>
> E-mails are not encrypted and cannot be guaranteed to be secure or
> error-free as information could be intercepted, corrupted, lost,
> destroyed, arrive late or incomplete, or contain viruses. The sender
> therefore does not accept liability for a
RE: How to check if the zookeeper client is authenticated?
Posted by Se...@ubs.com.
Hi guys,
Thank you for your response.
I read the zk's source code of Friday and found out that in case of failed authentication the KeeperState is changed to KeeperState.AuthFailed but in case of successful one nothing happens - neither any triggers are called nor status is changed. KeeperState remains the same as before the call of authentication. So, it is not obvious if the authentication is completed and not or if it was called or not at all.
In the ClientCnxn.SendThread class, method readResponse(), line 766:
....
if (replyHdr.getXid() == -4) {
// -4 is the xid for AuthPacket
if(replyHdr.getErr() == KeeperException.Code.AUTHFAILED.intValue()) {
zooKeeper.state = States.AUTH_FAILED;
eventThread.queueEvent( new WatchedEvent(Watcher.Event.EventType.None,
Watcher.Event.KeeperState.AuthFailed, null) );
}
if (LOG.isDebugEnabled()) {
LOG.debug("Got auth sessionid:0x"
+ Long.toHexString(sessionId));
}
return;
}
....
If it is successful - nothing is called.
Is it supposed how it should behave? If it is then I have to catch the exception, process it (if it is actually authentication exception) and re-try my call (e.g. create znode) until it is successful. Not easy and obvious, isn't it?
Regards,
Semyon
-----Original Message-----
From: Patrick Hunt [mailto:phunt@apache.org]
Sent: Friday, June 17, 2011 7:35 PM
To: user@zookeeper.apache.org
Subject: Re: How to check if the zookeeper client is authenticated?
In general i'm pretty happy with our docs, however Auth docs are an area where we could use some help.... ;-) Would be great if someone wanted to work on this.
On Fri, Jun 17, 2011 at 11:28 AM, Mahadev Konar <ma...@apache.org> wrote:
> Hey Semyon,
> You will get an event in your watcher :
>
> KeeperState.AuthFailed
>
> in case that happens.
>
> I think this probably needs more documentation since its not obvious.
> Semyon, mind creating a jira and if possible upload a patch for it?
>
> thanks
> mahadev
>
> On Fri, Jun 17, 2011 at 3:23 AM, <Se...@ubs.com> wrote:
>>
>> Hello
>>
>> I am using default "digest" AuthenticationProvider. How can I
>> understand that the client is authenticated and is ready to create the nodes?
>>
>> Thanks
>>
>> Visit our website at http://www.ubs.com
>>
>> This message contains confidential information and is intended only
>> for the individual named. If you are not the named addressee you
>> should not disseminate, distribute or copy this e-mail. Please notify
>> the sender immediately by e-mail if you have received this e-mail by
>> mistake and delete this e-mail from your system.
>>
>> E-mails are not encrypted and cannot be guaranteed to be secure or
>> error-free as information could be intercepted, corrupted, lost,
>> destroyed, arrive late or incomplete, or contain viruses. The sender
>> therefore does not accept liability for any errors or omissions in
>> the contents of this message which arise as a result of e-mail transmission.
>> If verification is required please request a hard-copy version. This
>> message is provided for informational purposes and should not be
>> construed as a solicitation or offer to buy or sell any securities or
>> related financial instruments.
>>
>> UBS Limited is a company limited by shares incorporated in the United
>> Kingdom registered in England and Wales with number 2035362.
>> Registered office: 1 Finsbury Avenue, London EC2M 2PP. UBS Limited
>> is authorised and regulated by the Financial Services Authority.
>>
>> UBS AG is a public company incorporated with limited liability in
>> Switzerland domiciled in the Canton of Basel-City and the Canton of
>> Zurich respectively registered at the Commercial Registry offices in
>> those Cantons with Identification No: CH-270.3.004.646-4 and having
>> respective head offices at Aeschenvorstadt 1, 4051 Basel and
>> Bahnhofstrasse 45, 8001 Zurich, Switzerland. Registered in the
>> United Kingdom as a foreign company with No: FC021146 and having a UK
>> Establishment registered at Companies House, Cardiff, with No:
>> BR 004507. The principal office of UK Establishment: 1 Finsbury
>> Avenue, London EC2M 2PP. In the United Kingdom, UBS AG is authorised
>> and regulated by the Financial Services Authority.
>>
>> UBS reserves the right to retain all messages. Messages are protected
>> and accessed only in legally justified cases.
>>
>
>
>
> --
> thanks
> mahadev
> @mahadevkonar
>
Visit our website at http://www.ubs.com
This message contains confidential information and is intended only
for the individual named. If you are not the named addressee you
should not disseminate, distribute or copy this e-mail. Please
notify the sender immediately by e-mail if you have received this
e-mail by mistake and delete this e-mail from your system.
E-mails are not encrypted and cannot be guaranteed to be secure or
error-free as information could be intercepted, corrupted, lost,
destroyed, arrive late or incomplete, or contain viruses. The sender
therefore does not accept liability for any errors or omissions in the
contents of this message which arise as a result of e-mail transmission.
If verification is required please request a hard-copy version. This
message is provided for informational purposes and should not be
construed as a solicitation or offer to buy or sell any securities
or related financial instruments.
UBS Limited is a company limited by shares incorporated in the United
Kingdom registered in England and Wales with number 2035362.
Registered office: 1 Finsbury Avenue, London EC2M 2PP. UBS Limited
is authorised and regulated by the Financial Services Authority.
UBS AG is a public company incorporated with limited liability in
Switzerland domiciled in the Canton of Basel-City and the Canton of
Zurich respectively registered at the Commercial Registry offices in
those Cantons with Identification No: CH-270.3.004.646-4 and having
respective head offices at Aeschenvorstadt 1, 4051 Basel and
Bahnhofstrasse 45, 8001 Zurich, Switzerland. Registered in the
United Kingdom as a foreign company with No: FC021146 and having a
UK Establishment registered at Companies House, Cardiff, with No:
BR 004507. The principal office of UK Establishment: 1 Finsbury Avenue,
London EC2M 2PP. In the United Kingdom, UBS AG is authorised and
regulated by the Financial Services Authority.
UBS reserves the right to retain all messages. Messages are protected
and accessed only in legally justified cases.
Re: How to check if the zookeeper client is authenticated?
Posted by Patrick Hunt <ph...@apache.org>.
In general i'm pretty happy with our docs, however Auth docs are an
area where we could use some help.... ;-) Would be great if someone
wanted to work on this.
On Fri, Jun 17, 2011 at 11:28 AM, Mahadev Konar <ma...@apache.org> wrote:
> Hey Semyon,
> You will get an event in your watcher :
>
> KeeperState.AuthFailed
>
> in case that happens.
>
> I think this probably needs more documentation since its not obvious.
> Semyon, mind creating a jira and if possible upload a patch for it?
>
> thanks
> mahadev
>
> On Fri, Jun 17, 2011 at 3:23 AM, <Se...@ubs.com> wrote:
>>
>> Hello
>>
>> I am using default "digest" AuthenticationProvider. How can I understand
>> that the client is authenticated and is ready to create the nodes?
>>
>> Thanks
>>
>> Visit our website at http://www.ubs.com
>>
>> This message contains confidential information and is intended only
>> for the individual named. If you are not the named addressee you
>> should not disseminate, distribute or copy this e-mail. Please
>> notify the sender immediately by e-mail if you have received this
>> e-mail by mistake and delete this e-mail from your system.
>>
>> E-mails are not encrypted and cannot be guaranteed to be secure or
>> error-free as information could be intercepted, corrupted, lost,
>> destroyed, arrive late or incomplete, or contain viruses. The sender
>> therefore does not accept liability for any errors or omissions in the
>> contents of this message which arise as a result of e-mail transmission.
>> If verification is required please request a hard-copy version. This
>> message is provided for informational purposes and should not be
>> construed as a solicitation or offer to buy or sell any securities
>> or related financial instruments.
>>
>> UBS Limited is a company limited by shares incorporated in the United
>> Kingdom registered in England and Wales with number 2035362.
>> Registered office: 1 Finsbury Avenue, London EC2M 2PP. UBS Limited
>> is authorised and regulated by the Financial Services Authority.
>>
>> UBS AG is a public company incorporated with limited liability in
>> Switzerland domiciled in the Canton of Basel-City and the Canton of
>> Zurich respectively registered at the Commercial Registry offices in
>> those Cantons with Identification No: CH-270.3.004.646-4 and having
>> respective head offices at Aeschenvorstadt 1, 4051 Basel and
>> Bahnhofstrasse 45, 8001 Zurich, Switzerland. Registered in the
>> United Kingdom as a foreign company with No: FC021146 and having a
>> UK Establishment registered at Companies House, Cardiff, with No:
>> BR 004507. The principal office of UK Establishment: 1 Finsbury Avenue,
>> London EC2M 2PP. In the United Kingdom, UBS AG is authorised and
>> regulated by the Financial Services Authority.
>>
>> UBS reserves the right to retain all messages. Messages are protected
>> and accessed only in legally justified cases.
>>
>
>
>
> --
> thanks
> mahadev
> @mahadevkonar
>
Re: How to check if the zookeeper client is authenticated?
Posted by Mahadev Konar <ma...@apache.org>.
Hey Semyon,
You will get an event in your watcher :
KeeperState.AuthFailed
in case that happens.
I think this probably needs more documentation since its not obvious.
Semyon, mind creating a jira and if possible upload a patch for it?
thanks
mahadev
On Fri, Jun 17, 2011 at 3:23 AM, <Se...@ubs.com> wrote:
>
> Hello
>
> I am using default "digest" AuthenticationProvider. How can I understand
> that the client is authenticated and is ready to create the nodes?
>
> Thanks
>
> Visit our website at http://www.ubs.com
>
> This message contains confidential information and is intended only
> for the individual named. If you are not the named addressee you
> should not disseminate, distribute or copy this e-mail. Please
> notify the sender immediately by e-mail if you have received this
> e-mail by mistake and delete this e-mail from your system.
>
> E-mails are not encrypted and cannot be guaranteed to be secure or
> error-free as information could be intercepted, corrupted, lost,
> destroyed, arrive late or incomplete, or contain viruses. The sender
> therefore does not accept liability for any errors or omissions in the
> contents of this message which arise as a result of e-mail transmission.
> If verification is required please request a hard-copy version. This
> message is provided for informational purposes and should not be
> construed as a solicitation or offer to buy or sell any securities
> or related financial instruments.
>
> UBS Limited is a company limited by shares incorporated in the United
> Kingdom registered in England and Wales with number 2035362.
> Registered office: 1 Finsbury Avenue, London EC2M 2PP. UBS Limited
> is authorised and regulated by the Financial Services Authority.
>
> UBS AG is a public company incorporated with limited liability in
> Switzerland domiciled in the Canton of Basel-City and the Canton of
> Zurich respectively registered at the Commercial Registry offices in
> those Cantons with Identification No: CH-270.3.004.646-4 and having
> respective head offices at Aeschenvorstadt 1, 4051 Basel and
> Bahnhofstrasse 45, 8001 Zurich, Switzerland. Registered in the
> United Kingdom as a foreign company with No: FC021146 and having a
> UK Establishment registered at Companies House, Cardiff, with No:
> BR 004507. The principal office of UK Establishment: 1 Finsbury Avenue,
> London EC2M 2PP. In the United Kingdom, UBS AG is authorised and
> regulated by the Financial Services Authority.
>
> UBS reserves the right to retain all messages. Messages are protected
> and accessed only in legally justified cases.
>
--
thanks
mahadev
@mahadevkonar