You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@zookeeper.apache.org by "Rahul Rane (Jira)" <ji...@apache.org> on 2022/06/28 17:16:00 UTC

[jira] [Created] (ZOOKEEPER-4564) Infinite client retry on auth failure when using NettyServerCnxnFactory

|  ![](cid:jira-generated-image-avatar-1364001d-e069-4906-9150-adf28a512e70) |
[Rahul
Rane](https://issues.apache.org/jira/secure/ViewProfile.jspa?name=rahulrane50)
**created** an issue  
---|---  
|  
---  
|  [ZooKeeper](https://issues.apache.org/jira/browse/ZOOKEEPER) /
[![Bug](cid:jira-generated-image-
avatar-93c901c2-6c63-47d4-82b8-45f29843a4d1)](https://issues.apache.org/jira/browse/ZOOKEEPER-4564)
[ZOOKEEPER-4564](https://issues.apache.org/jira/browse/ZOOKEEPER-4564)  
---  
[Infinite client retry on auth failure when using
NettyServerCnxnFactory](https://issues.apache.org/jira/browse/ZOOKEEPER-4564)  
| Issue Type: |  ![Bug](cid:jira-generated-image-
avatar-93c901c2-6c63-47d4-82b8-45f29843a4d1) Bug  
---|---  
Affects Versions: |  3.6.3  
Assignee: |  Unassigned  
Components: |  java client  
Created: |  28/Jun/22 17:15  
Priority: |  ![Major](cid:jira-generated-image-static-
major-9bd5137a-b26f-42ff-b807-f377e9df0c60) Major  
Reporter: |  [Rahul
Rane](https://issues.apache.org/jira/secure/ViewProfile.jspa?name=rahulrane50)  
|

We have extended ServerAuthenticationProvider with x509 scheme based on 3.6.3
zookeeper server. We are trying to understand connection retry scenario. On
auth failure, we see that zookeeper client (native java client client) retries
to establish connection with server until the timeout or infinitely if no
timeout is set. We are using
org.apache.zookeeper.server.NettyServerCnxnFactory as Server connection
factory.



Couple of questions :

  1. Is zookeeper client supposed to retry infinitely on auth failure from zookeeper server?
  2. Is there a way zookeeper client does not perform infinitely retries on auth failure errors and bails out after first auth failure itself?
  3. We can’t find anything about auth failure errors in zookeeper client logs but just that connection is closed. After looking into Netty Server code, we see the auth failure is not communicated to client but got masked [here](https://github.com/linkedin/zookeeper/blob/8bcaf7bb3cfa6470e1660e2b36964ae2284197df/zookeeper-server/src/main/java/org/apache/zookeeper/server/NettyServerCnxn.java#L99). So we were wondering if we are missing something here?

  
---  
|  |  [ ![Add Comment](cid:jira-generated-image-static-comment-
icon-a84ecdf5-0907-4712-928b-c3c4b4f52b66)
](https://issues.apache.org/jira/browse/ZOOKEEPER-4564#add-comment "Add
Comment") |  [Add
Comment](https://issues.apache.org/jira/browse/ZOOKEEPER-4564#add-comment "Add
Comment")  
---|---  
  
|  This message was sent by Atlassian Jira (v8.20.10#820010-sha1:ace47f9) |  |
![Atlassian logo](https://issues.apache.org/jira/images/mail/atlassian-email-
logo.png)  
---