You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@drill.apache.org by "Krystal (JIRA)" <ji...@apache.org> on 2018/04/23 17:16:00 UTC

[jira] [Commented] (DRILL-6292) Improve error message when NTLM token is sent to server using SPNEGO

    [ https://issues.apache.org/jira/browse/DRILL-6292?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16448476#comment-16448476 ] 

Krystal commented on DRILL-6292:
--------------------------------

We can check that if the header of the response starts with "Negotiate TIR" then it's doing spnego over NTLM instead of over Kerberos.

> Improve error message when NTLM token is sent to server using SPNEGO
> --------------------------------------------------------------------
>
>                 Key: DRILL-6292
>                 URL: https://issues.apache.org/jira/browse/DRILL-6292
>             Project: Apache Drill
>          Issue Type: Improvement
>          Components: Client - Java
>            Reporter: Krystal
>            Priority: Major
>
> The following error message is logged in drillbit.log file when the brower sends NTLM token instead of SPNEGO token.
> {color:#000000}WARN o.a.d.e.s.r.a.DrillSpnegoLoginService - Caught GSSException trying to authenticate the client org.ietf.jgss.GSSException: Defective token detected (Mechanism level: GSSHeader did not find the right tag){color}
> Should have a clearer error that indicates the token sent is of NTLM.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)