You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@thrift.apache.org by "Todd Lipcon (JIRA)" <ji...@apache.org> on 2012/07/15 01:40:35 UTC

[jira] [Commented] (THRIFT-1652) TSaslTransport does not log the error when kerberos auth fails

    [ https://issues.apache.org/jira/browse/THRIFT-1652?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13414547#comment-13414547 ] 

Todd Lipcon commented on THRIFT-1652:
-------------------------------------

Good idea to log this. Is there any reasonably easy way to get at the connecting peer's IP address through our layers of wrapped transports? It would be much nicer to include this, to help debug these issues from the server side. But if it's not possible, I'm +1 on the patch as it is.
                
> TSaslTransport does not log the error when kerberos auth fails
> --------------------------------------------------------------
>
>                 Key: THRIFT-1652
>                 URL: https://issues.apache.org/jira/browse/THRIFT-1652
>             Project: Thrift
>          Issue Type: Bug
>    Affects Versions: 0.7
>            Reporter: Rohini Palaniswamy
>         Attachments: THRIFT-1652.patch
>
>
> The actual kerberos authentication failure is not logged and it is very difficult to find the actual reason for the failure. We had lot of failures due to replay attack detection when doing multiple parallel connections to hive metastore. Had to patch thrift jar to find the actual error. 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira