You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@geode.apache.org by "Alberto Bustamante Reyes (Jira)" <ji...@apache.org> on 2019/09/10 13:12:00 UTC
[jira] [Commented] (GEODE-3911) Authentication failures produce
exception stacktraces in log files.
[ https://issues.apache.org/jira/browse/GEODE-3911?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16926624#comment-16926624 ]
Alberto Bustamante Reyes commented on GEODE-3911:
-------------------------------------------------
the code which is adding the stacktrace to the logs is not part of Geode, its from Apache Shiro, in "AbstractAuthenticator" class, "authenticate" method:
{code}
String msg = "Authentication failed for token submission [" + token + "]. Possible unexpected " +
"error? (Typical or expected login exceptions should extend from AuthenticationException).";
ae = new AuthenticationException(msg, t);
if (log.isWarnEnabled())
log.warn(msg, t);
{code}
> Authentication failures produce exception stacktraces in log files.
> -------------------------------------------------------------------
>
> Key: GEODE-3911
> URL: https://issues.apache.org/jira/browse/GEODE-3911
> Project: Geode
> Issue Type: Bug
> Components: pulse, security
> Reporter: Jens Deppe
> Priority: Major
> Labels: starter
>
> When running pulse along with the `SimpleSecurityManager` I notice quite a few authentication failure stacktraces like:
> {noformat}
> [warning 2017/10/26 07:14:27.773 PDT locator1 <RMI TCP Connection(9)-10.118.33.247> tid=0x7d] Authentication failed for token submission [org.apache.geode.internal.security.shiro.GeodeAuthenticationToken - cluster,data, rememberMe=false]. Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException).
> org.apache.geode.security.AuthenticationFailedException: invalid username/password
> at org.apache.geode.examples.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:41)
> at org.apache.geode.internal.security.shiro.CustomAuthRealm.doGetAuthenticationInfo(CustomAuthRealm.java:52)
> at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
> at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
> at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
> at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
> at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
> at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
> at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
> at org.apache.geode.internal.security.IntegratedSecurityService.login(IntegratedSecurityService.java:139)
> at org.apache.geode.internal.security.shiro.JMXShiroAuthenticator.authenticate(JMXShiroAuthenticator.java:60)
> at javax.management.remote.rmi.RMIServerImpl.doNewClient(RMIServerImpl.java:232)
> at javax.management.remote.rmi.RMIServerImpl.newClient(RMIServerImpl.java:199)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:346)
> at sun.rmi.transport.Transport$1.run(Transport.java:200)
> at sun.rmi.transport.Transport$1.run(Transport.java:197)
> at java.security.AccessController.doPrivileged(Native Method)
> at sun.rmi.transport.Transport.serviceCall(Transport.java:196)
> at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:568)
> at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:826)
> at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.lambda$run$0(TCPTransport.java:683)
> at java.security.AccessController.doPrivileged(Native Method)
> at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:682)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:745)
> {noformat}
> We shouldn't need to dump these out, but just log a message.
--
This message was sent by Atlassian Jira
(v8.3.2#803003)