You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zookeeper.apache.org by "Steve Loughran (JIRA)" <ji...@apache.org> on 2014/09/13 19:34:34 UTC
[jira] [Commented] (ZOOKEEPER-2035) diagnostics on SASL connection
problems doesn't match error strings sent back
[ https://issues.apache.org/jira/browse/ZOOKEEPER-2035?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14132853#comment-14132853 ]
Steve Loughran commented on ZOOKEEPER-2035:
-------------------------------------------
Log
{code}
2014-09-13 18:19:24,155 [Thread-1-SendThread(192.168.1.85:50329)] INFO zookeeper.ClientCnxn (ClientCnxn.java:logStartConnect(975)) - Opening socket connection to server 192.168.1.85/192.168.1.85:50329. Will attempt to SASL-authenticate using Login Context section 'Client'
2014-09-13 18:19:24,155 [NIOServerCxn.Factory:stevel-227.local/192.168.1.85:0] INFO server.NIOServerCnxnFactory (NIOServerCnxnFactory.java:run(197)) - Accepted socket connection from /192.168.1.85:50332
2014-09-13 18:19:24,156 [Thread-1-SendThread(192.168.1.85:50329)] INFO zookeeper.ClientCnxn (ClientCnxn.java:primeConnection(852)) - Socket connection established to 192.168.1.85/192.168.1.85:50329, initiating session
2014-09-13 18:19:24,177 [NIOServerCxn.Factory:stevel-227.local/192.168.1.85:0] INFO server.ZooKeeperServer (ZooKeeperServer.java:processConnectRequest(868)) - Client attempting to establish new session at /192.168.1.85:50332
2014-09-13 18:19:24,180 [SyncThread:0] INFO persistence.FileTxnLog (FileTxnLog.java:append(199)) - Creating new log file: log.1
2014-09-13 18:19:24,208 [SyncThread:0] INFO server.ZooKeeperServer (ZooKeeperServer.java:finishSessionInit(617)) - Established session 0x1487006c1570000 with negotiated timeout 20000 for client /192.168.1.85:50332
2014-09-13 18:19:24,209 [Thread-1-SendThread(192.168.1.85:50329)] INFO zookeeper.ClientCnxn (ClientCnxn.java:onConnected(1235)) - Session establishment complete on server 192.168.1.85/192.168.1.85:50329, sessionid = 0x1487006c1570000, negotiated timeout = 20000
2014-09-13 18:19:24,257 [Thread-1-SendThread(192.168.1.85:50329)] ERROR client.ZooKeeperSaslClient (ZooKeeperSaslClient.java:createSaslToken(384)) - An error: (java.security.PrivilegedActionException: javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7) - Server not found in Kerberos database)]) occurred when evaluating Zookeeper Quorum Member's received SASL token. Zookeeper Client will go to AUTH_FAILED state.
2014-09-13 18:19:24,257 [Thread-1-SendThread(192.168.1.85:50329)] ERROR zookeeper.ClientCnxn (ClientCnxn.java:run(1015)) - SASL authentication with Zookeeper Quorum member failed: javax.security.sasl.SaslException: An error: (java.security.PrivilegedActionException: javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7) - Server not found in Kerberos database)]) occurred when evaluating Zookeeper Quorum Member's received SASL token. Zookeeper Client will go to AUTH_FAILED state.
2014-09-13 18:19:24,257 [Thread-1-EventThread] ERROR curator.ConnectionState (ConnectionState.java:checkState(245)) - Authentication failed
2014-09-13 18:19:24,264 [NIOServerCxn.Factory:stevel-227.local/192.168.1.85:0] WARN server.NIOServerCnxn (NIOServerCnxn.java:doIO(357)) - caught end of stream exception
EndOfStreamException: Unable to read additional data from client sessionid 0x1487006c1570000, likely client has closed socket
{code}
> diagnostics on SASL connection problems doesn't match error strings sent back
> -----------------------------------------------------------------------------
>
> Key: ZOOKEEPER-2035
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2035
> Project: ZooKeeper
> Issue Type: Bug
> Affects Versions: 3.4.6
> Environment: Java 1.7.0.67 on OS/X
> Reporter: Steve Loughran
> Priority: Minor
>
> The diagnostics code in {{ZooKeeperSaslClient.createSaslToken()}} which looks for a {{"("Mechanism level: Server not found in Kerberos database (7) - UNKNOWN_SERVER)"}} error string isn't finding a match ... the text now appears to be {{(Mechanism level: Server not found in Kerberos database (7) - Server not found in Kerberos database)}}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)