Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id CEA4F200B46 for ; Sat, 11 Jun 2016 02:56:26 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id CB7EC160A38; Sat, 11 Jun 2016 00:56:26 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id EC580160A5A for ; Sat, 11 Jun 2016 02:56:25 +0200 (CEST) Received: (qmail 61697 invoked by uid 500); 11 Jun 2016 00:56:25 -0000 Mailing-List: contact issues-help@geode.incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@geode.incubator.apache.org Delivered-To: mailing list issues@geode.incubator.apache.org Received: (qmail 61612 invoked by uid 99); 11 Jun 2016 00:56:25 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd4-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 11 Jun 2016 00:56:25 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd4-us-west.apache.org (ASF Mail Server at spamd4-us-west.apache.org) with ESMTP id B45B0C0DA6 for ; Sat, 11 Jun 2016 00:56:24 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd4-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -4.646 X-Spam-Level: X-Spam-Status: No, score=-4.646 tagged_above=-999 required=6.31 tests=[KAM_ASCII_DIVIDERS=0.8, KAM_LAZY_DOMAIN_SECURITY=1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.426] autolearn=disabled Received: from mx2-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd4-us-west.apache.org [10.40.0.11]) (amavisd-new, port 10024) with ESMTP id VCjOHoiLQoi0 for ; Sat, 11 Jun 2016 00:56:23 +0000 (UTC) Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx2-lw-eu.apache.org (ASF Mail Server at mx2-lw-eu.apache.org) with SMTP id 228F45F46E for ; Sat, 11 Jun 2016 00:56:21 +0000 (UTC) Received: (qmail 61502 invoked by uid 99); 11 Jun 2016 00:56:21 -0000 Received: from arcas.apache.org (HELO arcas) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 11 Jun 2016 00:56:21 +0000 Received: from arcas.apache.org (localhost [127.0.0.1]) by arcas (Postfix) with ESMTP id 02A252C1F5C for ; Sat, 11 Jun 2016 00:56:21 +0000 (UTC) Date: Sat, 11 Jun 2016 00:56:21 +0000 (UTC) From: "Dan Smith (JIRA)" To: issues@geode.incubator.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (GEODE-1536) Poor documentation and misleading error messages with multi user security MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Sat, 11 Jun 2016 00:56:27 -0000 [ https://issues.apache.org/jira/browse/GEODE-1536?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Smith updated GEODE-1536: ----------------------------- Labels: bug-hunt (was: ) > Poor documentation and misleading error messages with multi user security > ------------------------------------------------------------------------- > > Key: GEODE-1536 > URL: https://issues.apache.org/jira/browse/GEODE-1536 > Project: Geode > Issue Type: Bug > Components: security > Reporter: Dan Smith > Labels: bug-hunt > > I'm trying to connect a client using multi user security authentication. > I couldn't find any description of how to use this feature in the manuals. The javadocs for ClientCacheFactory.setPoolMultiuserAuthentication basically provide no information. If you just set that, you get this misleading error message: > {code} > java.lang.UnsupportedOperationException: Use Pool APIs for doing operations when multiuser-secure-mode-enabled is set to true. > {code} > What you actually need to do is call cache.createAuthenticatedView. However, if you just do that, you get this error message > {code} > com.gemstone.gemfire.cache.client.ServerOperationException: remote server on 172.16.115.238(73827:loner):60898:2126f43c: com.gemstone.gemfire.security.AuthenticationRequiredException: No security-* properties are provided > at com.gemstone.gemfire.cache.client.internal.OpExecutorImpl.handleException(OpExecutorImpl.java:671) > at com.gemstone.gemfire.cache.client.internal.OpExecutorImpl.handleException(OpExecutorImpl.java:772) > at com.gemstone.gemfire.cache.client.internal.OpExecutorImpl.handleException(OpExecutorImpl.java:603) > at com.gemstone.gemfire.cache.client.internal.OpExecutorImpl.execute(OpExecutorImpl.java:165) > at com.gemstone.gemfire.cache.client.internal.OpExecutorImpl.execute(OpExecutorImpl.java:110) > at com.gemstone.gemfire.cache.client.internal.PoolImpl.execute(PoolImpl.java:700) > at com.gemstone.gemfire.cache.client.internal.PutOp.execute(PutOp.java:102) > at com.gemstone.gemfire.cache.client.internal.ServerRegionProxy.put(ServerRegionProxy.java:175) > at com.gemstone.gemfire.internal.cache.LocalRegion.serverPut(LocalRegion.java:3061) > at com.gemstone.gemfire.internal.cache.LocalRegion.cacheWriteBeforePut(LocalRegion.java:3188) > at com.gemstone.gemfire.internal.cache.ProxyRegionMap.basicPut(ProxyRegionMap.java:230) > at com.gemstone.gemfire.internal.cache.LocalRegion.virtualPut(LocalRegion.java:5845) > at com.gemstone.gemfire.internal.cache.LocalRegionDataView.putEntry(LocalRegionDataView.java:132) > at com.gemstone.gemfire.internal.cache.LocalRegion.basicPut(LocalRegion.java:5240) > at com.gemstone.gemfire.internal.cache.LocalRegion.validatedPut(LocalRegion.java:1557) > at com.gemstone.gemfire.internal.cache.LocalRegion.put(LocalRegion.java:1544) > at com.gemstone.gemfire.internal.cache.AbstractRegion.put(AbstractRegion.java:288) > at com.gemstone.gemfire.cache.client.internal.ProxyRegion.put(ProxyRegion.java:459) > at TestClient.test(TestClient.java:29) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50) > at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) > at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47) > at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) > at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325) > at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78) > at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57) > at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290) > at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71) > at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288) > at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58) > at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268) > at org.junit.runners.ParentRunner.run(ParentRunner.java:363) > at org.junit.runner.JUnitCore.run(JUnitCore.java:137) > at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:119) > at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:42) > at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:234) > at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:74) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at com.intellij.rt.execution.application.AppMain.main(AppMain.java:144) > Caused by: com.gemstone.gemfire.security.AuthenticationRequiredException: No security-* properties are provided > at com.gemstone.gemfire.internal.cache.tier.sockets.ServerConnection.getAuthzRequest(ServerConnection.java:1981) > at com.gemstone.gemfire.internal.cache.tier.sockets.command.Put65.cmdExecute(Put65.java:260) > at com.gemstone.gemfire.internal.cache.tier.sockets.BaseCommand.execute(BaseCommand.java:142) > at com.gemstone.gemfire.internal.cache.tier.sockets.ServerConnection.doNormalMsg(ServerConnection.java:797) > at com.gemstone.gemfire.internal.cache.tier.sockets.ServerConnection.doOneMessage(ServerConnection.java:924) > at com.gemstone.gemfire.internal.cache.tier.sockets.ServerConnection.run(ServerConnection.java:1173) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at com.gemstone.gemfire.internal.cache.tier.sockets.AcceptorImpl$1$1.run(AcceptorImpl.java:519) > at java.lang.Thread.run(Thread.java:745) > {code} > It turns out you also need an AuthInitialize class, which is passed the properties from the view. The javadocs make no mention of this fact. -- This message was sent by Atlassian JIRA (v6.3.4#6332)