zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "jay vyas (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ZOOKEEPER-1510) Should not log SASL errors for non-secure usage
Date Wed, 25 Sep 2013 16:00:06 GMT

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-1510?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13777673#comment-13777673

jay vyas commented on ZOOKEEPER-1510:

So, just curious for those of us on older ZK versions where they still appear: what is the
meaning of these logs anyways?    will this mean that possibly a client wont work properly
-- i.e. is this a real error or just a warning.   I seem to have these logs WITHOUT the "you
may ignore this" message in an hbase cluster with external zk management. 
> Should not log SASL errors for non-secure usage
> -----------------------------------------------
>                 Key: ZOOKEEPER-1510
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1510
>             Project: ZooKeeper
>          Issue Type: Improvement
>          Components: java client
>    Affects Versions: 3.4.3
>            Reporter: Todd Lipcon
>            Assignee: Todd Lipcon
>            Priority: Minor
>             Fix For: 3.4.4, 3.5.0
>         Attachments: zookeeper-1510.txt, zookeeper-1510.txt
> Since SASL support was added, all connections with non-secure clients have started logging
messages like:
> 2012-07-01 02:13:34,986 WARN org.apache.zookeeper.client.ZooKeeperSaslClient: SecurityException:
java.lang.SecurityException: Unable to locate a login configuration occurred when trying to
find JAAS configuration.
> 2012-07-01 02:13:34,986 INFO org.apache.zookeeper.client.ZooKeeperSaslClient: Client
will not SASL-authenticate because the default JAAS configuration section 'Client' could not
be found. If you are not using SASL, you may ignore this. On the other hand, if you expected
SASL to work, please fix your JAAS configuration.
> Despite the "you may ignore this" qualifier, I've seen a lot of users confused by this
message. Instead, it would be better to either log at DEBUG level, or piggy back the SASL
information onto the "Opening socket connection" message (eg "Opening socket connection to
X:2181. Will not use SASL because no configuration was located.")

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message