zookeeper-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patrick Hunt <ph...@apache.org>
Subject Re: How to check if the zookeeper client is authenticated?
Date Mon, 20 Jun 2011 16:59:35 GMT
Semyon, please consider opening a jira, both wrt documenting the
current behavior, and perhaps a second if you think the behavior
should be changed.

Regards,

Patrick

On Mon, Jun 20, 2011 at 4:33 AM, Camille Fournier <skamille@gmail.com> wrote:
> It is not easy and obvious, no. You won't be told if auth succeeded,
> the best you can do is immediately call a simple synchronous method
> and ensure it doesn't raise authfailed.
>
> C
>
> On Monday, June 20, 2011,  <Semyon.Chernyy@ubs.com> wrote:
>> Hi guys,
>>
>> Thank you for your response.
>>
>> I read the zk's source code of Friday and found out that in case of failed authentication
the KeeperState is changed to KeeperState.AuthFailed but in case of successful one nothing
happens - neither any triggers are called nor status is changed. KeeperState remains the same
as before the call of authentication. So, it is not obvious if the authentication is completed
and not or if it was called or not at all.
>>
>> In the ClientCnxn.SendThread class, method readResponse(), line 766:
>>
>>             ....
>>             if (replyHdr.getXid() == -4) {
>>                  // -4 is the xid for AuthPacket
>>                 if(replyHdr.getErr() == KeeperException.Code.AUTHFAILED.intValue())
{
>>                     zooKeeper.state = States.AUTH_FAILED;
>>                     eventThread.queueEvent( new WatchedEvent(Watcher.Event.EventType.None,
>>                             Watcher.Event.KeeperState.AuthFailed,
null) );
>>                 }
>>                 if (LOG.isDebugEnabled()) {
>>                     LOG.debug("Got auth sessionid:0x"
>>                             + Long.toHexString(sessionId));
>>                 }
>>                 return;
>>             }
>>             ....
>>
>> If it is successful - nothing is called.
>> Is it supposed how it should behave? If it is then I have to catch the exception,
process it (if it is actually authentication exception) and re-try my call (e.g. create znode)
until it is successful. Not easy and obvious, isn't it?
>>
>> Regards,
>> Semyon
>>
>>
>> -----Original Message-----
>> From: Patrick Hunt [mailto:phunt@apache.org]
>> Sent: Friday, June 17, 2011 7:35 PM
>> To: user@zookeeper.apache.org
>> Subject: Re: How to check if the zookeeper client is authenticated?
>>
>> In general i'm pretty happy with our docs, however Auth docs are an area where we
could use some help.... ;-) Would be great if someone wanted to work on this.
>>
>> On Fri, Jun 17, 2011 at 11:28 AM, Mahadev Konar <mahadev@apache.org> wrote:
>>> Hey Semyon,
>>>  You will get an event in your watcher :
>>>
>>> KeeperState.AuthFailed
>>>
>>> in case that happens.
>>>
>>> I think this probably needs more documentation since its not obvious.
>>> Semyon, mind creating a jira and if possible upload a patch for it?
>>>
>>> thanks
>>> mahadev
>>>
>>> On Fri, Jun 17, 2011 at 3:23 AM,  <Semyon.Chernyy@ubs.com> wrote:
>>>>
>>>> Hello
>>>>
>>>> I am using default "digest" AuthenticationProvider. How can I
>>>> understand that the client is authenticated and is ready to create the nodes?
>>>>
>>>> Thanks
>>>>
>>>> Visit our website at http://www.ubs.com
>>>>
>>>> This message contains confidential information and is intended only
>>>> for the individual named. If you are not the named addressee you
>>>> should not disseminate, distribute or copy this e-mail. Please notify
>>>> the sender immediately by e-mail if you have received this e-mail by
>>>> mistake and delete this e-mail from your system.
>>>>
>>>> E-mails are not encrypted and cannot be guaranteed to be secure or
>>>> error-free as information could be intercepted, corrupted, lost,
>>>> destroyed, arrive late or incomplete, or contain viruses. The sender
>>>> therefore does not accept liability for any errors or omissions in
>>>> the contents of this message which arise as a result of e-mail transmission.
>>>> If verification is required please request a hard-copy version. This
>>>> message is provided for informational purposes and should not be
>>>> construed as a solicitation or offer to buy or sell any securities or
>>>> related financial instruments.
>>>>
>>>> UBS Limited is a company limited by shares incorporated in the United
>>>> Kingdom registered in England and Wales with number 2035362.
>>>> Registered office: 1 Finsbury Avenue, London EC2M 2PP.  UBS Limited
>>>> is authorised and regulated by the Financial Services Authority.
>>>>
>>>> UBS AG is a public company incorporated with limited liability in
>>>> Switzerland domiciled in the Canton of Basel-City and the Canton of
>>>> Zurich respectively registered at the Commercial Registry offices in
>>>> those Cantons with Identification No: CH-270.3.004.646-4 and having
>>>> respective head offices at Aeschenvorstadt 1, 4051 Basel and
>>>> Bahnhofstrasse 45, 8001 Zurich, Switzerland.  Registered in the
>>>> United Kingdom as a foreign company with No: FC021146 and having a UK
>>>> Establishment registered at Companies House, Cardiff, with No:
>>>> BR 004507.  The principal office of UK Establishment: 1 Finsbury
>>>> Avenue, London EC2M 2PP.  In the United Kingdom, UBS AG is authorised
>>>> and regulated by the Financial Services Authority.
>>>>
>>>> UBS reserves the right to retain all messages. Messages are protected
>>>> and accessed only in legally justified cases.
>>>>
>>>
>>>
>>>
>>> --
>>> thanks
>>> mahadev
>>> @mahadevkonar
>>>
>> Visit our website at http://www.ubs.com
>>
>> This message contains confidential information and is intended only
>> for the individual named. If you are not the named addressee you
>> should not disseminate, distribute or copy this e-mail. Please
>> notify the sender immediately by e-mail if you have received this
>> e-mail by mistake and delete this e-mail from your system.
>>
>> E-mails are not encrypted and cannot be guaranteed to be secure or
>> error-free as information could be intercepted, corrupted, lost,
>> destroyed, arrive late or incomplete, or contain viruses. The sender
>> therefore does not accept liability for a
>

Mime
View raw message