Return-Path: X-Original-To: apmail-zookeeper-user-archive@www.apache.org Delivered-To: apmail-zookeeper-user-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id B89E6600C for ; Mon, 20 Jun 2011 16:59:40 +0000 (UTC) Received: (qmail 34122 invoked by uid 500); 20 Jun 2011 16:59:36 -0000 Delivered-To: apmail-zookeeper-user-archive@zookeeper.apache.org Received: (qmail 34091 invoked by uid 500); 20 Jun 2011 16:59:36 -0000 Mailing-List: contact user-help@zookeeper.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@zookeeper.apache.org Delivered-To: mailing list user@zookeeper.apache.org Received: (qmail 34056 invoked by uid 99); 20 Jun 2011 16:59:36 -0000 Received: from minotaur.apache.org (HELO minotaur.apache.org) (140.211.11.9) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 20 Jun 2011 16:59:36 +0000 Received: from localhost (HELO mail-iy0-f170.google.com) (127.0.0.1) (smtp-auth username phunt, mechanism plain) by minotaur.apache.org (qpsmtpd/0.29) with ESMTP; Mon, 20 Jun 2011 16:59:35 +0000 Received: by iym1 with SMTP id 1so2985303iym.15 for ; Mon, 20 Jun 2011 09:59:35 -0700 (PDT) MIME-Version: 1.0 Received: by 10.42.197.7 with SMTP id ei7mr1366146icb.115.1308589175165; Mon, 20 Jun 2011 09:59:35 -0700 (PDT) Received: by 10.42.239.7 with HTTP; Mon, 20 Jun 2011 09:59:35 -0700 (PDT) In-Reply-To: References: <2C09FDD6384AA24B94D00CA0CAE8F7E20404F760@NLDNC102PEX1.ubsw.net> <2C09FDD6384AA24B94D00CA0CAE8F7E20404F920@NLDNC102PEX1.ubsw.net> Date: Mon, 20 Jun 2011 09:59:35 -0700 Message-ID: Subject: Re: How to check if the zookeeper client is authenticated? From: Patrick Hunt To: user@zookeeper.apache.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Semyon, please consider opening a jira, both wrt documenting the current behavior, and perhaps a second if you think the behavior should be changed. Regards, Patrick On Mon, Jun 20, 2011 at 4:33 AM, Camille Fournier wrot= e: > It is not easy and obvious, no. You won't be told if auth succeeded, > the best you can do is immediately call a simple synchronous method > and ensure it doesn't raise authfailed. > > C > > On Monday, June 20, 2011, =A0 wrote: >> Hi guys, >> >> Thank you for your response. >> >> I read the zk's source code of Friday and found out that in case of fail= ed authentication the KeeperState is changed to KeeperState.AuthFailed but = in case of successful one nothing happens - neither any triggers are called= nor status is changed. KeeperState remains the same as before the call of = authentication. So, it is not obvious if the authentication is completed an= d not or if it was called or not at all. >> >> In the ClientCnxn.SendThread class, method readResponse(), line 766: >> >> =A0=A0 =A0 =A0 =A0 =A0 =A0.... >> =A0=A0 =A0 =A0 =A0 =A0 =A0if (replyHdr.getXid() =3D=3D -4) { >> =A0=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 // -4 is the xid for AuthPacket >> =A0=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0if(replyHdr.getErr() =3D=3D KeeperExce= ption.Code.AUTHFAILED.intValue()) { >> =A0=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0zooKeeper.state =3D States.AUT= H_FAILED; >> =A0=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0eventThread.queueEvent( new Wa= tchedEvent(Watcher.Event.EventType.None, >> =A0=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0Watcher.Event.= KeeperState.AuthFailed, null) ); >> =A0=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0} >> =A0=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0if (LOG.isDebugEnabled()) { >> =A0=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0LOG.debug("Got auth sessionid:= 0x" >> =A0=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0+ Long.toHexSt= ring(sessionId)); >> =A0=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0} >> =A0=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0return; >> =A0=A0 =A0 =A0 =A0 =A0 =A0} >> =A0=A0 =A0 =A0 =A0 =A0 =A0.... >> >> If it is successful - nothing is called. >> Is it supposed how it should behave? If it is then I have to catch the e= xception, process it (if it is actually authentication exception) and re-tr= y my call (e.g. create znode) until it is successful. Not easy and obvious,= isn't it? >> >> Regards, >> Semyon >> >> >> -----Original Message----- >> From: Patrick Hunt [mailto:phunt@apache.org] >> Sent: Friday, June 17, 2011 7:35 PM >> To: user@zookeeper.apache.org >> Subject: Re: How to check if the zookeeper client is authenticated? >> >> In general i'm pretty happy with our docs, however Auth docs are an area= where we could use some help.... ;-) Would be great if someone wanted to w= ork on this. >> >> On Fri, Jun 17, 2011 at 11:28 AM, Mahadev Konar wro= te: >>> Hey Semyon, >>> =A0You will get an event in your watcher : >>> >>> KeeperState.AuthFailed >>> >>> in case that happens. >>> >>> I think this probably needs more documentation since its not obvious. >>> Semyon, mind creating a jira and if possible upload a patch for it? >>> >>> thanks >>> mahadev >>> >>> On Fri, Jun 17, 2011 at 3:23 AM, =A0 wrote: >>>> >>>> Hello >>>> >>>> I am using default "digest" AuthenticationProvider. How can I >>>> understand that the client is authenticated and is ready to create the= nodes? >>>> >>>> Thanks >>>> >>>> Visit our website at http://www.ubs.com >>>> >>>> This message contains confidential information and is intended only >>>> for the individual named. If you are not the named addressee you >>>> should not disseminate, distribute or copy this e-mail. Please notify >>>> the sender immediately by e-mail if you have received this e-mail by >>>> mistake and delete this e-mail from your system. >>>> >>>> E-mails are not encrypted and cannot be guaranteed to be secure or >>>> error-free as information could be intercepted, corrupted, lost, >>>> destroyed, arrive late or incomplete, or contain viruses. The sender >>>> therefore does not accept liability for any errors or omissions in >>>> the contents of this message which arise as a result of e-mail transmi= ssion. >>>> If verification is required please request a hard-copy version. This >>>> message is provided for informational purposes and should not be >>>> construed as a solicitation or offer to buy or sell any securities or >>>> related financial instruments. >>>> >>>> UBS Limited is a company limited by shares incorporated in the United >>>> Kingdom registered in England and Wales with number 2035362. >>>> Registered office: 1 Finsbury Avenue, London EC2M 2PP. =A0UBS Limited >>>> is authorised and regulated by the Financial Services Authority. >>>> >>>> UBS AG is a public company incorporated with limited liability in >>>> Switzerland domiciled in the Canton of Basel-City and the Canton of >>>> Zurich respectively registered at the Commercial Registry offices in >>>> those Cantons with Identification No: CH-270.3.004.646-4 and having >>>> respective head offices at Aeschenvorstadt 1, 4051 Basel and >>>> Bahnhofstrasse 45, 8001 Zurich, Switzerland. =A0Registered in the >>>> United Kingdom as a foreign company with No: FC021146 and having a UK >>>> Establishment registered at Companies House, Cardiff, with No: >>>> BR 004507. =A0The principal office of UK Establishment: 1 Finsbury >>>> Avenue, London EC2M 2PP. =A0In the United Kingdom, UBS AG is authorise= d >>>> and regulated by the Financial Services Authority. >>>> >>>> UBS reserves the right to retain all messages. Messages are protected >>>> and accessed only in legally justified cases. >>>> >>> >>> >>> >>> -- >>> thanks >>> mahadev >>> @mahadevkonar >>> >> Visit our website at http://www.ubs.com >> >> This message contains confidential information and is intended only >> for the individual named. If you are not the named addressee you >> should not disseminate, distribute or copy this e-mail. Please >> notify the sender immediately by e-mail if you have received this >> e-mail by mistake and delete this e-mail from your system. >> >> E-mails are not encrypted and cannot be guaranteed to be secure or >> error-free as information could be intercepted, corrupted, lost, >> destroyed, arrive late or incomplete, or contain viruses. The sender >> therefore does not accept liability for a >