[
https://issues.apache.org/jira/browse/HADOOP-13526?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15431668#comment-15431668
]
Anu Engineer commented on HADOOP-13526:
---------------------------------------
There is one more checkstyle warning about line length being more than 80.
Could you please fix that too ? +1 after that.
> Add detailed logging in KMS log for the authentication failure of proxy user
> ----------------------------------------------------------------------------
>
> Key: HADOOP-13526
> URL: https://issues.apache.org/jira/browse/HADOOP-13526
> Project: Hadoop Common
> Issue Type: Bug
> Components: kms
> Environment: RHEL
> Reporter: Suraj Acharya
> Assignee: Suraj Acharya
> Priority: Minor
> Attachments: HADOOP-13526.patch, HADOOP-13526.patch.1
>
>
> Problem :
> User A was not able to write a file to HDFS Encryption Zone. It was resolved
> by adding proxy user A in kms-site.xml
> However, the logs showed :
> {code}2016-08-10 19:32:08,954 DEBUG
> org.apache.hadoop.security.authentication.server.AuthenticationFilter:
> Request
> https://vm.example.com:16000/kms/v1/keyversion/aMxsSSKmMEzINTIrKURpFJgHnZxiOvsT9L1nMpbUoGu/_eek?eek_op=decrypt&doAs=userb&user.name=usera
> user [usera] authenticated{code}
> Possible Solution :
> So the message which says the user was successfully authenticated comes from
> {{AuthenticationFilter.java}}. However, when the filter on
> {{DelegationTokenAuthenticationFilter}} is called it hits an exception there
> and there is no log message there. This leads to the confusion that we have
> had a success while the exception happens in the next class.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org
