Github user revans2 commented on a diff in the pull request:
https://github.com/apache/storm/pull/2741#discussion_r198638417
--- Diff:
storm-client/src/jvm/org/apache/storm/messaging/netty/KerberosSaslClientHandler.java
---
@@ -96,53 +96,69 @@ private void handleControlMessage(ChannelHandlerContext
ctx, ControlMessage cont
Channel channel = ctx.channel();
KerberosSaslNettyClient saslNettyClient =
getChannelSaslClient(channel);
if (controlMessage == ControlMessage.SASL_COMPLETE_REQUEST) {
- LOG.debug("Server has sent us the SaslComplete message.
Allowing normal work to proceed.");
+ LOG.debug("Server has sent us the SaslComplete message.
Allowing normal work to proceed.");
- if (!saslNettyClient.isComplete()) {
+ if (!saslNettyClient.isComplete()) {
String errorMessage =
"Server returned a Sasl-complete message, but as far
as we can tell, we are not authenticated yet.";
LOG.error(errorMessage);
throw new Exception(errorMessage);
- }
+ }
ctx.pipeline().remove(this);
this.client.channelReady(channel);
// We call fireChannelRead since the client is allowed to
- // perform this request. The client's request will now
proceed
- // to the next pipeline component namely
StormClientHandler.
+ // perform this request. The client's request will now proceed
+ // to the next pipeline component namely StormClientHandler.
ctx.fireChannelRead(controlMessage);
- } else {
+ } else {
LOG.warn("Unexpected control message: {}", controlMessage);
- }
+ }
}
private void handleSaslMessageToken(ChannelHandlerContext ctx,
SaslMessageToken saslMessageToken) throws Exception {
Channel channel = ctx.channel();
KerberosSaslNettyClient saslNettyClient =
getChannelSaslClient(channel);
- LOG.debug("Responding to server's token of length: {}",
- saslMessageToken.getSaslToken().length);
-
- // Generate SASL response (but we only actually send the
response if
- // it's non-null.
- byte[] responseToServer = saslNettyClient
- .saslResponse(saslMessageToken);
- if (responseToServer == null) {
- // If we generate a null response, then authentication has
completed
- // (if not, warn), and return without sending a response
back to the
- // server.
- LOG.debug("Response to server is null: authentication
should now be complete.");
- if (!saslNettyClient.isComplete()) {
- LOG.warn("Generated a null response, but
authentication is not complete.");
- throw new Exception("Our reponse to the server is
null, but as far as we can tell, we are not authenticated yet.");
- }
- this.client.channelReady(channel);
- } else {
- LOG.debug("Response to server token has length: {}",
- responseToServer.length);
- // Construct a message containing the SASL response and send
it to the
+ LOG.debug("Responding to server's token of length: {}",
saslMessageToken.getSaslToken().length);
+
+ // Generate SASL response (but we only actually send the response
if
+ // it's non-null.
+ byte[] responseToServer =
saslNettyClient.saslResponse(saslMessageToken);
+ if (responseToServer == null) {
+ // If we generate a null response, then authentication has
completed
+ // (if not, warn), and return without sending a response back
to the
// server.
+ LOG.debug("Response to server is null: authentication should
now be complete.");
+ if (!saslNettyClient.isComplete()) {
+ LOG.warn("Generated a null response, but authentication is
not complete.");
+ throw new Exception("Our reponse to the server is null,
but as far as we can tell, we are not authenticated yet.");
+ }
+ this.client.channelReady(channel);
+ } else {
+ LOG.debug("Response to server token has length: {}",
+ responseToServer.length);
+ // Construct a message containing the SASL response and send
it to the server.
SaslMessageToken saslResponse = new
SaslMessageToken(responseToServer);
channel.writeAndFlush(saslResponse, channel.voidPromise());
}
}
+
+ @Override
+ public void channelRegistered(ChannelHandlerContext ctx) throws
Exception {
+ super.channelRegistered(ctx);
+ LOG.info("channelRegistered {}", ctx);
+ }
--- End diff --
These look like they are for debugging. could we make them debug logs
instead?
---
