[
https://issues.apache.org/jira/browse/ZOOKEEPER-1881?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13965789#comment-13965789
]
Hadoop QA commented on ZOOKEEPER-1881:
--------------------------------------
+1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12628899/zookeeper-1881.patch
against trunk revision 1586200.
+1 @author. The patch does not contain any @author tags.
+1 tests included. The patch appears to include 3 new or modified tests.
+1 javadoc. The javadoc tool did not generate any warning messages.
+1 javac. The applied patch does not increase the total number of javac
compiler warnings.
+1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9)
warnings.
+1 release audit. The applied patch does not increase the total number of
release audit warnings.
+1 core tests. The patch passed core unit tests.
+1 contrib tests. The patch passed contrib unit tests.
Test results:
https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/2035//testReport/
Findbugs warnings:
https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/2035//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Console output:
https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/2035//console
This message is automatically generated.
> Shutdown server immediately upon PrivilegedActionException
> ----------------------------------------------------------
>
> Key: ZOOKEEPER-1881
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1881
> Project: ZooKeeper
> Issue Type: Improvement
> Components: server
> Affects Versions: 3.4.5
> Reporter: Ding Yuan
> Assignee: Ding Yuan
> Fix For: 3.5.0
>
> Attachments: zookeeper-1881.patch
>
>
> It seems when an SaslServer cannot be created due to a
> PriviledgedActionException, it is better to shutdown the server immediately
> instead of letting it to propagate. The current behaviour will just set
> ServerCncx.zooKeeperSaslServer to null, and later every time when an SASL
> request comes in it will be rejected. If we already detect the loophole
> early, we should just reject it early.
> {noformat}
> private SaslServer createSaslServer(final Login login) {
> catch (PrivilegedActionException e) {
> // TODO: exit server at this point(?)
> LOG.error("Zookeeper Quorum member experienced a
> PrivilegedActionException exception while creating a SaslServer using a JAAS
> principal context:" + e);
> e.printStackTrace();
> }
> {noformat}
> For what it is worth, attaching an attempt to patch it. The idea of the patch
> is to propagate this PrivilegedActionException to ServerCnxnFactory and shut
> down all the connections and server. Not sure if this is the right way to
> solve it. Any comments are appreciated!
> Also in the patch are two additional logging on two unlogged exceptions.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
