Steve Loughran created HADOOP-10629:
---------------------------------------
Summary: security diagnostics info being dropped in exceptions
seen by client
Key: HADOOP-10629
URL: https://issues.apache.org/jira/browse/HADOOP-10629
Project: Hadoop Common
Issue Type: Improvement
Components: ipc
Affects Versions: 2.4.0
Reporter: Steve Loughran
When there are some security problems, not all the info goes back to the
client, which sees
{code}
Caused by: org.apache.hadoop.ipc.RemoteException: GSS initiate failed
at
org.apache.hadoop.security.SaslRpcClient.saslConnect(SaslRpcClient.java:373)
~[hadoop-common-2.4.0.jar:na]
{code}
It's only server-side the diagnostics surface, here some javax crypto issues
{code}
2014-05-24 14:17:34,314 INFO org.apache.hadoop.ipc.Server: Socket Reader #1 for
port 9090: readAndProcess from client 192.168.1.86 threw exception
[javax.security.sasl.SaslException: GSS initiate failed [Caused by
GSSException: Failure unspecified at GSS-API level (Mechanism level: Encryption
type AES256 CTS mode with HMAC SHA1-96 is not supported/enabled)]]
{code}
-the inner exception text isn't making it back to the client...
--
This message was sent by Atlassian JIRA
(v6.2#6252)
