Mike Yoder created HADOOP-12318: ----------------------------------- Summary: Expose underlying LDAP exceptions in SaslPlainServer Key: HADOOP-12318 URL: https://issues.apache.org/jira/browse/HADOOP-12318 Project: Hadoop Common Issue Type: Improvement Components: security Reporter: Mike Yoder Priority: Minor
In the code of class [SaslPlainServer|http://github.mtv.cloudera.com/CDH/hadoop/blob/cdh5-2.6.0/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SaslPlainServer.java#L108], the underlying exception is not included in the {{SaslException}}, which leads to below error message in HiveServer2: {noformat} 2015-07-22 11:50:28,433 DEBUG org.apache.thrift.transport.TSaslServerTransport: failed to open server transport org.apache.thrift.transport.TTransportException: PLAIN auth failed: Error validating LDAP user at org.apache.thrift.transport.TSaslTransport.sendAndThrowMessage(TSaslTransport.java:232) at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:316) at org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTransport.java:41) at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:216) at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:268) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:745) {noformat} Make COEs very hard to understand what the real error is. Can we change that line as: {code} } catch (Exception e) { throw new SaslException("PLAIN auth failed: " + e.getMessage(), e); } {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)