[ https://issues.apache.org/jira/browse/HADOOP-13474?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Xiao Chen updated HADOOP-13474: ------------------------------- Status: Patch Available (was: Open) > Add more details in the log when a token is expired > --------------------------------------------------- > > Key: HADOOP-13474 > URL: https://issues.apache.org/jira/browse/HADOOP-13474 > Project: Hadoop Common > Issue Type: Improvement > Components: security > Affects Versions: 2.6.0 > Reporter: Xiao Chen > Assignee: Xiao Chen > Attachments: HADOOP-13474.01.patch > > > Currently when there's an expired token, we see this from the log: > {noformat} > 2016-08-06 07:13:20,807 WARN > org.apache.hadoop.security.authentication.server.AuthenticationFilter: > AuthenticationToken ignored: AuthenticationToken expired > 2016-08-06 09:55:48,665 WARN > org.apache.hadoop.security.authentication.server.AuthenticationFilter: > AuthenticationToken ignored: AuthenticationToken expired > 2016-08-06 10:01:41,452 WARN > org.apache.hadoop.security.authentication.server.AuthenticationFilter: > AuthenticationToken ignored: AuthenticationToken expired > {noformat} > We should log a better > [message|https://github.com/apache/hadoop/blob/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java#L456], > to include more details (e.g. token type, username, tokenid) for > trouble-shooting purpose. > I don't think the additional information exposed will lead to any security > concern, since the token is expired anyways. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org