[ https://issues.apache.org/jira/browse/HADOOP-13693?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Xiao Chen updated HADOOP-13693: ------------------------------- Attachment: HADOOP-13693.02.patch Oops, there you go... Thanks [~xyao] for the quick response! > Make the SPNEGO initialization OPTIONS message in kms audit log admin-friendly > ------------------------------------------------------------------------------ > > Key: HADOOP-13693 > URL: https://issues.apache.org/jira/browse/HADOOP-13693 > Project: Hadoop Common > Issue Type: Improvement > Components: kms > Reporter: Xiao Chen > Assignee: Xiao Chen > Priority: Minor > Attachments: HADOOP-13693.01.patch, HADOOP-13693.02.patch > > > For a successful kms operation, kms-audit.log shows an UNAUTHENTICATED > ErrorMsg:'Authentication required' message before the OK messages. This is > expected, and due to the spnego authentication sequence. (Notice method == > {{OPTIONS}}) > {noformat} > 2016-01-31 21:07:04,671 UNAUTHENTICATED RemoteHost:10.0.2.15 Method:OPTIONS > URL:https://quickstart.cloudera:16000/kms/v1/keyversion/ZJfn4lfNXxy068gqEmhxRCFljzoKEKDDR9ZJLO32vqq/_eek?eek_op=decrypt > ErrorMsg:'Authentication required' > 2016-01-31 21:07:04,911 OK[op=DECRYPT_EEK, key=cloudera, user=cloudera, > accessCount=1, interval=0ms] > 2016-01-31 21:07:15,104 OK[op=DECRYPT_EEK, key=cloudera, user=cloudera, > accessCount=1, interval=10193ms] > {noformat} > However, admins/auditors see this and can easily get confused/alerted. We > should make it obvious this is benign. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org