[
https://issues.apache.org/jira/browse/SOLR-6915?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Shalin Shekhar Mangar updated SOLR-6915:
----------------------------------------
Attachment: tests-failures.txt
I saw a failure locally on this test. The logs are attached.
I am able to reproduce the failure on linux and macos on trunk with jdk8 with
the following:
{code}
ant test -Dtestcase=SaslZkACLProviderTest -Dtests.method=testSaslZkACLProvider
-Dtests.seed=69C665DFFD76343A -Dtests.slow=true
-Dtests.locale=th_TH_TH_#u-nu-thai -Dtests.timezone=GMT0 -Dtests.asserts=true
-Dtests.file.encoding=US-ASCII
{code}
{code}
[junit4] ERROR 3.05s J3 | SaslZkACLProviderTest.testSaslZkACLProvider <<<
[junit4] > Throwable #1: java.lang.RuntimeException:
org.apache.directory.api.ldap.model.exception.LdapOtherException:
org.apache.directory.api.ldap.model.exception.LdapOtherException:
ERR_04447_CANNOT_NORMALIZE_VALUE Cannot normalize the wrapped value
ERR_04473_NOT_VALID_VALUE Not a valid value '20090818022733Z' for the
AttributeType 'ATTRIBUTE_TYPE ( 1.3.6.1.4.1.18060.0.4.1.2.35
[junit4] > NAME 'schemaModifyTimestamp'
[junit4] > DESC time which schema was modified
[junit4] > SUP modifyTimestamp
[junit4] > EQUALITY generalizedTimeMatch
[junit4] > ORDERING generalizedTimeOrderingMatch
[junit4] > SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
[junit4] > USAGE directoryOperation
[junit4] > )
[junit4] > '
[junit4] > at
org.apache.solr.cloud.SaslZkACLProviderTest$SaslZkTestServer.run(SaslZkACLProviderTest.java:204)
[junit4] > at
org.apache.solr.cloud.SaslZkACLProviderTest.setUp(SaslZkACLProviderTest.java:74)
[junit4] > at java.lang.Thread.run(Thread.java:745)
[junit4] > Caused by:
org.apache.directory.api.ldap.model.exception.LdapOtherException:
org.apache.directory.api.ldap.model.exception.LdapOtherException:
ERR_04447_CANNOT_NORMALIZE_VALUE Cannot normalize the wrapped value
ERR_04473_NOT_VALID_VALUE Not a valid value '20090818022733Z' for the
AttributeType 'ATTRIBUTE_TYPE ( 1.3.6.1.4.1.18060.0.4.1.2.35
[junit4] > NAME 'schemaModifyTimestamp'
[junit4] > DESC time which schema was modified
[junit4] > SUP modifyTimestamp
[junit4] > EQUALITY generalizedTimeMatch
[junit4] > ORDERING generalizedTimeOrderingMatch
[junit4] > SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
[junit4] > USAGE directoryOperation
[junit4] > )
[junit4] > '
[junit4] > at
org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:84)
[junit4] > at
org.apache.directory.server.core.DefaultDirectoryService.initialize(DefaultDirectoryService.java:1808)
[junit4] > at
org.apache.directory.server.core.DefaultDirectoryService.startup(DefaultDirectoryService.java:1248)
[junit4] > at
org.apache.hadoop.minikdc.MiniKdc.initDirectoryService(MiniKdc.java:375)
[junit4] > at
org.apache.hadoop.minikdc.MiniKdc.start(MiniKdc.java:310)
[junit4] > at
org.apache.solr.cloud.SaslZkACLProviderTest$SaslZkTestServer.run(SaslZkACLProviderTest.java:197)
[junit4] > ... 39 more
[junit4] > Caused by: java.lang.RuntimeException:
org.apache.directory.api.ldap.model.exception.LdapOtherException:
ERR_04447_CANNOT_NORMALIZE_VALUE Cannot normalize the wrapped value
ERR_04473_NOT_VALID_VALUE Not a valid value '20090818022733Z' for the
AttributeType 'ATTRIBUTE_TYPE ( 1.3.6.1.4.1.18060.0.4.1.2.35
[junit4] > NAME 'schemaModifyTimestamp'
[junit4] > DESC time which schema was modified
[junit4] > SUP modifyTimestamp
[junit4] > EQUALITY generalizedTimeMatch
[junit4] > ORDERING generalizedTimeOrderingMatch
[junit4] > SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
[junit4] > USAGE directoryOperation
[junit4] > )
[junit4] > '
[junit4] > at
org.apache.directory.server.core.api.schema.SchemaPartition.doInit(SchemaPartition.java:226)
[junit4] > at
org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:79)
[junit4] > ... 44 more
[junit4] > Caused by:
org.apache.directory.api.ldap.model.exception.LdapOtherException:
ERR_04447_CANNOT_NORMALIZE_VALUE Cannot normalize the wrapped value
ERR_04473_NOT_VALID_VALUE Not a valid value '20090818022733Z' for the
AttributeType 'ATTRIBUTE_TYPE ( 1.3.6.1.4.1.18060.0.4.1.2.35
[junit4] > NAME 'schemaModifyTimestamp'
[junit4] > DESC time which schema was modified
[junit4] > SUP modifyTimestamp
[junit4] > EQUALITY generalizedTimeMatch
[junit4] > ORDERING generalizedTimeOrderingMatch
[junit4] > SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
[junit4] > USAGE directoryOperation
[junit4] > )
[junit4] > '
[junit4] > at
org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:84)
[junit4] > at
org.apache.directory.server.core.api.schema.SchemaPartition.doInit(SchemaPartition.java:219)
[junit4] > ... 45 more
[junit4] > Caused by:
org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException:
ERR_04447_CANNOT_NORMALIZE_VALUE Cannot normalize the wrapped value
ERR_04473_NOT_VALID_VALUE Not a valid value '20090818022733Z' for the
AttributeType 'ATTRIBUTE_TYPE ( 1.3.6.1.4.1.18060.0.4.1.2.35
[junit4] > NAME 'schemaModifyTimestamp'
[junit4] > DESC time which schema was modified
[junit4] > SUP modifyTimestamp
[junit4] > EQUALITY generalizedTimeMatch
[junit4] > ORDERING generalizedTimeOrderingMatch
[junit4] > SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
[junit4] > USAGE directoryOperation
[junit4] > )
[junit4] > '
[junit4] > at
org.apache.directory.api.ldap.model.entry.AbstractValue.apply(AbstractValue.java:211)
[junit4] > at
org.apache.directory.api.ldap.model.entry.StringValue.<init>(StringValue.java:107)
[junit4] > at
org.apache.directory.api.ldap.model.entry.DefaultAttribute.<init>(DefaultAttribute.java:468)
[junit4] > at
org.apache.directory.api.ldap.model.entry.DefaultEntry.<init>(DefaultEntry.java:315)
[junit4] > at
org.apache.directory.server.core.partition.ldif.LdifPartition.loadEntries(LdifPartition.java:517)
[junit4] > at
org.apache.directory.server.core.partition.ldif.LdifPartition.loadEntries(LdifPartition.java:549)
[junit4] > at
org.apache.directory.server.core.partition.ldif.LdifPartition.doInit(LdifPartition.java:164)
[junit4] > at
org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:79)
[junit4] > ... 46 more
[junit4] > Caused by:
org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException:
ERR_04473_NOT_VALID_VALUE Not a valid value '20090818022733Z' for the
AttributeType 'ATTRIBUTE_TYPE ( 1.3.6.1.4.1.18060.0.4.1.2.35
[junit4] > NAME 'schemaModifyTimestamp'
[junit4] > DESC time which schema was modified
[junit4] > SUP modifyTimestamp
[junit4] > EQUALITY generalizedTimeMatch
[junit4] > ORDERING generalizedTimeOrderingMatch
[junit4] > SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
[junit4] > USAGE directoryOperation
[junit4] > )
[junit4] > '
[junit4] > at
org.apache.directory.api.ldap.model.entry.AbstractValue.apply(AbstractValue.java:204)
[junit4] > ... 53 moreThrowable #2: java.lang.NullPointerException
[junit4] > at
org.apache.solr.cloud.ZkTestServer$ZKServerMain.shutdown(ZkTestServer.java:332)
[junit4] > at
org.apache.solr.cloud.ZkTestServer.shutdown(ZkTestServer.java:492)
[junit4] > at
org.apache.solr.cloud.SaslZkACLProviderTest$SaslZkTestServer.shutdown(SaslZkACLProviderTest.java:211)
[junit4] > at
org.apache.solr.cloud.SaslZkACLProviderTest.tearDown(SaslZkACLProviderTest.java:109)
[junit4] > at java.lang.Thread.run(Thread.java:745)
{code}
> SaslZkACLProvider and Kerberos Test Using MiniKdc
> -------------------------------------------------
>
> Key: SOLR-6915
> URL: https://issues.apache.org/jira/browse/SOLR-6915
> Project: Solr
> Issue Type: Improvement
> Components: SolrCloud
> Reporter: Gregory Chanan
> Assignee: Gregory Chanan
> Fix For: 5.0, Trunk
>
> Attachments: SOLR-6915.patch, SOLR-6915.patch, fail.log, fail.log,
> tests-failures.txt
>
>
> We should provide a ZkACLProvider that requires SASL authentication. This
> provider will be useful for administration in a kerberos environment. In
> such an environment, the administrator wants solr to authenticate to
> zookeeper using SASL, since this is only way to authenticate with zookeeper
> via kerberos.
> The authorization model in such a setup can vary, e.g. you can imagine a
> scenario where solr owns (is the only writer of) the non-config znodes, but
> some set of trusted users are allowed to modify the configs. It's hard to
> predict all the possibilities here, but one model that seems generally useful
> is to have a model where solr itself owns all the znodes and all actions that
> require changing the znodes are routed to Solr APIs. That seems simple and
> reasonable as a first version.
> As for testing, I noticed while working on SOLR-6625 that we don't really
> have any infrastructure for testing kerberos integration in unit tests.
> Internally, I've been testing using kerberos-enabled VM clusters, but this
> isn't great since we won't notice any breakages until someone actually spins
> up a VM. So part of this JIRA is to provide some infrastructure for testing
> kerberos at the unit test level (using Hadoop's MiniKdc, HADOOP-9848).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
