[jira] [Commented] (ZOOKEEPER-1185) Send AuthFailed event to client if SASL authentication fails

Thu, 22 Sep 2011 11:35:54 -0700 

    [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-1185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13112807#comment-13112807
 ] 

[email protected] commented on ZOOKEEPER-1185:
----------------------------------------------------------


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/1959/
-----------------------------------------------------------

(Updated 2011-09-22 18:33:42.805934)


Review request for zookeeper.


Changes
-------

add link to JIRA.


Summary
-------

There are 3 places where ClientCnxn should queue a AuthFailed event if client 
fails to authenticate. Without sending this event, clients may be stuck 
watching for a SaslAuthenticated event that will never come (since the client 
failed to authenticate).

This patch fixes SaslAuthFailTest.testBadSaslAuthNotifiesWatch() to test for 
the AuthFailed event : previously, the test was incorrectly not testing for 
this event.

It also removes the testBadSaslAuthNotifiesWatch() method from the SaslAuthTest 
class : this method belongs in SaslAuthFailTest, not SaslAuthTest. The former 
tests unsuccessful SASL authentication; the latter, successful SASL 
authentication. 


This addresses bug ZOOKEEPER-1185.
    https://issues.apache.org/jira/browse/ZOOKEEPER-1185


Diffs
-----

  src/java/main/org/apache/zookeeper/ClientCnxn.java db15348 
  src/java/main/org/apache/zookeeper/client/ZooKeeperSaslClient.java 43382c8 
  src/java/test/org/apache/zookeeper/test/SaslAuthFailTest.java 8de7c2a 
  src/java/test/org/apache/zookeeper/test/SaslAuthTest.java fd20346 

Diff: https://reviews.apache.org/r/1959/diff


Testing
-------

All unit tests pass. Also tested with an HBase cluster with an hbase shell 
running as an unauthenticated Zookeeper client. As expected, hbase shell could 
not access cluster, but, as expected, did not hang.


Thanks,

Eugene



> Send AuthFailed event to client if SASL authentication fails
> ------------------------------------------------------------
>
>                 Key: ZOOKEEPER-1185
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1185
>             Project: ZooKeeper
>          Issue Type: Bug
>          Components: java client
>    Affects Versions: 3.4.0
>            Reporter: Eugene Koontz
>            Assignee: Eugene Koontz
>              Labels: kerberos, security
>             Fix For: 3.4.0, 3.5.0
>
>         Attachments: ZOOKEEPER-1185.patch
>
>
> There are 3 places where ClientCnxn should queue a AuthFailed event if client 
> fails to authenticate. Without sending this event, clients may be stuck 
> watching for a SaslAuthenticated event that will never come (since the client 
> failed to authenticate).

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to