[
https://issues.apache.org/jira/browse/ZOOKEEPER-2365?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15176435#comment-15176435
]
Dan Fitch commented on ZOOKEEPER-2365:
--------------------------------------
Biju Nair: I'm a user of the project, not a developer, so I can't really do a
review.
* It appears to output separate messages which distinguish if the file exists
or not. That's good.
* The change loses the portion of code which checked `loginContextName` - I'm
not sure if that was important or not. Bad?
* At the end of the function, I'm not sure why it's throwing a new exception
entirely instead of wrapping the existing `securityException` with the custom
message maybe.
Again, not a developer on this project or at all familiar with the codebase...
hope this helps though.
> JAAS configuration section error is confusing
> ---------------------------------------------
>
> Key: ZOOKEEPER-2365
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2365
> Project: ZooKeeper
> Issue Type: Bug
> Components: java client
> Affects Versions: 3.4.6
> Environment: Ubuntu x86_64 openjdk-7-jre
> Reporter: Dan Fitch
> Assignee: Biju Nair
> Priority: Trivial
> Attachments: ZOOKEEPER-2365.patch
>
>
> I have zookeeper running normally just fine in a 3-server cluster.
> Then I try to configure zookeeper to use Kerberos, following docs in the Solr
> wiki here:
> https://cwiki.apache.org/confluence/display/solr/Kerberos+Authentication+Plugin
> I can't even get to the fun Kerberos errors. When I start with
> {{JVMFLAGS="-Djava.security.auth.login.config=/opt/zookeeper/jaas-server.conf"}}
> and this jaas-server.conf:
> {code}
> Server {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> keyTab=/keytabs/vdev-solr-01.keytab
> storeKey=true
> doNotPrompt=true
> useTicketCache=false
> debug=true
> principal="HTTP/<snip>";
> }
> {code}
> I get this in the log:
> {code}
> 2016-02-10 16:16:51,327 [myid:1] - ERROR [main:ServerCnxnFactory@195] - No
> JAAS configuration section named 'Server' was foundin
> '/opt/zookeeper/jaas-server.conf'.
> 2016-02-10 16:16:51,328 [myid:1] - ERROR [main:QuorumPeerMain@89] -
> Unexpected exception, exiting abnormally
> java.io.IOException: No JAAS configuration section named 'Server' was foundin
> '/opt/zookeeper/jaas-server.conf'.
> at
> org.apache.zookeeper.server.ServerCnxnFactory.configureSaslLogin(ServerCnxnFactory.java:196)
> at
> org.apache.zookeeper.server.NIOServerCnxnFactory.configure(NIOServerCnxnFactory.java:87)
> at
> org.apache.zookeeper.server.quorum.QuorumPeerMain.runFromConfig(QuorumPeerMain.java:130)
> at
> org.apache.zookeeper.server.quorum.QuorumPeerMain.initializeAndRun(QuorumPeerMain.java:111)
> at
> org.apache.zookeeper.server.quorum.QuorumPeerMain.main(QuorumPeerMain.java:78)
> {code}
> (Note the "foundin" typo.)
> I get the exact same error if the jaas-server.conf file exists, or does not.
> So later I found that the Solr wiki was wrong and lost the double quotes
> around the keytab value. It would be nice if Zookeeper spewed a more useful
> message when it can't parse the configuration.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
