[
https://issues.apache.org/jira/browse/ZOOKEEPER-2365?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15206082#comment-15206082
]
Flavio Junqueira commented on ZOOKEEPER-2365:
---------------------------------------------
The last point [~danfitch] raised ins the most important for me, why are you
not propagating the message in the original {{SecurityException}}?
I suspect that the reason we throw an IOException is that we have tried to make
it common practice to propagate up IOException when there is any issues that
involves IO (e.g., accessing a file), but it doesn't mean we should be
swallowing the original error message.
[~gsbiju] could you please produce a new patch to address the comments?
> JAAS configuration section error is confusing
> ---------------------------------------------
>
> Key: ZOOKEEPER-2365
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2365
> Project: ZooKeeper
> Issue Type: Bug
> Components: java client
> Affects Versions: 3.4.6
> Environment: Ubuntu x86_64 openjdk-7-jre
> Reporter: Dan Fitch
> Assignee: Biju Nair
> Priority: Trivial
> Attachments: ZOOKEEPER-2365.patch
>
>
> I have zookeeper running normally just fine in a 3-server cluster.
> Then I try to configure zookeeper to use Kerberos, following docs in the Solr
> wiki here:
> https://cwiki.apache.org/confluence/display/solr/Kerberos+Authentication+Plugin
> I can't even get to the fun Kerberos errors. When I start with
> {{JVMFLAGS="-Djava.security.auth.login.config=/opt/zookeeper/jaas-server.conf"}}
> and this jaas-server.conf:
> {code}
> Server {
> com.sun.security.auth.module.Krb5LoginModule required
> useKeyTab=true
> keyTab=/keytabs/vdev-solr-01.keytab
> storeKey=true
> doNotPrompt=true
> useTicketCache=false
> debug=true
> principal="HTTP/<snip>";
> }
> {code}
> I get this in the log:
> {code}
> 2016-02-10 16:16:51,327 [myid:1] - ERROR [main:ServerCnxnFactory@195] - No
> JAAS configuration section named 'Server' was foundin
> '/opt/zookeeper/jaas-server.conf'.
> 2016-02-10 16:16:51,328 [myid:1] - ERROR [main:QuorumPeerMain@89] -
> Unexpected exception, exiting abnormally
> java.io.IOException: No JAAS configuration section named 'Server' was foundin
> '/opt/zookeeper/jaas-server.conf'.
> at
> org.apache.zookeeper.server.ServerCnxnFactory.configureSaslLogin(ServerCnxnFactory.java:196)
> at
> org.apache.zookeeper.server.NIOServerCnxnFactory.configure(NIOServerCnxnFactory.java:87)
> at
> org.apache.zookeeper.server.quorum.QuorumPeerMain.runFromConfig(QuorumPeerMain.java:130)
> at
> org.apache.zookeeper.server.quorum.QuorumPeerMain.initializeAndRun(QuorumPeerMain.java:111)
> at
> org.apache.zookeeper.server.quorum.QuorumPeerMain.main(QuorumPeerMain.java:78)
> {code}
> (Note the "foundin" typo.)
> I get the exact same error if the jaas-server.conf file exists, or does not.
> So later I found that the Solr wiki was wrong and lost the double quotes
> around the keytab value. It would be nice if Zookeeper spewed a more useful
> message when it can't parse the configuration.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
