[
https://issues.apache.org/jira/browse/ZOOKEEPER-2346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15616074#comment-15616074
]
Meyer Kizner commented on ZOOKEEPER-2346:
-----------------------------------------
It looks like this is a race in the code that handles SASL authentication
failures. While testing out SASL on our installation, I've observed both the
behavior described in this issue and a more correct version, in which the
server sends a null SASL token back to the client before closing the connection.
I have a short patch for this, but it doesn't look like I can upload it unless
I'm assigned this issue. Can someone fix that for me?
> SASL Auth failure manifested to client as connection refusal
> ------------------------------------------------------------
>
> Key: ZOOKEEPER-2346
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2346
> Project: ZooKeeper
> Issue Type: Bug
> Components: server
> Affects Versions: 3.4.6
> Reporter: Steve Loughran
>
> If a client can't authenticate via sasl then (a) the stack trace is lost on
> the server logs, and (b) it is exposed to the client as a connection refusal.
> This results in curator retrying many times before giving up —and with the
> cause being misinterpreted as a server-down problem, rather than a
> client-not-trusted problem
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
