[jira] [Commented] (ARTEMIS-899) On user authentication a stack trace is logged to the error channel

Fri, 06 Jan 2017 08:40:06 -0800 

    [ 
https://issues.apache.org/jira/browse/ARTEMIS-899?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15804941#comment-15804941
 ] 

Justin Bertram commented on ARTEMIS-899:
----------------------------------------

It would be fairly easy to handle the authentication failure differently and 
log it as a {{WARN}} instead of an {{ERROR}}.

However, logging the user's name isn't always so straight-forward because 
Artemis supports authentication via either username/password or SSL 
certificate.  This support is done through JAAS login modules which are opaque 
to the broker.  The best the broker can do is to look at the remoting 
connection to see if it is using SSL and if not then it knows that cert-based 
authn isn't being used so it can log the username passed in by the user.  
However, if the connection is using SSL then it's simply indeterminate so no 
username would be logged.  Does that work for you?

> On user authentication a stack trace is logged to the error channel
> -------------------------------------------------------------------
>
>                 Key: ARTEMIS-899
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-899
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>    Affects Versions: 1.5.1
>            Reporter: Mike Hearn
>
> When a user fails to authenticate, this probably justifies a WARNING but not 
> a full stack trace to the ERROR logger:
> E 16:05:33 39 server.handleCreateSession - AMQ224018: Failed to create session
>  org.apache.activemq.artemis.api.core.ActiveMQSecurityException: AMQ119031: 
> Unable to validate user
>       at 
> org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:145)
>  ~[artemis-server-1.4.0.jar:1.4.0]
>       at 
> org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl.createSession(ActiveMQServerImpl.java:1208)
>  ~[artemis-server-1.4.0.jar:1.4.0]
>       at 
> org.apache.activemq.artemis.core.protocol.core.impl.ActiveMQPacketHandler.handleCreateSession(ActiveMQPacketHandler.java:154)
>  [artemis-server-1.4.0.jar:1.4.0]
>       at 
> org.apache.activemq.artemis.core.protocol.core.impl.ActiveMQPacketHandler.handlePacket(ActiveMQPacketHandler.java:80)
>  [artemis-server-1.4.0.jar:1.4.0]
>       at 
> org.apache.activemq.artemis.core.protocol.core.impl.ChannelImpl.handlePacket(ChannelImpl.java:633)
>  [artemis-core-client-1.4.0.jar:1.4.0]
>       at 
> org.apache.activemq.artemis.core.protocol.core.impl.RemotingConnectionImpl.doBufferReceived(RemotingConnectionImpl.java:376)
>  [artemis-core-client-1.4.0.jar:1.4.0]
>       at 
> org.apache.activemq.artemis.core.protocol.core.impl.RemotingConnectionImpl.bufferReceived(RemotingConnectionImpl.java:358)
>  [artemis-core-client-1.4.0.jar:1.4.0]
>       at 
> org.apache.activemq.artemis.core.remoting.server.impl.RemotingServiceImpl$DelegatingBufferHandler.bufferReceived(RemotingServiceImpl.java:631)
>  [artemis-server-1.4.0.jar:1.4.0]
>       at 
> org.apache.activemq.artemis.core.remoting.impl.netty.ActiveMQChannelHandler.channelRead(ActiveMQChannelHandler.java:68)
>  [artemis-core-client-1.4.0.jar:1.4.0]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:366)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:352)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:345)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:293)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:267)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:366)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:352)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:345)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1066) 
> [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:900) 
> [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:411)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:248)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:366)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:352)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:345)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1294)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:366)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:352)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:911)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:131)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:572) 
> [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:513)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:427) 
> [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:399) 
> [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at 
> io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:140)
>  [netty-all-4.0.39.Final.jar:4.0.39.Final]
>       at java.lang.Thread.run(Thread.java:745) [?:1.8.0_102]



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to