[
https://issues.apache.org/jira/browse/KUDU-2586?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alexey Serbin updated KUDU-2586:
--------------------------------
Description:
Current implementation of the {{ConnectToClusterRpc::SingleNodeCallback}}
method does not handle {{FATAL_INVALID_AUTHENTICATION_TOKEN}} error code,
relying on handling that in {{KuduClient::Data::SyncLeaderMasterRpc}}. As it
turned out, that's not enough: see KUDU-2058.
In short, current authn token should be removed from the messenger after upon
receiving FATAL_INVALID_AUTHENTICATION_TOKEN error code in response from any
master. A new token should be automatically acquired (if primary credentials
are present) on next attempt to connect to the cluster.
Also, it would be nice to refactor {{KuduClient::Data::SyncLeaderMasterRpc}}
regarding handling of various error codes. Additionally, it's necessary to
revise the logic of setting/resetting the {{KuduClient::Data::master_proxy_}}
member upon receiving non-OP result status in
{{KuduClient::Data::ConnectedToClusterCb}}; e.g. whether it's worth keep the
old proxy to the master server if receiving {{NOT_THE_LEADER}} error response
code while trying to connect to it.
was:
Current implementation of the {{ConnectToClusterRpc::SingleNodeCallback}}
method does not handle {{FATAL_INVALID_AUTHENTICATION_TOKEN}} error code,
relying on handling that in {{KuduClient::Data::SyncLeaderMasterRpc}}. As it
turned out, that's not enough: see KUDU-2058.
In short, current authn token should be removed from the messenger after upon
receiving FATAL_INVALID_AUTHENTICATION_TOKEN error code in response from any
master. A new token should be automatically acquired (if primary credentials
are present) on next attempt to connect to the cluster.
Also, it would be nice to refactor {{KuduClient::Data::SyncLeaderMasterRpc}}
regarding handling of various error codes.
> Refactor ConnectToClusterRpc to handle FATAL_INVALID_AUTHENTICATION_TOKEN
> -------------------------------------------------------------------------
>
> Key: KUDU-2586
> URL: https://issues.apache.org/jira/browse/KUDU-2586
> Project: Kudu
> Issue Type: Improvement
> Components: client, security
> Affects Versions: 1.8.0
> Reporter: Alexey Serbin
> Assignee: Alexey Serbin
> Priority: Major
>
> Current implementation of the {{ConnectToClusterRpc::SingleNodeCallback}}
> method does not handle {{FATAL_INVALID_AUTHENTICATION_TOKEN}} error code,
> relying on handling that in {{KuduClient::Data::SyncLeaderMasterRpc}}. As
> it turned out, that's not enough: see KUDU-2058.
> In short, current authn token should be removed from the messenger after upon
> receiving FATAL_INVALID_AUTHENTICATION_TOKEN error code in response from any
> master. A new token should be automatically acquired (if primary credentials
> are present) on next attempt to connect to the cluster.
> Also, it would be nice to refactor {{KuduClient::Data::SyncLeaderMasterRpc}}
> regarding handling of various error codes. Additionally, it's necessary to
> revise the logic of setting/resetting the {{KuduClient::Data::master_proxy_}}
> member upon receiving non-OP result status in
> {{KuduClient::Data::ConnectedToClusterCb}}; e.g. whether it's worth keep the
> old proxy to the master server if receiving {{NOT_THE_LEADER}} error response
> code while trying to connect to it.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
