I'm not sure what your development context is so it's hard to answer
that question. If you're programatically creating a cache then set the
cache property ConfigurationProperties.SECURITY_UDP_DHALGO to an empty
string. If you're using a properties file set it to blank.
security-udp-dhalgo=
-or-
cachefactory.set(SECURITY_UDP_DHALGO, "")
I don't recall how you set properties for the cache under Spring.
On 4/11/18 11:44 PM, Thacker, Dharam wrote:
Hello Bruce,
I have not manually specified this property to enable udp encryption
using "security-udp-dhalgo" anywhere. I am using TCP mode only.
Is it by default enabled? If yes, how can I disable it?
I could not find any documentation on it.
Thanks,
Dharam
Sent with BlackBerry Work (www.blackberry.com)
------------------------------------------------------------------------
*From: *"Thacker, Dharam" <[email protected]
<mailto:[email protected]>>
*Sent: *Apr 11, 2018 10:59 PM
*To: *[email protected] <mailto:[email protected]>
*Subject: *RE: AuthenticationRequiredException on force disconnection
Thank you Bruce!
I will surely open a JIRA soon.
"Geode sends membership information, alerts and on rare occasions a PDX
registration message over UDP"
Would there be any negative impact on disabling 'security-udp-dhalgo'
on peer to peer members or pulse or jmx notifications ?
Thanks,
Dharam
Sent with BlackBerry Work (www.blackberry.com <http://www.blackberry.com>)
------------------------------------------------------------------------
*From: *Bruce Schuchardt <[email protected]
<mailto:[email protected]>>
*Sent: *Apr 11, 2018 8:45 PM
*To: *[email protected] <mailto:[email protected]>
*Subject: *Re: AuthenticationRequiredException on force disconnection
That looks like a bug in UDP encryption. Can you open a JIRA ticket to
track this? Set the component to "membership". Looking at the unit
test suite I don't think there is any coverage for auto-reconnect with
security-udp-dhalgo enabled.
As a workaround you could, if you're comfortable doing so, disable
security-udp-dhalgo until this is fixed. There are other known issues
with this fairly new setting that people have been working on recently.
Geode sends membership information, alerts and on rare occasions a PDX
registration message over UDP. No client/server messages are sent over
UDP so its use is confined to your server cluster. No messages
containing application objects (keys, values, callback args etc) are
sent over UDP unless you set disable-tcp=true to disable use of tcp/ip
stream sockets.
On 4/11/18 4:38 AM, Thacker, Dharam wrote:
> warning 2018/04/10 02:40:59.541 EDT event-server-1 <ReconnectThread>
tid=0x217] Exception occurred while trying to connect the system
during reconnect
> org.apache.geode.security.AuthenticationRequiredException: Failed to
find credentials from [host001(event-server-1:3525)<ec>:1026]
> at
org.apache.geode.distributed.internal.membership.gms.membership.GMSJoinLeave.attemptToJoin(GMSJoinLeave.java:424)
> at
org.apache.geode.distributed.internal.membership.gms.membership.GMSJoinLeave.join(GMSJoinLeave.java:318)
> at
org.apache.geode.distributed.internal.membership.gms.mgr.GMSMembershipManager.join(GMSMembershipManager.java:656)
> at
org.apache.geode.distributed.internal.membership.gms.mgr.GMSMembershipManager.joinDistributedSystem(GMSMembershipManager.java:745)
> at
org.apache.geode.distributed.internal.membership.gms.Services.start(Services.java:181)
> at
org.apache.geode.distributed.internal.membership.gms.GMSMemberFactory.newMembershipManager(GMSMemberFactory.java:102)
> at
org.apache.geode.distributed.internal.membership.MemberFactory.newMembershipManager(MemberFactory.java:89)
> at
org.apache.geode.distributed.internal.DistributionManager.<init>(DistributionManager.java:1112)
> at
org.apache.geode.distributed.internal.DistributionManager.<init>(DistributionManager.java:1160)
> at
org.apache.geode.distributed.internal.DistributionManager.create(DistributionManager.java:531)
> at
org.apache.geode.distributed.internal.InternalDistributedSystem.initialize(InternalDistributedSystem.java:687)
> at
org.apache.geode.distributed.internal.InternalDistributedSystem.newInstance(InternalDistributedSystem.java:299)
> at
org.apache.geode.distributed.DistributedSystem.connect(DistributedSystem.java:202)
> at
org.apache.geode.distributed.internal.InternalDistributedSystem.reconnect(InternalDistributedSystem.java:2675)
> at
org.apache.geode.distributed.internal.InternalDistributedSystem.tryReconnect(InternalDistributedSystem.java:2508)
> at
org.apache.geode.distributed.internal.InternalDistributedSystem.disconnect(InternalDistributedSystem.java:983)
> at
org.apache.geode.distributed.internal.DistributionManager$MyListener.membershipFailure(DistributionManager.java:4307)
> at
org.apache.geode.distributed.internal.membership.gms.mgr.GMSMembershipManager.uncleanShutdown(GMSMembershipManager.java:1530)
> at
org.apache.geode.distributed.internal.membership.gms.mgr.GMSMembershipManager.lambda$forceDisconnect$0(GMSMembershipManager.java:2550)
> at java.lang.Thread.run(Thread.java:745)
This message is confidential and subject to terms at:
http://www.jpmorgan.com/emaildisclaimer
<http://www.jpmorgan.com/emaildisclaimer> including on
confidentiality, legal privilege, viruses and monitoring of electronic
messages. If you are not the intended recipient, please delete this
message and notify the sender immediately. Any unauthorized use is
strictly prohibited.
This message is confidential and subject to terms at:
http://www.jpmorgan.com/emaildisclaimer
<http://www.jpmorgan.com/emaildisclaimer> including on
confidentiality, legal privilege, viruses and monitoring of electronic
messages. If you are not the intended recipient, please delete this
message and notify the sender immediately. Any unauthorized use is
strictly prohibited.
