I'm not sure what your development context is so it's hard to answer that question.  If you're programatically creating a cache then set the cache property ConfigurationProperties.SECURITY_UDP_DHALGO to an empty string. If you're using a properties file set it to blank.

security-udp-dhalgo=

-or-

cachefactory.set(SECURITY_UDP_DHALGO, "")

I don't recall how you set properties for the cache under Spring.


On 4/11/18 11:44 PM, Thacker, Dharam wrote:
Hello Bruce,

I have not manually specified this property to enable udp encryption using "security-udp-dhalgo" anywhere. I am using TCP mode only.

Is it by default enabled? If yes, how can I disable it?

I could not find any documentation on it.

Thanks,
Dharam

Sent with BlackBerry Work (www.blackberry.com)
------------------------------------------------------------------------
*From: *"Thacker, Dharam" <dharam.thac...@jpmorgan.com <mailto:dharam.thac...@jpmorgan.com>>
*Sent: *Apr 11, 2018 10:59 PM
*To: *user@geode.apache.org <mailto:user@geode.apache.org>
*Subject: *RE: AuthenticationRequiredException on force disconnection

Thank you Bruce!

I will surely open a JIRA soon.

"Geode sends membership information, alerts and on rare occasions a PDX
registration message over UDP"

Would there be any negative impact on disabling 'security-udp-dhalgo' on peer to peer members or pulse or jmx notifications ?

Thanks,
Dharam

Sent with BlackBerry Work (www.blackberry.com <http://www.blackberry.com>)
------------------------------------------------------------------------
*From: *Bruce Schuchardt <bschucha...@pivotal.io <mailto:bschucha...@pivotal.io>>
*Sent: *Apr 11, 2018 8:45 PM
*To: *user@geode.apache.org <mailto:user@geode.apache.org>
*Subject: *Re: AuthenticationRequiredException on force disconnection

That looks like a bug in UDP encryption.  Can you open a JIRA ticket to
track this?  Set the component to "membership".  Looking at the unit
test suite I don't think there is any coverage for auto-reconnect with
security-udp-dhalgo enabled.

As a workaround you could, if you're comfortable doing so, disable
security-udp-dhalgo until this is fixed.  There are other known issues
with this fairly new setting that people have been working on recently.

Geode sends membership information, alerts and on rare occasions a PDX
registration message over UDP.  No client/server messages are sent over
UDP so its use is confined to your server cluster. No messages
containing application objects (keys, values, callback args etc) are
sent over UDP unless you set disable-tcp=true to disable use of tcp/ip
stream sockets.


On 4/11/18 4:38 AM, Thacker, Dharam wrote:
> warning 2018/04/10 02:40:59.541 EDT event-server-1 <ReconnectThread> tid=0x217] Exception occurred while trying to connect the system during reconnect > org.apache.geode.security.AuthenticationRequiredException: Failed to find credentials from [host001(event-server-1:3525)<ec>:1026] >          at org.apache.geode.distributed.internal.membership.gms.membership.GMSJoinLeave.attemptToJoin(GMSJoinLeave.java:424) >          at org.apache.geode.distributed.internal.membership.gms.membership.GMSJoinLeave.join(GMSJoinLeave.java:318) >          at org.apache.geode.distributed.internal.membership.gms.mgr.GMSMembershipManager.join(GMSMembershipManager.java:656) >          at org.apache.geode.distributed.internal.membership.gms.mgr.GMSMembershipManager.joinDistributedSystem(GMSMembershipManager.java:745) >          at org.apache.geode.distributed.internal.membership.gms.Services.start(Services.java:181) >          at org.apache.geode.distributed.internal.membership.gms.GMSMemberFactory.newMembershipManager(GMSMemberFactory.java:102) >          at org.apache.geode.distributed.internal.membership.MemberFactory.newMembershipManager(MemberFactory.java:89) >          at org.apache.geode.distributed.internal.DistributionManager.<init>(DistributionManager.java:1112) >          at org.apache.geode.distributed.internal.DistributionManager.<init>(DistributionManager.java:1160) >          at org.apache.geode.distributed.internal.DistributionManager.create(DistributionManager.java:531) >          at org.apache.geode.distributed.internal.InternalDistributedSystem.initialize(InternalDistributedSystem.java:687) >          at org.apache.geode.distributed.internal.InternalDistributedSystem.newInstance(InternalDistributedSystem.java:299) >          at org.apache.geode.distributed.DistributedSystem.connect(DistributedSystem.java:202) >          at org.apache.geode.distributed.internal.InternalDistributedSystem.reconnect(InternalDistributedSystem.java:2675) >          at org.apache.geode.distributed.internal.InternalDistributedSystem.tryReconnect(InternalDistributedSystem.java:2508) >          at org.apache.geode.distributed.internal.InternalDistributedSystem.disconnect(InternalDistributedSystem.java:983) >          at org.apache.geode.distributed.internal.DistributionManager$MyListener.membershipFailure(DistributionManager.java:4307) >          at org.apache.geode.distributed.internal.membership.gms.mgr.GMSMembershipManager.uncleanShutdown(GMSMembershipManager.java:1530) >          at org.apache.geode.distributed.internal.membership.gms.mgr.GMSMembershipManager.lambda$forceDisconnect$0(GMSMembershipManager.java:2550)
>          at java.lang.Thread.run(Thread.java:745)


This message is confidential and subject to terms at: http://www.jpmorgan.com/emaildisclaimer <http://www.jpmorgan.com/emaildisclaimer> including on confidentiality, legal privilege, viruses and monitoring of electronic messages. If you are not the intended recipient, please delete this message and notify the sender immediately. Any unauthorized use is strictly prohibited.

This message is confidential and subject to terms at: http://www.jpmorgan.com/emaildisclaimer <http://www.jpmorgan.com/emaildisclaimer> including on confidentiality, legal privilege, viruses and monitoring of electronic messages. If you are not the intended recipient, please delete this message and notify the sender immediately. Any unauthorized use is strictly prohibited.


Reply via email to