HADOOP-13526. Add detailed logging in KMS for the authentication failure of proxy user. Contributed by Suraj Acharya.

This commit is contained in:
Xiao Chen 2016-08-22 18:06:53 -07:00
parent 3ca4d6ddfd
commit 4070caad70

View File

@ -39,6 +39,8 @@
import org.apache.http.NameValuePair; import org.apache.http.NameValuePair;
import org.apache.http.client.utils.URLEncodedUtils; import org.apache.http.client.utils.URLEncodedUtils;
import org.codehaus.jackson.map.ObjectMapper; import org.codehaus.jackson.map.ObjectMapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.servlet.FilterChain; import javax.servlet.FilterChain;
import javax.servlet.FilterConfig; import javax.servlet.FilterConfig;
@ -81,6 +83,9 @@ public class DelegationTokenAuthenticationFilter
private static final String ERROR_EXCEPTION_JSON = "exception"; private static final String ERROR_EXCEPTION_JSON = "exception";
private static final String ERROR_MESSAGE_JSON = "message"; private static final String ERROR_MESSAGE_JSON = "message";
private static final Logger LOG = LoggerFactory.getLogger(
DelegationTokenAuthenticationFilter.class);
/** /**
* Sets an external <code>DelegationTokenSecretManager</code> instance to * Sets an external <code>DelegationTokenSecretManager</code> instance to
* manage creation and verification of Delegation Tokens. * manage creation and verification of Delegation Tokens.
@ -261,6 +266,11 @@ protected void doFilter(FilterChain filterChain, HttpServletRequest request,
HttpExceptionUtils.createServletExceptionResponse(response, HttpExceptionUtils.createServletExceptionResponse(response,
HttpServletResponse.SC_FORBIDDEN, ex); HttpServletResponse.SC_FORBIDDEN, ex);
requestCompleted = true; requestCompleted = true;
if (LOG.isDebugEnabled()) {
LOG.debug("Authentication exception: " + ex.getMessage(), ex);
} else {
LOG.warn("Authentication exception: " + ex.getMessage());
}
} }
} }
} }