From a4b296734b9c4f6020fb4eeb634026d1149d9fbc Mon Sep 17 00:00:00 2001 From: Xiao Chen Date: Mon, 22 Aug 2016 18:06:53 -0700 Subject: [PATCH] HADOOP-13526. Add detailed logging in KMS for the authentication failure of proxy user. Contributed by Suraj Acharya. (cherry picked from commit 98e7be769a7e69bdaec4f67143949f282f6761cf) --- .../web/DelegationTokenAuthenticationFilter.java | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationFilter.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationFilter.java index fb6817e4daa..112c952196a 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationFilter.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationFilter.java @@ -39,6 +39,8 @@ import org.apache.hadoop.util.HttpExceptionUtils; import org.apache.http.NameValuePair; import org.apache.http.client.utils.URLEncodedUtils; import org.codehaus.jackson.map.ObjectMapper; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; @@ -81,6 +83,9 @@ public class DelegationTokenAuthenticationFilter private static final String ERROR_EXCEPTION_JSON = "exception"; private static final String ERROR_MESSAGE_JSON = "message"; + private static final Logger LOG = LoggerFactory.getLogger( + DelegationTokenAuthenticationFilter.class); + /** * Sets an external DelegationTokenSecretManager instance to * manage creation and verification of Delegation Tokens. @@ -261,6 +266,11 @@ public class DelegationTokenAuthenticationFilter HttpExceptionUtils.createServletExceptionResponse(response, HttpServletResponse.SC_FORBIDDEN, ex); requestCompleted = true; + if (LOG.isDebugEnabled()) { + LOG.debug("Authentication exception: " + ex.getMessage(), ex); + } else { + LOG.warn("Authentication exception: " + ex.getMessage()); + } } } }