HBASE-5735 Clearer warning message when connecting a non-secure HBase client to a secure HBase server

git-svn-id: https://svn.apache.org/repos/asf/hbase/trunk@1310914 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Michael Stack 2012-04-07 23:15:40 +00:00
parent 7a0c1daf63
commit 00781a6eb1
1 changed files with 14 additions and 4 deletions

View File

@ -47,6 +47,8 @@ import org.apache.hadoop.security.token.TokenIdentifier;
import org.apache.hadoop.util.ReflectionUtils; import org.apache.hadoop.util.ReflectionUtils;
import org.apache.hadoop.util.StringUtils; import org.apache.hadoop.util.StringUtils;
import com.google.common.collect.ImmutableSet;
import javax.security.sasl.Sasl; import javax.security.sasl.Sasl;
import javax.security.sasl.SaslException; import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer; import javax.security.sasl.SaslServer;
@ -83,6 +85,7 @@ public abstract class SecureServer extends HBaseServer {
// 3 : Introduce the protocol into the RPC connection header // 3 : Introduce the protocol into the RPC connection header
// 4 : Introduced SASL security layer // 4 : Introduced SASL security layer
public static final byte CURRENT_VERSION = 4; public static final byte CURRENT_VERSION = 4;
public static final Set<Byte> INSECURE_VERSIONS = ImmutableSet.of((byte) 3);
public static final Log LOG = LogFactory.getLog("org.apache.hadoop.ipc.SecureServer"); public static final Log LOG = LogFactory.getLog("org.apache.hadoop.ipc.SecureServer");
private static final Log AUDITLOG = private static final Log AUDITLOG =
@ -401,10 +404,17 @@ public abstract class SecureServer extends HBaseServer {
dataLengthBuffer.flip(); dataLengthBuffer.flip();
if (!HEADER.equals(dataLengthBuffer) || version != CURRENT_VERSION) { if (!HEADER.equals(dataLengthBuffer) || version != CURRENT_VERSION) {
//Warning is ok since this is not supposed to happen. //Warning is ok since this is not supposed to happen.
LOG.warn("Incorrect header or version mismatch from " + if (INSECURE_VERSIONS.contains(version)) {
hostAddress + ":" + remotePort + LOG.warn("An insecure client (version '" + version + "') is attempting to connect " +
" got version " + version + " to this version '" + CURRENT_VERSION + "' secure server from " +
" expected version " + CURRENT_VERSION); hostAddress + ":" + remotePort);
} else {
LOG.warn("Incorrect header or version mismatch from " +
hostAddress + ":" + remotePort +
" got version " + version +
" expected version " + CURRENT_VERSION);
}
return -1; return -1;
} }
dataLengthBuffer.clear(); dataLengthBuffer.clear();