[Kerberos] Add debug log statement for exceptions (#32663)

This commit adds missing debug log statements for exceptions that occur during ticket validation. I thought these get logged somewhere else in authentication chain but even after enabling trace logs I could not see them logged. As the Kerberos exception messages are cryptic adding full stack trace would help debugging faster.
2018-08-12 00:49:08 +10:00 · 2018-08-12 00:49:08 +10:00 · 8114646e12
parent 38ec0ff6ca
commit 8114646e12
1 changed files with 3 additions and 0 deletions
--- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/kerberos/KerberosRealm.java
+++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/kerberos/KerberosRealm.java
@ -179,12 +179,15 @@ public final class KerberosRealm extends Realm implements CachingRealm {

    private void handleException(Exception e, final ActionListener<AuthenticationResult> listener) {
        if (e instanceof LoginException) {
+            logger.debug("failed to authenticate user, service login failure", e);
            listener.onResponse(AuthenticationResult.terminate("failed to authenticate user, service login failure",
                    unauthorized(e.getLocalizedMessage(), e)));
        } else if (e instanceof GSSException) {
+            logger.debug("failed to authenticate user, gss context negotiation failure", e);
            listener.onResponse(AuthenticationResult.terminate("failed to authenticate user, gss context negotiation failure",
                    unauthorized(e.getLocalizedMessage(), e)));
        } else {
+            logger.debug("failed to authenticate user", e);
            listener.onFailure(e);
        }
    }