HAS client Print the error message from server.
diff --git a/has/has-client/src/main/java/org/apache/kerby/has/client/HasClient.java b/has/has-client/src/main/java/org/apache/kerby/has/client/HasClient.java
index 3f1787a..be904f3 100755
--- a/has/has-client/src/main/java/org/apache/kerby/has/client/HasClient.java
+++ b/has/has-client/src/main/java/org/apache/kerby/has/client/HasClient.java
@@ -113,9 +113,9 @@
if (hasClientConf == null) {
hasClientConf = HAS_CONFIG_DEFAULT;
}
- LOG.debug("has-client conf path: " + hasClientConf);
File confFile = new File(hasClientConf);
if (!confFile.exists()) {
+ LOG.warn("The HAS client config file: " + hasClientConf + " does not exist.");
throw new HasException("The HAS client config file: " + hasClientConf
+ " does not exist.");
}
@@ -199,14 +199,11 @@
try {
authToken = plugin.login(config);
} catch (HasLoginException e) {
- LOG.error("Plugin login failed: " + e.getMessage());
- throw new HasException(
- "Plugin login failed: " + e.getMessage());
+ LOG.warn(e.getMessage());
+ throw new HasException(e.getMessage());
}
type = plugin.getLoginType();
- LOG.debug("The plugin type is: " + type);
-
return requestTgt(authToken, type, config);
}
@@ -222,9 +219,8 @@
try {
PrintStream ps = new PrintStream(new FileOutputStream(krb5Conf));
ps.println(content);
- LOG.debug("krb5.conf has saved in : " + krb5Conf.getAbsolutePath());
} catch (FileNotFoundException e) {
- LOG.error(e.getMessage());
+ LOG.error("Failed to write krb5.conf to " + e.getMessage());
throw new HasException(e);
}
}
@@ -234,7 +230,6 @@
private HasClientPlugin getClientTokenPlugin(HasConfig config) throws HasException {
String pluginName = config.getPluginName();
- LOG.debug("The plugin name getting from config is: " + pluginName);
HasClientPlugin clientPlugin;
if (pluginName != null) {
clientPlugin = HasClientPluginRegistry.createPlugin(pluginName);
@@ -244,7 +239,6 @@
if (clientPlugin == null) {
throw new HasException("Failed to create client plugin: " + pluginName);
}
- LOG.debug("The plugin class is: " + clientPlugin);
return clientPlugin;
}
@@ -265,7 +259,7 @@
try {
tokenString = tokenEncoder.encodeAsString(authToken);
} catch (KrbException e) {
- LOG.debug("Failed to decode the auth token.");
+ LOG.error("Failed to decode the auth token.");
throw new HasException("Failed to decode the auth token." + e.getMessage());
}
@@ -373,15 +367,7 @@
}
}
- LOG.debug("Return from Server .... \n");
-
- try {
- return handleResponse(json, (String) authToken.getAttributes().get("passPhrase"));
- } catch (HasException e) {
- LOG.debug("Failed to handle response when requesting tgt ticket in client."
- + e.getMessage());
- throw new HasException(e);
- }
+ return handleResponse(json, (String) authToken.getAttributes().get("passPhrase"));
}
private File loadSslClientConf(HasConfig config, String sslClientConfPath) throws HasException {
@@ -390,11 +376,11 @@
String httpHost = config.getHttpHost();
String httpPort = config.getHttpPort();
if (httpHost == null) {
- LOG.warn("Can't find the http host in config, the https host will be used.");
+ // Can't find the http host in config, the https host will be used.
httpHost = config.getHttpsHost();
}
if (httpPort == null) {
- LOG.warn("Can't find the http port in config, the default http port will be used.");
+ // Can't find the http port in config, the default http port will be used.;
httpPort = HAS_HTTP_PORT_DEFAULT;
}
X509Certificate certificate = getCertificate(httpHost, httpPort);
@@ -410,15 +396,14 @@
public KrbMessage getKrbMessage(JSONObject json) throws HasException {
- LOG.debug("Starting to get the message from has server.");
-
try {
boolean success = json.getBoolean("success");
if (!success) {
- throw new HasException("Failed: " + json.getString("krbMessage"));
+ LOG.error(json.getString("krbMessage"));
+ throw new HasException(json.getString("krbMessage"));
}
} catch (JSONException e) {
- LOG.debug("Failed to get message." + e);
+ LOG.error("Failed to get message." + e);
throw new HasException("Failed to get message." + e);
}
@@ -426,17 +411,16 @@
try {
typeString = json.getString("type");
} catch (JSONException e) {
- LOG.debug("Failed to get message." + e);
+ LOG.error("Failed to get message." + e);
throw new HasException("Failed to get message." + e);
}
if (typeString != null && typeString.equals(type)) {
- LOG.debug("The message type is " + type);
String krbMessageString = null;
try {
krbMessageString = json.getString("krbMessage");
} catch (JSONException e) {
- LOG.debug("Failed to get the krbMessage. " + e);
+ LOG.error("Failed to get the krbMessage. " + e);
}
Base64 base64 = new Base64(0);
byte[] krbMessage = base64.decode(krbMessageString);
@@ -462,7 +446,7 @@
return processResponse((KdcRep) kdcRep, passPhrase);
} else if (messageType == KrbMessageType.KRB_ERROR) {
KrbError error = (KrbError) kdcRep;
- LOG.error("KDC server response with message: "
+ LOG.error("HAS server response with message: "
+ error.getErrorCode().getMessage());
throw new HasException(error.getEtext());
@@ -528,7 +512,6 @@
// }
TgtTicket tgtTicket = getTicket(kdcRep);
- LOG.debug("Ticket expire time: " + tgtTicket.getEncKdcRepPart().getEndTime());
return tgtTicket;
}
diff --git a/has/has-client/src/main/java/org/apache/kerby/has/client/HasLoginModule.java b/has/has-client/src/main/java/org/apache/kerby/has/client/HasLoginModule.java
index 91f3e35..d67962d 100644
--- a/has/has-client/src/main/java/org/apache/kerby/has/client/HasLoginModule.java
+++ b/has/has-client/src/main/java/org/apache/kerby/has/client/HasLoginModule.java
@@ -235,7 +235,7 @@
}
HasClient hasClient = new HasClient(hadoopSecurityHas);
- TgtTicket tgtTicket = null;
+ TgtTicket tgtTicket;
try {
tgtTicket = hasClient.requestTgt();
} catch (HasException e) {
diff --git a/has/has-plugins/src/main/java/org/apache/kerby/has/plugins/client/mysql/MySQLHasClientPlugin.java b/has/has-plugins/src/main/java/org/apache/kerby/has/plugins/client/mysql/MySQLHasClientPlugin.java
index 5f98375..83b31e9 100644
--- a/has/has-plugins/src/main/java/org/apache/kerby/has/plugins/client/mysql/MySQLHasClientPlugin.java
+++ b/has/has-plugins/src/main/java/org/apache/kerby/has/plugins/client/mysql/MySQLHasClientPlugin.java
@@ -18,6 +18,7 @@
package org.apache.kerby.has.plugins.client.mysql;
import org.apache.kerby.has.client.AbstractHasClientPlugin;
+import org.apache.kerby.has.client.HasLoginException;
import org.apache.kerby.kerberos.kerb.type.base.AuthToken;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -36,11 +37,17 @@
}
@Override
- protected void doLogin(AuthToken authToken) {
+ protected void doLogin(AuthToken authToken) throws HasLoginException {
// Get the user info from env
String userName = System.getenv("userName");
+ if (userName == null || userName.isEmpty()) {
+ throw new HasLoginException("Please set the userName.");
+ }
String password = System.getenv("password");
+ if (password == null || password.isEmpty()) {
+ throw new HasLoginException("Please set the password.");
+ }
LOG.debug("Get the user info successfully.");
diff --git a/has/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java b/has/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java
index 1c53a8f..9ffc468 100644
--- a/has/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java
+++ b/has/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java
@@ -33,7 +33,7 @@
public class MySQLHasServerPlugin extends AbstractHasServerPlugin {
private static final Logger LOG = LoggerFactory.getLogger(MySQLHasServerPlugin.class);
- /**
+ /**
* {@inheritDoc}
*/
@Override
@@ -51,9 +51,18 @@
String secret = (String) userToken.getAttributes().get("secret");
String mysqlUrl = System.getenv("mysqlUrl");
+ if (mysqlUrl == null || mysqlUrl.isEmpty()) {
+ throw new HasAuthenException("Please set the mysqlUrl.");
+ }
mysqlUrl = mysqlUrl.replace("jdbc:mysql:", "jdbc:mysql:thin:");
String mysqlUser = System.getenv("mysqlUser");
+ if (mysqlUser == null || mysqlUser.isEmpty()) {
+ throw new HasAuthenException("Please set the mysqlUser.");
+ }
String mysqlPasswd = System.getenv("mysqlPasswd");
+ if (mysqlPasswd == null || mysqlPasswd.isEmpty()) {
+ throw new HasAuthenException("Please set the mysqlPasswd.");
+ }
Connection connection = startConnection(mysqlUrl, mysqlUser, mysqlPasswd);
ResultSet res = null;
@@ -68,8 +77,21 @@
if (res.next() && res.getInt(1) > 0) {
LOG.debug("UserName: {}", user);
} else {
- LOG.error("Authentication failed.");
- throw new HasAuthenException("Authentication failed.");
+
+ String sql = "SELECT COUNT(*) FROM `has_user` WHERE user_name = ?";
+ preStm = connection.prepareStatement(sql);
+ preStm.setString(1, user);
+ res = preStm.executeQuery();
+ if (res.next() && res.getInt(1) > 0) {
+ throw new HasAuthenException("Authentication failed. "
+ + "Incorrect password.");
+ } else if (!res.next()) {
+ throw new HasAuthenException("Authentication failed. "
+ + "Incorrect userName.");
+ } else {
+ throw new HasAuthenException("Authentication failed. "
+ + "Please check your userName and password.");
+ }
}
} catch (SQLException e) {
LOG.error("Failed.");
@@ -105,7 +127,8 @@
} catch (ClassNotFoundException e) {
throw new HasAuthenException("JDBC Driver Class not found. ", e);
} catch (SQLException e) {
- throw new HasAuthenException("Failed to connecting to MySQL. ", e);
+ throw new HasAuthenException("Failed to connecting to MySQL."
+ + "Please check MySQL URL, username and password. ", e);
}
return connection;
diff --git a/has/has-server/src/main/java/org/apache/kerby/has/server/web/rest/HasApi.java b/has/has-server/src/main/java/org/apache/kerby/has/server/web/rest/HasApi.java
index 9e73211..b2c7a48 100644
--- a/has/has-server/src/main/java/org/apache/kerby/has/server/web/rest/HasApi.java
+++ b/has/has-server/src/main/java/org/apache/kerby/has/server/web/rest/HasApi.java
@@ -288,14 +288,14 @@
try {
tokenPlugin = HasServerPluginRegistry.createPlugin(type);
} catch (HasException e) {
- errMessage = "Fail to get the plugin: " + type + ". " + e.getMessage();
+ errMessage = "Failed to get the plugin: " + type + ". " + e.getMessage();
WebServer.LOG.error(errMessage);
}
AuthToken verifiedAuthToken;
try {
verifiedAuthToken = tokenPlugin.authenticate(authToken);
} catch (HasAuthenException e) {
- errMessage = "Failed to verify auth token: " + e.getMessage();
+ errMessage = "Failed to verify auth token. " + e.getMessage();
WebServer.LOG.error(errMessage);
verifiedAuthToken = null;
}
