[ https://issues.apache.org/jira/browse/SOLR-17183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17822565#comment-17822565 ]
ASF subversion and git services commented on SOLR-17183: -------------------------------------------------------- Commit 00610ef6990be824d2b3b5d9ee1ea8331161c88a in solr's branch refs/heads/main from Jason Gerlowski [ https://gitbox.apache.org/repos/asf?p=solr.git;h=00610ef6990 ] SOLR-17183: Tweak PKI Auth logging (#2312) Clarifies one or two messages, includes cryptographic exception messages in logging, and introduces a new message in the case where a public-key cannot be fetched because the relevant node isn't in `/live_nodes` > Improve PKI auth logging > ------------------------ > > Key: SOLR-17183 > URL: https://issues.apache.org/jira/browse/SOLR-17183 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: Authentication, logging > Affects Versions: main (10.0), 9.5.0 > Reporter: Jason Gerlowski > Assignee: Jason Gerlowski > Priority: Minor > Time Spent: 1h > Remaining Estimate: 0h > > PKIAuthenticationPlugin produces some very useful log messages, at 'INFO' > level no less. But there's still some room for improvement, particularly in > differentiating various types of error cases. Some examples of things that > could be improved: > * No message highlights when a request was rejected because the sending node > (according to the header) cannot be found in /live_nodes. > * "Could not load principal from SolrAuthV2 header" is logged regardless of > whether the v1 or v2 header format is provided on the request. > We should fix these, and other quirks of PKIAuthentication's logging that we > find on inspection. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org