[
https://issues.apache.org/jira/browse/SOLR-17183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17822565#comment-17822565
]
ASF subversion and git services commented on SOLR-17183:
--------------------------------------------------------
Commit 00610ef6990be824d2b3b5d9ee1ea8331161c88a in solr's branch
refs/heads/main from Jason Gerlowski
[ https://gitbox.apache.org/repos/asf?p=solr.git;h=00610ef6990 ]
SOLR-17183: Tweak PKI Auth logging (#2312)
Clarifies one or two messages, includes cryptographic exception messages
in logging, and introduces a new message in the case where a public-key
cannot be fetched because the relevant node isn't in `/live_nodes`
> Improve PKI auth logging
> ------------------------
>
> Key: SOLR-17183
> URL: https://issues.apache.org/jira/browse/SOLR-17183
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Authentication, logging
> Affects Versions: main (10.0), 9.5.0
> Reporter: Jason Gerlowski
> Assignee: Jason Gerlowski
> Priority: Minor
> Time Spent: 1h
> Remaining Estimate: 0h
>
> PKIAuthenticationPlugin produces some very useful log messages, at 'INFO'
> level no less. But there's still some room for improvement, particularly in
> differentiating various types of error cases. Some examples of things that
> could be improved:
> * No message highlights when a request was rejected because the sending node
> (according to the header) cannot be found in /live_nodes.
> * "Could not load principal from SolrAuthV2 header" is logged regardless of
> whether the v1 or v2 header format is provided on the request.
> We should fix these, and other quirks of PKIAuthentication's logging that we
> find on inspection.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
