if (ex.getMajor() == GSSException.BAD_MECH) { log.debug("GSSException BAD_MECH, retry with Kerberos MECH"); tryKerberos = true; } catch (GSSException gsse) { log.error("generateToken", gsse); if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED) throw new SpnegoEngineException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.NO_CRED) throw new SpnegoEngineException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN) throw new SpnegoEngineException(gsse.getMessage(), gsse);
Optional<GSSException> causeOptional = findCause(e, GSSException.class, gsse -> GSSException.NO_CRED == gsse.getMajor()); if (causeOptional.isPresent()) { getLogger().warn("An error occurred while connecting to HDFS. "
if (ex.getMajor() == GSSException.BAD_MECH) { log.debug("GSSException BAD_MECH, retry with Kerberos MECH"); tryKerberos = true; } catch (GSSException gsse) { log.error("generateToken", gsse); if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED) throw new Exception(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.NO_CRED) throw new Exception(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN) throw new Exception(gsse.getMessage(), gsse);
LOGGER.info("KerberosHelper.acceptSecurityContext exception code " + ((GSSException) result).getMajor() + " minor code " + ((GSSException) result).getMinor() + " message " + ((Throwable) result).getMessage()); throw (GSSException) result;
GSSException g = (GlobusGSSException) t; if (g.getMajor() == GSSException.FAILURE && g.getMinor() == 0) { if (g instanceof GlobusGSSException) { return !((GlobusGSSException)g).hasCustomMessage;
GSSException g = (GlobusGSSException) t; if (g.getMajor() == GSSException.FAILURE && g.getMinor() == 0) { if (g instanceof GlobusGSSException) { return !((GlobusGSSException)g).hasCustomMessage;
} catch (GSSException gsse) { state = State.FAILED; if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED) throw new InvalidCredentialsException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.NO_CRED) throw new InvalidCredentialsException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN) throw new AuthenticationException(gsse.getMessage(), gsse);
private byte[] evaluateChallenge(final byte[] challenge) throws SaslException, NonRecoverableException { try { return Subject.doAs(securityContext.getSubject(), new PrivilegedExceptionAction<byte[]>() { @Override public byte[] run() throws SaslException { return saslClient.evaluateChallenge(challenge); } }); } catch (PrivilegedActionException e) { // This cast is safe because the action above only throws checked SaslException. SaslException saslException = (SaslException) e.getCause(); // TODO(KUDU-2121): We should never get to this point if the client does not have // Kerberos credentials, but it seems that on certain platforms it can happen. // So, we try and determine whether the evaluateChallenge failed due to missing // credentials, and return a nicer error message if so. Throwable cause = saslException.getCause(); if (cause instanceof GSSException && ((GSSException) cause).getMajor() == GSSException.NO_CRED) { throw new NonRecoverableException( Status.ConfigurationError( "Server requires Kerberos, but this client is not authenticated " + "(missing or expired TGT)"), saslException); } throw saslException; } }
if (ex.getMajor() == GSSException.BAD_MECH ){ log.debug("GSSException BAD_MECH, retry with Kerberos MECH"); tryKerberos = true;
if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED) throw new InvalidCredentialsException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.NO_CRED) throw new CredentialsNotAvailableException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN) throw new AuthChallengeException(gsse.getMessage(), gsse);
LOGGER.info("KerberosHelper.initSecurityContext exception code " + ((GSSException) result).getMajor() + " minor code " + ((GSSException) result).getMinor() + " message " + ((Throwable) result).getMessage()); throw (GSSException) result;
if (ex.getMajor() == GSSException.BAD_MECH ){ log.debug("GSSException BAD_MECH, retry with Kerberos MECH"); tryKerberos = true;
if (ex.getMajor() == GSSException.BAD_MECH ){ log.debug("GSSException BAD_MECH, retry with Kerberos MECH"); tryKerberos = true;
if (ex.getMajor() == GSSException.BAD_MECH ){ log.debug("GSSException BAD_MECH, retry with Kerberos MECH"); tryKerberos = true;
if (ex.getMajor() == GSSException.BAD_MECH ){ log.debug("GSSException BAD_MECH, retry with Kerberos MECH"); tryKerberos = true;
} catch (final GSSException gsse) { state = State.FAILED; if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED) { throw new InvalidCredentialsException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.NO_CRED ) { throw new InvalidCredentialsException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN) { throw new AuthenticationException(gsse.getMessage(), gsse);
} catch (GSSException gsse) { state = State.FAILED; if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED) throw new InvalidCredentialsException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.NO_CRED ) throw new InvalidCredentialsException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN) throw new AuthenticationException(gsse.getMessage(), gsse);
} catch (final GSSException gsse) { state = State.FAILED; if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED) { throw new InvalidCredentialsException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.NO_CRED ) { throw new InvalidCredentialsException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN) { throw new AuthenticationException(gsse.getMessage(), gsse);
if (ex.getMajor() == GSSException.BAD_MECH ){ log.debug("GSSException BAD_MECH, retry with Kerberos MECH"); tryKerberos = true;
if (ex.getMajor() == GSSException.BAD_MECH ){ log.debug("GSSException BAD_MECH, retry with Kerberos MECH"); tryKerberos = true;