1
0
Fork 0

Bug fix/jwt secret file logging (#7976)

* Print with correct log topic.

* Moved message to a place where logger is enabled.
This commit is contained in:
Lars Maier 2019-03-20 14:14:13 +01:00 committed by Max Neunhöffer
parent 04ef4595e3
commit e598148707
1 changed files with 8 additions and 4 deletions

View File

@ -135,11 +135,8 @@ void AuthenticationFeature::validateOptions(std::shared_ptr<ProgramOptions>) {
} }
} else if (!_jwtSecretProgramOption.empty()) { } else if (!_jwtSecretProgramOption.empty()) {
LOG_TOPIC(WARN, arangodb::Logger::FIXME)
<< "--server.jwt-secret is insecure. Use --server.jwt-secret-keyfile "
"instead.";
if (_jwtSecretProgramOption.length() > _maxSecretLength) { if (_jwtSecretProgramOption.length() > _maxSecretLength) {
LOG_TOPIC(FATAL, arangodb::Logger::FIXME) LOG_TOPIC(FATAL, arangodb::Logger::STARTUP)
<< "Given JWT secret too long. Max length is " << _maxSecretLength; << "Given JWT secret too long. Max length is " << _maxSecretLength;
FATAL_ERROR_EXIT(); FATAL_ERROR_EXIT();
} }
@ -187,6 +184,13 @@ void AuthenticationFeature::prepare() {
void AuthenticationFeature::start() { void AuthenticationFeature::start() {
TRI_ASSERT(isEnabled()); TRI_ASSERT(isEnabled());
// If this is empty here, --server.jwt-secret was used
if (_jwtSecretKeyfileProgramOption.empty()) {
LOG_TOPIC(WARN, arangodb::Logger::AUTHENTICATION)
<< "--server.jwt-secret is insecure. Use --server.jwt-secret-keyfile "
"instead.";
}
std::ostringstream out; std::ostringstream out;
out << "Authentication is turned " << (_active ? "on" : "off"); out << "Authentication is turned " << (_active ? "on" : "off");