Add more logging to the auth operations on failure (apache#7567)

* Added upgrade notes * Add more logs on failure of auth operations Co-authored-by: Sanjeev Kulkarni <[email protected]>
vikingcodes · Jul 17, 2020 · 2a0cb69 · 2a0cb69
1 parent d2b866b
commit 2a0cb69
Showing 1 changed file with 12 additions and 3 deletions.
diff --git a/...er-common/src/main/java/org/apache/pulsar/broker/authorization/AuthorizationProvider.java b/...er-common/src/main/java/org/apache/pulsar/broker/authorization/AuthorizationProvider.java
@@ -258,7 +258,10 @@ default CompletableFuture<Boolean> allowNamespaceOperationAsync(NamespaceName na
                                                                  String role, NamespaceOperation operation,
                                                                  AuthenticationDataSource authData) {
         return FutureUtil.failedFuture(
-            new IllegalStateException("NamespaceOperation is not supported by the Authorization provider you are using."));
+            new IllegalStateException(
+                    String.format("NamespaceOperation(%s) on namespace(%s) by role(%s) is not supported" +
+                    " by the Authorization provider you are using.",
+                            operation.toString(), namespaceName.toString(), role == null ? "null" : role)));
     }
 
     default Boolean allowNamespaceOperation(NamespaceName namespaceName, String originalRole, String role,
@@ -285,7 +288,10 @@ default CompletableFuture<Boolean> allowNamespacePolicyOperationAsync(NamespaceN
                                                                           PolicyOperation operation, String originalRole,
                                                                           String role, AuthenticationDataSource authData) {
         return FutureUtil.failedFuture(
-                new IllegalStateException("NamespacePolicyOperation is not supported by the Authorization provider you are using."));
+                new IllegalStateException(
+                        String.format("NamespacePolicyOperation(%s) on namespace(%s) by role(%s) is not supported" +
+                                " by the Authorization provider you are using.", operation.toString(),
+                                namespaceName.toString(), role == null ? "null" : role)));
     }
 
     default Boolean allowNamespacePolicyOperation(NamespaceName namespaceName, PolicyName policy, PolicyOperation operation,
@@ -313,7 +319,10 @@ default CompletableFuture<Boolean> allowTopicOperationAsync(TopicName topic, Str
                                                              TopicOperation operation,
                                                              AuthenticationDataSource authData) {
         return FutureUtil.failedFuture(
-            new IllegalStateException("TopicOperation is not supported by the Authorization provider you are using."));
+            new IllegalStateException(
+                    String.format("TopicOperation(%s) on topic(%s) by role(%s) is not supported" +
+                            " by the Authorization provider you are using.",
+                            operation.toString(), topic.toString(), role == null ? "null" : null)));
     }
 
     default Boolean allowTopicOperation(TopicName topicName, String originalRole, String role, TopicOperation operation,