etcd authentication bad case

[wrfly]

Version: 3.3.1[0-3]

Pre do:

• create a role
• grant key space to the role
• create a user and grant it to the role

Case 1:

• enable authentication
• create a etcd client v3 with username and password
• the client can GET
• disable the authentication
• the client could not GET any more: authentication is not enabled

Case 2:

• disable authentication
• create a clientv3 with username and password
• got a warnning log authentication is not enabled but can still create the client
• the client can GET
• enable authentication
• the client cannot GET, error is user name is empty

For the first scenario, since the server disabled the authentication, but the client did provide a token, so the server return ErrGRPCAuthNotEnabled, but I think in this case, the server should handle the error itself, or the clientv3 handle it instead of returning an error when GET keys.

As for the second scenario, since the client did have a username and password, so when the server enabled authentication, the client (lib) should handle it or just retry with authentication instead of ErrUserEmpty.

[mitake]

@wrfly thanks for reporting the problem! I'll take a look.

[FengXingYuXin]

another case:
1 create a clientv3 with username and password
2 auth enable
3 clientv3 still error:server user empty
4 restart process of this clientv3, and error stops.

so the problem is if auth enable from disable, we must restart clientv3, i don't think that's a good feature, any suggest

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed after 21 days if no further activity occurs. Thank you for your contributions.