falcon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Balu Vellanki (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FALCON-845) superuser falcon is not able to delete/update entity
Date Thu, 30 Oct 2014 00:16:34 GMT

    [ https://issues.apache.org/jira/browse/FALCON-845?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14189360#comment-14189360
] 

Balu Vellanki commented on FALCON-845:
--------------------------------------

The core-site.xml looks correct to me. Does not look like a config issue at this point, I
will try and reproduce this on a test cluster. 

> superuser falcon is not able to delete/update entity
> ----------------------------------------------------
>
>                 Key: FALCON-845
>                 URL: https://issues.apache.org/jira/browse/FALCON-845
>             Project: Falcon
>          Issue Type: Bug
>    Affects Versions: 0.6
>            Reporter: Raghav Kumar Gautam
>            Assignee: Venkatesh Seetharam
>             Fix For: 0.6
>
>         Attachments: core-site.xml, entities.txt
>
>
> Sample response is:
> {code}
> 2014-10-29 15:20:28,517 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Request
Url: http://ip-172-31-47-32.ec2.internal:15000/api/entities/delete/process/agregator-coord16-22ceac97?user.name=falcon
(BaseRequest:163)
> 2014-10-29 15:20:28,517 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Request
Method: DELETE (BaseRequest:164)
> 2014-10-29 15:20:28,517 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Request
Header: Name=Content-Type Value=text/xml (BaseRequest:167)
> 2014-10-29 15:20:28,518 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Request
Header: Name=Cookie Value=hadoop.auth=u=falcon&p=falcon&t=simple&e=1414632028513&s=1nC83wrEf/iOQvualO/fPAH4qE4=
(BaseRequest:167)
> 2014-10-29 15:20:28,672 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Response
Status: HTTP/1.1 400 Bad Request (BaseRequest:193)
> 2014-10-29 15:20:28,672 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Response
Header: Name=Content-Type Value=text/xml (BaseRequest:195)
> 2014-10-29 15:20:28,672 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Response
Header: Name=requestId Value=114790f0-0b80-43c0-9899-042705741916 (BaseRequest:195)
> 2014-10-29 15:20:28,672 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Response
Header: Name=Content-Length Value=263 (BaseRequest:195)
> 2014-10-29 15:20:28,672 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Response
Header: Name=Server Value=Jetty(6.1.26.hwx) (BaseRequest:195)
> Warning:  org.apache.xerces.parsers.SAXParser: Property 'http://javax.xml.XMLConstants/property/accessExternalDTD'
is not recognized.
> Warning:  org.apache.xerces.parsers.SAXParser: Property 'http://www.oracle.com/xml/jaxp/properties/entityExpansionLimit'
is not recognized.
> 2014-10-29 15:20:28,675 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ The web
service response is:
> <?xml version="1.0" encoding="UTF-8"?><result>
>   <status>FAILED</status>
>   <message>org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.authorize.AuthorizationException):
User: falcon is not allowed to impersonate falcon</message>
> </result>
>  (ServiceResponse:86)
> {code}
> Relevant log from falcon.application.log:
> {code}
> 2014-10-29 15:20:28,526 INFO  - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916
falcon:DELETE//entities/delete/process/agregator-coord16-22ceac97] ~ Logging in falcon (CurrentUser:69)
> 2014-10-29 15:20:28,526 INFO  - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916
falcon:DELETE//entities/delete/process/agregator-coord16-22ceac97] ~ Request from user: falcon,
URL=/api/entities/delete/process/agregator-coord16-22ceac97?user.name=falcon (FalconAuthenticationFilter:181)
> 2014-10-29 15:20:28,526 INFO  - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916
falcon:DELETE//entities/delete/process/agregator-coord16-22ceac97] ~ Authorizing user=falcon
against request=RequestParts{resource='entities', action='delete', entityName='agregator-coord16-22ceac97',
entityType='process'} (FalconAuthorizationFilter:70)
> 2014-10-29 15:20:28,527 INFO  - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916
falcon:DELETE//entities/delete/process/agregator-coord16-22ceac97] ~ Authorizing authenticatedUser=falcon,
against resource=entities, action=delete, entity name=agregator-coord16-22ceac97, entity type=process
(DefaultAuthorizationProvider:125)
> 2014-10-29 15:20:28,528 DEBUG - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916
falcon:DELETE//entities/delete/process/agregator-coord16-22ceac97] ~ Invoking method delete
on service org.apache.falcon.resource.ConfigSyncService (IPCChannel:45)
> 2014-10-29 15:20:28,669 ERROR - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916
falcon:DELETE//entities/delete/process/agregator-coord16-22ceac97] ~ Unable to reach workflow
engine for deletion or deletion failed (AbstractEntityManager:228)
> org.apache.falcon.FalconException: org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.authorize.AuthorizationException):
User: falcon is not allowed to impersonate falcon
> 	at org.apache.falcon.entity.EntityUtil.getAllStagingPaths(EntityUtil.java:600)
> 	at org.apache.falcon.workflow.engine.OozieWorkflowEngine.findBundles(OozieWorkflowEngine.java:269)
> 	at org.apache.falcon.workflow.engine.OozieWorkflowEngine.doBundleAction(OozieWorkflowEngine.java:367)
> 	at org.apache.falcon.workflow.engine.OozieWorkflowEngine.doBundleAction(OozieWorkflowEngine.java:361)
> 	at org.apache.falcon.workflow.engine.OozieWorkflowEngine.delete(OozieWorkflowEngine.java:345)
> 	at org.apache.falcon.resource.AbstractEntityManager.delete(AbstractEntityManager.java:215)
> 	at org.apache.falcon.resource.ConfigSyncService.delete(ConfigSyncService.java:56)
> 	at sun.reflect.GeneratedMethodAccessor42.invoke(Unknown Source)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> 	at java.lang.reflect.Method.invoke(Method.java:606)
> 	at org.apache.falcon.resource.channel.IPCChannel.invoke(IPCChannel.java:49)
> 	at org.apache.falcon.resource.proxy.SchedulableEntityManagerProxy$2.doExecute(SchedulableEntityManagerProxy.java:182)
> 	at org.apache.falcon.resource.proxy.SchedulableEntityManagerProxy$EntityProxy.execute(SchedulableEntityManagerProxy.java:447)
> 	at org.apache.falcon.resource.proxy.SchedulableEntityManagerProxy$2.execute(SchedulableEntityManagerProxy.java:172)
> 	at org.apache.falcon.resource.proxy.SchedulableEntityManagerProxy.delete_aroundBody2(SchedulableEntityManagerProxy.java:184)
> 	at org.apache.falcon.resource.proxy.SchedulableEntityManagerProxy$AjcClosure3.run(SchedulableEntityManagerProxy.java:1)
> 	at org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
> 	at org.apache.falcon.aspect.AbstractFalconAspect.logAroundMonitored(AbstractFalconAspect.java:51)
> 	at org.apache.falcon.resource.proxy.SchedulableEntityManagerProxy.delete(SchedulableEntityManagerProxy.java:159)
> 	at sun.reflect.GeneratedMethodAccessor41.invoke(Unknown Source)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> 	at java.lang.reflect.Method.invoke(Method.java:606)
> 	at com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
> 	at com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
> 	at com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
> 	at com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:288)
> 	at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
> 	at com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:108)
> 	at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
> 	at com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84)
> 	at com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1469)
> 	at com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1400)
> 	at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1349)
> 	at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1339)
> 	at com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.java:416)
> 	at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:537)
> 	at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:699)
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
> 	at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
> 	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1221)
> 	at org.apache.falcon.security.FalconAuthorizationFilter.doFilter(FalconAuthorizationFilter.java:80)
> 	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1212)
> 	at org.apache.falcon.security.FalconAuthenticationFilter$2.doFilter(FalconAuthenticationFilter.java:184)
> 	at org.apache.hadoop.security.authentication.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:572)
> 	at org.apache.hadoop.security.authentication.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:542)
> 	at org.apache.falcon.security.FalconAuthenticationFilter.doFilter(FalconAuthenticationFilter.java:193)
> 	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1212)
> 	at org.apache.falcon.security.FalconAuditFilter.doFilter(FalconAuditFilter.java:65)
> 	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1212)
> 	at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:399)
> 	at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
> 	at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
> 	at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
> 	at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:450)
> 	at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
> 	at org.mortbay.jetty.Server.handle(Server.java:326)
> 	at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
> 	at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:928)
> 	at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:549)
> 	at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
> 	at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
> 	at org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)
> 	at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
> Caused by: org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.authorize.AuthorizationException):
User: falcon is not allowed to impersonate falcon
> 	at org.apache.hadoop.ipc.Client.call(Client.java:1468)
> 	at org.apache.hadoop.ipc.Client.call(Client.java:1399)
> 	at org.apache.hadoop.ipc.ProtobufRpcEngine$Invoker.invoke(ProtobufRpcEngine.java:232)
> 	at com.sun.proxy.$Proxy27.getListing(Unknown Source)
> 	at org.apache.hadoop.hdfs.protocolPB.ClientNamenodeProtocolTranslatorPB.getListing(ClientNamenodeProtocolTranslatorPB.java:554)
> 	at sun.reflect.GeneratedMethodAccessor34.invoke(Unknown Source)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> 	at java.lang.reflect.Method.invoke(Method.java:606)
> 	at org.apache.hadoop.io.retry.RetryInvocationHandler.invokeMethod(RetryInvocationHandler.java:187)
> 	at org.apache.hadoop.io.retry.RetryInvocationHandler.invoke(RetryInvocationHandler.java:102)
> 	at com.sun.proxy.$Proxy28.getListing(Unknown Source)
> 	at org.apache.hadoop.hdfs.DFSClient.listPaths(DFSClient.java:1947)
> 	at org.apache.hadoop.hdfs.DFSClient.listPaths(DFSClient.java:1930)
> 	at org.apache.hadoop.hdfs.DistributedFileSystem.listStatusInternal(DistributedFileSystem.java:693)
> 	at org.apache.hadoop.hdfs.DistributedFileSystem.access$600(DistributedFileSystem.java:105)
> 	at org.apache.hadoop.hdfs.DistributedFileSystem$15.doCall(DistributedFileSystem.java:755)
> 	at org.apache.hadoop.hdfs.DistributedFileSystem$15.doCall(DistributedFileSystem.java:751)
> 	at org.apache.hadoop.fs.FileSystemLinkResolver.resolve(FileSystemLinkResolver.java:81)
> 	at org.apache.hadoop.hdfs.DistributedFileSystem.listStatus(DistributedFileSystem.java:751)
> 	at org.apache.hadoop.fs.FileSystem.listStatus(FileSystem.java:1485)
> 	at org.apache.hadoop.fs.FileSystem.listStatus(FileSystem.java:1525)
> 	at org.apache.falcon.entity.EntityUtil.getAllStagingPaths(EntityUtil.java:589)
> 	... 62 more
> 2014-10-29 15:20:28,670 ERROR - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916
falcon:DELETE//entities/delete/process/agregator-coord16-22ceac97] ~ Action failed: Bad Request
> Error: org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.authorize.AuthorizationException):
User: falcon is not allowed to impersonate falcon (FalconWebException:68)
> 2014-10-29 15:20:28,670 INFO  - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916
falcon:DELETE//entities/delete/process/agregator-coord16-22ceac97] ~ {Action:delete, Dimensions:{entityType=process,
colo=NULL, entityName=agregator-coord16-22ceac97}, Status: FAILED, Time-taken:142594851 ns}
(METRIC:38)
> 2014-10-29 15:20:28,671 DEBUG - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916]
~ Audit: falcon/172.31.47.32 performed request 
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message