hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yongjun Zhang (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-6588) Investigating removing getTrueCause method in Server.java
Date Mon, 23 Jun 2014 21:24:25 GMT

    [ https://issues.apache.org/jira/browse/HDFS-6588?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14041337#comment-14041337

Yongjun Zhang commented on HDFS-6588:

Thanks Jing.

I found that the getTrueCause() method interacts with the following code 
  public byte[] retrievePassword(
      DelegationTokenIdentifier identifier) throws InvalidToken {
    try {
      // this check introduces inconsistency in the authentication to a
      // HA standby NN.  non-token auths are allowed into the namespace which
      // decides whether to throw a StandbyException.  tokens are a bit
      // different in that a standby may be behind and thus not yet know
      // of all tokens issued by the active NN.  the following check does
      // not allow ANY token auth, however it should allow known tokens in
    } catch (StandbyException se) {
      // FIXME: this is a hack to get around changing method signatures by
      // tunneling a non-InvalidToken exception as the cause which the
      // RPC server will unwrap before returning to the client
      InvalidToken wrappedStandby = new InvalidToken("StandbyException");
      throw wrappedStandby;
in DelegationTokenSecretManager.java introduced by HADOOP-9880.

If we remove the getTrueCause() logic, at minimum, still need to retain the logic (currently
in getTrueCause) to  return the InvalidToken exception that's wrapped by SaslException.

> Investigating removing getTrueCause method in Server.java
> ---------------------------------------------------------
>                 Key: HDFS-6588
>                 URL: https://issues.apache.org/jira/browse/HDFS-6588
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: security, webhdfs
>    Affects Versions: 2.5.0
>            Reporter: Yongjun Zhang
>            Assignee: Yongjun Zhang
> When addressing Daryn Sharp's comment for HDFS-6475 quoted below:
> {quote}
> What I'm saying is I think the patch adds too much unnecessary code. Filing an improvement
to delete all but a few lines of the code changed in this patch seems a bit odd. I think you
just need to:
> - Delete getTrueCause entirely instead of moving it elsewhere
> - In saslProcess, just throw the exception instead of running it through getTrueCause
since it's not a "InvalidToken wrapping another exception" anymore.
> - Keep your 3-line change to unwrap SecurityException in toResponse
> {quote}
> There are multiple test failures, after making the suggested changes, Filing this jira
to dedicate to the investigation of removing getTrueCause method.
> More detail will be put in the first comment.

This message was sent by Atlassian JIRA

View raw message