hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "jiraposter@reviews.apache.org (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-5732) Remove the SecureRPCEngine and merge the security-related logic in the core engine
Date Tue, 08 May 2012 18:55:53 GMT

    [ https://issues.apache.org/jira/browse/HBASE-5732?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13270718#comment-13270718
] 

jiraposter@reviews.apache.org commented on HBASE-5732:
------------------------------------------------------



bq.  On 2012-05-08 15:51:46, Michael Stack wrote:
bq.  > It looks like testing turned up some interesting issues going by the diff between
this version and the previous.  It works now?
bq.  > 
bq.  > Good on you DD.

Yes, my testing (1 master, 1 regionserver, 1 client all authenticating on Kerberos with each
other) didn't show up any issues. I exercised some of the shell commands from the client (create,
list, put, get).


bq.  On 2012-05-08 15:51:46, Michael Stack wrote:
bq.  > http://svn.apache.org/repos/asf/hbase/trunk/pom.xml, line 560
bq.  > <https://reviews.apache.org/r/4953/diff/1-2/?file=105835#file105835line560>
bq.  >
bq.  >     Is this you or just difference between your patch and trunk?  i.e. did you pull
this in?

Not sure. Went and looked at the last patch and it seemed to contain exactly what i intend
to have in.


bq.  On 2012-05-08 15:51:46, Michael Stack wrote:
bq.  > http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/ipc/HBaseServer.java,
line 1253
bq.  > <https://reviews.apache.org/r/4953/diff/1-2/?file=105838#file105838line1253>
bq.  >
bq.  >     Is this a bug fix?

Yes .. in testing I realized that the whole block of code need to be conditional.. (and this
is the case currently in SecureServer.java from where this is taken)


bq.  On 2012-05-08 15:51:46, Michael Stack wrote:
bq.  > http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/ipc/HBaseServer.java,
line 1341
bq.  > <https://reviews.apache.org/r/4953/diff/1-2/?file=105838#file105838line1341>
bq.  >
bq.  >     When do we do this?  When would we forego pb encoding?  When its done already?
bq.  >     
bq.  >     Is this fix something that came of your manual testing?  If so, I heart testing!

The sasl handshake is not part of the PB messaging. Yes, I discovered that I forgot to take
care of this until I tested with security :-)


bq.  On 2012-05-08 15:51:46, Michael Stack wrote:
bq.  > http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/ipc/HBaseServer.java,
line 1376
bq.  > <https://reviews.apache.org/r/4953/diff/1-2/?file=105838#file105838line1376>
bq.  >
bq.  >     Is this going to be annoying?   Happens on each rpc?

Will revert (was for my debugging)


bq.  On 2012-05-08 15:51:46, Michael Stack wrote:
bq.  > http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/ipc/HBaseServer.java,
line 1396
bq.  > <https://reviews.apache.org/r/4953/diff/1-2/?file=105838#file105838line1396>
bq.  >
bq.  >     ditto?

Will revert (was for my debugging)


bq.  On 2012-05-08 15:51:46, Michael Stack wrote:
bq.  > http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/ipc/WritableRpcEngine.java,
line 259
bq.  > <https://reviews.apache.org/r/4953/diff/1-2/?file=105840#file105840line259>
bq.  >
bq.  >     Woah.  Where'd this come from?  What was this doing in here?

This was an unused field.. So I removed it..


bq.  On 2012-05-08 15:51:46, Michael Stack wrote:
bq.  > http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/ipc/WritableRpcEngine.java,
line 298
bq.  > <https://reviews.apache.org/r/4953/diff/1-2/?file=105840#file105840line298>
bq.  >
bq.  >     Ditto on the What!?  What was this doing in here (smile).

Will revert the What!? (was for my debugging) :-)


bq.  On 2012-05-08 15:51:46, Michael Stack wrote:
bq.  > http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/client/AdminProtocol.java,
line 25
bq.  > <https://reviews.apache.org/r/4953/diff/2/?file=107703#file107703line25>
bq.  >
bq.  >     Ours is different from hadoops?

I don't know what the problem was .. maybe some obscure classpath issue .. but changing it
to use hbase's class solved the problem.


bq.  On 2012-05-08 15:51:46, Michael Stack wrote:
bq.  > http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/ipc/HBaseServer.java,
line 1149
bq.  > <https://reviews.apache.org/r/4953/diff/1-2/?file=105838#file105838line1149>
bq.  >
bq.  >     Should this be null so we fail w/ NPE if we try send a saslResponse w/o having
first done a setSaslTokenResponse?
bq.  >     
bq.  >     rb shows added white space.

Will remove the white-spaces that are introduced by this patch.

I am not sure I follow your question on the NPE.. But I'll do some cleanup on this anyway...



- Devaraj


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/4953/#review7684
-----------------------------------------------------------


On 2012-05-08 07:45:11, Devaraj Das wrote:
bq.  
bq.  -----------------------------------------------------------
bq.  This is an automatically generated e-mail. To reply, visit:
bq.  https://reviews.apache.org/r/4953/
bq.  -----------------------------------------------------------
bq.  
bq.  (Updated 2012-05-08 07:45:11)
bq.  
bq.  
bq.  Review request for Ted Yu, Michael Stack and Andrew Purtell.
bq.  
bq.  
bq.  Summary
bq.  -------
bq.  
bq.  Reviewboard request for HBASE-5732
bq.  
bq.  
bq.  This addresses bug HBASE-5732.
bq.      https://issues.apache.org/jira/browse/HBASE-5732
bq.  
bq.  
bq.  Diffs
bq.  -----
bq.  
bq.    http://svn.apache.org/repos/asf/hbase/trunk/pom.xml 1335359 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/client/AdminProtocol.java
1335359 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/client/ClientProtocol.java
1335359 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/ipc/ConnectionHeader.java
1335359 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/ipc/HBaseClient.java
1335359 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/ipc/HBaseServer.java
1335359 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/ipc/RegionServerStatusProtocol.java
1335359 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/ipc/WritableRpcEngine.java
1335359 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/protobuf/generated/RPCProtos.java
1335359 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/AccessDeniedException.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/HBasePolicyProvider.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/User.java
1335359 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlFilter.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/AccessControllerProtocol.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/Permission.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/UserPermission.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/ZKPermissionWatcher.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationKey.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationProtocol.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenIdentifier.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSecretManager.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSelector.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/token/TokenProvider.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/main/protobuf/RPC.proto 1335359 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessControlFilter.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/test/java/org/apache/hadoop/hbase/security/access/TestZKPermissionsWatcher.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/test/java/org/apache/hadoop/hbase/security/token/TestTokenAuthentication.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/test/java/org/apache/hadoop/hbase/security/token/TestZKSecretWatcher.java
PRE-CREATION 
bq.    http://svn.apache.org/repos/asf/hbase/trunk/src/test/resources/hbase-site.xml 1335359

bq.  
bq.  Diff: https://reviews.apache.org/r/4953/diff
bq.  
bq.  
bq.  Testing
bq.  -------
bq.  
bq.  All unit tests pass.
bq.  
bq.  
bq.  Thanks,
bq.  
bq.  Devaraj
bq.  
bq.


                
> Remove the SecureRPCEngine and merge the security-related logic in the core engine
> ----------------------------------------------------------------------------------
>
>                 Key: HBASE-5732
>                 URL: https://issues.apache.org/jira/browse/HBASE-5732
>             Project: HBase
>          Issue Type: Improvement
>            Reporter: Devaraj Das
>            Assignee: Devaraj Das
>         Attachments: 5732-rpcengine-merge.7.patch, rpcengine-merge.3.patch, rpcengine-merge.4.patch,
rpcengine-merge.patch
>
>
> Remove the SecureRPCEngine and merge the security-related logic in the core engine. Follow
up to HBASE-5727.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message