hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Himanshu Vashishtha (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-6699) Setting username in Connection in non-secure HBase
Date Fri, 31 Aug 2012 07:12:08 GMT

    [ https://issues.apache.org/jira/browse/HBASE-6699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13445735#comment-13445735

Himanshu Vashishtha commented on HBASE-6699:

re: PSEUDO_METHOD_NAME_TO_SET_USER: Okay. Will remove it from HConstants.

re Comments: Yea, I used multi line ones and it gets converted to javadoc like one. Will revert
it boss.

catch (IOException e) {
        if (e instanceof SocketTimeoutException && remoteId.rpcTimeout > 0) {
          // Clean up open calls but don't treat this as a fatal condition,
          // since we expect certain responses to not make it by the specified
          // {@link ConnectionId#rpcTimeout}.
          closeException = e;
        } else {
          LOG.error("Got exception while processing call with Id: " +id, e);
          // Since the server did not respond within the default ping interval
          // time, treat this as a fatal condition and close this connection
finally {
        if (remoteId.rpcTimeout > 0) {
We handle sockettimeout/rpctimeout; other exceptions are ignored. So, when new client issues
a call to setUserNameInConnection, old server will throw a NoSuchMethodFound exception, which
will be ignored by the client.

re: HBaseServer:
Sorry for not being clear enough. This is set in the connection.ticket attribute. Next time
if a call comes from this connection, this ticket is used to set the user in RequestContext.

              RequestContext.set(call.connection.ticket, getRemoteIp(), call.connection.protocol);
Any one interested can invoke RequestContext.getRequestUser().getUserName() or other such
attrs of RequestContext. Hope it is clear now.

Hmmm, I tested it with hadoop 1.0.0 jar; will be good to know if it is to be tested with others
too. Main thing to see is UGI.createRemoteUser doesn't give any unexpected result.
> Setting username in Connection in non-secure HBase
> --------------------------------------------------
>                 Key: HBASE-6699
>                 URL: https://issues.apache.org/jira/browse/HBASE-6699
>             Project: HBase
>          Issue Type: Improvement
>          Components: ipc
>    Affects Versions: 0.92.0, 0.92.1, 0.94.0, 0.94.1
>            Reporter: Himanshu Vashishtha
>            Assignee: Himanshu Vashishtha
>             Fix For: 0.92.3, 0.94.2
>         Attachments: HBase-6699-v1.patch
> We recently had a requirement where we need to log the information about various users
who were using non-secure HBase cluster. 
> The user level logging is supported as part of security, but in 0.92, 0.94 security related
code is separate. This jira is about adding that support in non-secure code.
> This feature is already there in trunk, after we merge the security related code.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message