hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Himanshu Vashishtha (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-6699) Setting username in Connection in non-secure HBase
Date Fri, 31 Aug 2012 07:12:08 GMT

    [ https://issues.apache.org/jira/browse/HBASE-6699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13445735#comment-13445735
] 

Himanshu Vashishtha commented on HBASE-6699:
--------------------------------------------

re: PSEUDO_METHOD_NAME_TO_SET_USER: Okay. Will remove it from HConstants.

re Comments: Yea, I used multi line ones and it gets converted to javadoc like one. Will revert
it boss.

{code}
catch (IOException e) {
        if (e instanceof SocketTimeoutException && remoteId.rpcTimeout > 0) {
          // Clean up open calls but don't treat this as a fatal condition,
          // since we expect certain responses to not make it by the specified
          // {@link ConnectionId#rpcTimeout}.
          closeException = e;
        } else {
          LOG.error("Got exception while processing call with Id: " +id, e);
          // Since the server did not respond within the default ping interval
          // time, treat this as a fatal condition and close this connection
          markClosed(e);
        }
finally {
        if (remoteId.rpcTimeout > 0) {
          cleanupCalls(remoteId.rpcTimeout);
        }
{code}
We handle sockettimeout/rpctimeout; other exceptions are ignored. So, when new client issues
a call to setUserNameInConnection, old server will throw a NoSuchMethodFound exception, which
will be ignored by the client.

re: HBaseServer:
Sorry for not being clear enough. This is set in the connection.ticket attribute. Next time
if a call comes from this connection, this ticket is used to set the user in RequestContext.

{code}
              RequestContext.set(call.connection.ticket, getRemoteIp(), call.connection.protocol);
{code}
Any one interested can invoke RequestContext.getRequestUser().getUserName() or other such
attrs of RequestContext. Hope it is clear now.

Hmmm, I tested it with hadoop 1.0.0 jar; will be good to know if it is to be tested with others
too. Main thing to see is UGI.createRemoteUser doesn't give any unexpected result.
                
> Setting username in Connection in non-secure HBase
> --------------------------------------------------
>
>                 Key: HBASE-6699
>                 URL: https://issues.apache.org/jira/browse/HBASE-6699
>             Project: HBase
>          Issue Type: Improvement
>          Components: ipc
>    Affects Versions: 0.92.0, 0.92.1, 0.94.0, 0.94.1
>            Reporter: Himanshu Vashishtha
>            Assignee: Himanshu Vashishtha
>             Fix For: 0.92.3, 0.94.2
>
>         Attachments: HBase-6699-v1.patch
>
>
> We recently had a requirement where we need to log the information about various users
who were using non-secure HBase cluster. 
> The user level logging is supported as part of security, but in 0.92, 0.94 security related
code is separate. This jira is about adding that support in non-secure code.
> This feature is already there in trunk, after we merge the security related code.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message