hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ashish Singhi (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HBASE-12811) NPE while scan a table with user associated with multiple groups.
Date Tue, 06 Jan 2015 06:31:34 GMT
Ashish Singhi created HBASE-12811:
-------------------------------------

             Summary: NPE while scan a table with user associated with multiple groups.
                 Key: HBASE-12811
                 URL: https://issues.apache.org/jira/browse/HBASE-12811
             Project: HBase
          Issue Type: Bug
          Components: security
    Affects Versions: 0.98.9
            Reporter: Ashish Singhi
            Assignee: Ashish Singhi


A user is associated with two groups.
{noformat}
/hbase/bin> groups ashish_test
ashish_test : defaultgroup ashish_test_1420524824527
{noformat}

One of its group is granted permission on a table as shown by user_permission command.
{noformat}
hbase(main):005:0> user_permission 't1'
User                                                 Table,Family,Qualifier:Permission
 @ashish_test_1420524824527                          t1,,: [Permission: actions=EXEC,WRITE,CREATE]
 @ashish_test_1420524824527                          t1,d,: [Permission: actions=EXEC,WRITE,CREATE]
 hbase                                               t1,,: [Permission: actions=READ,WRITE,EXEC,CREATE,ADMIN]
3 row(s) in 0.3710 seconds
{noformat}

Now when this user try the scan the table, we get the following exception.
{noformat}
java.lang.NullPointerException
	at org.apache.hadoop.hbase.security.access.TablePermission.implies(TablePermission.java:215)
	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:340)
	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:332)
	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorizeGroup(TableAuthManager.java:473)
	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:490)
	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:500)
	at org.apache.hadoop.hbase.security.access.AccessController.permissionGranted(AccessController.java:415)
	at org.apache.hadoop.hbase.security.access.AccessController.permissionGranted(AccessController.java:484)
	at org.apache.hadoop.hbase.security.access.AccessController.internalPreRead(AccessController.java:1504)
	at org.apache.hadoop.hbase.security.access.AccessController.preScannerOpen(AccessController.java:2027)
	at org.apache.hadoop.hbase.regionserver.RegionCoprocessorHost.preScannerOpen(RegionCoprocessorHost.java:1987)
	at org.apache.hadoop.hbase.regionserver.HRegionServer.scan(HRegionServer.java:3102)
{noformat}
*Note:* Line numbers may not match.

Exception is coming because the other group of same user which has not been granted permission
on the table will have the TablePermission's table(name) as null.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message