hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ashish Singhi (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HBASE-12811) [AccessController] NPE while scan a table with user not having READ permission on the namespace
Date Wed, 07 Jan 2015 13:20:35 GMT

     [ https://issues.apache.org/jira/browse/HBASE-12811?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Ashish Singhi updated HBASE-12811:
----------------------------------
    Attachment: HBASE-12811.patch

Corrected the logic of group authorization at namespace level.

> [AccessController] NPE while scan a table with user not having READ permission on the
namespace
> -----------------------------------------------------------------------------------------------
>
>                 Key: HBASE-12811
>                 URL: https://issues.apache.org/jira/browse/HBASE-12811
>             Project: HBase
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 0.98.9
>            Reporter: Ashish Singhi
>            Assignee: Ashish Singhi
>             Fix For: 1.0.0, 2.0.0, 0.98.10, 1.1.0
>
>         Attachments: HBASE-12811.patch
>
>
> Steps to reproduce
> 1) Grant a user permission(other than READ) on a namespace
> 2) Scan a table in that namespace from that user
> we get the following exception.
> {noformat}
> java.lang.NullPointerException
> 	at org.apache.hadoop.hbase.security.access.TablePermission.implies(TablePermission.java:215)
> 	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:340)
> 	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:332)
> 	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorizeGroup(TableAuthManager.java:473)
> 	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:490)
> 	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:500)
> 	at org.apache.hadoop.hbase.security.access.AccessController.permissionGranted(AccessController.java:415)
> 	at org.apache.hadoop.hbase.security.access.AccessController.permissionGranted(AccessController.java:484)
> 	at org.apache.hadoop.hbase.security.access.AccessController.internalPreRead(AccessController.java:1504)
> 	at org.apache.hadoop.hbase.security.access.AccessController.preScannerOpen(AccessController.java:2027)
> 	at org.apache.hadoop.hbase.regionserver.RegionCoprocessorHost.preScannerOpen(RegionCoprocessorHost.java:1987)
> 	at org.apache.hadoop.hbase.regionserver.HRegionServer.scan(HRegionServer.java:3102)
> {noformat}
> *Note:* Line numbers may not match.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message