hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Enis Soztutar (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-13482) Phoenix is failing to scan tables on secure environments.
Date Thu, 16 Apr 2015 00:06:59 GMT

    [ https://issues.apache.org/jira/browse/HBASE-13482?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14497342#comment-14497342
] 

Enis Soztutar commented on HBASE-13482:
---------------------------------------

I think this is coming from HBASE-13397:
{code}
-  private void requireScannerOwner(InternalScanner s)
-      throws AccessDeniedException {
-    if (RequestContext.isInRequestContext()) {
-      String requestUserName = RequestContext.getRequestUserName();
-      String owner = scannerOwners.get(s);
-      if (owner != null && !owner.equals(requestUserName)) {
-        throw new AccessDeniedException("User '"+ requestUserName +"' is not the scanner
owner!");
-      }
+  private void requireScannerOwner(InternalScanner s) throws AccessDeniedException {
+    String requestUserName = RpcServer.getRequestUserName();
+    String owner = scannerOwners.get(s);
+    if (owner != null && !owner.equals(requestUserName)) {
+      throw new AccessDeniedException("User '"+ requestUserName +"' is not the scanner owner!");
     }
   }
{code}
We had the guard for checking whether we are in the RPC context before, now we don't have
it. 

I have seen this in Leases where the Leases thread tries to expire the scanner getting this
exception. The above stack trace though seems that it is actually in an RPC context (so maybe
there is another issue?)


> Phoenix is failing to scan tables on secure environments. 
> ----------------------------------------------------------
>
>                 Key: HBASE-13482
>                 URL: https://issues.apache.org/jira/browse/HBASE-13482
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Alicia Ying Shu
>            Assignee: Alicia Ying Shu
>         Attachments: Hbase-13482.patch
>
>
> When executed on secure environments, phoenix query is getting the following exception
message:
> java.util.concurrent.ExecutionException: org.apache.hadoop.hbase.security.AccessDeniedException:
org.apache.hadoop.hbase.security.AccessDeniedException: User 'null' is not the scanner owner!
org.apache.hadoop.hbase.security.access.AccessController.requireScannerOwner(AccessController.java:2048)
> org.apache.hadoop.hbase.security.access.AccessController.preScannerNext(AccessController.java:2022)
> org.apache.hadoop.hbase.regionserver.RegionCoprocessorHost$53.call(RegionCoprocessorHost.java:1336)
> org.apache.hadoop.hbase.regionserver.RegionCoprocessorHost$RegionOperation.call(RegionCoprocessorHost.java:1671)
> org.apache.hadoop.hbase.regionserver.RegionCoprocessorHost.execOperation(RegionCoprocessorHost.java:1746)
> org.apache.hadoop.hbase.regionserver.RegionCoprocessorHost.execOperationWithResult(RegionCoprocessorHost.java:1720)
> org.apache.hadoop.hbase.regionserver.RegionCoprocessorHost.preScannerNext(RegionCoprocessorHost.java:1331)
> org.apache.hadoop.hbase.regionserver.RSRpcServices.scan(RSRpcServices.java:2227)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message