hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Guanghao Zhang (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HBASE-19334) User.runAsLoginUser not work in AccessController because it use a short circuited connection
Date Thu, 23 Nov 2017 08:41:00 GMT

     [ https://issues.apache.org/jira/browse/HBASE-19334?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Guanghao Zhang updated HBASE-19334:
-----------------------------------
    Attachment: HBASE-19334.master.001.patch

> User.runAsLoginUser not work in AccessController because it use a short circuited connection
> --------------------------------------------------------------------------------------------
>
>                 Key: HBASE-19334
>                 URL: https://issues.apache.org/jira/browse/HBASE-19334
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Guanghao Zhang
>            Assignee: Guanghao Zhang
>         Attachments: HBASE-19334.master.001.patch
>
>
> The short-circuited connection will bypass the RPC and the RPC context didn't change.
So it still use the old RPC user to write ACL table and User.runAsLoginUser not work.
> AccessController's grant method.
> {code}
>         User.runAsLoginUser(new PrivilegedExceptionAction<Void>() {
>           @Override
>           public Void run() throws Exception {
>             // regionEnv is set at #start. Hopefully not null at this point.
>             try (Table table = regionEnv.getConnection().
>                 getTable(AccessControlLists.ACL_TABLE_NAME)) {
>               AccessControlLists.addUserPermission(regionEnv.getConfiguration(), perm,
table,
>                   request.getMergeExistingPermissions());
>             }
>             return null;
>           }
>         });
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message