hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sushanth Sowmyan (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-5048) StorageBasedAuthorization provider causes an NPE when asked to authorize from client side.
Date Wed, 14 Aug 2013 18:37:49 GMT

    [ https://issues.apache.org/jira/browse/HIVE-5048?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13740017#comment-13740017
] 

Sushanth Sowmyan commented on HIVE-5048:
----------------------------------------

Ashutosh, I'm afraid I don't understand what problem I'm masking, the fix I add is doing exactly
that - making sure a wh variable is always instantiated.

In the current form, SBAP is usable only from the metastore-side, and wasn't initially written
to be initializable from the client-side. When initialized from the metastore, the setMetaStoreHandler
call is called, and the wh variable is initialized from handler.getWh() and all is good.

This patch addresses the case where it is called from the client-side, in which case we do
not have a wh object (which we were previously getting from the metastore) and so, with this
patch, we initialize it.

I added the else{} block for the sake of completeness/documentation, but realistically, that
can never/will never be entered. I can change the MetaException to an IllegalStateException
to make that more strict, if that's what you mean.
                
> StorageBasedAuthorization provider causes an NPE when asked to authorize from client
side.
> ------------------------------------------------------------------------------------------
>
>                 Key: HIVE-5048
>                 URL: https://issues.apache.org/jira/browse/HIVE-5048
>             Project: Hive
>          Issue Type: Bug
>          Components: Security
>            Reporter: Sushanth Sowmyan
>            Assignee: Sushanth Sowmyan
>         Attachments: HIVE-5048.patch
>
>
> StorageBasedAuthorizationProvider(henceforth referred to as SBAP) is a HiveMetastoreAuthorizationProvider
(henceforth referred to as HMAP, and HiveAuthorizationProvider as HAP) that was introduced
as part of HIVE-3705.
> As long as it's used as a HMAP, i.e. from the metastore-side, as was its initial implementation
intent, everything's great. However, HMAP extends HAP, and there is no reason SBAP shouldn't
be expected to work as a HAP as well. However, it uses a wh variable that is never initialized
if it is called as a HAP, and hence, it will always fail when authorize is called on it.
> We should change SBAP so that it correctly initiazes wh so that it can be run as a HAP
as well.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message