hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thejas M Nair (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-14898) HS2 shouldn't log callstack for an empty auth header error
Date Wed, 15 Aug 2018 06:31:00 GMT

    [ https://issues.apache.org/jira/browse/HIVE-14898?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16580762#comment-16580762
] 

Thejas M Nair commented on HIVE-14898:
--------------------------------------

+1 pending tests


> HS2 shouldn't log callstack for an empty auth header error
> ----------------------------------------------------------
>
>                 Key: HIVE-14898
>                 URL: https://issues.apache.org/jira/browse/HIVE-14898
>             Project: Hive
>          Issue Type: Bug
>            Reporter: Sergey Shelukhin
>            Assignee: Daniel Dai
>            Priority: Major
>         Attachments: HIVE-14898.1.patch
>
>
> Currently when the auth header is not sent by the client (Knox seems to do this every
time - it only adds auth header after receiving 401), HS2 logs the following twice, for two
principals.
> The callstack is useless because this is an expected condition and 401 is returned to
the client.
> {noformat}
> 2016-10-05 15:32:02,408 ERROR [HiveServer2-HttpHandler-Pool: Thread-199]: thrift.ThriftHttpServlet
(ThriftHttpServlet.java:doKerberosAuth(169)) - Failed to authenticate with hive/_HOST kerberos
principal
> 2016-10-05 15:32:02,408 ERROR [HiveServer2-HttpHandler-Pool: Thread-199]: thrift.ThriftHttpServlet
(ThriftHttpServlet.java:doPost(104)) - Error: 
> org.apache.hive.service.auth.HttpAuthenticationException: java.lang.reflect.UndeclaredThrowableException
> 	at org.apache.hive.service.cli.thrift.ThriftHttpServlet.doKerberosAuth(ThriftHttpServlet.java:170)
> 	at org.apache.hive.service.cli.thrift.ThriftHttpServlet.doPost(ThriftHttpServlet.java:83)
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
> 	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:565)
> 	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:479)
> 	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:225)
> 	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1031)
> 	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:406)
> 	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:186)
> 	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:965)
> 	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)
> 	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:111)
> 	at org.eclipse.jetty.server.Server.handle(Server.java:349)
> 	at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:449)
> 	at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:925)
> 	at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:952)
> 	at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
> 	at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:76)
> 	at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:609)
> 	at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:45)
> 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
> 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
> 	at java.lang.Thread.run(Thread.java:745)
> Caused by: java.lang.reflect.UndeclaredThrowableException
> 	at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1686)
> 	at org.apache.hive.service.cli.thrift.ThriftHttpServlet.doKerberosAuth(ThriftHttpServlet.java:167)
> 	... 23 more
> Caused by: org.apache.hive.service.auth.HttpAuthenticationException: Authorization header
received from the client is empty.
> 	at org.apache.hive.service.cli.thrift.ThriftHttpServlet.getAuthHeader(ThriftHttpServlet.java:311)
> 	at org.apache.hive.service.cli.thrift.ThriftHttpServlet.access$100(ThriftHttpServlet.java:59)
> 	at org.apache.hive.service.cli.thrift.ThriftHttpServlet$HttpKerberosServerAction.run(ThriftHttpServlet.java:212)
> 	at org.apache.hive.service.cli.thrift.ThriftHttpServlet$HttpKerberosServerAction.run(ThriftHttpServlet.java:175)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at javax.security.auth.Subject.doAs(Subject.java:415)
> 	at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1671)
> 	... 24 more
> {noformat}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message