[
https://issues.apache.org/jira/browse/SENTRY-528?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14220687#comment-14220687
]
guoquanshen commented on SENTRY-528:
------------------------------------
Hi [~gchanan], I found this bug, you can run in the eclipse to reproduce this
bug. Can you help me review my patch and fixed it. Thanks!
> Dependent on multiple versions of servlet-api jars lead to throw an
> SecurityException when running solr e2e test in eclipse
> ---------------------------------------------------------------------------------------------------------------------------
>
> Key: SENTRY-528
> URL: https://issues.apache.org/jira/browse/SENTRY-528
> Project: Sentry
> Issue Type: Bug
> Reporter: guoquanshen
> Assignee: guoquanshen
> Attachments: SENTRY-528.patch
>
>
> Running the solr e2e test in eclipse, for example the
> TestCollAdminCoreOperations, an SecurityException will be throwed.
> The log:{code}
> java.lang.SecurityException: class "javax.servlet.FilterRegistration"'s
> signer information does not match signer information of other classes in the
> same package
> at java.lang.ClassLoader.checkCerts(ClassLoader.java:952)
> at java.lang.ClassLoader.preDefineClass(ClassLoader.java:666)
> at java.lang.ClassLoader.defineClass(ClassLoader.java:794)
> at
> java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
> at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
> at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
> at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
> at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
> at java.security.AccessController.doPrivileged(Native Method)
> at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
> at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
> at
> org.eclipse.jetty.servlet.ServletContextHandler.<init>(ServletContextHandler.java:136)
> at
> org.eclipse.jetty.servlet.ServletContextHandler.<init>(ServletContextHandler.java:116)
> at
> org.apache.solr.client.solrj.embedded.JettySolrRunner.init(JettySolrRunner.java:287)
> at
> org.apache.solr.client.solrj.embedded.JettySolrRunner.<init>(JettySolrRunner.java:198)
> at
> org.apache.solr.cloud.MiniSolrCloudCluster.startJettySolrRunner(MiniSolrCloudCluster.java:114)
> at
> org.apache.solr.cloud.MiniSolrCloudCluster.<init>(MiniSolrCloudCluster.java:85)
> at
> org.apache.sentry.tests.e2e.solr.AbstractSolrSentryTestBase.beforeTestSimpleSolrEndToEnd(AbstractSolrSentryTestBase.java:149)
> {code}
> The basic issues is that Jetty brings in the Servlet 3.0 API:
> {code}
> [INFO] +- org.apache.solr:solr-test-framework:jar:4.8.0:compile
> [INFO] | +-
> org.eclipse.jetty.orbit:javax.servlet:jar:3.0.0.v201112011016:compile
> {code}
> but hadoop-common brings the servlet 2.5.0 API
> {code}
> [INFO] +- org.apache.hadoop:hadoop-common:jar:2.3.0-cdh5.1.0-SNAPSHOT:compile
> [INFO] | +- javax.servlet:servlet-api:jar:2.5:compile
> {code}
> So the solution is to exclude javax.servlet:servlet-api from the
> hadoop-common dependency
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
