[jira] [Updated] (HADOOP-16094) AuthenticationFilter can trigger NullPointerException in KerberosName class

Tue, 05 Feb 2019 15:02:51 -0800 


     [ 
https://issues.apache.org/jira/browse/HADOOP-16094?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Eric Yang updated HADOOP-16094:
-------------------------------
    Attachment: HADOOP-16094.001.patch

> AuthenticationFilter can trigger NullPointerException in KerberosName class
> ---------------------------------------------------------------------------
>
>                 Key: HADOOP-16094
>                 URL: https://issues.apache.org/jira/browse/HADOOP-16094
>             Project: Hadoop Common
>          Issue Type: Bug
>    Affects Versions: 3.2.0, 3.3.0, 3.1.2
>            Reporter: Eric Yang
>            Priority: Major
>         Attachments: HADOOP-16094.001.patch
>
>
> Hadoop AuthenticationFilter example can fail with NullPointerException if 
> auth_to_local rules has not been parsed from Configuration object.  This can 
> happen if the web application does not have any initialization code that 
> leads to triggering: UserGroupInformation.initialize(conf, boolean);
> Stacktrace:
> {code}
> 2019-02-05 20:08:05,668 [http-bio-8080-exec-11] DEBUG 
> org.apache.hadoop.security.authentication.server.AuthenticationFilter- 
> Authentication exception: java.lang.NullPointerException
> org.apache.hadoop.security.authentication.client.AuthenticationException: 
> java.lang.NullPointerException
>       at 
> org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler.authenticate(KerberosAuthenticationHandler.java:315)
>       at 
> org.apache.hadoop.security.authentication.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:536)
>       at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>       at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>       at 
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
>       at 
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
>       at 
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:506)
>       at 
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
>       at 
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
>       at 
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962)
>       at 
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
>       at 
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)
>       at 
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1087)
>       at 
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
>       at 
> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)
>       at 
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
>       at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
>       at 
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>       at java.lang.Thread.run(Thread.java:748)
> Caused by: java.lang.NullPointerException
>       at 
> org.apache.hadoop.security.authentication.util.KerberosName.getShortName(KerberosName.java:422)
>       at 
> org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler.runWithPrincipal(KerberosAuthenticationHandler.java:352)
>       at 
> org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler.access$000(KerberosAuthenticationHandler.java:64)
>       at 
> org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler$2.run(KerberosAuthenticationHandler.java:304)
>       at 
> org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler$2.run(KerberosAuthenticationHandler.java:301)
>       at java.security.AccessController.doPrivileged(Native Method)
>       at javax.security.auth.Subject.doAs(Subject.java:422)
>       at 
> org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler.authenticate(KerberosAuthenticationHandler.java:300)
>       ... 18 more
> {code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org

Reply via email to