[jira] [Commented] (HADOOP-9363) AuthenticatedURL will NPE if server closes connection

Daryn Sharp (JIRA) Tue, 05 Mar 2013 11:10:14 -0800

    [ 
https://issues.apache.org/jira/browse/HADOOP-9363?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13593781#comment-13593781
 ]


Daryn Sharp commented on HADOOP-9363:
-------------------------------------

Example stack trace from 23, although the line numbers should be similar for 
trunk.  Problem was found while attempting to inject faults to force 
acquisition of a new SPNEGO token.

In this particular case, a kerberos replay attack exception caused the server 
to abruptly close the connection.  The issue could of course happen for other 
reasons.

{noformat}
Exception in thread "main" java.lang.RuntimeException: 
java.lang.NullPointerException
        at 
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1014)
        at 
sun.net.www.protocol.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:2211)
        at 
java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:382)
        at 
org.apache.hadoop.security.authentication.client.AuthenticatedURL.extractToken(AuthenticatedURL.java:251)
        at 
org.apache.hadoop.security.authentication.client.PseudoAuthenticator.authenticate(PseudoAuthenticator.java:61)
        at 
org.apache.hadoop.security.authentication.client.KerberosAuthenticator.authenticate(KerberosAuthenticator.java:143)
        at 
org.apache.hadoop.security.authentication.client.AuthenticatedURL.openConnection(AuthenticatedURL.java:217)
        at 
org.apache.hadoop.hdfs.web.WebHdfsFileSystem.getHttpUrlConnection(WebHdfsFileSystem.java:360)
        [....]
Caused by: java.lang.NullPointerException
        at 
sun.net.www.protocol.http.NegotiateAuthentication.setHeaders(NegotiateAuthentication.java:161)
        at 
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1171)
        at 
java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:373)
{noformat}
                
> AuthenticatedURL will NPE if server closes connection
> -----------------------------------------------------
>
>                 Key: HADOOP-9363
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9363
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 0.23.0, 2.0.0-alpha, 3.0.0
>            Reporter: Daryn Sharp
>
> A NPE occurs if the server unexpectedly closes the connection for an 
> {{AuthenticatedURL}} w/o sending a response.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Commented] (HADOOP-9363) AuthenticatedURL will NPE if server closes connection

Reply via email to