[jira] [Created] (HBASE-10088) SecureClient will hang when access secure-disabled cluster

[cuijianwei (JIRA)]

cuijianwei created HBASE-10088:
----------------------------------

             Summary: SecureClient will hang when access secure-disabled cluster
                 Key: HBASE-10088
                 URL: https://issues.apache.org/jira/browse/HBASE-10088
             Project: HBase
          Issue Type: Improvement
          Components: Client, security
    Affects Versions: 0.94.14
            Reporter: cuijianwei


When I misuse a secure hbase client to access a secure-disabled hbase server, I 
found the client will hang. The reason is that client will firstly invoke rpc 
method "getProtocolVersion", and the response from a secure-disabled server 
won't contain necessary fields processed by SecureClient. SecureClient will 
process the response as follows : (from SecureClient.receiveResponse()):
{code}
if (state == Status.SUCCESS.state) {
          Writable value = ReflectionUtils.newInstance(valueClass, conf);
          value.readFields(in);                 // read value
          if (LOG.isDebugEnabled()) {
            LOG.debug("call #"+id+", response is:\n"+value.toString());
          }
          // it's possible that this call may have been cleaned up due to a RPC
          // timeout, so check if it still exists before setting the value.
          if (call != null) {
            call.setValue(value);
          }
        } else if (state == Status.ERROR.state) {
          if (call != null) {
            call.setException(new RemoteException(WritableUtils.readString(in), 
WritableUtils
                .readString(in)));
          }
        } else if (state == Status.FATAL.state) {
          RemoteException exception = new 
RemoteException(WritableUtils.readString(in),
              WritableUtils.readString(in));
          // the call will be removed from call map, we must set Exception here 
to notify
          // the thread waited on the call
          if (call != null) {
            call.setException(exception);
          }
          // Close the connection
          markClosed(exception);
        }
        calls.remove(id);
{code}
As the above code, SecureClient need to read 'state' field from response. If 
the response is from a secure-disabled server, there will no 'state' field in 
response and SecureClient will get an illegal 'state', then the call will be 
removed from cached calls without notifying waiting thread. This will make the 
invoker waiting all the time. Although we should not use secure client to 
access secure-disabled server, users might encounter this situation because of 
misusing or error configuration. If the client will hang in this situation, 
users might not know the error quickly. Maybe, it is better to report an error 
in this situation so that users will know what happens quickly.



--
This message was sent by Atlassian JIRA
(v6.1#6144)