[jira] [Commented] (OOZIE-1166) Print a more helpful message when ProxyUserService is configured wrong

Mon, 14 Jan 2013 20:54:22 -0800 

    [ 
https://issues.apache.org/jira/browse/OOZIE-1166?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13553484#comment-13553484
 ] 

Harsh J commented on OOZIE-1166:
--------------------------------

Just some thoughts:

{code}
+        ParamChecker.notEmpty(proxyUser, "proxyUser", "please make sure that "
+                + "oozie.service.ProxyUserService.proxyuser.#USER#.hosts and"
+                + "oozie.service.ProxyUserService.proxyuser.#USER#.groups are 
configured correctly");
+        ParamChecker.notEmpty(proxyHost, "proxyHost",
+                "please make sure that 
oozie.service.ProxyUserService.proxyuser.#USER#.hosts is configured correctly");
+        ParamChecker.notEmpty(doAsUser, "doAsUser", "please make sure that "
+                + "oozie.service.ProxyUserService.proxyuser.#USER#.hosts and"
+                + "oozie.service.ProxyUserService.proxyuser.#USER#.groups are 
configured correctly");
{code}

Instead of printing "#USER#" in the penultimate and the ultimate 
param-checkers, perhaps we can substitute it with proxyUser as that has been 
asserted to be present?

Also, could an empty doAsUser be chalked up to these missing configs? If not, 
we can perhaps just leave it be as it may misguide otherwise?

Also, we can hint on why we need these configured perhaps:

"If you're attempting to use user-impersonation via a proxy user, please make 
sure that oozie.service.ProxyUserService.proxyuser.#USER#.hosts and 
oozie.service.ProxyUserService.proxyuser.#USER#.groups are configured 
correctly".

Unrelated:

Instead of {{core/src/main/java/org/apache/oozie/util/ParamChecker.java}} and 
such, we can perhaps switch over to using Google's Guava which provides 
arg-checkers, etc.? Other ecosystem projects already are. If this makes sense, 
lets file a new JIRA to investigate effort.
                
> Print a more helpful message when ProxyUserService is configured wrong
> ----------------------------------------------------------------------
>
>                 Key: OOZIE-1166
>                 URL: https://issues.apache.org/jira/browse/OOZIE-1166
>             Project: Oozie
>          Issue Type: Improvement
>    Affects Versions: trunk
>            Reporter: Robert Kanter
>            Assignee: Robert Kanter
>            Priority: Trivial
>             Fix For: trunk
>
>         Attachments: OOZIE-1166.patch
>
>
> If you don't properly configure 
> {{oozie.service.ProxyUserService.proxyuser.#USER#.hosts}} and 
> {{oozie.service.ProxyUserService.proxyuser.#USER#.groups}} and then try to 
> use the ProxyUserService, you can get an exception like this:
> {noformat}
> 2013-01-14 13:46:25,482 ERROR V1JobsServlet:536 - USER[-] GROUP[-] TOKEN[-] 
> APP[-] JOB[-] ACTION[-] URL[GET 
> http://localhost:11000/oozie/v1/jobs?doAs=foo] error, proxyUser cannot be null
> java.lang.IllegalArgumentException: proxyUser cannot be null
>       at org.apache.oozie.util.ParamChecker.notEmpty(ParamChecker.java:68)
>       at 
> org.apache.oozie.service.ProxyUserService.validate(ProxyUserService.java:131)
>       at 
> org.apache.oozie.servlet.JsonRestServlet.getUser(JsonRestServlet.java:553)
>       at 
> org.apache.oozie.servlet.JsonRestServlet.service(JsonRestServlet.java:278)
>       at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
>       at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>       at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>       at org.apache.oozie.servlet.AuthFilter$2.doFilter(AuthFilter.java:126)
>       at 
> org.apache.hadoop.security.authentication.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:372)
>       at org.apache.oozie.servlet.AuthFilter.doFilter(AuthFilter.java:131)
>       at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>       at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>       at 
> org.apache.oozie.servlet.HostnameFilter.doFilter(HostnameFilter.java:67)
>       at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>       at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>       at 
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
>       at 
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
>       at 
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
>       at 
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
>       at 
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>       at 
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
>       at 
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861)
>       at 
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:606)
>       at 
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
>       at java.lang.Thread.run(Thread.java:680)
> {noformat}
> It would be more helpful to the user if it gave more information such as 
> "proxyUser cannot be null, please make sure that 
> oozie.service.ProxyUserService.proxyuser.#USER#.hosts and 
> oozie.service.ProxyUserService.proxyuser.#USER#.groups are configured 
> correctly"

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to