[
https://issues.apache.org/jira/browse/OOZIE-1782?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13971842#comment-13971842
]
Rohini Palaniswamy commented on OOZIE-1782:
-------------------------------------------
Few comments:
1) Remove AccessControlException of 0.18 and the inner try block. Catch
org.apache.hadoop.security.AccessControlException and return 401 for that.
2) Do not change to throws XException. Wrap into AuthorizationException and
throw as it has been followed as a standard for all APIs.
3) Either add http error code to ErrorCode or XException class and use that
if available. Else throw 500 as http error code. Throwing XException and
assuming it to be 400 by default is not good.
> Workflow path not found is thrown as SC_UNAUTHORIZED
> ----------------------------------------------------
>
> Key: OOZIE-1782
> URL: https://issues.apache.org/jira/browse/OOZIE-1782
> Project: Oozie
> Issue Type: Bug
> Reporter: Purshotam Shah
> Assignee: Purshotam Shah
> Attachments: OOZIE-1782-V1.patch, OOZIE-1782-V2.patch
>
>
> {code:java}
> AuthorizationService.java
> ....
> Path path = new Path(appPath);
> try {
> if (!fs.exists(path)) {
> incrCounter(INSTR_FAILED_AUTH_COUNTER, 1);
> throw new AuthorizationException(ErrorCode.E0504, appPath);
> }
> BaseJobServlet.java
> ......
> if (wfPath != null) {
> auth.authorizeForApp(user, acl, wfPath, "workflow.xml", conf);
> }
> else if (coordPath != null){
> auth.authorizeForApp(user, acl, coordPath, "coordinator.xml",
> conf);
> }
> else if (bundlePath != null){
> auth.authorizeForApp(user, acl, bundlePath, "bundle.xml",
> conf);
> }
> }
> catch (AuthorizationException ex) {
> XLog.getLog(BaseJobServlet.class).info("AuthorizationException ",
> ex);
> throw new XServletException(HttpServletResponse.SC_UNAUTHORIZED,
> ex);
> }
> {code}
> Path not found should be a SC_BAD_REQUEST not SC_UNAUTHORIZED.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
