[
https://issues.apache.org/jira/browse/PHOENIX-3232?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Josh Elser resolved PHOENIX-3232.
---------------------------------
Resolution: Not A Problem
In re-thinking about this one while working on PHOENIX-3891, I think we're not
doing anything "bad". We actually mimic the functionality of HBase.
My initial concern was about users doing:
{code}
UserGroupInformation.loginUserWithKeytab(principal1, keytab1);
Connection cnxn1 =
DriverManager.getConnection("jdbc:phoenix:host.domain.com:2181:/hbase");
// Actual: does stuff as user1
doStuffAsUser1(cnxn1);
UserGroupInformation.loginUserWithKeytab(principal2, keytab2);
// Actual: does stuff as user1 (not as user2)
doStuffAsUser2(cnxn1);
{code}
What actually happens in the above is that the PhoenixConnection is tied to the
user that was logged in at the time the Connection was instantiated. I thought
this was prone to error, but later realized that it's actually a result of what
HBase does internally with its HConnection (that we're caching).
It may still be "confusing" but it's not something we would address solely here
in Phoenix. Makes me think that I need to do a write-up for the website..
> Automatic Kerberos login via JDBC url can result in clients using other's
> credentials
> -------------------------------------------------------------------------------------
>
> Key: PHOENIX-3232
> URL: https://issues.apache.org/jira/browse/PHOENIX-3232
> Project: Phoenix
> Issue Type: Bug
> Reporter: Josh Elser
> Assignee: Josh Elser
> Priority: Critical
>
> This is a recent topic of discussion that keeps coming up (PHOENIX-3189,
> PHOENIX-3216, and PHOENIX-3126).
> The root of the problem are two competing goals:
> 1. Try to re-use HBase Connections as much as possible
> 2. Change the "global" Kerberos user state (in UserGroupInformation)
> One common manifestation of this problem is when multiple JDBC URLs are used
> within a single JVM. Instances of PhoenixConnections are not tied to the user
> that was logged in at construction of the instance, but the global state
> (shared across the entire JVM). Thus, a second PhoenixConnection constructed
> with a different user causes the first PhoenixConnection to use the new
> user's credentials (without any warning).
> https://github.com/joshelser/phoenix-test/blob/master/src/main/java/com/github/joshelser/ConcurrentUse.java
> is a concrete example of how this breaks down. The [second use of the
> connection by "USER
> A"|https://github.com/joshelser/phoenix-test/blob/master/src/main/java/com/github/joshelser/ConcurrentUse.java#L82]
> is actually done as the other user.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
