----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/69702/#review211938 -----------------------------------------------------------
sentry-service/sentry-service-server/src/main/java/org/apache/sentry/service/thrift/HiveSimpleConnectionFactory.java Line 112 (original), 117 (patched) <https://reviews.apache.org/r/69702/#comment297502> 1) In UserGroupInformation, if the context does not have subject, the getLoginUser() @Public @Evolving public static UserGroupInformation getCurrentUser() throws IOException { AccessControlContext context = AccessController.getContext(); Subject subject = Subject.getSubject(context); return subject != null && !subject.getPrincipals(User.class).isEmpty() ? new UserGroupInformation(subject) : getLoginUser(); } 2) removing the if (insecure) code block from the init does not work. 3) Insecure mode is usually done only for testing. In production, it is always secure mode. Fixing this bug is not the focus of this jira. I change this code only to get tests pass. I have created SENTRY-2486 to fix this bug correctly - Na Li On Jan. 11, 2019, 4:55 a.m., Na Li wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/69702/ > ----------------------------------------------------------- > > (Updated Jan. 11, 2019, 4:55 a.m.) > > > Review request for sentry, Arjun Mishra and kalyan kumar kalvagadda. > > > Bugs: sentry-2483 > https://issues.apache.org/jira/browse/sentry-2483 > > > Repository: sentry > > > Description > ------- > > Add READ_DATABASE and READ_TABLE events support to provide read authorization > to HMS. > > This is based on changed made by Sergio at > https://reviews.apache.org/r/69620/, and add code to fix unstable e2e tests > > > Diffs > ----- > > > sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/MetastoreAuthzBindingBase.java > 328d2b5 > > sentry-service/sentry-service-server/src/main/java/org/apache/sentry/service/thrift/HiveSimpleConnectionFactory.java > 31e58fd > sentry-tests/sentry-tests-hive/pom.xml 74777bb > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hdfs/TestHDFSIntegrationBase.java > 47f7466 > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hdfs/TestHDFSIntegrationTogglingConf.java > e504a8a > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/AbstractTestWithStaticConfiguration.java > 8bf486e > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/hiveserver/HiveServerFactory.java > 7d41348 > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/TestAuthorizingObjectStore.java > 3c28fd0 > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/TestMetastoreEndToEnd.java > f8f304f > > sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/minisentry/InternalSentrySrv.java > 9fa42f2 > > > Diff: https://reviews.apache.org/r/69702/diff/3/ > > > Testing > ------- > > add new e2e tests for READ_DATABASE and READ_TABLE at HMS > > > Thanks, > > Na Li > >
