[
https://issues.apache.org/jira/browse/HBASE-13482?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14497342#comment-14497342
]
Enis Soztutar commented on HBASE-13482:
---------------------------------------
I think this is coming from HBASE-13397:
{code}
- private void requireScannerOwner(InternalScanner s)
- throws AccessDeniedException {
- if (RequestContext.isInRequestContext()) {
- String requestUserName = RequestContext.getRequestUserName();
- String owner = scannerOwners.get(s);
- if (owner != null && !owner.equals(requestUserName)) {
- throw new AccessDeniedException("User '"+ requestUserName +"' is not
the scanner owner!");
- }
+ private void requireScannerOwner(InternalScanner s) throws
AccessDeniedException {
+ String requestUserName = RpcServer.getRequestUserName();
+ String owner = scannerOwners.get(s);
+ if (owner != null && !owner.equals(requestUserName)) {
+ throw new AccessDeniedException("User '"+ requestUserName +"' is not the
scanner owner!");
}
}
{code}
We had the guard for checking whether we are in the RPC context before, now we
don't have it.
I have seen this in Leases where the Leases thread tries to expire the scanner
getting this exception. The above stack trace though seems that it is actually
in an RPC context (so maybe there is another issue?)
> Phoenix is failing to scan tables on secure environments.
> ----------------------------------------------------------
>
> Key: HBASE-13482
> URL: https://issues.apache.org/jira/browse/HBASE-13482
> Project: HBase
> Issue Type: Bug
> Reporter: Alicia Ying Shu
> Assignee: Alicia Ying Shu
> Attachments: Hbase-13482.patch
>
>
> When executed on secure environments, phoenix query is getting the following
> exception message:
> java.util.concurrent.ExecutionException:
> org.apache.hadoop.hbase.security.AccessDeniedException:
> org.apache.hadoop.hbase.security.AccessDeniedException: User 'null' is not
> the scanner owner!
> org.apache.hadoop.hbase.security.access.AccessController.requireScannerOwner(AccessController.java:2048)
> org.apache.hadoop.hbase.security.access.AccessController.preScannerNext(AccessController.java:2022)
> org.apache.hadoop.hbase.regionserver.RegionCoprocessorHost$53.call(RegionCoprocessorHost.java:1336)
> org.apache.hadoop.hbase.regionserver.RegionCoprocessorHost$RegionOperation.call(RegionCoprocessorHost.java:1671)
> org.apache.hadoop.hbase.regionserver.RegionCoprocessorHost.execOperation(RegionCoprocessorHost.java:1746)
> org.apache.hadoop.hbase.regionserver.RegionCoprocessorHost.execOperationWithResult(RegionCoprocessorHost.java:1720)
> org.apache.hadoop.hbase.regionserver.RegionCoprocessorHost.preScannerNext(RegionCoprocessorHost.java:1331)
> org.apache.hadoop.hbase.regionserver.RSRpcServices.scan(RSRpcServices.java:2227)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
