[jira] [Updated] (HBASE-19334) User.runAsLoginUser not work in AccessController because it use a short circuited connection

Wed, 22 Nov 2017 15:27:12 -0800 

     [ 
https://issues.apache.org/jira/browse/HBASE-19334?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Guanghao Zhang updated HBASE-19334:
-----------------------------------
    Description: 
The short-circuited connection will bypass the RPC and the RPC context didn't 
change. So it still use the old RPC user to write ACL table and 
User.runAsLoginUser not work.

AccessController's grant method.
{code}
        User.runAsLoginUser(new PrivilegedExceptionAction<Void>() {
          @Override
          public Void run() throws Exception {
            // regionEnv is set at #start. Hopefully not null at this point.
            try (Table table = regionEnv.getConnection().
                getTable(AccessControlLists.ACL_TABLE_NAME)) {
              
AccessControlLists.addUserPermission(regionEnv.getConfiguration(), perm, table,
                  request.getMergeExistingPermissions());
            }
            return null;
          }
        });
{code}

  was:The short-circuited connection will bypass the RPC and the RPC context 
didn't change. So it still use the old RPC user to write ACL table and 
User.runAsLoginUser not work.


> User.runAsLoginUser not work in AccessController because it use a short 
> circuited connection
> --------------------------------------------------------------------------------------------
>
>                 Key: HBASE-19334
>                 URL: https://issues.apache.org/jira/browse/HBASE-19334
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Guanghao Zhang
>
> The short-circuited connection will bypass the RPC and the RPC context didn't 
> change. So it still use the old RPC user to write ACL table and 
> User.runAsLoginUser not work.
> AccessController's grant method.
> {code}
>         User.runAsLoginUser(new PrivilegedExceptionAction<Void>() {
>           @Override
>           public Void run() throws Exception {
>             // regionEnv is set at #start. Hopefully not null at this point.
>             try (Table table = regionEnv.getConnection().
>                 getTable(AccessControlLists.ACL_TABLE_NAME)) {
>               
> AccessControlLists.addUserPermission(regionEnv.getConfiguration(), perm, 
> table,
>                   request.getMergeExistingPermissions());
>             }
>             return null;
>           }
>         });
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to