[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found

Thu, 28 Mar 2019 04:35:34 -0700 


    [ 
https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16803852#comment-16803852
 ] 

Tomas Sokorai commented on HBASE-22123:
---------------------------------------

This is caused by the class org.apache.hadoop.hbase.rest.RowResultGenerator 
constructor catching the DoNotRetryIOException for a particular use case, but 
not rethrowing it for the exception for the AccessDeniedException case.

Current code:
{code:java}
} catch (DoNotRetryIOException e) {
  // Warn here because Stargate will return 404 in the case if multiple
  // column families were specified but one did not exist -- currently
  // HBase will fail the whole Get.
  // Specifying multiple columns in a URI should be uncommon usage but
  // help to avoid confusion by leaving a record of what happened here in
  // the log.
  LOG.warn(StringUtils.stringifyException(e));
} finally {{code}
 

Proposed change is:
{code:java}
} catch (DoNotRetryIOException e) {
  // Warn here because Stargate will return 404 in the case if multiple
  // column families were specified but one did not exist -- currently
  // HBase will fail the whole Get.
  // Specifying multiple columns in a URI should be uncommon usage but
  // help to avoid confusion by leaving a record of what happened here in
  // the log.
  LOG.warn(StringUtils.stringifyException(e));
  // Lets get the exception rethrown to get a more meaningful error message 
than 404
  if(e instanceof AccessDeniedException)
    throw e;
} finally {{code}
 

 

> REST gateway reports Insufficient permissions exceptions as 404 Not Found
> -------------------------------------------------------------------------
>
>                 Key: HBASE-22123
>                 URL: https://issues.apache.org/jira/browse/HBASE-22123
>             Project: HBase
>          Issue Type: Bug
>          Components: REST
>    Affects Versions: 2.0.5
>            Reporter: Tomas Sokorai
>            Priority: Minor
>
> When a row access is denied due to insufficient permissions, the error thrown 
> to the client is 404 Not Found, instead of the proper 403 Forbidden exception.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to