[jira] [Commented] (KYLIN-3474) Tableau 10.5 get malformed token (multi-query instance)

Fri, 04 Jan 2019 00:03:17 -0800 


    [ 
https://issues.apache.org/jira/browse/KYLIN-3474?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16733915#comment-16733915
 ] 

Temple Zhou commented on KYLIN-3474:
------------------------------------

Hello~

Can anyone review the patch?

I remove the following lines

{code:java}
public void updateUser(UserDetails user) {
        Preconditions.checkState(user instanceof ManagedUser, "User {} is not 
ManagedUser", user);
        ManagedUser managedUser = (ManagedUser) user;
        getKylinUserManager().update(managedUser);
        logger.trace("update user : {}", user.getUsername());
        setEvictCacheFlag(true);  // removed
    }
{code}

As I found that "setEvictCacheFlag(true)" will made the userCache in 
KylinAuthenticationProvider invalid forever. Every RESTfull API Call will be 
auth by authenticationProvider instead of using the userCache, which will 
contribute to the malformed token with large concurrency and let the LDAP 
server more pressure.

> Tableau 10.5 get malformed token (multi-query instance)
> -------------------------------------------------------
>
>                 Key: KYLIN-3474
>                 URL: https://issues.apache.org/jira/browse/KYLIN-3474
>             Project: Kylin
>          Issue Type: Bug
>          Components: Query Engine, Security
>    Affects Versions: v2.4.0
>            Reporter: Temple Zhou
>            Assignee: Temple Zhou
>            Priority: Major
>         Attachments: KYLIN-3474.master.001.patch, kylin.log, 
> tableau-malformed-token.png
>
>
> I found that when I use Tableau 10.5 with Kylin 2.4.0(multi-query) , the 
> Tableau Server will get theĀ malformed token error when do query via restful 
> API.
> However, when I use Tableau 10.5 with Kylin 2.4.0(single query instance), the 
> error will be gone.
> Now, I just annotate the following 
> lines(org.apache.kylin.rest.security.KylinAuthenticationProvider 84-87) and 
> the Tableau 10.5 can run regularly with Kylin 2.4.0(multi-query).
> {code:java}
>  @Override
>     public Authentication authenticate(Authentication authentication) throws 
> AuthenticationException {
>         byte[] hashKey = hf.hashString(authentication.getName() + 
> authentication.getCredentials()).asBytes();
>         String userKey = Arrays.toString(hashKey);
>         // if (userService.isEvictCacheFlag()) {
>         //     userCache.invalidateAll();
>         //     userService.setEvictCacheFlag(false);
>         // }
>         Authentication authed = userCache.getIfPresent(userKey);
>         if (null != authed) {
>             SecurityContextHolder.getContext().setAuthentication(authed);
>         } else {
> {code}
> I don't know if you tested the Kylin(multi-query) Cluster Mode with Tableau?



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to