[jira] [Commented] (KYLIN-3474) Tableau 10.5 get malformed token (multi-query instance)

Tue, 19 Mar 2019 19:59:57 -0700 


    [ 
https://issues.apache.org/jira/browse/KYLIN-3474?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16796732#comment-16796732
 ] 

Temple Zhou commented on KYLIN-3474:
------------------------------------

{code:java}
public class KylinUserManager {

    private static final Logger logger = 
LoggerFactory.getLogger(KylinUserManager.class);

    public static KylinUserManager getInstance(KylinConfig config) {
        return config.getManager(KylinUserManager.class);
    }

    // called by reflection
    static KylinUserManager newInstance(KylinConfig config) throws IOException {
        return new KylinUserManager(config);
    }

    // 
============================================================================

    private KylinConfig config;
    // user ==> ManagedUser
    private CaseInsensitiveStringCache<ManagedUser> userMap;
    private CachedCrudAssist<ManagedUser> crud;
    private AutoReadWriteLock lock = new AutoReadWriteLock();
{code}

The userMap is case-insensitive, so I can authenticate successfully with 
uppercase or lowercase usernameļ¼Œbut 
org.apache.kylin.rest.security.ManagedUser#equals compare the username in a 
case sensitive method. 

org.apache.kylin.rest.security.KylinAuthenticationProvider#authenticate
{code:java}
                String username = user.getUsername();
                logger.debug("User {} authorities : {}", username, 
user.getAuthorities());
                if (!userService.userExists(username)) {
                    userService.createUser(user);
                } else if 
(!userService.loadUserByUsername(username).equals(user)) {
                    // in case ldap users changing.
                    userService.updateUser(user);
                }
{code}

Finally, the userService.loadUserByUsername(username).equals(user) will always 
be false, and the 
org.springframework.security.provisioning.UserDetailsManager#updateUser will be 
called many times per second.

> Tableau 10.5 get malformed token (multi-query instance)
> -------------------------------------------------------
>
>                 Key: KYLIN-3474
>                 URL: https://issues.apache.org/jira/browse/KYLIN-3474
>             Project: Kylin
>          Issue Type: Bug
>          Components: Query Engine, Security
>    Affects Versions: v2.3.0, v2.4.0, v2.5.0, v2.6.1
>            Reporter: Temple Zhou
>            Assignee: Temple Zhou
>            Priority: Major
>             Fix For: v2.4.1, v2.4.2
>
>         Attachments: KYLIN-3474.master.001.patch, kylin.log, 
> tableau-malformed-token.png
>
>
> I found that when I use Tableau 10.5 with Kylin 2.4.0(multi-query) , the 
> Tableau Server will get theĀ malformed token error when do query via restful 
> API.
> However, when I use Tableau 10.5 with Kylin 2.4.0(single query instance), the 
> error will be gone.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to