[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[ https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804690#comment-16804690 ] Hudson commented on HBASE-22123: Results for branch master [build #894 on builds.a.o|https://builds.apache.org/job/HBase%20Nightly/job/master/894/]: (x) *{color:red}-1 overall{color}* details (if available): (/) {color:green}+1 general checks{color} -- For more information [see general report|https://builds.apache.org/job/HBase%20Nightly/job/master/894//General_Nightly_Build_Report/] (x) {color:red}-1 jdk8 hadoop2 checks{color} -- For more information [see jdk8 (hadoop2) report|https://builds.apache.org/job/HBase%20Nightly/job/master/894//JDK8_Nightly_Build_Report_(Hadoop2)/] (x) {color:red}-1 jdk8 hadoop3 checks{color} -- For more information [see jdk8 (hadoop3) report|https://builds.apache.org/job/HBase%20Nightly/job/master/894//JDK8_Nightly_Build_Report_(Hadoop3)/] (/) {color:green}+1 source release artifact{color} -- See build output for details. (/) {color:green}+1 client integration test{color} > REST gateway reports Insufficient permissions exceptions as 404 Not Found > - > > Key: HBASE-22123 > URL: https://issues.apache.org/jira/browse/HBASE-22123 > Project: HBase > Issue Type: Bug > Components: REST >Affects Versions: 2.0.5 >Reporter: Tomas Sokorai >Assignee: Tomas Sokorai >Priority: Minor > Fix For: 3.0.0, 2.2.0, 2.3.0, 2.0.6, 2.1.5 > > Attachments: HBASE-22123.patch, HBASE-22123_002.patch > > > When a row access is denied due to insufficient permissions, the error thrown > to the client is 404 Not Found, instead of the proper 403 Forbidden exception. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[ https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804653#comment-16804653 ] Hudson commented on HBASE-22123: Results for branch branch-2.2 [build #141 on builds.a.o|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.2/141/]: (/) *{color:green}+1 overall{color}* details (if available): (/) {color:green}+1 general checks{color} -- For more information [see general report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.2/141//General_Nightly_Build_Report/] (/) {color:green}+1 jdk8 hadoop2 checks{color} -- For more information [see jdk8 (hadoop2) report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.2/141//JDK8_Nightly_Build_Report_(Hadoop2)/] (/) {color:green}+1 jdk8 hadoop3 checks{color} -- For more information [see jdk8 (hadoop3) report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.2/141//JDK8_Nightly_Build_Report_(Hadoop3)/] (/) {color:green}+1 source release artifact{color} -- See build output for details. (/) {color:green}+1 client integration test{color} > REST gateway reports Insufficient permissions exceptions as 404 Not Found > - > > Key: HBASE-22123 > URL: https://issues.apache.org/jira/browse/HBASE-22123 > Project: HBase > Issue Type: Bug > Components: REST >Affects Versions: 2.0.5 >Reporter: Tomas Sokorai >Assignee: Tomas Sokorai >Priority: Minor > Fix For: 3.0.0, 2.2.0, 2.3.0, 2.0.6, 2.1.5 > > Attachments: HBASE-22123.patch, HBASE-22123_002.patch > > > When a row access is denied due to insufficient permissions, the error thrown > to the client is 404 Not Found, instead of the proper 403 Forbidden exception. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[ https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804586#comment-16804586 ] Hudson commented on HBASE-22123: Results for branch branch-2.1 [build #1004 on builds.a.o|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.1/1004/]: (x) *{color:red}-1 overall{color}* details (if available): (/) {color:green}+1 general checks{color} -- For more information [see general report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.1/1004//General_Nightly_Build_Report/] (x) {color:red}-1 jdk8 hadoop2 checks{color} -- For more information [see jdk8 (hadoop2) report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.1/1004//JDK8_Nightly_Build_Report_(Hadoop2)/] (/) {color:green}+1 jdk8 hadoop3 checks{color} -- For more information [see jdk8 (hadoop3) report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.1/1004//JDK8_Nightly_Build_Report_(Hadoop3)/] (/) {color:green}+1 source release artifact{color} -- See build output for details. (/) {color:green}+1 client integration test{color} > REST gateway reports Insufficient permissions exceptions as 404 Not Found > - > > Key: HBASE-22123 > URL: https://issues.apache.org/jira/browse/HBASE-22123 > Project: HBase > Issue Type: Bug > Components: REST >Affects Versions: 2.0.5 >Reporter: Tomas Sokorai >Assignee: Tomas Sokorai >Priority: Minor > Fix For: 3.0.0, 2.2.0, 2.3.0, 2.0.6, 2.1.5 > > Attachments: HBASE-22123.patch, HBASE-22123_002.patch > > > When a row access is denied due to insufficient permissions, the error thrown > to the client is 404 Not Found, instead of the proper 403 Forbidden exception. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[ https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804576#comment-16804576 ] Hudson commented on HBASE-22123: Results for branch branch-2.0 [build #1474 on builds.a.o|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.0/1474/]: (/) *{color:green}+1 overall{color}* details (if available): (/) {color:green}+1 general checks{color} -- For more information [see general report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.0/1474//General_Nightly_Build_Report/] (/) {color:green}+1 jdk8 hadoop2 checks{color} -- For more information [see jdk8 (hadoop2) report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.0/1474//JDK8_Nightly_Build_Report_(Hadoop2)/] (/) {color:green}+1 jdk8 hadoop3 checks{color} -- For more information [see jdk8 (hadoop3) report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.0/1474//JDK8_Nightly_Build_Report_(Hadoop3)/] (/) {color:green}+1 source release artifact{color} -- See build output for details. > REST gateway reports Insufficient permissions exceptions as 404 Not Found > - > > Key: HBASE-22123 > URL: https://issues.apache.org/jira/browse/HBASE-22123 > Project: HBase > Issue Type: Bug > Components: REST >Affects Versions: 2.0.5 >Reporter: Tomas Sokorai >Assignee: Tomas Sokorai >Priority: Minor > Fix For: 3.0.0, 2.2.0, 2.3.0, 2.0.6, 2.1.5 > > Attachments: HBASE-22123.patch, HBASE-22123_002.patch > > > When a row access is denied due to insufficient permissions, the error thrown > to the client is 404 Not Found, instead of the proper 403 Forbidden exception. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[ https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804498#comment-16804498 ] Hudson commented on HBASE-22123: Results for branch branch-2 [build #1783 on builds.a.o|https://builds.apache.org/job/HBase%20Nightly/job/branch-2/1783/]: (x) *{color:red}-1 overall{color}* details (if available): (/) {color:green}+1 general checks{color} -- For more information [see general report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2/1783//General_Nightly_Build_Report/] (x) {color:red}-1 jdk8 hadoop2 checks{color} -- For more information [see jdk8 (hadoop2) report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2/1783//JDK8_Nightly_Build_Report_(Hadoop2)/] (/) {color:green}+1 jdk8 hadoop3 checks{color} -- For more information [see jdk8 (hadoop3) report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2/1783//JDK8_Nightly_Build_Report_(Hadoop3)/] (/) {color:green}+1 source release artifact{color} -- See build output for details. (/) {color:green}+1 client integration test{color} > REST gateway reports Insufficient permissions exceptions as 404 Not Found > - > > Key: HBASE-22123 > URL: https://issues.apache.org/jira/browse/HBASE-22123 > Project: HBase > Issue Type: Bug > Components: REST >Affects Versions: 2.0.5 >Reporter: Tomas Sokorai >Assignee: Tomas Sokorai >Priority: Minor > Fix For: 3.0.0, 2.2.0, 2.3.0, 2.0.6, 2.1.5 > > Attachments: HBASE-22123.patch, HBASE-22123_002.patch > > > When a row access is denied due to insufficient permissions, the error thrown > to the client is 404 Not Found, instead of the proper 403 Forbidden exception. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[ https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804233#comment-16804233 ] Tomas Sokorai commented on HBASE-22123: --- Thanks a lot!, and yes, I have a mail configured in the Jira profile but couldn't find a setting to make it viewable for other members. > REST gateway reports Insufficient permissions exceptions as 404 Not Found > - > > Key: HBASE-22123 > URL: https://issues.apache.org/jira/browse/HBASE-22123 > Project: HBase > Issue Type: Bug > Components: REST >Affects Versions: 2.0.5 >Reporter: Tomas Sokorai >Assignee: Tomas Sokorai >Priority: Minor > Fix For: 3.0.0, 2.2.0, 2.3.0, 2.0.6, 2.1.5 > > Attachments: HBASE-22123.patch, HBASE-22123_002.patch > > > When a row access is denied due to insufficient permissions, the error thrown > to the client is 404 Not Found, instead of the proper 403 Forbidden exception. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[ https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804231#comment-16804231 ] stack commented on HBASE-22123: --- Oh, and if more patches, look at the dev-tools/submit-patch.py script Its nice for getting patches up into HBase. Just FYI. > REST gateway reports Insufficient permissions exceptions as 404 Not Found > - > > Key: HBASE-22123 > URL: https://issues.apache.org/jira/browse/HBASE-22123 > Project: HBase > Issue Type: Bug > Components: REST >Affects Versions: 2.0.5 >Reporter: Tomas Sokorai >Assignee: Tomas Sokorai >Priority: Minor > Fix For: 3.0.0, 2.2.0, 2.3.0, 2.0.6, 2.1.5 > > Attachments: HBASE-22123.patch, HBASE-22123_002.patch > > > When a row access is denied due to insufficient permissions, the error thrown > to the client is 404 Not Found, instead of the proper 403 Forbidden exception. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[ https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804198#comment-16804198 ] Tomas Sokorai commented on HBASE-22123: --- Thanks for the input, Stack. Added the style changes. And re:the actual message, the upper code handles the ADE nicely and gets you something like this: {code:java} HTTP/1.1 403 Forbidden{code} on the HTTP side, and in the message {code:java} Forbidden org.apache.hadoop.hbase.security.AccessDeniedException: org.apache.hadoop.hbase.security.AccessDeniedException: Insufficient permissions for user ‘myuser',action: get, tableName:mytable, family:cf. at org.apache.ranger.authorization.hbase.RangerAuthorizationCoprocessor.authorizeAccess(RangerAuthorizationCoprocessor.java:547){code} and the rest of the ADE stack > REST gateway reports Insufficient permissions exceptions as 404 Not Found > - > > Key: HBASE-22123 > URL: https://issues.apache.org/jira/browse/HBASE-22123 > Project: HBase > Issue Type: Bug > Components: REST >Affects Versions: 2.0.5 >Reporter: Tomas Sokorai >Priority: Minor > Attachments: HBASE-22123.patch, HBASE-22123_002.patch > > > When a row access is denied due to insufficient permissions, the error thrown > to the client is 404 Not Found, instead of the proper 403 Forbidden exception. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[ https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804154#comment-16804154 ] stack commented on HBASE-22123: --- Patch looks good to me. Could you format it in a manner that agrees with the rest of the file (space after the if and parens around the throw)? What happens when the ADE is thrown? User gets 404 or 401? > REST gateway reports Insufficient permissions exceptions as 404 Not Found > - > > Key: HBASE-22123 > URL: https://issues.apache.org/jira/browse/HBASE-22123 > Project: HBase > Issue Type: Bug > Components: REST >Affects Versions: 2.0.5 >Reporter: Tomas Sokorai >Priority: Minor > Attachments: HBASE-22123.patch > > > When a row access is denied due to insufficient permissions, the error thrown > to the client is 404 Not Found, instead of the proper 403 Forbidden exception. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[ https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16803854#comment-16803854 ] Tomas Sokorai commented on HBASE-22123: --- Attached proposed patch for this issue. > REST gateway reports Insufficient permissions exceptions as 404 Not Found > - > > Key: HBASE-22123 > URL: https://issues.apache.org/jira/browse/HBASE-22123 > Project: HBase > Issue Type: Bug > Components: REST >Affects Versions: 2.0.5 >Reporter: Tomas Sokorai >Priority: Minor > Attachments: HBASE-22123.patch > > > When a row access is denied due to insufficient permissions, the error thrown > to the client is 404 Not Found, instead of the proper 403 Forbidden exception. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[ https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16803852#comment-16803852 ] Tomas Sokorai commented on HBASE-22123: --- This is caused by the class org.apache.hadoop.hbase.rest.RowResultGenerator constructor catching the DoNotRetryIOException for a particular use case, but not rethrowing it for the exception for the AccessDeniedException case. Current code: {code:java} } catch (DoNotRetryIOException e) { // Warn here because Stargate will return 404 in the case if multiple // column families were specified but one did not exist -- currently // HBase will fail the whole Get. // Specifying multiple columns in a URI should be uncommon usage but // help to avoid confusion by leaving a record of what happened here in // the log. LOG.warn(StringUtils.stringifyException(e)); } finally {{code} Proposed change is: {code:java} } catch (DoNotRetryIOException e) { // Warn here because Stargate will return 404 in the case if multiple // column families were specified but one did not exist -- currently // HBase will fail the whole Get. // Specifying multiple columns in a URI should be uncommon usage but // help to avoid confusion by leaving a record of what happened here in // the log. LOG.warn(StringUtils.stringifyException(e)); // Lets get the exception rethrown to get a more meaningful error message than 404 if(e instanceof AccessDeniedException) throw e; } finally {{code} > REST gateway reports Insufficient permissions exceptions as 404 Not Found > - > > Key: HBASE-22123 > URL: https://issues.apache.org/jira/browse/HBASE-22123 > Project: HBase > Issue Type: Bug > Components: REST >Affects Versions: 2.0.5 >Reporter: Tomas Sokorai >Priority: Minor > > When a row access is denied due to insufficient permissions, the error thrown > to the client is 404 Not Found, instead of the proper 403 Forbidden exception. -- This message was sent by Atlassian JIRA (v7.6.3#76005)