[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[
https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804690#comment-16804690
]
Hudson commented on HBASE-22123:
Results for branch master
[build #894 on
builds.a.o|https://builds.apache.org/job/HBase%20Nightly/job/master/894/]: (x)
*{color:red}-1 overall{color}*
details (if available):
(/) {color:green}+1 general checks{color}
-- For more information [see general
report|https://builds.apache.org/job/HBase%20Nightly/job/master/894//General_Nightly_Build_Report/]
(x) {color:red}-1 jdk8 hadoop2 checks{color}
-- For more information [see jdk8 (hadoop2)
report|https://builds.apache.org/job/HBase%20Nightly/job/master/894//JDK8_Nightly_Build_Report_(Hadoop2)/]
(x) {color:red}-1 jdk8 hadoop3 checks{color}
-- For more information [see jdk8 (hadoop3)
report|https://builds.apache.org/job/HBase%20Nightly/job/master/894//JDK8_Nightly_Build_Report_(Hadoop3)/]
(/) {color:green}+1 source release artifact{color}
-- See build output for details.
(/) {color:green}+1 client integration test{color}
> REST gateway reports Insufficient permissions exceptions as 404 Not Found
> -
>
> Key: HBASE-22123
> URL: https://issues.apache.org/jira/browse/HBASE-22123
> Project: HBase
> Issue Type: Bug
> Components: REST
>Affects Versions: 2.0.5
>Reporter: Tomas Sokorai
>Assignee: Tomas Sokorai
>Priority: Minor
> Fix For: 3.0.0, 2.2.0, 2.3.0, 2.0.6, 2.1.5
>
> Attachments: HBASE-22123.patch, HBASE-22123_002.patch
>
>
> When a row access is denied due to insufficient permissions, the error thrown
> to the client is 404 Not Found, instead of the proper 403 Forbidden exception.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[
https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804653#comment-16804653
]
Hudson commented on HBASE-22123:
Results for branch branch-2.2
[build #141 on
builds.a.o|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.2/141/]:
(/) *{color:green}+1 overall{color}*
details (if available):
(/) {color:green}+1 general checks{color}
-- For more information [see general
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.2/141//General_Nightly_Build_Report/]
(/) {color:green}+1 jdk8 hadoop2 checks{color}
-- For more information [see jdk8 (hadoop2)
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.2/141//JDK8_Nightly_Build_Report_(Hadoop2)/]
(/) {color:green}+1 jdk8 hadoop3 checks{color}
-- For more information [see jdk8 (hadoop3)
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.2/141//JDK8_Nightly_Build_Report_(Hadoop3)/]
(/) {color:green}+1 source release artifact{color}
-- See build output for details.
(/) {color:green}+1 client integration test{color}
> REST gateway reports Insufficient permissions exceptions as 404 Not Found
> -
>
> Key: HBASE-22123
> URL: https://issues.apache.org/jira/browse/HBASE-22123
> Project: HBase
> Issue Type: Bug
> Components: REST
>Affects Versions: 2.0.5
>Reporter: Tomas Sokorai
>Assignee: Tomas Sokorai
>Priority: Minor
> Fix For: 3.0.0, 2.2.0, 2.3.0, 2.0.6, 2.1.5
>
> Attachments: HBASE-22123.patch, HBASE-22123_002.patch
>
>
> When a row access is denied due to insufficient permissions, the error thrown
> to the client is 404 Not Found, instead of the proper 403 Forbidden exception.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[
https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804586#comment-16804586
]
Hudson commented on HBASE-22123:
Results for branch branch-2.1
[build #1004 on
builds.a.o|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.1/1004/]:
(x) *{color:red}-1 overall{color}*
details (if available):
(/) {color:green}+1 general checks{color}
-- For more information [see general
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.1/1004//General_Nightly_Build_Report/]
(x) {color:red}-1 jdk8 hadoop2 checks{color}
-- For more information [see jdk8 (hadoop2)
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.1/1004//JDK8_Nightly_Build_Report_(Hadoop2)/]
(/) {color:green}+1 jdk8 hadoop3 checks{color}
-- For more information [see jdk8 (hadoop3)
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.1/1004//JDK8_Nightly_Build_Report_(Hadoop3)/]
(/) {color:green}+1 source release artifact{color}
-- See build output for details.
(/) {color:green}+1 client integration test{color}
> REST gateway reports Insufficient permissions exceptions as 404 Not Found
> -
>
> Key: HBASE-22123
> URL: https://issues.apache.org/jira/browse/HBASE-22123
> Project: HBase
> Issue Type: Bug
> Components: REST
>Affects Versions: 2.0.5
>Reporter: Tomas Sokorai
>Assignee: Tomas Sokorai
>Priority: Minor
> Fix For: 3.0.0, 2.2.0, 2.3.0, 2.0.6, 2.1.5
>
> Attachments: HBASE-22123.patch, HBASE-22123_002.patch
>
>
> When a row access is denied due to insufficient permissions, the error thrown
> to the client is 404 Not Found, instead of the proper 403 Forbidden exception.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[
https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804576#comment-16804576
]
Hudson commented on HBASE-22123:
Results for branch branch-2.0
[build #1474 on
builds.a.o|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.0/1474/]:
(/) *{color:green}+1 overall{color}*
details (if available):
(/) {color:green}+1 general checks{color}
-- For more information [see general
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.0/1474//General_Nightly_Build_Report/]
(/) {color:green}+1 jdk8 hadoop2 checks{color}
-- For more information [see jdk8 (hadoop2)
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.0/1474//JDK8_Nightly_Build_Report_(Hadoop2)/]
(/) {color:green}+1 jdk8 hadoop3 checks{color}
-- For more information [see jdk8 (hadoop3)
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.0/1474//JDK8_Nightly_Build_Report_(Hadoop3)/]
(/) {color:green}+1 source release artifact{color}
-- See build output for details.
> REST gateway reports Insufficient permissions exceptions as 404 Not Found
> -
>
> Key: HBASE-22123
> URL: https://issues.apache.org/jira/browse/HBASE-22123
> Project: HBase
> Issue Type: Bug
> Components: REST
>Affects Versions: 2.0.5
>Reporter: Tomas Sokorai
>Assignee: Tomas Sokorai
>Priority: Minor
> Fix For: 3.0.0, 2.2.0, 2.3.0, 2.0.6, 2.1.5
>
> Attachments: HBASE-22123.patch, HBASE-22123_002.patch
>
>
> When a row access is denied due to insufficient permissions, the error thrown
> to the client is 404 Not Found, instead of the proper 403 Forbidden exception.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[
https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804498#comment-16804498
]
Hudson commented on HBASE-22123:
Results for branch branch-2
[build #1783 on
builds.a.o|https://builds.apache.org/job/HBase%20Nightly/job/branch-2/1783/]:
(x) *{color:red}-1 overall{color}*
details (if available):
(/) {color:green}+1 general checks{color}
-- For more information [see general
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2/1783//General_Nightly_Build_Report/]
(x) {color:red}-1 jdk8 hadoop2 checks{color}
-- For more information [see jdk8 (hadoop2)
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2/1783//JDK8_Nightly_Build_Report_(Hadoop2)/]
(/) {color:green}+1 jdk8 hadoop3 checks{color}
-- For more information [see jdk8 (hadoop3)
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2/1783//JDK8_Nightly_Build_Report_(Hadoop3)/]
(/) {color:green}+1 source release artifact{color}
-- See build output for details.
(/) {color:green}+1 client integration test{color}
> REST gateway reports Insufficient permissions exceptions as 404 Not Found
> -
>
> Key: HBASE-22123
> URL: https://issues.apache.org/jira/browse/HBASE-22123
> Project: HBase
> Issue Type: Bug
> Components: REST
>Affects Versions: 2.0.5
>Reporter: Tomas Sokorai
>Assignee: Tomas Sokorai
>Priority: Minor
> Fix For: 3.0.0, 2.2.0, 2.3.0, 2.0.6, 2.1.5
>
> Attachments: HBASE-22123.patch, HBASE-22123_002.patch
>
>
> When a row access is denied due to insufficient permissions, the error thrown
> to the client is 404 Not Found, instead of the proper 403 Forbidden exception.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[ https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804233#comment-16804233 ] Tomas Sokorai commented on HBASE-22123: --- Thanks a lot!, and yes, I have a mail configured in the Jira profile but couldn't find a setting to make it viewable for other members. > REST gateway reports Insufficient permissions exceptions as 404 Not Found > - > > Key: HBASE-22123 > URL: https://issues.apache.org/jira/browse/HBASE-22123 > Project: HBase > Issue Type: Bug > Components: REST >Affects Versions: 2.0.5 >Reporter: Tomas Sokorai >Assignee: Tomas Sokorai >Priority: Minor > Fix For: 3.0.0, 2.2.0, 2.3.0, 2.0.6, 2.1.5 > > Attachments: HBASE-22123.patch, HBASE-22123_002.patch > > > When a row access is denied due to insufficient permissions, the error thrown > to the client is 404 Not Found, instead of the proper 403 Forbidden exception. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[ https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804231#comment-16804231 ] stack commented on HBASE-22123: --- Oh, and if more patches, look at the dev-tools/submit-patch.py script Its nice for getting patches up into HBase. Just FYI. > REST gateway reports Insufficient permissions exceptions as 404 Not Found > - > > Key: HBASE-22123 > URL: https://issues.apache.org/jira/browse/HBASE-22123 > Project: HBase > Issue Type: Bug > Components: REST >Affects Versions: 2.0.5 >Reporter: Tomas Sokorai >Assignee: Tomas Sokorai >Priority: Minor > Fix For: 3.0.0, 2.2.0, 2.3.0, 2.0.6, 2.1.5 > > Attachments: HBASE-22123.patch, HBASE-22123_002.patch > > > When a row access is denied due to insufficient permissions, the error thrown > to the client is 404 Not Found, instead of the proper 403 Forbidden exception. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[
https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804198#comment-16804198
]
Tomas Sokorai commented on HBASE-22123:
---
Thanks for the input, Stack.
Added the style changes.
And re:the actual message, the upper code handles the ADE nicely and gets you
something like this:
{code:java}
HTTP/1.1 403 Forbidden{code}
on the HTTP side, and in the message
{code:java}
Forbidden
org.apache.hadoop.hbase.security.AccessDeniedException:
org.apache.hadoop.hbase.security.AccessDeniedException: Insufficient
permissions for user ‘myuser',action: get, tableName:mytable, family:cf.
at
org.apache.ranger.authorization.hbase.RangerAuthorizationCoprocessor.authorizeAccess(RangerAuthorizationCoprocessor.java:547){code}
and the rest of the ADE stack
> REST gateway reports Insufficient permissions exceptions as 404 Not Found
> -
>
> Key: HBASE-22123
> URL: https://issues.apache.org/jira/browse/HBASE-22123
> Project: HBase
> Issue Type: Bug
> Components: REST
>Affects Versions: 2.0.5
>Reporter: Tomas Sokorai
>Priority: Minor
> Attachments: HBASE-22123.patch, HBASE-22123_002.patch
>
>
> When a row access is denied due to insufficient permissions, the error thrown
> to the client is 404 Not Found, instead of the proper 403 Forbidden exception.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[ https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16804154#comment-16804154 ] stack commented on HBASE-22123: --- Patch looks good to me. Could you format it in a manner that agrees with the rest of the file (space after the if and parens around the throw)? What happens when the ADE is thrown? User gets 404 or 401? > REST gateway reports Insufficient permissions exceptions as 404 Not Found > - > > Key: HBASE-22123 > URL: https://issues.apache.org/jira/browse/HBASE-22123 > Project: HBase > Issue Type: Bug > Components: REST >Affects Versions: 2.0.5 >Reporter: Tomas Sokorai >Priority: Minor > Attachments: HBASE-22123.patch > > > When a row access is denied due to insufficient permissions, the error thrown > to the client is 404 Not Found, instead of the proper 403 Forbidden exception. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[ https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16803854#comment-16803854 ] Tomas Sokorai commented on HBASE-22123: --- Attached proposed patch for this issue. > REST gateway reports Insufficient permissions exceptions as 404 Not Found > - > > Key: HBASE-22123 > URL: https://issues.apache.org/jira/browse/HBASE-22123 > Project: HBase > Issue Type: Bug > Components: REST >Affects Versions: 2.0.5 >Reporter: Tomas Sokorai >Priority: Minor > Attachments: HBASE-22123.patch > > > When a row access is denied due to insufficient permissions, the error thrown > to the client is 404 Not Found, instead of the proper 403 Forbidden exception. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HBASE-22123) REST gateway reports Insufficient permissions exceptions as 404 Not Found
[
https://issues.apache.org/jira/browse/HBASE-22123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16803852#comment-16803852
]
Tomas Sokorai commented on HBASE-22123:
---
This is caused by the class org.apache.hadoop.hbase.rest.RowResultGenerator
constructor catching the DoNotRetryIOException for a particular use case, but
not rethrowing it for the exception for the AccessDeniedException case.
Current code:
{code:java}
} catch (DoNotRetryIOException e) {
// Warn here because Stargate will return 404 in the case if multiple
// column families were specified but one did not exist -- currently
// HBase will fail the whole Get.
// Specifying multiple columns in a URI should be uncommon usage but
// help to avoid confusion by leaving a record of what happened here in
// the log.
LOG.warn(StringUtils.stringifyException(e));
} finally {{code}
Proposed change is:
{code:java}
} catch (DoNotRetryIOException e) {
// Warn here because Stargate will return 404 in the case if multiple
// column families were specified but one did not exist -- currently
// HBase will fail the whole Get.
// Specifying multiple columns in a URI should be uncommon usage but
// help to avoid confusion by leaving a record of what happened here in
// the log.
LOG.warn(StringUtils.stringifyException(e));
// Lets get the exception rethrown to get a more meaningful error message
than 404
if(e instanceof AccessDeniedException)
throw e;
} finally {{code}
> REST gateway reports Insufficient permissions exceptions as 404 Not Found
> -
>
> Key: HBASE-22123
> URL: https://issues.apache.org/jira/browse/HBASE-22123
> Project: HBase
> Issue Type: Bug
> Components: REST
>Affects Versions: 2.0.5
>Reporter: Tomas Sokorai
>Priority: Minor
>
> When a row access is denied due to insufficient permissions, the error thrown
> to the client is 404 Not Found, instead of the proper 403 Forbidden exception.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
