[jira] [Commented] (HBASE-6851) Race condition in TableAuthManager.updateGlobalCache()
[ https://issues.apache.org/jira/browse/HBASE-6851?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13469903#comment-13469903 ] Hudson commented on HBASE-6851: --- Integrated in HBase-0.94-security-on-Hadoop-23 #8 (See [https://builds.apache.org/job/HBase-0.94-security-on-Hadoop-23/8/]) HBASE-6851 Fix race condition in TableAuthManager.updateGlobalCache() (Revision 1388898) Result = FAILURE garyh : Files : * /hbase/branches/0.94/security/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java * /hbase/branches/0.94/security/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java > Race condition in TableAuthManager.updateGlobalCache() > -- > > Key: HBASE-6851 > URL: https://issues.apache.org/jira/browse/HBASE-6851 > Project: HBase > Issue Type: Bug > Components: security >Affects Versions: 0.94.1, 0.96.0 >Reporter: Gary Helmling >Assignee: Gary Helmling >Priority: Critical > Fix For: 0.94.2, 0.96.0 > > Attachments: HBASE-6851_2.patch, HBASE-6851_3.patch, HBASE-6851.patch > > > When new global permissions are assigned, there is a race condition, during > which further authorization checks relying on global permissions may fail. > In TableAuthManager.updateGlobalCache(), we have: > {code:java} > USER_CACHE.clear(); > GROUP_CACHE.clear(); > try { > initGlobal(conf); > } catch (IOException e) { > // Never happens > LOG.error("Error occured while updating the user cache", e); > } > for (Map.Entry entry : userPerms.entries()) { > if (AccessControlLists.isGroupPrincipal(entry.getKey())) { > GROUP_CACHE.put(AccessControlLists.getGroupName(entry.getKey()), > new Permission(entry.getValue().getActions())); > } else { > USER_CACHE.put(entry.getKey(), new > Permission(entry.getValue().getActions())); > } > } > {code} > If authorization checks come in following the .clear() but before > repopulating, they will fail. > We should have some synchronization here to serialize multiple updates and > use a COW type rebuild and reassign of the new maps. > This particular issue crept in with the fix in HBASE-6157, so I'm flagging > for 0.94 and 0.96. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6851) Race condition in TableAuthManager.updateGlobalCache()
[ https://issues.apache.org/jira/browse/HBASE-6851?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13463080#comment-13463080 ] Hudson commented on HBASE-6851: --- Integrated in HBase-0.94-security #57 (See [https://builds.apache.org/job/HBase-0.94-security/57/]) HBASE-6851 Fix race condition in TableAuthManager.updateGlobalCache() (Revision 1388898) Result = SUCCESS garyh : Files : * /hbase/branches/0.94/security/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java * /hbase/branches/0.94/security/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java > Race condition in TableAuthManager.updateGlobalCache() > -- > > Key: HBASE-6851 > URL: https://issues.apache.org/jira/browse/HBASE-6851 > Project: HBase > Issue Type: Bug > Components: security >Affects Versions: 0.94.1, 0.96.0 >Reporter: Gary Helmling >Assignee: Gary Helmling >Priority: Critical > Fix For: 0.94.2, 0.96.0 > > Attachments: HBASE-6851_2.patch, HBASE-6851_3.patch, HBASE-6851.patch > > > When new global permissions are assigned, there is a race condition, during > which further authorization checks relying on global permissions may fail. > In TableAuthManager.updateGlobalCache(), we have: > {code:java} > USER_CACHE.clear(); > GROUP_CACHE.clear(); > try { > initGlobal(conf); > } catch (IOException e) { > // Never happens > LOG.error("Error occured while updating the user cache", e); > } > for (Map.Entry entry : userPerms.entries()) { > if (AccessControlLists.isGroupPrincipal(entry.getKey())) { > GROUP_CACHE.put(AccessControlLists.getGroupName(entry.getKey()), > new Permission(entry.getValue().getActions())); > } else { > USER_CACHE.put(entry.getKey(), new > Permission(entry.getValue().getActions())); > } > } > {code} > If authorization checks come in following the .clear() but before > repopulating, they will fail. > We should have some synchronization here to serialize multiple updates and > use a COW type rebuild and reassign of the new maps. > This particular issue crept in with the fix in HBASE-6157, so I'm flagging > for 0.94 and 0.96. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6851) Race condition in TableAuthManager.updateGlobalCache()
[ https://issues.apache.org/jira/browse/HBASE-6851?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13461292#comment-13461292 ] Hudson commented on HBASE-6851: --- Integrated in HBase-TRUNK-on-Hadoop-2.0.0 #188 (See [https://builds.apache.org/job/HBase-TRUNK-on-Hadoop-2.0.0/188/]) HBASE-6851 Fix race condition in TableAuthManager.updateGlobalCache() (Revision 1388894) Result = FAILURE garyh : Files : * /hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java * /hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java > Race condition in TableAuthManager.updateGlobalCache() > -- > > Key: HBASE-6851 > URL: https://issues.apache.org/jira/browse/HBASE-6851 > Project: HBase > Issue Type: Bug > Components: security >Affects Versions: 0.94.1, 0.96.0 >Reporter: Gary Helmling >Assignee: Gary Helmling >Priority: Critical > Fix For: 0.94.3, 0.96.0 > > Attachments: HBASE-6851_2.patch, HBASE-6851_3.patch, HBASE-6851.patch > > > When new global permissions are assigned, there is a race condition, during > which further authorization checks relying on global permissions may fail. > In TableAuthManager.updateGlobalCache(), we have: > {code:java} > USER_CACHE.clear(); > GROUP_CACHE.clear(); > try { > initGlobal(conf); > } catch (IOException e) { > // Never happens > LOG.error("Error occured while updating the user cache", e); > } > for (Map.Entry entry : userPerms.entries()) { > if (AccessControlLists.isGroupPrincipal(entry.getKey())) { > GROUP_CACHE.put(AccessControlLists.getGroupName(entry.getKey()), > new Permission(entry.getValue().getActions())); > } else { > USER_CACHE.put(entry.getKey(), new > Permission(entry.getValue().getActions())); > } > } > {code} > If authorization checks come in following the .clear() but before > repopulating, they will fail. > We should have some synchronization here to serialize multiple updates and > use a COW type rebuild and reassign of the new maps. > This particular issue crept in with the fix in HBASE-6157, so I'm flagging > for 0.94 and 0.96. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6851) Race condition in TableAuthManager.updateGlobalCache()
[ https://issues.apache.org/jira/browse/HBASE-6851?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13461278#comment-13461278 ] Hudson commented on HBASE-6851: --- Integrated in HBase-TRUNK #3370 (See [https://builds.apache.org/job/HBase-TRUNK/3370/]) HBASE-6851 Fix race condition in TableAuthManager.updateGlobalCache() (Revision 1388894) Result = SUCCESS garyh : Files : * /hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java * /hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java > Race condition in TableAuthManager.updateGlobalCache() > -- > > Key: HBASE-6851 > URL: https://issues.apache.org/jira/browse/HBASE-6851 > Project: HBase > Issue Type: Bug > Components: security >Affects Versions: 0.94.1, 0.96.0 >Reporter: Gary Helmling >Assignee: Gary Helmling >Priority: Critical > Fix For: 0.94.3, 0.96.0 > > Attachments: HBASE-6851_2.patch, HBASE-6851_3.patch, HBASE-6851.patch > > > When new global permissions are assigned, there is a race condition, during > which further authorization checks relying on global permissions may fail. > In TableAuthManager.updateGlobalCache(), we have: > {code:java} > USER_CACHE.clear(); > GROUP_CACHE.clear(); > try { > initGlobal(conf); > } catch (IOException e) { > // Never happens > LOG.error("Error occured while updating the user cache", e); > } > for (Map.Entry entry : userPerms.entries()) { > if (AccessControlLists.isGroupPrincipal(entry.getKey())) { > GROUP_CACHE.put(AccessControlLists.getGroupName(entry.getKey()), > new Permission(entry.getValue().getActions())); > } else { > USER_CACHE.put(entry.getKey(), new > Permission(entry.getValue().getActions())); > } > } > {code} > If authorization checks come in following the .clear() but before > repopulating, they will fail. > We should have some synchronization here to serialize multiple updates and > use a COW type rebuild and reassign of the new maps. > This particular issue crept in with the fix in HBASE-6157, so I'm flagging > for 0.94 and 0.96. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6851) Race condition in TableAuthManager.updateGlobalCache()
[ https://issues.apache.org/jira/browse/HBASE-6851?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13461277#comment-13461277 ] Hudson commented on HBASE-6851: --- Integrated in HBase-0.94 #486 (See [https://builds.apache.org/job/HBase-0.94/486/]) HBASE-6851 Fix race condition in TableAuthManager.updateGlobalCache() (Revision 1388898) Result = FAILURE garyh : Files : * /hbase/branches/0.94/security/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java * /hbase/branches/0.94/security/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java > Race condition in TableAuthManager.updateGlobalCache() > -- > > Key: HBASE-6851 > URL: https://issues.apache.org/jira/browse/HBASE-6851 > Project: HBase > Issue Type: Bug > Components: security >Affects Versions: 0.94.1, 0.96.0 >Reporter: Gary Helmling >Assignee: Gary Helmling >Priority: Critical > Fix For: 0.94.3, 0.96.0 > > Attachments: HBASE-6851_2.patch, HBASE-6851_3.patch, HBASE-6851.patch > > > When new global permissions are assigned, there is a race condition, during > which further authorization checks relying on global permissions may fail. > In TableAuthManager.updateGlobalCache(), we have: > {code:java} > USER_CACHE.clear(); > GROUP_CACHE.clear(); > try { > initGlobal(conf); > } catch (IOException e) { > // Never happens > LOG.error("Error occured while updating the user cache", e); > } > for (Map.Entry entry : userPerms.entries()) { > if (AccessControlLists.isGroupPrincipal(entry.getKey())) { > GROUP_CACHE.put(AccessControlLists.getGroupName(entry.getKey()), > new Permission(entry.getValue().getActions())); > } else { > USER_CACHE.put(entry.getKey(), new > Permission(entry.getValue().getActions())); > } > } > {code} > If authorization checks come in following the .clear() but before > repopulating, they will fail. > We should have some synchronization here to serialize multiple updates and > use a COW type rebuild and reassign of the new maps. > This particular issue crept in with the fix in HBASE-6157, so I'm flagging > for 0.94 and 0.96. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6851) Race condition in TableAuthManager.updateGlobalCache()
[ https://issues.apache.org/jira/browse/HBASE-6851?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13461020#comment-13461020 ] stack commented on HBASE-6851: -- I'd doubt the TestReplication failure your fault. +1 on v2 (maybe change GLOBAL_CACHE to globalCache on commit -- its odd setting something all CAPs to a value). Good on you Gary. > Race condition in TableAuthManager.updateGlobalCache() > -- > > Key: HBASE-6851 > URL: https://issues.apache.org/jira/browse/HBASE-6851 > Project: HBase > Issue Type: Bug > Components: security >Affects Versions: 0.94.1, 0.96.0 >Reporter: Gary Helmling >Assignee: Gary Helmling >Priority: Critical > Attachments: HBASE-6851_2.patch, HBASE-6851.patch > > > When new global permissions are assigned, there is a race condition, during > which further authorization checks relying on global permissions may fail. > In TableAuthManager.updateGlobalCache(), we have: > {code:java} > USER_CACHE.clear(); > GROUP_CACHE.clear(); > try { > initGlobal(conf); > } catch (IOException e) { > // Never happens > LOG.error("Error occured while updating the user cache", e); > } > for (Map.Entry entry : userPerms.entries()) { > if (AccessControlLists.isGroupPrincipal(entry.getKey())) { > GROUP_CACHE.put(AccessControlLists.getGroupName(entry.getKey()), > new Permission(entry.getValue().getActions())); > } else { > USER_CACHE.put(entry.getKey(), new > Permission(entry.getValue().getActions())); > } > } > {code} > If authorization checks come in following the .clear() but before > repopulating, they will fail. > We should have some synchronization here to serialize multiple updates and > use a COW type rebuild and reassign of the new maps. > This particular issue crept in with the fix in HBASE-6157, so I'm flagging > for 0.94 and 0.96. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6851) Race condition in TableAuthManager.updateGlobalCache()
[ https://issues.apache.org/jira/browse/HBASE-6851?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13460988#comment-13460988 ] Hadoop QA commented on HBASE-6851: -- -1 overall. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12546136/HBASE-6851_2.patch against trunk revision . +1 @author. The patch does not contain any @author tags. +1 tests included. The patch appears to include 3 new or modified tests. +1 hadoop2.0. The patch compiles against the hadoop 2.0 profile. -1 javadoc. The javadoc tool appears to have generated 139 warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. -1 findbugs. The patch appears to introduce 7 new Findbugs (version 1.3.9) warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. -1 core tests. The patch failed these unit tests: org.apache.hadoop.hbase.replication.TestReplication Test results: https://builds.apache.org/job/PreCommit-HBASE-Build/2922//testReport/ Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2922//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-hadoop2-compat.html Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2922//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-hadoop1-compat.html Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2922//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-common.html Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2922//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-server.html Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2922//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-hadoop-compat.html Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/2922//console This message is automatically generated. > Race condition in TableAuthManager.updateGlobalCache() > -- > > Key: HBASE-6851 > URL: https://issues.apache.org/jira/browse/HBASE-6851 > Project: HBase > Issue Type: Bug > Components: security >Affects Versions: 0.94.1, 0.96.0 >Reporter: Gary Helmling >Assignee: Gary Helmling >Priority: Critical > Attachments: HBASE-6851_2.patch, HBASE-6851.patch > > > When new global permissions are assigned, there is a race condition, during > which further authorization checks relying on global permissions may fail. > In TableAuthManager.updateGlobalCache(), we have: > {code:java} > USER_CACHE.clear(); > GROUP_CACHE.clear(); > try { > initGlobal(conf); > } catch (IOException e) { > // Never happens > LOG.error("Error occured while updating the user cache", e); > } > for (Map.Entry entry : userPerms.entries()) { > if (AccessControlLists.isGroupPrincipal(entry.getKey())) { > GROUP_CACHE.put(AccessControlLists.getGroupName(entry.getKey()), > new Permission(entry.getValue().getActions())); > } else { > USER_CACHE.put(entry.getKey(), new > Permission(entry.getValue().getActions())); > } > } > {code} > If authorization checks come in following the .clear() but before > repopulating, they will fail. > We should have some synchronization here to serialize multiple updates and > use a COW type rebuild and reassign of the new maps. > This particular issue crept in with the fix in HBASE-6157, so I'm flagging > for 0.94 and 0.96. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6851) Race condition in TableAuthManager.updateGlobalCache()
[ https://issues.apache.org/jira/browse/HBASE-6851?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13460973#comment-13460973 ] Andrew Purtell commented on HBASE-6851: --- Making GLOBAL_CACHE volatile seems right to me. +1 on patch 2 if all tests pass. > Race condition in TableAuthManager.updateGlobalCache() > -- > > Key: HBASE-6851 > URL: https://issues.apache.org/jira/browse/HBASE-6851 > Project: HBase > Issue Type: Bug > Components: security >Affects Versions: 0.94.1, 0.96.0 >Reporter: Gary Helmling >Assignee: Gary Helmling >Priority: Critical > Attachments: HBASE-6851_2.patch, HBASE-6851.patch > > > When new global permissions are assigned, there is a race condition, during > which further authorization checks relying on global permissions may fail. > In TableAuthManager.updateGlobalCache(), we have: > {code:java} > USER_CACHE.clear(); > GROUP_CACHE.clear(); > try { > initGlobal(conf); > } catch (IOException e) { > // Never happens > LOG.error("Error occured while updating the user cache", e); > } > for (Map.Entry entry : userPerms.entries()) { > if (AccessControlLists.isGroupPrincipal(entry.getKey())) { > GROUP_CACHE.put(AccessControlLists.getGroupName(entry.getKey()), > new Permission(entry.getValue().getActions())); > } else { > USER_CACHE.put(entry.getKey(), new > Permission(entry.getValue().getActions())); > } > } > {code} > If authorization checks come in following the .clear() but before > repopulating, they will fail. > We should have some synchronization here to serialize multiple updates and > use a COW type rebuild and reassign of the new maps. > This particular issue crept in with the fix in HBASE-6157, so I'm flagging > for 0.94 and 0.96. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6851) Race condition in TableAuthManager.updateGlobalCache()
[ https://issues.apache.org/jira/browse/HBASE-6851?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13460948#comment-13460948 ] Gary Helmling commented on HBASE-6851: -- bq. Cache is unbounded. Any fear of it getting large? (I suppose the old code worked this way so this patch doesn't introduce that issue). Making the cache bounded/not all memory resident would be a pretty significant change and have potentially big (negative) impacts on performance. There may be some cases of many tables + many users where this may start to become a problem. But for the expected usage (maybe hundreds of tables, hundreds of users), I wouldn't expect this to be much of an issue. bq. Are all accesses on GLOBAL_CACHE synchronized? Do they need to be? Could we get a NPE again when we swap it in and are accessing it elsewhere concurrently? No, accesses are not synchronized (and I don't think we want them to be for performance reasons). Since we're rebuilding and re-assigning the variable reference, I don't think we're exposed to an NPE here. bq. Does updateTableCache need synchronize? The table cache is a ConcurrentSkipListMap so we should be able to reassign variables atomically. But maybe we do want to serialize calls to this as well? Seems like both updateGlobalCache() and updateTableCache() need to be synchronized, or neither does. Since these are only called from the associated ZKPermissionWatcher/ZooKeeperWatcher, is there any need to even synchronize these to force serialization of the calls? Does the ZK ordering of the watch events give us this already? If I understand correctly, maybe we don't need the synchronization at all. Should we make the GLOBAL_CACHE reference volatile, though, to ensure all threads see it when updated? > Race condition in TableAuthManager.updateGlobalCache() > -- > > Key: HBASE-6851 > URL: https://issues.apache.org/jira/browse/HBASE-6851 > Project: HBase > Issue Type: Bug > Components: security >Affects Versions: 0.94.1, 0.96.0 >Reporter: Gary Helmling >Assignee: Gary Helmling >Priority: Critical > Attachments: HBASE-6851.patch > > > When new global permissions are assigned, there is a race condition, during > which further authorization checks relying on global permissions may fail. > In TableAuthManager.updateGlobalCache(), we have: > {code:java} > USER_CACHE.clear(); > GROUP_CACHE.clear(); > try { > initGlobal(conf); > } catch (IOException e) { > // Never happens > LOG.error("Error occured while updating the user cache", e); > } > for (Map.Entry entry : userPerms.entries()) { > if (AccessControlLists.isGroupPrincipal(entry.getKey())) { > GROUP_CACHE.put(AccessControlLists.getGroupName(entry.getKey()), > new Permission(entry.getValue().getActions())); > } else { > USER_CACHE.put(entry.getKey(), new > Permission(entry.getValue().getActions())); > } > } > {code} > If authorization checks come in following the .clear() but before > repopulating, they will fail. > We should have some synchronization here to serialize multiple updates and > use a COW type rebuild and reassign of the new maps. > This particular issue crept in with the fix in HBASE-6157, so I'm flagging > for 0.94 and 0.96. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6851) Race condition in TableAuthManager.updateGlobalCache()
[ https://issues.apache.org/jira/browse/HBASE-6851?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13460890#comment-13460890 ] stack commented on HBASE-6851: -- Cache is unbounded. Any fear of it getting large? (I suppose the old code worked this way so this patch doesn't introduce that issue). The synchronize on updateGlobalCache seems like it could come in handy. Are all accesses on GLOBAL_CACHE synchronized? Do they need to be? Could we get a NPE again when we swap it in and are accessing it elsewhere concurrently? Does updateTableCache need synchronize? Looks much cleaner. Good stuff G. > Race condition in TableAuthManager.updateGlobalCache() > -- > > Key: HBASE-6851 > URL: https://issues.apache.org/jira/browse/HBASE-6851 > Project: HBase > Issue Type: Bug > Components: security >Affects Versions: 0.94.1, 0.96.0 >Reporter: Gary Helmling >Assignee: Gary Helmling >Priority: Critical > Attachments: HBASE-6851.patch > > > When new global permissions are assigned, there is a race condition, during > which further authorization checks relying on global permissions may fail. > In TableAuthManager.updateGlobalCache(), we have: > {code:java} > USER_CACHE.clear(); > GROUP_CACHE.clear(); > try { > initGlobal(conf); > } catch (IOException e) { > // Never happens > LOG.error("Error occured while updating the user cache", e); > } > for (Map.Entry entry : userPerms.entries()) { > if (AccessControlLists.isGroupPrincipal(entry.getKey())) { > GROUP_CACHE.put(AccessControlLists.getGroupName(entry.getKey()), > new Permission(entry.getValue().getActions())); > } else { > USER_CACHE.put(entry.getKey(), new > Permission(entry.getValue().getActions())); > } > } > {code} > If authorization checks come in following the .clear() but before > repopulating, they will fail. > We should have some synchronization here to serialize multiple updates and > use a COW type rebuild and reassign of the new maps. > This particular issue crept in with the fix in HBASE-6157, so I'm flagging > for 0.94 and 0.96. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira