[jira] [Commented] (HBASE-16829) DemoClient should detect secure mode

[Hudson (JIRA)]

[ 
https://issues.apache.org/jira/browse/HBASE-16829?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15597063#comment-15597063
 ] 

Hudson commented on HBASE-16829:


SUCCESS: Integrated in Jenkins build HBase-Trunk_matrix #1830 (See 
[https://builds.apache.org/job/HBase-Trunk_matrix/1830/])
HBASE-16829 DemoClient should detect secure mode (tedyu: rev 
4983c742e07e4853a1a5490645f62bdc1f2b5c26)
* (edit) 
hbase-examples/src/main/java/org/apache/hadoop/hbase/thrift2/DemoClient.java


> DemoClient should detect secure mode
> 
>
> Key: HBASE-16829
> URL: https://issues.apache.org/jira/browse/HBASE-16829
> Project: HBase
>  Issue Type: Bug
>Reporter: Ted Yu
>Assignee: Ted Yu
> Fix For: 2.0.0, 1.4.0
>
> Attachments: 16829.v1.txt, 16829.v2.txt
>
>
> Sometimes user runs DemoClient against secure cluster using the following 
> command:
> {code}
> java -cp `hbase classpath` org.apache.hadoop.hbase.thrift2.DemoClient host 
> 9090
> {code}
> This wouldn't work.
> DemoClient should detect the presence of secure cluster - e.g. through the 
> following config:
> {code}
> 
>   hbase.thrift.authentication.type
>   kerberos
> 
> {code}
> User can still specify 'false' as the last parameter if the target cluster is 
> insecure.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (HBASE-16829) DemoClient should detect secure mode

[Hudson (JIRA)]

[ 
https://issues.apache.org/jira/browse/HBASE-16829?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15596996#comment-15596996
 ] 

Hudson commented on HBASE-16829:


SUCCESS: Integrated in Jenkins build HBase-1.4 #488 (See 
[https://builds.apache.org/job/HBase-1.4/488/])
HBASE-16829 DemoClient should detect secure mode (tedyu: rev 
9fda0dd09820de895313b9b06fc020e7f758c78f)
* (edit) 
hbase-examples/src/main/java/org/apache/hadoop/hbase/thrift2/DemoClient.java


> DemoClient should detect secure mode
> 
>
> Key: HBASE-16829
> URL: https://issues.apache.org/jira/browse/HBASE-16829
> Project: HBase
>  Issue Type: Bug
>Reporter: Ted Yu
>Assignee: Ted Yu
> Fix For: 2.0.0, 1.4.0
>
> Attachments: 16829.v1.txt, 16829.v2.txt
>
>
> Sometimes user runs DemoClient against secure cluster using the following 
> command:
> {code}
> java -cp `hbase classpath` org.apache.hadoop.hbase.thrift2.DemoClient host 
> 9090
> {code}
> This wouldn't work.
> DemoClient should detect the presence of secure cluster - e.g. through the 
> following config:
> {code}
> 
>   hbase.thrift.authentication.type
>   kerberos
> 
> {code}
> User can still specify 'false' as the last parameter if the target cluster is 
> insecure.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (HBASE-16829) DemoClient should detect secure mode

[Hadoop QA (JIRA)]

[ 
https://issues.apache.org/jira/browse/HBASE-16829?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15596642#comment-15596642
 ] 

Hadoop QA commented on HBASE-16829:
---

| (x) *{color:red}-1 overall{color}* |
\\
\\
|| Vote || Subsystem || Runtime || Comment ||
| {color:blue}0{color} | {color:blue} reexec {color} | {color:blue} 0m 17s 
{color} | {color:blue} Docker mode activated. {color} |
| {color:blue}0{color} | {color:blue} patch {color} | {color:blue} 0m 2s 
{color} | {color:blue} The patch file was not named according to hbase's naming 
conventions. Please see 
https://yetus.apache.org/documentation/0.3.0/precommit-patchnames for 
instructions. {color} |
| {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s 
{color} | {color:green} The patch does not contain any @author tags. {color} |
| {color:red}-1{color} | {color:red} test4tests {color} | {color:red} 0m 0s 
{color} | {color:red} The patch doesn't appear to include any new or modified 
tests. Please justify why no new tests are needed for this patch. Also please 
list what manual steps were performed to verify this patch. {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 3m 
52s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 12s 
{color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 
12s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} mvneclipse {color} | {color:green} 0m 
12s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 0m 
26s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 12s 
{color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 0m 
15s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 13s 
{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} javac {color} | {color:green} 0m 13s 
{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 
13s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} mvneclipse {color} | {color:green} 0m 
13s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m 
0s {color} | {color:green} The patch has no whitespace issues. {color} |
| {color:green}+1{color} | {color:green} hadoopcheck {color} | {color:green} 
31m 15s {color} | {color:green} Patch does not cause any errors with Hadoop 
2.4.0 2.4.1 2.5.0 2.5.1 2.5.2 2.6.1 2.6.2 2.6.3 2.7.1 or 3.0.0-alpha1. {color} |
| {color:green}+1{color} | {color:green} hbaseprotoc {color} | {color:green} 0m 
11s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 0m 
31s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 11s 
{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} unit {color} | {color:green} 0m 16s 
{color} | {color:green} hbase-examples in the patch passed. {color} |
| {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m 
7s {color} | {color:green} The patch does not generate ASF License warnings. 
{color} |
| {color:black}{color} | {color:black} {color} | {color:black} 39m 7s {color} | 
{color:black} {color} |
\\
\\
|| Subsystem || Report/Notes ||
| Docker | Client=1.11.2 Server=1.11.2 Image:yetus/hbase:7bda515 |
| JIRA Patch URL | 
https://issues.apache.org/jira/secure/attachment/12834765/16829.v2.txt |
| JIRA Issue | HBASE-16829 |
| Optional Tests |  asflicense  javac  javadoc  unit  findbugs  hadoopcheck  
hbaseanti  checkstyle  compile  |
| uname | Linux c2fec7424de9 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed 
Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux |
| Build tool | maven |
| Personality | 
/home/jenkins/jenkins-slave/workspace/PreCommit-HBASE-Build/component/dev-support/hbase-personality.sh
 |
| git revision | master / e223639 |
| Default Java | 1.8.0_101 |
| findbugs | v3.0.0 |
|  Test Results | 
https://builds.apache.org/job/PreCommit-HBASE-Build/4146/testReport/ |
| modules | C: hbase-examples U: hbase-examples |
| Console output | 
https://builds.apache.org/job/PreCommit-HBASE-Build/4146/console |
| Powered by | Apache Yetus 0.3.0   http://yetus.apache.org |


This message was automatically generated.



> DemoClient should detect secure mode
> 
>
> 

[jira] [Commented] (HBASE-16829) DemoClient should detect secure mode

[Josh Elser (JIRA)]

[ 
https://issues.apache.org/jira/browse/HBASE-16829?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15596531#comment-15596531
 ] 

Josh Elser commented on HBASE-16829:


v2 looks better, Ted! 

> DemoClient should detect secure mode
> 
>
> Key: HBASE-16829
> URL: https://issues.apache.org/jira/browse/HBASE-16829
> Project: HBase
>  Issue Type: Bug
>Reporter: Ted Yu
>Assignee: Ted Yu
> Attachments: 16829.v1.txt, 16829.v2.txt
>
>
> Sometimes user runs DemoClient against secure cluster using the following 
> command:
> {code}
> java -cp `hbase classpath` org.apache.hadoop.hbase.thrift2.DemoClient host 
> 9090
> {code}
> This wouldn't work.
> DemoClient should detect the presence of secure cluster - e.g. through the 
> following config:
> {code}
> 
>   hbase.thrift.authentication.type
>   kerberos
> 
> {code}
> User can still specify 'false' as the last parameter if the target cluster is 
> insecure.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (HBASE-16829) DemoClient should detect secure mode

[Josh Elser (JIRA)]

[ 
https://issues.apache.org/jira/browse/HBASE-16829?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15596519#comment-15596519
 ] 

Josh Elser commented on HBASE-16829:


Actually, they were just geting a normal GSSException when the client used 
"hbase" but the thrift2 server was using a principal with a different 
"primary", but thanks for the mention anyways :)

> DemoClient should detect secure mode
> 
>
> Key: HBASE-16829
> URL: https://issues.apache.org/jira/browse/HBASE-16829
> Project: HBase
>  Issue Type: Bug
>Reporter: Ted Yu
>Assignee: Ted Yu
> Attachments: 16829.v1.txt
>
>
> Sometimes user runs DemoClient against secure cluster using the following 
> command:
> {code}
> java -cp `hbase classpath` org.apache.hadoop.hbase.thrift2.DemoClient host 
> 9090
> {code}
> This wouldn't work.
> DemoClient should detect the presence of secure cluster - e.g. through the 
> following config:
> {code}
> 
>   hbase.thrift.authentication.type
>   kerberos
> 
> {code}
> User can still specify 'false' as the last parameter if the target cluster is 
> insecure.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (HBASE-16829) DemoClient should detect secure mode

[Josh Elser (JIRA)]

[ 
https://issues.apache.org/jira/browse/HBASE-16829?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15596517#comment-15596517
 ] 

Josh Elser commented on HBASE-16829:


{code}
+  int slashIdx = principal.indexOf("/");
+  int atIdx = principal.indexOf("@");
+  int idx = slashIdx != -1 ? slashIdx : atIdx;
+  user = principal.substring(0, idx);
{code}

There is a class somewhere that can do this parsing for you.. 
org.apache.hadoop.security.authentication.util.KerberosName. I guess it is 
marked as LimitedPrivate, so maybe better to just leave it as you have it. Oh, 
but the realm is optional, so you should not require that you find an {{@}} 
symbol.

Otherwise, LGTM.

> DemoClient should detect secure mode
> 
>
> Key: HBASE-16829
> URL: https://issues.apache.org/jira/browse/HBASE-16829
> Project: HBase
>  Issue Type: Bug
>Reporter: Ted Yu
>Assignee: Ted Yu
> Attachments: 16829.v1.txt
>
>
> Sometimes user runs DemoClient against secure cluster using the following 
> command:
> {code}
> java -cp `hbase classpath` org.apache.hadoop.hbase.thrift2.DemoClient host 
> 9090
> {code}
> This wouldn't work.
> DemoClient should detect the presence of secure cluster - e.g. through the 
> following config:
> {code}
> 
>   hbase.thrift.authentication.type
>   kerberos
> 
> {code}
> User can still specify 'false' as the last parameter if the target cluster is 
> insecure.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (HBASE-16829) DemoClient should detect secure mode

[Hadoop QA (JIRA)]

[ 
https://issues.apache.org/jira/browse/HBASE-16829?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15596390#comment-15596390
 ] 

Hadoop QA commented on HBASE-16829:
---

| (x) *{color:red}-1 overall{color}* |
\\
\\
|| Vote || Subsystem || Runtime || Comment ||
| {color:blue}0{color} | {color:blue} reexec {color} | {color:blue} 0m 16s 
{color} | {color:blue} Docker mode activated. {color} |
| {color:blue}0{color} | {color:blue} patch {color} | {color:blue} 0m 1s 
{color} | {color:blue} The patch file was not named according to hbase's naming 
conventions. Please see 
https://yetus.apache.org/documentation/0.3.0/precommit-patchnames for 
instructions. {color} |
| {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s 
{color} | {color:green} The patch does not contain any @author tags. {color} |
| {color:red}-1{color} | {color:red} test4tests {color} | {color:red} 0m 0s 
{color} | {color:red} The patch doesn't appear to include any new or modified 
tests. Please justify why no new tests are needed for this patch. Also please 
list what manual steps were performed to verify this patch. {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 3m 
2s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 12s 
{color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 
11s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} mvneclipse {color} | {color:green} 0m 
12s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 0m 
23s {color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 10s 
{color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 0m 
12s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 12s 
{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} javac {color} | {color:green} 0m 12s 
{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 
11s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} mvneclipse {color} | {color:green} 0m 
11s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m 
0s {color} | {color:green} The patch has no whitespace issues. {color} |
| {color:green}+1{color} | {color:green} hadoopcheck {color} | {color:green} 
30m 1s {color} | {color:green} Patch does not cause any errors with Hadoop 
2.4.0 2.4.1 2.5.0 2.5.1 2.5.2 2.6.1 2.6.2 2.6.3 2.7.1 or 3.0.0-alpha1. {color} |
| {color:green}+1{color} | {color:green} hbaseprotoc {color} | {color:green} 0m 
11s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 0m 
34s {color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 11s 
{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} unit {color} | {color:green} 0m 17s 
{color} | {color:green} hbase-examples in the patch passed. {color} |
| {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m 
6s {color} | {color:green} The patch does not generate ASF License warnings. 
{color} |
| {color:black}{color} | {color:black} {color} | {color:black} 36m 49s {color} 
| {color:black} {color} |
\\
\\
|| Subsystem || Report/Notes ||
| Docker | Client=1.11.2 Server=1.11.2 Image:yetus/hbase:7bda515 |
| JIRA Patch URL | 
https://issues.apache.org/jira/secure/attachment/12834745/16829.v1.txt |
| JIRA Issue | HBASE-16829 |
| Optional Tests |  asflicense  javac  javadoc  unit  findbugs  hadoopcheck  
hbaseanti  checkstyle  compile  |
| uname | Linux 42a6dbc105c3 3.13.0-92-generic #139-Ubuntu SMP Tue Jun 28 
20:42:26 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux |
| Build tool | maven |
| Personality | 
/home/jenkins/jenkins-slave/workspace/PreCommit-HBASE-Build/component/dev-support/hbase-personality.sh
 |
| git revision | master / e223639 |
| Default Java | 1.8.0_101 |
| findbugs | v3.0.0 |
|  Test Results | 
https://builds.apache.org/job/PreCommit-HBASE-Build/4142/testReport/ |
| modules | C: hbase-examples U: hbase-examples |
| Console output | 
https://builds.apache.org/job/PreCommit-HBASE-Build/4142/console |
| Powered by | Apache Yetus 0.3.0   http://yetus.apache.org |


This message was automatically generated.



> DemoClient should detect secure mode
> 
>
> Key: 

[jira] [Commented] (HBASE-16829) DemoClient should detect secure mode

[Ted Yu (JIRA)]

[ 
https://issues.apache.org/jira/browse/HBASE-16829?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15596337#comment-15596337
 ] 

Ted Yu commented on HBASE-16829:


Thanks to Josh who found the case where mismatched user name for 
hbase.thrift.kerberos.principal led to the mysterious SocketTimeoutException.

> DemoClient should detect secure mode
> 
>
> Key: HBASE-16829
> URL: https://issues.apache.org/jira/browse/HBASE-16829
> Project: HBase
>  Issue Type: Bug
>Reporter: Ted Yu
>Assignee: Ted Yu
> Attachments: 16829.v1.txt
>
>
> Sometimes user runs DemoClient against secure cluster using the following 
> command:
> {code}
> java -cp `hbase classpath` org.apache.hadoop.hbase.thrift2.DemoClient host 
> 9090
> {code}
> This wouldn't work.
> DemoClient should detect the presence of secure cluster - e.g. through the 
> following config:
> {code}
> 
>   hbase.thrift.authentication.type
>   kerberos
> 
> {code}
> User can still specify 'false' as the last parameter if the target cluster is 
> insecure.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)