You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hbase.apache.org by "Bochun Bai (JIRA)" <ji...@apache.org> on 2011/08/09 04:14:27 UTC
[jira] [Created] (HBASE-4180) HBase should check the
isSecurityEnabled flag
HBase should check the isSecurityEnabled flag
---------------------------------------------
Key: HBASE-4180
URL: https://issues.apache.org/jira/browse/HBASE-4180
Project: HBase
Issue Type: Bug
Components: security
Reporter: Bochun Bai
Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Gary Helmling (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gary Helmling updated HBASE-4180:
---------------------------------
Attachment: HBASE-4180_trunk_2.patch
Updated patch against trunk with some added javadoc.
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch, HBASE-4180_0.90.patch, HBASE-4180_0.90_2.patch, HBASE-4180_trunk.patch, HBASE-4180_trunk_2.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Assigned] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Ted Yu (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ted Yu reassigned HBASE-4180:
-----------------------------
Assignee: Bochun Bai
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Assigned] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Gary Helmling (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gary Helmling reassigned HBASE-4180:
------------------------------------
Assignee: Gary Helmling (was: Bochun Bai)
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Gary Helmling
> Attachments: HBASE-4180.patch, HBASE-4180_0.90.patch, HBASE-4180_0.90_2.patch, HBASE-4180_0.90_final.patch, HBASE-4180_trunk.patch, HBASE-4180_trunk_2.patch, HBASE-4180_trunk_final.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Bochun Bai (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13081408#comment-13081408 ]
Bochun Bai commented on HBASE-4180:
-----------------------------------
0.21 API incompatible is problem for downstream projects.
Hive extracts a shims components for this.
Will HBase consider some similar changes?
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Bochun Bai (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13081403#comment-13081403 ]
Bochun Bai commented on HBASE-4180:
-----------------------------------
0.20 doesn't have isSecurityEnabled,
0.20-SEC does have isSecurityEnabled,
0.21 does have isSecurityEnabled but not means it must configured to use it.
If we need HBase work with a non-security hadoop, I think we need find another way to identify it.
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Bochun Bai (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Bochun Bai updated HBASE-4180:
------------------------------
Attachment: HBASE-4180.patch
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Attachments: HBASE-4180.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Gary Helmling (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gary Helmling updated HBASE-4180:
---------------------------------
Attachment: HBASE-4180_trunk_final.patch
Patch committed to trunk
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Gary Helmling
> Attachments: HBASE-4180.patch, HBASE-4180_0.90.patch, HBASE-4180_0.90_2.patch, HBASE-4180_0.90_final.patch, HBASE-4180_trunk.patch, HBASE-4180_trunk_2.patch, HBASE-4180_trunk_final.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Gary Helmling (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gary Helmling updated HBASE-4180:
---------------------------------
Attachment: HBASE-4180_trunk.patch
Patch against trunk adding check for isSecurityEnabled() within User.login()
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch, HBASE-4180_0.90.patch, HBASE-4180_trunk.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Gary Helmling (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gary Helmling updated HBASE-4180:
---------------------------------
Resolution: Fixed
Fix Version/s: 0.90.5
Hadoop Flags: [Reviewed]
Status: Resolved (was: Patch Available)
Committed patch to 0.90 branch and trunk. User.login() now checks isSecurityEnabled() before attempting to call SecurityUtil.login().
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Gary Helmling
> Fix For: 0.90.5
>
> Attachments: HBASE-4180.patch, HBASE-4180_0.90.patch, HBASE-4180_0.90_2.patch, HBASE-4180_0.90_final.patch, HBASE-4180_trunk.patch, HBASE-4180_trunk_2.patch, HBASE-4180_trunk_final.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Gary Helmling (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13081417#comment-13081417 ]
Gary Helmling commented on HBASE-4180:
--------------------------------------
@Bochun
{quote}
0.21 API incompatible is problem for downstream projects.
Hive extracts a shims components for this.
Will HBase consider some similar changes?
{quote}
This is the purpose of the {{User}} class -- to isolate the UGI changes. See {{User.HadoopUser}} and {{User.SecureHadoopUser}}. If we need to add a separate version for Hadoop 0.21, we can do that, but as Stack mentions there are other, non-related problems with running on Hadoop 0.21.
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Gary Helmling (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13081397#comment-13081397 ]
Gary Helmling commented on HBASE-4180:
--------------------------------------
So is the issue here that we're not correctly accounting for {{UserGroupInformation}} API changes between Hadoop 0.21 and 0.22+?
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "stack (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13081429#comment-13081429 ]
stack commented on HBASE-4180:
------------------------------
@Bochun See comment here:
https://issues.apache.org/jira/browse/HBASE-2233?focusedCommentId=13046828&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13046828
You could take the patches from the hadoop issues referenced and they should apply to 0.21
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Bochun Bai (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Bochun Bai updated HBASE-4180:
------------------------------
Status: Patch Available (was: Open)
adds only one line after check the isSecurityCheckEnabled.
Call and assign it.
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Attachments: HBASE-4180.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Hudson (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13103116#comment-13103116 ]
Hudson commented on HBASE-4180:
-------------------------------
Integrated in HBase-TRUNK #2200 (See [https://builds.apache.org/job/HBase-TRUNK/2200/])
HBASE-4180 Check isSecurityEnabled before User.login for 0.21 compatibility
garyh :
Files :
* /hbase/trunk/CHANGES.txt
* /hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/User.java
* /hbase/trunk/src/main/java/org/apache/hadoop/hbase/util/Classes.java
* /hbase/trunk/src/main/java/org/apache/hadoop/hbase/util/Methods.java
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Gary Helmling
> Fix For: 0.90.5
>
> Attachments: HBASE-4180.patch, HBASE-4180_0.90.patch, HBASE-4180_0.90_2.patch, HBASE-4180_0.90_final.patch, HBASE-4180_trunk.patch, HBASE-4180_trunk_2.patch, HBASE-4180_trunk_final.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Gary Helmling (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13081415#comment-13081415 ]
Gary Helmling commented on HBASE-4180:
--------------------------------------
As I said before, the presence of {{isSecurityEnabled}} is used to identify *API* changes, not whether Hadoop is configured for Kerberos authentication. We really don't care about the return value of {{isSecurityEnabled}}.
HBase does work with non-secure Hadoop, both 0.20 (pre-security) and 0.20-security (with hadoop.security.authentication=simple).
If there are API differences between {{UserGroupInformation}} in Hadoop 0.21 and 0.22+, we should account for those. Otherwise I still don't see what exactly the issue is here. Are you encountering problems running on Hadoop 0.21 (which is not supported) that this is intended to solve?
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Gary Helmling (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13081452#comment-13081452 ]
Gary Helmling commented on HBASE-4180:
--------------------------------------
@Bochun
No, unfortunately that would break the ability to compile (or run) HBase against non-secure Hadoop.
See the two attached patches (one for branch 0.90, one for trunk). I assume you are running a 0.90 release? Please try applying the 0.90 version of the patch and see if that fixes the problem for you.
I will be testing the patch as well against Hadoop 0.20.2, and a 0.20-security version.
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch, HBASE-4180_0.90.patch, HBASE-4180_trunk.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Gary Helmling (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gary Helmling updated HBASE-4180:
---------------------------------
Attachment: HBASE-4180_0.90_2.patch
Updated patch against 0.90 with added javadoc.
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch, HBASE-4180_0.90.patch, HBASE-4180_0.90_2.patch, HBASE-4180_trunk.patch, HBASE-4180_trunk_2.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "stack (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13081414#comment-13081414 ]
stack commented on HBASE-4180:
------------------------------
@Bochun
Can you rephrase this '0.21 does have isSecurityEnabled but not means it must configured to use it.'? What is the difference between 0.20-SEC and 0.21?
HBase does not run on raw (non-secure) 0.21. It needs a few small patches to do so. It will run on 0.22 and 0.23 non-secure. Until we figure otherwise, we'd like to have it so the same hbase binary will run on 0.20-append, CDH3, 0.22, 0.23, MapR, etc. I've not looked at whats involved making hbase run secure on all these versions (Gary is our man when it comes to that). Hopefully we can make it so same hbase binary can run on all secure hadoop combos (Will this be possible Gary?)
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Gary Helmling (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13081392#comment-13081392 ]
Gary Helmling commented on HBASE-4180:
--------------------------------------
-1 on the patch
{{User.IS_SECURE_HADOOP}} is a private variable used to differentiate between the API incompatible changes to {{UserGroupInformation}} between Hadoop 0.20 and 0.21+. The API-incompatible methods are accommodated using reflection so that we're not compile-time bound to Hadoop 0.21+. Whether hadoop.security.authentication is set to "simple" or "kerberos" (which is what {{isSecurityEnabled()}} returns) makes no difference to accounting for the API changes.
Can you describe more of the underlying problem that you're observing that this patch is intended to fix?
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "stack (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13081453#comment-13081453 ]
stack commented on HBASE-4180:
------------------------------
Patch looks good to me Gary.
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch, HBASE-4180_0.90.patch, HBASE-4180_trunk.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Ted Yu (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13081376#comment-13081376 ]
Ted Yu commented on HBASE-4180:
-------------------------------
+1 on patch.
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Bochun Bai (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13081422#comment-13081422 ]
Bochun Bai commented on HBASE-4180:
-----------------------------------
@stack, It is cleared, Thanks!
0.21 is still not a stable version in Hadoop so it is reasonable not supporting it for hbase.
I will close this with "won't fix" later.
Would you please kindly give me some hits finding out "HBase does not run on raw (non-secure) 0.21. It needs a few small patches to do so"? How can I find these small patches?
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Bochun Bai (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13081420#comment-13081420 ]
Bochun Bai commented on HBASE-4180:
-----------------------------------
@Gray, yes.
I am trying run hbase on Hadoop 0.21 and it throws ClassNotFoundException.
org.apache.hadoop.hbase.User.login() thinks it is a secure version and invoke SecureHadoopUser.login.
The SecureHadoopUser.login() needs org.apache.hadoop.security.SecurityUtil class exist.
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Gary Helmling (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gary Helmling updated HBASE-4180:
---------------------------------
Attachment: HBASE-4180_0.90.patch
Patch against 0.90 branch adding check for isSecurityEnabled() within User.login()
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch, HBASE-4180_0.90.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Gary Helmling (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13081427#comment-13081427 ]
Gary Helmling commented on HBASE-4180:
--------------------------------------
@Bochun
I'll add a patch that checks the return value of isSecurityEnabled() in User.login(). This should avert the ClassNotFoundException.
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Bochun Bai (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13081433#comment-13081433 ]
Bochun Bai commented on HBASE-4180:
-----------------------------------
Thanks @stack.
@Gray, do you mean changes like this?
if (IS_SECURE_HADOOP && UserGroupInfomation.isSecurityEnabed()) {
SecurityHadoopUser.login......
} else {
HadoopUser.login......
}
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Ted Yu (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13102884#comment-13102884 ]
Ted Yu commented on HBASE-4180:
-------------------------------
One minor comment: year should be removed from header.
+1 on patch.
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Bochun Bai
> Attachments: HBASE-4180.patch, HBASE-4180_0.90.patch, HBASE-4180_0.90_2.patch, HBASE-4180_trunk.patch, HBASE-4180_trunk_2.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-4180) HBase should check the
isSecurityEnabled flag
Posted by "Gary Helmling (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gary Helmling updated HBASE-4180:
---------------------------------
Attachment: HBASE-4180_0.90_final.patch
Patch committed to 0.90
> HBase should check the isSecurityEnabled flag
> ---------------------------------------------
>
> Key: HBASE-4180
> URL: https://issues.apache.org/jira/browse/HBASE-4180
> Project: HBase
> Issue Type: Bug
> Components: security
> Reporter: Bochun Bai
> Assignee: Gary Helmling
> Attachments: HBASE-4180.patch, HBASE-4180_0.90.patch, HBASE-4180_0.90_2.patch, HBASE-4180_0.90_final.patch, HBASE-4180_trunk.patch, HBASE-4180_trunk_2.patch, HBASE-4180_trunk_final.patch
>
>
> Hadoop 0.21.0's UserGroupInfomation support the security check flag and always returns false.
> HBase should check both the method existence and the return value.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira