You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@kudu.apache.org by "Grant Henke (Jira)" <ji...@apache.org> on 2020/06/03 14:44:00 UTC
[jira] [Resolved] (KUDU-2769) Investigate NotAuthorized responses
from Sentry on ListPrivilegesByUser in case of non-existent user
[ https://issues.apache.org/jira/browse/KUDU-2769?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Grant Henke resolved KUDU-2769.
-------------------------------
Fix Version/s: NA
Resolution: Won't Fix
The Sentry integration is removed.
> Investigate NotAuthorized responses from Sentry on ListPrivilegesByUser in case of non-existent user
> ----------------------------------------------------------------------------------------------------
>
> Key: KUDU-2769
> URL: https://issues.apache.org/jira/browse/KUDU-2769
> Project: Kudu
> Issue Type: Task
> Reporter: Alexey Serbin
> Priority: Major
> Fix For: NA
>
>
> It would be nice to clarify on the behavior of both Sentry and Kudu's wrapper around Sentry's HA client in {{src/kudu/thrift/client.h}} in the case when retrieving privileges for a non-existent user. Right now it seems Sentry responds with something that {{HaClient}} converts into {{Status::NotAuthorized}}, and that error causes the client to re-connect to the Sentry service (which is sub-optimal?). So, a couple of questions to clarify:
> * Is it a legit behavior from the Sentry side to responds with something that's converted into {{Status::NotAuthorized}} by the {{HaClient}}?
> * Is it really necessary for the {{HaClien}} to reconnect to Sentry upon 'sensing' {{Status::NotAuthorized}} status code from Sentry?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)