You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@kudu.apache.org by "Alexey Serbin (JIRA)" <ji...@apache.org> on 2019/04/09 17:47:00 UTC

[jira] [Created] (KUDU-2769) Investigate NotAuthorized responses from Sentry on ListPrivilegesByUser in case of non-existent user

Alexey Serbin created KUDU-2769:
-----------------------------------

             Summary: Investigate NotAuthorized responses from Sentry on ListPrivilegesByUser in case of non-existent user
                 Key: KUDU-2769
                 URL: https://issues.apache.org/jira/browse/KUDU-2769
             Project: Kudu
          Issue Type: Task
            Reporter: Alexey Serbin


It would be nice to clarify on the behavior of both Sentry and Kudu's wrapper around Sentry's HA client in {{src/kudu/thrift/client.h}} in the case when retrieving privileges for a non-existent user.  Right now it seems Sentry responds with something that {{HaClient}} converts into {{Status::NotAuthorized}}, and that error causes the client to re-connect to the Sentry service (which is sub-optimal?).  So, a couple of questions to clarify:

* Is it a legit behavior from the Sentry side to responds with something that's converted into {{Status::NotAuthorized}} by the {{HaClient}}?
* Is it really necessary for the {{HaClien}} to reconnect to Sentry upon 'sensing' {{Status::NotAuthorized}} status code from Sentry?



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)