You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@kudu.apache.org by "Alexey Serbin (JIRA)" <ji...@apache.org> on 2019/04/09 17:47:00 UTC
[jira] [Created] (KUDU-2769) Investigate NotAuthorized responses
from Sentry on ListPrivilegesByUser in case of non-existent user
Alexey Serbin created KUDU-2769:
-----------------------------------
Summary: Investigate NotAuthorized responses from Sentry on ListPrivilegesByUser in case of non-existent user
Key: KUDU-2769
URL: https://issues.apache.org/jira/browse/KUDU-2769
Project: Kudu
Issue Type: Task
Reporter: Alexey Serbin
It would be nice to clarify on the behavior of both Sentry and Kudu's wrapper around Sentry's HA client in {{src/kudu/thrift/client.h}} in the case when retrieving privileges for a non-existent user. Right now it seems Sentry responds with something that {{HaClient}} converts into {{Status::NotAuthorized}}, and that error causes the client to re-connect to the Sentry service (which is sub-optimal?). So, a couple of questions to clarify:
* Is it a legit behavior from the Sentry side to responds with something that's converted into {{Status::NotAuthorized}} by the {{HaClient}}?
* Is it really necessary for the {{HaClien}} to reconnect to Sentry upon 'sensing' {{Status::NotAuthorized}} status code from Sentry?
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)