You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Hoss Man (JIRA)" <ji...@apache.org> on 2017/03/21 18:37:41 UTC
[jira] [Assigned] (SOLR-8052) Tests using MiniKDC do not work with
Java 9 Jigsaw
[ https://issues.apache.org/jira/browse/SOLR-8052?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Hoss Man reassigned SOLR-8052:
------------------------------
Assignee: Hoss Man
> Tests using MiniKDC do not work with Java 9 Jigsaw
> --------------------------------------------------
>
> Key: SOLR-8052
> URL: https://issues.apache.org/jira/browse/SOLR-8052
> Project: Solr
> Issue Type: Bug
> Components: Authentication
> Affects Versions: 5.3
> Reporter: Uwe Schindler
> Assignee: Hoss Man
> Labels: Java9
> Attachments: SOLR-8052.patch, SOLR-8052.patch
>
>
> As described in my status update yesterday, there are some problems in dependencies shipped with Solr that don't work with Java 9 Jigsaw builds.
> org.apache.solr.cloud.SaslZkACLProviderTest.testSaslZkACLProvider
> {noformat}
> [junit4] > Throwable #1: java.lang.RuntimeException: java.lang.IllegalAccessException: Class org.apache.hadoop.minikdc.MiniKdc can not access a member of class sun.security.krb5.Config (module java.security.jgss) with modifiers "public static", module java.security.jgss does not export sun.security.krb5 to <unnamed module @6d2a209c>
> [junit4] > at org.apache.solr.cloud.SaslZkACLProviderTest$SaslZkTestServer.run(SaslZkACLProviderTest.java:211)
> [junit4] > at org.apache.solr.cloud.SaslZkACLProviderTest.setUp(SaslZkACLProviderTest.java:81)
> [junit4] > at java.lang.Thread.run(java.base@9.0/Thread.java:746)
> [junit4] > Caused by: java.lang.IllegalAccessException: Class org.apache.hadoop.minikdc.MiniKdc can not access a member of class sun.security.krb5.Config (module java.security.jgss) with modifiers "public static", module java.security.jgss does not export sun.security.krb5 to <unnamed module @6d2a209c>
> [junit4] > at java.lang.reflect.AccessibleObject.slowCheckMemberAccess(java.base@9.0/AccessibleObject.java:384)
> [junit4] > at java.lang.reflect.AccessibleObject.checkAccess(java.base@9.0/AccessibleObject.java:376)
> [junit4] > at org.apache.hadoop.minikdc.MiniKdc.initKDCServer(MiniKdc.java:478)
> [junit4] > at org.apache.hadoop.minikdc.MiniKdc.start(MiniKdc.java:320)
> [junit4] > at org.apache.solr.cloud.SaslZkACLProviderTest$SaslZkTestServer.run(SaslZkACLProviderTest.java:204)
> [junit4] > ... 38 moreThrowable #2: java.lang.NullPointerException
> [junit4] > at org.apache.solr.cloud.ZkTestServer$ZKServerMain.shutdown(ZkTestServer.java:334)
> [junit4] > at org.apache.solr.cloud.ZkTestServer.shutdown(ZkTestServer.java:526)
> [junit4] > at org.apache.solr.cloud.SaslZkACLProviderTest$SaslZkTestServer.shutdown(SaslZkACLProviderTest.java:218)
> [junit4] > at org.apache.solr.cloud.SaslZkACLProviderTest.tearDown(SaslZkACLProviderTest.java:116)
> [junit4] > at java.lang.Thread.run(java.base@9.0/Thread.java:746)
> {noformat}
> This is really bad, bad, bad! All security related stuff should never ever be reflected on!
> So we have to open issue in MiniKdc project so they remove the "hacks". Elasticsearch had
> similar problems with Amazon's AWS API. The worked around with a funny hack in their SecurityPolicy
> (https://github.com/elastic/elasticsearch/pull/13538). But as Solr does not run with SecurityManager
> in production, there is no way to do that.
> We should report issue on the MiniKdc project, so they fix their code and remove the really bad reflection on Java's internal classes.
> FYI, my [conclusion|http://mail-archives.apache.org/mod_mbox/lucene-dev/201509.mbox/%3C014801d0ee23%245c8f5df0%2415ae19d0%24%40thetaphi.de%3E] from yesterday.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org