You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues-all@impala.apache.org by "Vincent Tran (Jira)" <ji...@apache.org> on 2022/05/17 18:48:00 UTC

[jira] [Updated] (IMPALA-11298) Compare only the short username when checking session user against connection user

     [ https://issues.apache.org/jira/browse/IMPALA-11298?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Vincent Tran updated IMPALA-11298:
----------------------------------
    Description: 
When checking that the session user matches the user authenticated on the connection, the usernames compared include the client hostname and the realm


{code:java}
        if (!connection_username.empty()
            && session_->connected_user != connection_username) {
          return Status::Expected(TErrorCode::UNAUTHORIZED_SESSION_USER,
              connection_username, session_->connected_user);
        }{code}
This can result in exceptions like so:
{noformat}
The user authorized on the connection 'hue/gateway0.xyz.site@XYZ.SITE' does not match the session username 'hue/gateway1.xyz.site@XYZ.SITE'{noformat}

We should convert these to short name before comparing.

  was:When checking to see 


> Compare only the short username when checking session user against connection user
> ----------------------------------------------------------------------------------
>
>                 Key: IMPALA-11298
>                 URL: https://issues.apache.org/jira/browse/IMPALA-11298
>             Project: IMPALA
>          Issue Type: Bug
>            Reporter: Vincent Tran
>            Priority: Major
>
> When checking that the session user matches the user authenticated on the connection, the usernames compared include the client hostname and the realm
> {code:java}
>         if (!connection_username.empty()
>             && session_->connected_user != connection_username) {
>           return Status::Expected(TErrorCode::UNAUTHORIZED_SESSION_USER,
>               connection_username, session_->connected_user);
>         }{code}
> This can result in exceptions like so:
> {noformat}
> The user authorized on the connection 'hue/gateway0.xyz.site@XYZ.SITE' does not match the session username 'hue/gateway1.xyz.site@XYZ.SITE'{noformat}
> We should convert these to short name before comparing.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-all-unsubscribe@impala.apache.org
For additional commands, e-mail: issues-all-help@impala.apache.org