You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Ramesh Mani <rm...@hortonworks.com> on 2022/06/03 06:22:53 UTC
Re: Review Request 74000: RANGER-3778: remove useless code to fix NullPointerException with kerberos
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74000/#review224483
-----------------------------------------------------------
security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
Line 52 (original), 52 (patched)
<https://reviews.apache.org/r/74000/#comment313255>
Please remove javax.servlet.http.Cookie; as it is not used anywhere resulting in PMD
<?xml version="1.0" encoding="UTF-8"?>
<pmd version="5.5.1" timestamp="2022-06-02T23:15:05.018">
<file name="/Users/rmani/git/ranger2.3.0-test/ranger/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java">
<violation beginline="52" endline="52" begincolumn="1" endcolumn="33" rule="UnusedImports" ruleset="Import Statements" package="org.apache.ranger.security.web.filter" externalInfoUrl="https://pmd.github.io/pmd-5.5.1/pmd-java/rules/java/imports.html#UnusedImports" priority="4">
Avoid unused imports such as 'javax.servlet.http.Cookie'
</violation>
</file>
</pmd>
- Ramesh Mani
On May 25, 2022, 5:47 p.m., Kirby Zhou wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74000/
> -----------------------------------------------------------
>
> (Updated May 25, 2022, 5:47 p.m.)
>
>
> Review request for ranger, Bhavik Bavishi, Abhay Kulkarni, Madhan Neethiraj, and Pradeep Agrawal.
>
>
> Bugs: RANGER-3778
> https://issues.apache.org/jira/browse/RANGER-3778
>
>
> Repository: ranger
>
>
> Description
> -------
>
> I found NullPointerException happens again with kerberos login, this time is due to sessionMgr.
> The reason is that: sometimes RangerAuthenticationProvider is not managed by spring but created by new in RangerKRBAuthenticationFilter
> RangerAuthenticationProvider authenticationProvider = new RangerAuthenticationProvider();
> Authentication authentication = authenticationProvider.authenticate(finalAuthentication);
>
> Only beans managed by spring is ensured to auto-wire its members. So at that situation, userMgr and sessionMgr are both null.
> But I do not know why we call authenticationProvider.authenticate here. It is already authenticated by Kerberos.
>
> I have traced the code, After a series of condition judgments, the authentication object passed in was returned finally without any modification. And nothing happens such like register new session, access database... Because at that point, user is already authenticated by Kerberos.
>
> So I removed some useless code here.
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java 2d3308b999c6ab575325777d14e3ab0a6661f2a0
>
>
> Diff: https://reviews.apache.org/r/74000/diff/1/
>
>
> Testing
> -------
>
>
> Thanks,
>
> Kirby Zhou
>
>