You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by mc...@apache.org on 2017/06/13 04:42:06 UTC
[03/10] cassandra git commit: Node running with join_ring=false and
authentication can not serve requests
Node running with join_ring=false and authentication can not serve requests
patch by Mick Semb Wever; reviewed by Joel Knighton for CASSANDRA-11381
Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo
Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/f49579df
Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/f49579df
Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/f49579df
Branch: refs/heads/cassandra-3.11
Commit: f49579df38121f88107531307437b447a7438cda
Parents: 5807eca
Author: mck <mc...@apache.org>
Authored: Fri Mar 18 14:22:32 2016 +1100
Committer: mck <mi...@thelastpickle.com>
Committed: Tue Jun 13 13:57:17 2017 +1000
----------------------------------------------------------------------
CHANGES.txt | 1 +
.../apache/cassandra/auth/CassandraRoleManager.java | 4 ++++
.../apache/cassandra/service/StorageService.java | 16 +++++++++++-----
3 files changed, 16 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cassandra/blob/f49579df/CHANGES.txt
----------------------------------------------------------------------
diff --git a/CHANGES.txt b/CHANGES.txt
index d00ddcb..56890c9 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
2.2.10
+ * Nodes started with join_ring=False should be able to serve requests when authentication is enabled (CASSANDRA-11381)
* cqlsh COPY FROM: increment error count only for failures, not for attempts (CASSANDRA-13209)
* nodetool upgradesstables should upgrade system tables (CASSANDRA-13119)
* Avoid starting gossiper in RemoveTest (CASSANDRA-13407)
http://git-wip-us.apache.org/repos/asf/cassandra/blob/f49579df/src/java/org/apache/cassandra/auth/CassandraRoleManager.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/auth/CassandraRoleManager.java b/src/java/org/apache/cassandra/auth/CassandraRoleManager.java
index 87aca21..bfd0483 100644
--- a/src/java/org/apache/cassandra/auth/CassandraRoleManager.java
+++ b/src/java/org/apache/cassandra/auth/CassandraRoleManager.java
@@ -40,6 +40,7 @@ import org.apache.cassandra.db.marshal.UTF8Type;
import org.apache.cassandra.exceptions.*;
import org.apache.cassandra.net.MessagingService;
import org.apache.cassandra.service.QueryState;
+import org.apache.cassandra.service.StorageService;
import org.apache.cassandra.transport.messages.ResultMessage;
import org.apache.cassandra.utils.ByteBufferUtil;
import org.mindrot.jbcrypt.BCrypt;
@@ -344,6 +345,9 @@ public class CassandraRoleManager implements IRoleManager
*/
private static void setupDefaultRole()
{
+ if (StorageService.instance.getTokenMetadata().sortedTokens().isEmpty())
+ throw new IllegalStateException("CassandraRoleManager skipped default role setup: no known tokens in ring");
+
try
{
if (!hasExistingRoles())
http://git-wip-us.apache.org/repos/asf/cassandra/blob/f49579df/src/java/org/apache/cassandra/service/StorageService.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/service/StorageService.java b/src/java/org/apache/cassandra/service/StorageService.java
index 65f536b..9d2d7bb 100644
--- a/src/java/org/apache/cassandra/service/StorageService.java
+++ b/src/java/org/apache/cassandra/service/StorageService.java
@@ -191,6 +191,8 @@ public class StorageService extends NotificationBroadcasterSupport implements IE
private final StreamStateStore streamStateStore = new StreamStateStore();
+ private final AtomicBoolean doneAuthSetup = new AtomicBoolean(false);
+
/** This method updates the local token on disk */
public void setTokens(Collection<Token> tokens)
{
@@ -657,6 +659,7 @@ public class StorageService extends NotificationBroadcasterSupport implements IE
states.add(Pair.create(ApplicationState.STATUS, valueFactory.hibernate(true)));
Gossiper.instance.addLocalApplicationStates(states);
}
+ doAuthSetup();
logger.info("Not joining ring as requested. Use JMX (StorageService->joinRing()) to initiate ring joining");
}
}
@@ -974,12 +977,15 @@ public class StorageService extends NotificationBroadcasterSupport implements IE
private void doAuthSetup()
{
- maybeAddOrUpdateKeyspace(AuthKeyspace.definition());
+ if (!doneAuthSetup.getAndSet(true))
+ {
+ maybeAddOrUpdateKeyspace(AuthKeyspace.definition());
- DatabaseDescriptor.getRoleManager().setup();
- DatabaseDescriptor.getAuthenticator().setup();
- DatabaseDescriptor.getAuthorizer().setup();
- MigrationManager.instance.register(new AuthMigrationListener());
+ DatabaseDescriptor.getRoleManager().setup();
+ DatabaseDescriptor.getAuthenticator().setup();
+ DatabaseDescriptor.getAuthorizer().setup();
+ MigrationManager.instance.register(new AuthMigrationListener());
+ }
}
private void maybeAddKeyspace(KSMetaData ksm)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org