You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by mc...@apache.org on 2017/06/13 04:42:06 UTC

[03/10] cassandra git commit: Node running with join_ring=false and authentication can not serve requests

Node running with join_ring=false and authentication can not serve requests

 patch by Mick Semb Wever; reviewed by Joel Knighton for CASSANDRA-11381


Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo
Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/f49579df
Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/f49579df
Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/f49579df

Branch: refs/heads/cassandra-3.11
Commit: f49579df38121f88107531307437b447a7438cda
Parents: 5807eca
Author: mck <mc...@apache.org>
Authored: Fri Mar 18 14:22:32 2016 +1100
Committer: mck <mi...@thelastpickle.com>
Committed: Tue Jun 13 13:57:17 2017 +1000

----------------------------------------------------------------------
 CHANGES.txt                                         |  1 +
 .../apache/cassandra/auth/CassandraRoleManager.java |  4 ++++
 .../apache/cassandra/service/StorageService.java    | 16 +++++++++++-----
 3 files changed, 16 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cassandra/blob/f49579df/CHANGES.txt
----------------------------------------------------------------------
diff --git a/CHANGES.txt b/CHANGES.txt
index d00ddcb..56890c9 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
 2.2.10
+ * Nodes started with join_ring=False should be able to serve requests when authentication is enabled (CASSANDRA-11381)
  * cqlsh COPY FROM: increment error count only for failures, not for attempts (CASSANDRA-13209)
  * nodetool upgradesstables should upgrade system tables (CASSANDRA-13119)
  * Avoid starting gossiper in RemoveTest (CASSANDRA-13407)

http://git-wip-us.apache.org/repos/asf/cassandra/blob/f49579df/src/java/org/apache/cassandra/auth/CassandraRoleManager.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/auth/CassandraRoleManager.java b/src/java/org/apache/cassandra/auth/CassandraRoleManager.java
index 87aca21..bfd0483 100644
--- a/src/java/org/apache/cassandra/auth/CassandraRoleManager.java
+++ b/src/java/org/apache/cassandra/auth/CassandraRoleManager.java
@@ -40,6 +40,7 @@ import org.apache.cassandra.db.marshal.UTF8Type;
 import org.apache.cassandra.exceptions.*;
 import org.apache.cassandra.net.MessagingService;
 import org.apache.cassandra.service.QueryState;
+import org.apache.cassandra.service.StorageService;
 import org.apache.cassandra.transport.messages.ResultMessage;
 import org.apache.cassandra.utils.ByteBufferUtil;
 import org.mindrot.jbcrypt.BCrypt;
@@ -344,6 +345,9 @@ public class CassandraRoleManager implements IRoleManager
      */
     private static void setupDefaultRole()
     {
+        if (StorageService.instance.getTokenMetadata().sortedTokens().isEmpty())
+            throw new IllegalStateException("CassandraRoleManager skipped default role setup: no known tokens in ring");
+
         try
         {
             if (!hasExistingRoles())

http://git-wip-us.apache.org/repos/asf/cassandra/blob/f49579df/src/java/org/apache/cassandra/service/StorageService.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/service/StorageService.java b/src/java/org/apache/cassandra/service/StorageService.java
index 65f536b..9d2d7bb 100644
--- a/src/java/org/apache/cassandra/service/StorageService.java
+++ b/src/java/org/apache/cassandra/service/StorageService.java
@@ -191,6 +191,8 @@ public class StorageService extends NotificationBroadcasterSupport implements IE
 
     private final StreamStateStore streamStateStore = new StreamStateStore();
 
+    private final AtomicBoolean doneAuthSetup = new AtomicBoolean(false);
+
     /** This method updates the local token on disk  */
     public void setTokens(Collection<Token> tokens)
     {
@@ -657,6 +659,7 @@ public class StorageService extends NotificationBroadcasterSupport implements IE
                 states.add(Pair.create(ApplicationState.STATUS, valueFactory.hibernate(true)));
                 Gossiper.instance.addLocalApplicationStates(states);
             }
+            doAuthSetup();
             logger.info("Not joining ring as requested. Use JMX (StorageService->joinRing()) to initiate ring joining");
         }
     }
@@ -974,12 +977,15 @@ public class StorageService extends NotificationBroadcasterSupport implements IE
 
     private void doAuthSetup()
     {
-        maybeAddOrUpdateKeyspace(AuthKeyspace.definition());
+        if (!doneAuthSetup.getAndSet(true))
+        {
+            maybeAddOrUpdateKeyspace(AuthKeyspace.definition());
 
-        DatabaseDescriptor.getRoleManager().setup();
-        DatabaseDescriptor.getAuthenticator().setup();
-        DatabaseDescriptor.getAuthorizer().setup();
-        MigrationManager.instance.register(new AuthMigrationListener());
+            DatabaseDescriptor.getRoleManager().setup();
+            DatabaseDescriptor.getAuthenticator().setup();
+            DatabaseDescriptor.getAuthorizer().setup();
+            MigrationManager.instance.register(new AuthMigrationListener());
+        }
     }
 
     private void maybeAddKeyspace(KSMetaData ksm)


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org