You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hbase.apache.org by "Ashish Singhi (JIRA)" <ji...@apache.org> on 2015/01/06 07:31:34 UTC
[jira] [Created] (HBASE-12811) NPE while scan a table with user
associated with multiple groups.
Ashish Singhi created HBASE-12811:
-------------------------------------
Summary: NPE while scan a table with user associated with multiple groups.
Key: HBASE-12811
URL: https://issues.apache.org/jira/browse/HBASE-12811
Project: HBase
Issue Type: Bug
Components: security
Affects Versions: 0.98.9
Reporter: Ashish Singhi
Assignee: Ashish Singhi
A user is associated with two groups.
{noformat}
/hbase/bin> groups ashish_test
ashish_test : defaultgroup ashish_test_1420524824527
{noformat}
One of its group is granted permission on a table as shown by user_permission command.
{noformat}
hbase(main):005:0> user_permission 't1'
User Table,Family,Qualifier:Permission
@ashish_test_1420524824527 t1,,: [Permission: actions=EXEC,WRITE,CREATE]
@ashish_test_1420524824527 t1,d,: [Permission: actions=EXEC,WRITE,CREATE]
hbase t1,,: [Permission: actions=READ,WRITE,EXEC,CREATE,ADMIN]
3 row(s) in 0.3710 seconds
{noformat}
Now when this user try the scan the table, we get the following exception.
{noformat}
java.lang.NullPointerException
at org.apache.hadoop.hbase.security.access.TablePermission.implies(TablePermission.java:215)
at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:340)
at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:332)
at org.apache.hadoop.hbase.security.access.TableAuthManager.authorizeGroup(TableAuthManager.java:473)
at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:490)
at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:500)
at org.apache.hadoop.hbase.security.access.AccessController.permissionGranted(AccessController.java:415)
at org.apache.hadoop.hbase.security.access.AccessController.permissionGranted(AccessController.java:484)
at org.apache.hadoop.hbase.security.access.AccessController.internalPreRead(AccessController.java:1504)
at org.apache.hadoop.hbase.security.access.AccessController.preScannerOpen(AccessController.java:2027)
at org.apache.hadoop.hbase.regionserver.RegionCoprocessorHost.preScannerOpen(RegionCoprocessorHost.java:1987)
at org.apache.hadoop.hbase.regionserver.HRegionServer.scan(HRegionServer.java:3102)
{noformat}
*Note:* Line numbers may not match.
Exception is coming because the other group of same user which has not been granted permission on the table will have the TablePermission's table(name) as null.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)