You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@atlas.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2022/01/24 19:52:00 UTC
[jira] [Commented] (ATLAS-4536) The newline character in attribues will fail simple auth check
[ https://issues.apache.org/jira/browse/ATLAS-4536?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17481355#comment-17481355 ]
ASF subversion and git services commented on ATLAS-4536:
--------------------------------------------------------
Commit fd55c6fe2695c62338c0cfa751d1e019a523e81f in atlas's branch refs/heads/master from Garry Easop
[ https://gitbox.apache.org/repos/asf?p=atlas.git;h=fd55c6f ]
ATLAS-4536: The newline character in attribues will fail simple auth check
Signed-off-by: Sarath Subramanian <sa...@apache.org>
> The newline character in attribues will fail simple auth check
> --------------------------------------------------------------
>
> Key: ATLAS-4536
> URL: https://issues.apache.org/jira/browse/ATLAS-4536
> Project: Atlas
> Issue Type: Bug
> Components: atlas-core
> Reporter: Garry Easop
> Priority: Major
>
> When using Atlas simple authorization and the default json policy file, attributes can cause a 403 errors. This is because Atlas ends up calling isMatch() and if the string to be matched has a newline character isMatch will return false, which leads to the 403. The error in the log looks like:
> {code:java}
> 2021-11-17 22:03:30,328 ERROR - [pool-2-thread-4 - c347ce48-4f16-45eb-9453-6d49dde3eb9e:] ~ graph rollback due to exception (GraphTransactionInterceptor:167)
> org.apache.atlas.exception.AtlasBaseException: admin is not authorized to perform read entity: guid=da8c1532-1aa7-4734-bab3-1567f8565ed3
> at org.apache.atlas.authorize.AtlasAuthorizationUtils.verifyAccess(AtlasAuthorizationUtils.java:62)
> at org.apache.atlas.repository.store.graph.v2.AtlasEntityStoreV2.getById(AtlasEntityStoreV2.java:128) {code}
--
This message was sent by Atlassian Jira
(v8.20.1#820001)