You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hbase.apache.org by re...@apache.org on 2020/04/18 05:52:48 UTC
[hbase] branch branch-2.2 updated: HBASE-24174 Fix findbugs warning
on ServiceAuthorizationManager
This is an automated email from the ASF dual-hosted git repository.
reidchan pushed a commit to branch branch-2.2
in repository https://gitbox.apache.org/repos/asf/hbase.git
The following commit(s) were added to refs/heads/branch-2.2 by this push:
new dc80137 HBASE-24174 Fix findbugs warning on ServiceAuthorizationManager
dc80137 is described below
commit dc8013706595a2e4dcb7abc647f4a18792d35bd4
Author: Reid Chan <re...@apache.org>
AuthorDate: Sat Apr 18 13:36:19 2020 +0800
HBASE-24174 Fix findbugs warning on ServiceAuthorizationManager
Signed-off-by: binlijin <bi...@gmail.com>
Signed-off-by: Viraj Jasani <vj...@apache.org>
Signed-off-by: stack <st...@apache.org>
Conflicts:
hbase-server/src/main/java/org/apache/hadoop/hbase/ipc/RpcServerInterface.java
---
.../org/apache/hadoop/hbase/ipc/RpcServer.java | 27 ++++++++--------------
.../hadoop/hbase/ipc/RpcServerInterface.java | 3 ++-
.../security/token/TestTokenAuthentication.java | 2 +-
3 files changed, 13 insertions(+), 19 deletions(-)
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/ipc/RpcServer.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/ipc/RpcServer.java
index 74a96f9..7641fff 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/ipc/RpcServer.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/ipc/RpcServer.java
@@ -117,8 +117,6 @@ public abstract class RpcServer implements RpcServerInterface,
protected SecretManager<TokenIdentifier> secretManager;
protected final Map<String, String> saslProps;
- @edu.umd.cs.findbugs.annotations.SuppressWarnings(value="IS2_INCONSISTENT_SYNC",
- justification="Start is synchronized so authManager creation is single-threaded")
protected ServiceAuthorizationManager authManager;
/** This is set to Call object before Handler invokes an RPC and ybdie
@@ -338,14 +336,9 @@ public abstract class RpcServer implements RpcServerInterface,
if (scheduler instanceof ConfigurationObserver) {
((ConfigurationObserver) scheduler).onConfigurationChange(newConf);
}
- // Make sure authManager will read hbase-policy file
- System.setProperty("hadoop.policy.file", "hbase-policy.xml");
- synchronized (authManager) {
- authManager.refresh(newConf, new HBasePolicyProvider());
+ if (authorize) {
+ refreshAuthManager(newConf, new HBasePolicyProvider());
}
- LOG.info("Refreshed hbase-policy.xml successfully");
- ProxyUsers.refreshSuperUserGroupsConfiguration(newConf);
- LOG.info("Refreshed super and proxy users successfully");
}
protected void initReconfigurable(Configuration confToLoad) {
@@ -372,12 +365,14 @@ public abstract class RpcServer implements RpcServerInterface,
}
@Override
- public void refreshAuthManager(PolicyProvider pp) {
+ public synchronized void refreshAuthManager(Configuration conf, PolicyProvider pp) {
// Ignore warnings that this should be accessed in a static way instead of via an instance;
// it'll break if you go via static route.
- synchronized (authManager) {
- authManager.refresh(this.conf, pp);
- }
+ System.setProperty("hadoop.policy.file", "hbase-policy.xml");
+ this.authManager.refresh(conf, pp);
+ LOG.info("Refreshed hbase-policy.xml successfully");
+ ProxyUsers.refreshSuperUserGroupsConfiguration(conf);
+ LOG.info("Refreshed super and proxy users successfully");
}
protected AuthenticationTokenSecretManager createSecretManager() {
@@ -604,13 +599,11 @@ public abstract class RpcServer implements RpcServerInterface,
* @param addr InetAddress of incoming connection
* @throws AuthorizationException when the client isn't authorized to talk the protocol
*/
- public void authorize(UserGroupInformation user, ConnectionHeader connection,
+ public synchronized void authorize(UserGroupInformation user, ConnectionHeader connection,
InetAddress addr) throws AuthorizationException {
if (authorize) {
Class<?> c = getServiceInterface(services, connection.getServiceName());
- synchronized (authManager) {
- authManager.authorize(user, c, getConf(), addr);
- }
+ authManager.authorize(user, c, getConf(), addr);
}
}
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/ipc/RpcServerInterface.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/ipc/RpcServerInterface.java
index cf67e98..9a1fae7 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/ipc/RpcServerInterface.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/ipc/RpcServerInterface.java
@@ -23,6 +23,7 @@ import java.io.IOException;
import java.net.InetSocketAddress;
import org.apache.yetus.audience.InterfaceAudience;
+import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.CellScanner;
import org.apache.hadoop.hbase.monitoring.MonitoredRPCHandler;
import org.apache.hadoop.hbase.regionserver.RSRpcServices;
@@ -84,7 +85,7 @@ public interface RpcServerInterface {
* @param pp
*/
@VisibleForTesting
- void refreshAuthManager(PolicyProvider pp);
+ void refreshAuthManager(Configuration conf, PolicyProvider pp);
RpcScheduler getScheduler();
diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/token/TestTokenAuthentication.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/token/TestTokenAuthentication.java
index e4780f1..8aa274f 100644
--- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/token/TestTokenAuthentication.java
+++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/token/TestTokenAuthentication.java
@@ -401,7 +401,7 @@ public class TestTokenAuthentication {
while (!server.isStarted() && !server.isStopped()) {
Thread.sleep(10);
}
- server.rpcServer.refreshAuthManager(new PolicyProvider() {
+ server.rpcServer.refreshAuthManager(conf, new PolicyProvider() {
@Override
public Service[] getServices() {
return new Service [] {