You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@spark.apache.org by "Yang Jie (Jira)" <ji...@apache.org> on 2023/10/10 09:27:00 UTC
[jira] [Updated] (SPARK-45482) Clean up the usage of `AccessControlContext` and `AccessController`
[ https://issues.apache.org/jira/browse/SPARK-45482?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Yang Jie updated SPARK-45482:
-----------------------------
Description:
{code:java}
* @deprecated This class is only useful in conjunction with
* {@linkplain SecurityManager the Security Manager}, which is deprecated
* and subject to removal in a future release. Consequently, this class
* is also deprecated and subject to removal. There is no replacement for
* the Security Manager or this class.
*/
@Deprecated(since="17", forRemoval=true)
public final class AccessController {
* @deprecated This class is only useful in conjunction with
* {@linkplain SecurityManager the Security Manager}, which is deprecated
* and subject to removal in a future release. Consequently, this class
* is also deprecated and subject to removal. There is no replacement for
* the Security Manager or this class.
*/
@Deprecated(since="17", forRemoval=true)
public final class AccessControlContext { {code}
`AccessControlContext` and `AccessController` are marked as deprecated in Java 17, with `forRemoval` set to true. From the Javadoc, it can be seen that they do not have corresponding replacements.
In Spark, there are three files that use AccessControlContext or AccessController:
# [https://github.com/apache/spark/blob/39cc4abaff73cb49f9d79d1d844fe5c9fa14c917/core/src/main/scala/org/apache/spark/serializer/SerializationDebugger.scala#L70-L73]
{code:java}
private[serializer] var enableDebugging: Boolean = {
!AccessController.doPrivileged(new sun.security.action.GetBooleanAction(
"sun.io.serialization.extendedDebugInfo")).booleanValue()
} {code}
# [https://github.com/apache/spark/blob/39cc4abaff73cb49f9d79d1d844fe5c9fa14c917/sql/hive-thriftserver/src/main/java/org/apache/hive/service/auth/TSubjectAssumingTransport.java#L42-L45]
{code:java}
public void open() throws TTransportException {
try {
AccessControlContext context = AccessController.getContext();
Subject subject = Subject.getSubject(context);
Subject.doAs(subject, (PrivilegedExceptionAction<Void>) () -> {
try {
wrapped.open();
} catch (TTransportException tte) {
// Wrap the transport exception in an RTE, since Subject.doAs() then goes
// and unwraps this for us out of the doAs block. We then unwrap one
// more time in our catch clause to get back the TTE. (ugh)
throw new RuntimeException(tte);
}
return null;
});
} catch (PrivilegedActionException ioe) {
throw new RuntimeException("Received an ioe we never threw!", ioe);
} catch (RuntimeException rte) {
if (rte.getCause() instanceof TTransportException) {
throw (TTransportException) rte.getCause();
} else {
throw rte;
}
}
} {code}
# [https://github.com/apache/spark/blob/39cc4abaff73cb49f9d79d1d844fe5c9fa14c917/sql/hive-thriftserver/src/main/java/org/apache/hive/service/auth/HttpAuthUtils.java#L73]
{code:java}
public static String getKerberosServiceTicket(String principal, String host,
String serverHttpUrl, boolean assumeSubject) throws Exception {
String serverPrincipal =
ShimLoader.getHadoopThriftAuthBridge().getServerPrincipal(principal, host);
if (assumeSubject) {
// With this option, we're assuming that the external application,
// using the JDBC driver has done a JAAS kerberos login already
AccessControlContext context = AccessController.getContext();
Subject subject = Subject.getSubject(context);
if (subject == null) {
throw new Exception("The Subject is not set");
}
return Subject.doAs(subject, new HttpKerberosClientAction(serverPrincipal, serverHttpUrl));
} else {
// JAAS login from ticket cache to setup the client UserGroupInformation
UserGroupInformation clientUGI =
ShimLoader.getHadoopThriftAuthBridge().getCurrentUGIWithConf("kerberos");
return clientUGI.doAs(new HttpKerberosClientAction(serverPrincipal, serverHttpUrl));
}
} {code}
> Clean up the usage of `AccessControlContext` and `AccessController`
> -------------------------------------------------------------------
>
> Key: SPARK-45482
> URL: https://issues.apache.org/jira/browse/SPARK-45482
> Project: Spark
> Issue Type: Sub-task
> Components: Spark Core, SQL
> Affects Versions: 4.0.0
> Reporter: Yang Jie
> Priority: Minor
>
>
>
> {code:java}
> * @deprecated This class is only useful in conjunction with
> * {@linkplain SecurityManager the Security Manager}, which is deprecated
> * and subject to removal in a future release. Consequently, this class
> * is also deprecated and subject to removal. There is no replacement for
> * the Security Manager or this class.
> */
> @Deprecated(since="17", forRemoval=true)
> public final class AccessController {
> * @deprecated This class is only useful in conjunction with
> * {@linkplain SecurityManager the Security Manager}, which is deprecated
> * and subject to removal in a future release. Consequently, this class
> * is also deprecated and subject to removal. There is no replacement for
> * the Security Manager or this class.
> */
> @Deprecated(since="17", forRemoval=true)
> public final class AccessControlContext { {code}
>
>
> `AccessControlContext` and `AccessController` are marked as deprecated in Java 17, with `forRemoval` set to true. From the Javadoc, it can be seen that they do not have corresponding replacements.
>
> In Spark, there are three files that use AccessControlContext or AccessController:
> # [https://github.com/apache/spark/blob/39cc4abaff73cb49f9d79d1d844fe5c9fa14c917/core/src/main/scala/org/apache/spark/serializer/SerializationDebugger.scala#L70-L73]
> {code:java}
> private[serializer] var enableDebugging: Boolean = {
> !AccessController.doPrivileged(new sun.security.action.GetBooleanAction(
> "sun.io.serialization.extendedDebugInfo")).booleanValue()
> } {code}
>
> # [https://github.com/apache/spark/blob/39cc4abaff73cb49f9d79d1d844fe5c9fa14c917/sql/hive-thriftserver/src/main/java/org/apache/hive/service/auth/TSubjectAssumingTransport.java#L42-L45]
>
> {code:java}
> public void open() throws TTransportException {
> try {
> AccessControlContext context = AccessController.getContext();
> Subject subject = Subject.getSubject(context);
> Subject.doAs(subject, (PrivilegedExceptionAction<Void>) () -> {
> try {
> wrapped.open();
> } catch (TTransportException tte) {
> // Wrap the transport exception in an RTE, since Subject.doAs() then goes
> // and unwraps this for us out of the doAs block. We then unwrap one
> // more time in our catch clause to get back the TTE. (ugh)
> throw new RuntimeException(tte);
> }
> return null;
> });
> } catch (PrivilegedActionException ioe) {
> throw new RuntimeException("Received an ioe we never threw!", ioe);
> } catch (RuntimeException rte) {
> if (rte.getCause() instanceof TTransportException) {
> throw (TTransportException) rte.getCause();
> } else {
> throw rte;
> }
> }
> } {code}
>
> # [https://github.com/apache/spark/blob/39cc4abaff73cb49f9d79d1d844fe5c9fa14c917/sql/hive-thriftserver/src/main/java/org/apache/hive/service/auth/HttpAuthUtils.java#L73]
>
> {code:java}
> public static String getKerberosServiceTicket(String principal, String host,
> String serverHttpUrl, boolean assumeSubject) throws Exception {
> String serverPrincipal =
> ShimLoader.getHadoopThriftAuthBridge().getServerPrincipal(principal, host);
> if (assumeSubject) {
> // With this option, we're assuming that the external application,
> // using the JDBC driver has done a JAAS kerberos login already
> AccessControlContext context = AccessController.getContext();
> Subject subject = Subject.getSubject(context);
> if (subject == null) {
> throw new Exception("The Subject is not set");
> }
> return Subject.doAs(subject, new HttpKerberosClientAction(serverPrincipal, serverHttpUrl));
> } else {
> // JAAS login from ticket cache to setup the client UserGroupInformation
> UserGroupInformation clientUGI =
> ShimLoader.getHadoopThriftAuthBridge().getCurrentUGIWithConf("kerberos");
> return clientUGI.doAs(new HttpKerberosClientAction(serverPrincipal, serverHttpUrl));
> }
> } {code}
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org