You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ozone.apache.org by GitBox <gi...@apache.org> on 2022/09/11 23:42:05 UTC

[GitHub] [ozone] neils-dev opened a new pull request, #3749: HDDS-7193. S3gateway Grpc Ranger Authorizer NPE Unhandled Exception

neils-dev opened a new pull request, #3749:
URL: https://github.com/apache/ozone/pull/3749

   ## What changes were proposed in this pull request?
   
   The S3gateway configured with the Grpc transport and with Ranger authorizer _fails_ s3 `list-objects` requests due to an _unhandled_ NPE thrown by the `Ranger authorizer plugin`.  The null-pointer exception is thrown by the ranger plugin `RangerOzoneAuthorizer.java` when it accesses the ip address of the client for the ranger request.   This patch validates the ip-address passed to ranger prior to submitting the request to ranger.  Should the ip-address be null, then it is _set_ to, the default, the `om rpc ip-address`.  This default is consistent with default used in the OM should the client ip be null in `checkAcls `methods.
   
   ## What is the link to the Apache JIRA
   
   https://issues.apache.org/jira/browse/HDDS-7193
   ## How was this patch tested?
   Manually tested with s3 gateway configured with Grpc transport and ranger authorizer.
   ```
     <property>
       <name>ozone.om.s3.grpc.server_enabled</name>
       <value>true</value>
     </property>
     <property>
       <name>ozone.om.transport.class</name>
       <value>org.apache.hadoop.ozone.om.protocolPB.GrpcOmTransportFactory</value>
     </property>
   
   ``` 
   Configured s3gateway with Grpc tested processing list-objects s3 requests:
   ```
   $ aws s3api --profile ozone --endpoint http://localhost:9878 list-objects --bucket=bucket1
   {
       "Contents": [
           {
               "Key": "key1",
               "LastModified": "2022-09-11T23:02:56.236000+00:00",
               "ETag": "2022-09-11T23:02:56.236Z",
               "Size": 3811,
               "StorageClass": "STANDARD"
           }
       ]
   }
   
   ```
   CI workflow.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org

[GitHub] [ozone] smengcl merged pull request #3749: HDDS-7193. S3gateway Grpc Ranger Authorizer NPE Unhandled Exception

Posted by GitBox <gi...@apache.org>.

smengcl merged PR #3749:
URL: https://github.com/apache/ozone/pull/3749


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org