Apache
/
hbase
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HBASE-13482. Phoenix is failing to scan tables on secure environments. (Alicia Shu)

This commit is contained in:
Devaraj Das 2015-04-19 22:17:38 -07:00
parent 10254b74ae
commit 4001492e7f
3 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
hbase-server/src/main/java/org/apache/hadoop/hbase/ipc/RpcServer.java
View File

@ -2388,6 +2388,10 @@ public class RpcServer implements RpcServerInterface {
return CurCall.get(); return CurCall.get();
} }
public static boolean isInRpcCallContext() {
return CurCall.get() != null;
}
/** /**
* Returns the user credentials associated with the current RPC request or * Returns the user credentials associated with the current RPC request or
* <code>null</code> if no credentials were provided. * <code>null</code> if no credentials were provided.

2
hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
View File

@ -2042,6 +2042,8 @@ public class AccessController extends BaseMasterAndRegionObserver
* the checks performed in preScannerOpen() * the checks performed in preScannerOpen()
*/ */
private void requireScannerOwner(InternalScanner s) throws AccessDeniedException { private void requireScannerOwner(InternalScanner s) throws AccessDeniedException {
if (!RpcServer.isInRpcCallContext())
return;
String requestUserName = RpcServer.getRequestUserName(); String requestUserName = RpcServer.getRequestUserName();
String owner = scannerOwners.get(s); String owner = scannerOwners.get(s);
if (authorizationEnabled && owner != null && !owner.equals(requestUserName)) { if (authorizationEnabled && owner != null && !owner.equals(requestUserName)) {

3
hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityController.java
View File

@ -639,7 +639,8 @@ public class VisibilityController extends BaseMasterAndRegionObserver implements
* access control is correctly enforced based on the checks performed in preScannerOpen() * access control is correctly enforced based on the checks performed in preScannerOpen()
*/ */
private void requireScannerOwner(InternalScanner s) throws AccessDeniedException { private void requireScannerOwner(InternalScanner s) throws AccessDeniedException {
// This is duplicated code! if (!RpcServer.isInRpcCallContext())
return;
String requestUName = RpcServer.getRequestUserName(); String requestUName = RpcServer.getRequestUserName();
String owner = scannerOwners.get(s); String owner = scannerOwners.get(s);
if (authorizationEnabled && owner != null && !owner.equals(requestUName)) { if (authorizationEnabled && owner != null && !owner.equals(requestUName)) {