Apache
/
hbase
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HBASE-26776 RpcServer failure to SASL handshake always logs user "unknown" to audit log (#4138) 

Signed-off-by: Andrew Purtell <apurtell@apache.org>
Signed-off-by: Peter Somogyi <psomogyi@apache.org>
This commit is contained in:
Nick Dimiduk 2022-03-01 14:33:02 +01:00 committed by GitHub
parent 1f2ddbe7cd
commit e85bf414ab
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java
View File

@ -1,4 +1,4 @@
/**
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
@ -21,15 +21,11 @@ import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.IOException;
import java.util.Map;
import java.util.Optional;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import org.apache.hadoop.hbase.security.provider.AttemptingUserProvidingSaslServer;
import org.apache.hadoop.hbase.security.provider.SaslServerAuthenticationProvider;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.token.SecretManager;
import org.apache.hadoop.security.token.SecretManager.InvalidToken;
import org.apache.hadoop.security.token.TokenIdentifier;
@ -66,11 +62,9 @@ public class HBaseSaslRpcServer {
}
public String getAttemptingUser() {
Optional<UserGroupInformation> optionalUser = serverWithProvider.getAttemptingUser();
if (optionalUser.isPresent()) {
optionalUser.get().toString();
}
return "Unknown";
return serverWithProvider.getAttemptingUser()
.map(Object::toString)
.orElse("Unknown");
}
public byte[] wrap(byte[] buf, int off, int len) throws SaslException {