Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-12811

[AccessController] NPE while scanning a table with user not having READ permission on the namespace

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 0.98.9
    • 1.0.0, 0.98.10, 1.1.0
    • security
    • None
    • Reviewed

    Description

      Steps to reproduce
      1) Grant a group permission(other than READ) on a namespace
      2) Scan a table in that namespace from a user belonging to that group
      we get the following exception.

      java.lang.NullPointerException
	at org.apache.hadoop.hbase.security.access.TablePermission.implies(TablePermission.java:215)
	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:340)
	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:332)
	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorizeGroup(TableAuthManager.java:473)
	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:490)
	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:500)
	at org.apache.hadoop.hbase.security.access.AccessController.permissionGranted(AccessController.java:415)
	at org.apache.hadoop.hbase.security.access.AccessController.permissionGranted(AccessController.java:484)
	at org.apache.hadoop.hbase.security.access.AccessController.internalPreRead(AccessController.java:1504)
	at org.apache.hadoop.hbase.security.access.AccessController.preScannerOpen(AccessController.java:2027)
	at org.apache.hadoop.hbase.regionserver.RegionCoprocessorHost.preScannerOpen(RegionCoprocessorHost.java:1987)
	at org.apache.hadoop.hbase.regionserver.HRegionServer.scan(HRegionServer.java:3102)

      Note: Line numbers may not match.

      Attachments

        1. HBASE-12811.patch
          1 kB
          Ashish Singhi

        Activity

          People

            ashish singhi Ashish Singhi
            ashish singhi Ashish Singhi
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: