This is an automated email from the ASF dual-hosted git repository.
jt2594838 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/iotdb.git
The following commit(s) were added to refs/heads/master by this push:
new f4d7ec4a8ae Fix alter pipe password check after restart for write-back
sink. (#17771)
f4d7ec4a8ae is described below
commit f4d7ec4a8ae2402da9e407945b0357971e8f624a
Author: Zhenyu Luo <[email protected]>
AuthorDate: Tue Jun 2 17:36:28 2026 +0800
Fix alter pipe password check after restart for write-back sink. (#17771)
* Fix alter pipe password check after restart for write-back sink.
Skip login lock for internal sessions used by pipe password validation,
and avoid ArrayIndexOutOfBounds when parsing user@ip keys during lock
cleanup.
Co-authored-by: Cursor <[email protected]>
* spotless
---------
Co-authored-by: Cursor <[email protected]>
---
.../src/main/java/org/apache/iotdb/db/auth/LoginLockManager.java | 7 +++++--
.../java/org/apache/iotdb/db/protocol/session/SessionManager.java | 6 +++++-
2 files changed, 10 insertions(+), 3 deletions(-)
diff --git
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/LoginLockManager.java
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/LoginLockManager.java
index aa49484e8b9..6015d1d538f 100644
---
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/LoginLockManager.java
+++
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/LoginLockManager.java
@@ -314,8 +314,11 @@ public class LoginLockManager {
// Remove outdated failures
info.removeOldFailures(cutoffTime);
if (info.getFailureCount() == 0) {
- String[] parts = entry.getKey().split("@");
- LOGGER.info(DataNodeMiscMessages.IP_UNLOCKED_EXPIRED,
parts[1], parts[0]);
+ final String[] parts = entry.getKey().split("@", 2);
+ LOGGER.info(
+ DataNodeMiscMessages.IP_UNLOCKED_EXPIRED,
+ parts.length == 2 ? parts[1] : "",
+ parts.length >= 1 ? parts[0] : "");
return true;
}
return false;
diff --git
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/protocol/session/SessionManager.java
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/protocol/session/SessionManager.java
index c84ed06bb4b..b3fa3c049f3 100644
---
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/protocol/session/SessionManager.java
+++
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/protocol/session/SessionManager.java
@@ -48,6 +48,7 @@ import org.apache.iotdb.rpc.RpcUtils;
import org.apache.iotdb.rpc.TSStatusCode;
import org.apache.iotdb.service.rpc.thrift.TSConnectionInfo;
import org.apache.iotdb.service.rpc.thrift.TSConnectionInfoResp;
+import org.apache.iotdb.service.rpc.thrift.TSConnectionType;
import org.apache.iotdb.service.rpc.thrift.TSProtocolVersion;
import org.apache.tsfile.external.commons.lang3.StringUtils;
@@ -138,7 +139,10 @@ public class SessionManager implements SessionManagerMBean
{
final long userId = AuthorityChecker.getUserId(username).orElse(-1L);
- boolean enableLoginLock = userId != -1;
+ // Pipe/CQ/Select-Into use InternalClientSession for password validation
and should not
+ // participate in user@ip login lock (empty client address shares one lock
bucket).
+ final boolean enableLoginLock =
+ userId != -1 && session.getConnectionType() !=
TSConnectionType.INTERNAL;
LoginLockManager loginLockManager = LoginLockManager.getInstance();
if (enableLoginLock && loginLockManager.checkLock(userId,
session.getClientAddress())) {
// Generic authentication error
