[
https://issues.apache.org/jira/browse/RANGER-4038?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17921508#comment-17921508
]
Bhavik Patel commented on RANGER-4038:
--------------------------------------
Ranger Tagsync is working as expected but few dependencies were missed in the
packaging.
Ranger KMS service test connection is not working and getting the below error
{code:java}
2025-01-27 18:30:07,412 INFO [Thread[Thread-17,5,main]]
o.a.h.s.t.d.AbstractDelegationTokenSecretManager
(AbstractDelegationTokenSecretManager.java:415) - Updating the current master
key for generating delegation tokens
2025-01-27 18:30:17,521 ERROR [http-nio-9292-exec-1]
o.a.c.c.C.[.[.[.[webservices-driver] (DirectJDKLog.java:175) -
Servlet.service() for servlet [webservices-driver] in context with path [/kms]
threw exception [org.glassfish.jersey.server.ContainerException:
java.lang.LinkageError: loader constraint violation: loader 'app' wants to load
class com.fasterxml.jackson.databind.ObjectMapper. A different class with the
same name was previously loaded by
org.apache.catalina.loader.ParallelWebappClassLoader @55e8ec2f.
(com.fasterxml.jackson.databind.ObjectMapper is in unnamed module of loader
org.apache.catalina.loader.ParallelWebappClassLoader @55e8ec2f, parent loader
'app')] with root cause
java.lang.LinkageError: loader constraint violation: loader 'app' wants to load
class com.fasterxml.jackson.databind.ObjectMapper. A different class with the
same name was previously loaded by
org.apache.catalina.loader.ParallelWebappClassLoader @55e8ec2f.
(com.fasterxml.jackson.databind.ObjectMapper is in unnamed module of loader
org.apache.catalina.loader.ParallelWebappClassLoader @55e8ec2f, parent loader
'app')
at java.base/java.lang.ClassLoader.defineClass1(Native Method)
at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1017)
at
java.base/java.security.SecureClassLoader.defineClass(SecureClassLoader.java:150)
at
java.base/jdk.internal.loader.BuiltinClassLoader.defineClass(BuiltinClassLoader.java:862)
at
java.base/jdk.internal.loader.BuiltinClassLoader.findClassOnClassPathOrNull(BuiltinClassLoader.java:760)
at
java.base/jdk.internal.loader.BuiltinClassLoader.loadClassOrNull(BuiltinClassLoader.java:681)
at
java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:639)
at
java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:188)
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:525)
at
org.apache.ranger.plugin.util.JsonUtilsV2$1.initialValue(JsonUtilsV2.java:38)
at
org.apache.ranger.plugin.util.JsonUtilsV2$1.initialValue(JsonUtilsV2.java:35)
at java.base/java.lang.ThreadLocal.setInitialValue(ThreadLocal.java:195)
at java.base/java.lang.ThreadLocal.get(ThreadLocal.java:172)
at
org.apache.ranger.plugin.util.JsonUtilsV2.getMapper(JsonUtilsV2.java:43)
at
org.apache.hadoop.crypto.key.kms.server.KMSJSONWriter.writeTo(KMSJSONWriter.java:66)
at
org.glassfish.jersey.message.internal.WriterInterceptorExecutor$TerminalWriterInterceptor.invokeWriteTo(WriterInterceptorExecutor.java:242)
at
org.glassfish.jersey.message.internal.WriterInterceptorExecutor$TerminalWriterInterceptor.aroundWriteTo(WriterInterceptorExecutor.java:227)
at
org.glassfish.jersey.message.internal.WriterInterceptorExecutor.proceed(WriterInterceptorExecutor.java:139)
at
org.glassfish.jersey.server.internal.JsonWithPaddingInterceptor.aroundWriteTo(JsonWithPaddingInterceptor.java:85)
at
org.glassfish.jersey.message.internal.WriterInterceptorExecutor.proceed(WriterInterceptorExecutor.java:139)
at
org.glassfish.jersey.server.internal.MappableExceptionWrapperInterceptor.aroundWriteTo(MappableExceptionWrapperInterceptor.java:61)
at
org.glassfish.jersey.message.internal.WriterInterceptorExecutor.proceed(WriterInterceptorExecutor.java:139)
at
org.glassfish.jersey.message.internal.MessageBodyFactory.writeTo(MessageBodyFactory.java:1116)
at
org.glassfish.jersey.server.ServerRuntime$Responder.writeResponse(ServerRuntime.java:649)
at
org.glassfish.jersey.server.ServerRuntime$Responder.processResponse(ServerRuntime.java:380)
at
org.glassfish.jersey.server.ServerRuntime$Responder.process(ServerRuntime.java:370)
at
org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:259)
at org.glassfish.jersey.internal.Errors$1.call(Errors.java:248)
at org.glassfish.jersey.internal.Errors$1.call(Errors.java:244)
at org.glassfish.jersey.internal.Errors.process(Errors.java:292)
at org.glassfish.jersey.internal.Errors.process(Errors.java:274)
at org.glassfish.jersey.internal.Errors.process(Errors.java:244)
at
org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:265)
at
org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:235)
at
org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:684)
at
org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:397)
at
org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:349)
at
org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:379)
at
org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:312)
at
org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:205)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:195)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at
org.apache.hadoop.crypto.key.kms.server.KMSMDCFilter.doFilter(KMSMDCFilter.java:92)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at
org.apache.hadoop.security.authentication.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:650)
at
org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticationFilter.doFilter(DelegationTokenAuthenticationFilter.java:305)
at
org.apache.hadoop.security.authentication.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:592)
at
org.apache.hadoop.crypto.key.kms.server.KMSAuthenticationFilter.doFilter(KMSAuthenticationFilter.java:136)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:483)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:115)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93)
at
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:663)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344)
at
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:384)
at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:905)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1741)
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
at
org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1190)
at
org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63)
at java.base/java.lang.Thread.run(Thread.java:840)
2025-01-27 18:30:17,536 ERROR [http-nio-9292-exec-1]
o.a.c.c.C.[.[.[.[webservices-driver] (DirectJDKLog.java:175) -
Servlet.service() for servlet [webservices-driver] in context with path [/kms]
threw exception [org.glassfish.jersey.server.ContainerException:
java.lang.LinkageError: loader constraint violation: loader 'app' wants to load
class com.fasterxml.jackson.databind.ObjectMapper. A different class with the
same name was previously loaded by
org.apache.catalina.loader.ParallelWebappClassLoader @55e8ec2f.
(com.fasterxml.jackson.databind.ObjectMapper is in unnamed module of loader
org.apache.catalina.loader.ParallelWebappClassLoader @55e8ec2f, parent loader
'app')] with root cause
java.lang.LinkageError: loader constraint violation: loader 'app' wants to load
class com.fasterxml.jackson.databind.ObjectMapper. A different class with the
same name was previously loaded by
org.apache.catalina.loader.ParallelWebappClassLoader @55e8ec2f.
(com.fasterxml.jackson.databind.ObjectMapper is in unnamed module of loader
org.apache.catalina.loader.ParallelWebappClassLoader @55e8ec2f, parent loader
'app')
at
org.apache.ranger.plugin.util.JsonUtilsV2$1.initialValue(JsonUtilsV2.java:38)
at
org.apache.ranger.plugin.util.JsonUtilsV2$1.initialValue(JsonUtilsV2.java:35)
at java.base/java.lang.ThreadLocal.setInitialValue(ThreadLocal.java:195)
at java.base/java.lang.ThreadLocal.get(ThreadLocal.java:172)
at
org.apache.ranger.plugin.util.JsonUtilsV2.getMapper(JsonUtilsV2.java:43)
at
org.apache.hadoop.crypto.key.kms.server.KMSJSONWriter.writeTo(KMSJSONWriter.java:66)
at
org.glassfish.jersey.message.internal.WriterInterceptorExecutor$TerminalWriterInterceptor.invokeWriteTo(WriterInterceptorExecutor.java:242)
at
org.glassfish.jersey.message.internal.WriterInterceptorExecutor$TerminalWriterInterceptor.aroundWriteTo(WriterInterceptorExecutor.java:227)
at
org.glassfish.jersey.message.internal.WriterInterceptorExecutor.proceed(WriterInterceptorExecutor.java:139)
at
org.glassfish.jersey.server.internal.JsonWithPaddingInterceptor.aroundWriteTo(JsonWithPaddingInterceptor.java:85)
at
org.glassfish.jersey.message.internal.WriterInterceptorExecutor.proceed(WriterInterceptorExecutor.java:139)
at
org.glassfish.jersey.server.internal.MappableExceptionWrapperInterceptor.aroundWriteTo(MappableExceptionWrapperInterceptor.java:61)
at
org.glassfish.jersey.message.internal.WriterInterceptorExecutor.proceed(WriterInterceptorExecutor.java:139)
{code}
> Upgrade spring framework and spring security versions
> -----------------------------------------------------
>
> Key: RANGER-4038
> URL: https://issues.apache.org/jira/browse/RANGER-4038
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Reporter: Himanshu Maurya
> Priority: Major
>
> Pivotal Spring Framework up to (excluding) 6.0.0 suffers from a potential
> remote code execution (RCE) issue if used for Java deserialization of
> untrusted data. Depending on how the library is implemented within a product,
> this issue may or not occur, and authentication may be required.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
