[ https://issues.apache.org/jira/browse/HBASE-25543?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17280256#comment-17280256 ]
Hudson commented on HBASE-25543: -------------------------------- Results for branch branch-2 [build #171 on builds.a.o|https://ci-hadoop.apache.org/job/HBase/job/HBase%20Nightly/job/branch-2/171/]: (x) *{color:red}-1 overall{color}* ---- details (if available): (x) {color:red}-1 general checks{color} -- For more information [see general report|https://ci-hadoop.apache.org/job/HBase/job/HBase%20Nightly/job/branch-2/171/General_20Nightly_20Build_20Report/] (/) {color:green}+1 jdk8 hadoop2 checks{color} -- For more information [see jdk8 (hadoop2) report|https://ci-hadoop.apache.org/job/HBase/job/HBase%20Nightly/job/branch-2/171/JDK8_20Nightly_20Build_20Report_20_28Hadoop2_29/] (/) {color:green}+1 jdk8 hadoop3 checks{color} -- For more information [see jdk8 (hadoop3) report|https://ci-hadoop.apache.org/job/HBase/job/HBase%20Nightly/job/branch-2/171/JDK8_20Nightly_20Build_20Report_20_28Hadoop3_29/] (/) {color:green}+1 jdk11 hadoop3 checks{color} -- For more information [see jdk11 report|https://ci-hadoop.apache.org/job/HBase/job/HBase%20Nightly/job/branch-2/171/JDK11_20Nightly_20Build_20Report_20_28Hadoop3_29/] (/) {color:green}+1 source release artifact{color} -- See build output for details. (/) {color:green}+1 client integration test{color} > When configuration "hadoop.security.authorization" is set to false, the > system will still try to authorize an RPC and raise AccessDeniedException > -------------------------------------------------------------------------------------------------------------------------------------------------- > > Key: HBASE-25543 > URL: https://issues.apache.org/jira/browse/HBASE-25543 > Project: HBase > Issue Type: Bug > Components: IPC/RPC > Reporter: Yutong Xiao > Assignee: Yutong Xiao > Priority: Minor > Fix For: 3.0.0-alpha-1, 2.2.7, 2.5.0, 2.3.5, 2.4.2 > > > In method processOneRpc(Bytebuffer buf) in RpcServer.java (branch-1), > ServerRpcConnection.java (branch-2, master), if connectionHeadRead is set to > false, the method authorizeConnection() will be invoked whatever the boolean > authorize is true or false. > {code:java} > if (!authorizeConnection()) { > // Throw FatalConnectionException wrapping ACE so client does right thing > and closes > // down the connection instead of trying to read non-existent retun. > throw new AccessDeniedException("Connection from " + this + " for service " > + > connectionHeader.getServiceName() + " is unauthorized for user: " + ugi); > } > {code} > In method authorizeConnection() > {code:java} > if (ugi != null && ugi.getRealUser() != null > && (authMethod != AuthMethod.DIGEST)) { > ProxyUsers.authorize(ugi, this.getHostAddress(), conf); > }{code} > ProxyUsers.authorize() will raise AuthorizationException. -- This message was sent by Atlassian Jira (v8.3.4#803005)