[
https://issues.apache.org/jira/browse/HIVE-25479?focusedWorklogId=662866&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-662866
]
ASF GitHub Bot logged work on HIVE-25479:
-----------------------------------------
Author: ASF GitHub Bot
Created on: 08/Oct/21 17:44
Start Date: 08/Oct/21 17:44
Worklog Time Spent: 10m
Work Description: vihangk1 commented on a change in pull request #2601:
URL: https://github.com/apache/hive/pull/2601#discussion_r725196715
##########
File path: jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java
##########
@@ -1067,33 +1069,58 @@ private void openSession() throws SQLException {
//TODO This is a bit hacky. We piggy back on a dummy OpenSession call
// to get the redirect response from the server. Instead its probably
cleaner to
// explicitly do a HTTP post request and get the response.
- int numRetry = isBrowserAuthMode() ? 2 : 1;
- for (int i=0; i<numRetry; i++) {
- try {
- openSession(openReq);
- } catch (TException e) {
- if (isSamlRedirect(e)) {
- boolean success = doBrowserSSO();
- if (!success) {
- String msg = browserClient.getServerResponse() == null
- || browserClient.getServerResponse().getMsg() == null ? ""
- : browserClient.getServerResponse().getMsg();
+ try {
+ int numRetry = 1;
+ if (isBrowserAuthMode()) {
+ numRetry = 2;
Review comment:
Not really. If the SAML flow fails, we would throw the exception at line
1088 or 1093 below. The second attempt at openSession only happens when the
auth flow has completed and the token is received by the driver.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscr...@hive.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Issue Time Tracking
-------------------
Worklog Id: (was: 662866)
Time Spent: 50m (was: 40m)
> Browser SSO auth may fail intermittently on chrome browser in virtual
> environments
> ----------------------------------------------------------------------------------
>
> Key: HIVE-25479
> URL: https://issues.apache.org/jira/browse/HIVE-25479
> Project: Hive
> Issue Type: Bug
> Components: JDBC
> Reporter: Vihang Karajgaonkar
> Assignee: Vihang Karajgaonkar
> Priority: Major
> Labels: pull-request-available
> Time Spent: 50m
> Remaining Estimate: 0h
>
> When browser based SSO is enabled the Hive JDBC driver might miss the POST
> requests coming from the browser which provide the one-time token issued by
> HS2s after the SAML flow completes. The issue was observed mostly in virtual
> environments on Windows.
> The issue seems to be that when the driver binds to a port even though the
> port is in LISTEN state, if the browser issues posts request on the port
> before it goes into ACCEPT state the result is non-deterministic. On native
> OSes we observed that the connection is buffered and is received by the
> driver when it begins accepting the connections. In case of VMs it is
> observed that even though the connection is buffered and presented when the
> port goes into ACCEPT mode, the payload of the request or the connection
> itself is lost. This race condition causes the driver to wait for the browser
> until it timesout and the browser keeps waiting for a response from the
> driver.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
