Unfortunately, I do not have much time for doing some digging. Sorry for that :-( You should look at JavaBasedUDFunction and UDFExecutorServic.
Le lun. 4 avr. 2022 à 17:25, Sébastien Rebecchi <srebec...@kameleoon.com> a écrit : > Hi! > Do you have any more ideas for me? > Cordially, > Sébastien. > > Le lun. 28 mars 2022 à 16:39, Sébastien Rebecchi <srebec...@kameleoon.com> > a écrit : > >> Unfortunately, it is not working even with >> "enable_user_defined_functions_threads: false" in cassandra.yaml :/ >> Is there any way to check the running configuration? >> >> Le lun. 28 mars 2022 à 15:35, Benjamin Lerer <ble...@apache.org> a >> écrit : >> >>> I do not think that allowing to customize UDF classes whitelist has been >>> discussed before. Feel free to open a JIRA ticket :-) >>> I have some plans to revisit how we securise UDFs as the current >>> threading approach has some impact in terms of latency. That can be a good >>> opportunity to look into providing more flexibility. >>> >>> Le lun. 28 mars 2022 à 15:00, Sébastien Rebecchi < >>> srebec...@kameleoon.com> a écrit : >>> >>>> Thanks you very much! I will try that. >>>> As you know, would it be a long-terms solution? Or is there any plan to >>>> add the possibility to customize UDF classes whitelist? >>>> >>>> Le lun. 28 mars 2022 à 14:31, Benjamin Lerer <ble...@apache.org> a >>>> écrit : >>>> >>>>> Is there a way to customize that default behaviour? >>>>> >>>>> >>>>> Looking at JavaBasedUDFunction quickly it seems that the ClassLoader >>>>> is only used when you use the UDFExecutorService to execute your >>>>> UDFs. You can try to disable it using >>>>> "enable_user_defined_functions_threads: false" and see if it works. >>>>> Now that also means that you have to ensure that only trusted persons >>>>> can create UDF or UDA as it removes all safety mechanisms. >>>>> >>>>> Le lun. 28 mars 2022 à 13:23, Sébastien Rebecchi < >>>>> srebec...@kameleoon.com> a écrit : >>>>> >>>>>> Hi Benjamin, >>>>>> >>>>>> Thanks for the answer. >>>>>> Is there a way to customize that default behaviour? If no, could you >>>>>> indicate where to find this class loader in the github of Cassandra >>>>>> please? >>>>>> >>>>>> Le lun. 28 mars 2022 à 12:40, Benjamin Lerer <ble...@apache.org> a >>>>>> écrit : >>>>>> >>>>>>> Hi Sébastien, >>>>>>> >>>>>>> Cassandra uses a special classloader for UDFs that limit which >>>>>>> classes can be used. >>>>>>> You cannot rely on non-JDK classes for UDFs and some of the JDK >>>>>>> packages like the IO package for example cannot be used. >>>>>>> The goal is simply to ensure that UDFs cannot compromise the server >>>>>>> security. >>>>>>> >>>>>>> Le lun. 28 mars 2022 à 11:31, Sébastien Rebecchi < >>>>>>> srebec...@kameleoon.com> a écrit : >>>>>>> >>>>>>>> Hello, >>>>>>>> >>>>>>>> I am trying to create a UDF based on custom methods. >>>>>>>> So I set enable_user_defined_functions to true and added a jar in >>>>>>>> "/usr/share/cassandra/lib/" folder on every node, restarted the nodes >>>>>>>> and I >>>>>>>> can see from the command line that the jar is indeed used (in the >>>>>>>> classpath >>>>>>>> with -cp). >>>>>>>> >>>>>>>> But when i create the UDF I got that error: >>>>>>>> >>>>>>>> CREATE OR REPLACE FUNCTION blobToJson (input blob) RETURNS NULL ON >>>>>>>> NULL INPUT RETURNS text LANGUAGE java AS 'return >>>>>>>> com.kameleoon.visit.Visit.writeToJson(com.kameleoon.visit.Visit.readFromByteBuffer(input));'; >>>>>>>> InvalidRequest: Error from server: code=2200 [Invalid query] >>>>>>>> message="Java source compilation failed: >>>>>>>> Line 1: com.kameleoon.visit.Visit cannot be resolved to a type >>>>>>>> Line 1: com.kameleoon.visit.Visit cannot be resolved to a type >>>>>>>> >>>>>>>> Of course the class com.kameleoon.visit.Visit does exist in the jar >>>>>>>> and the jar has read rights to every user (chmod 444). So I can not >>>>>>>> find >>>>>>>> the reason. >>>>>>>> >>>>>>>> versions are: [cqlsh 6.0.0 | Cassandra 4.0.1 | CQL spec 3.4.5 | >>>>>>>> Native protocol v5] >>>>>>>> >>>>>>>> Any help would be appreciated! >>>>>>>> >>>>>>>> Thanks! >>>>>>>> >>>>>>>> Sébastien. >>>>>>>> >>>>>>>
