[
https://issues.apache.org/jira/browse/KUDU-2540?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16580402#comment-16580402
]
Dan Burkert commented on KUDU-2540:
-----------------------------------
[https://gerrit.cloudera.org/c/11216/]
> Authorization failures on exactly-once RPCs cause FATAL
> -------------------------------------------------------
>
> Key: KUDU-2540
> URL: https://issues.apache.org/jira/browse/KUDU-2540
> Project: Kudu
> Issue Type: Bug
> Components: rpc, security
> Affects Versions: 1.3.1, 1.4.0, 1.5.0, 1.6.0, 1.7.1
> Reporter: Todd Lipcon
> Assignee: Dan Burkert
> Priority: Major
>
> If authorization fails on an RPC with result-tracking enabled (eg
> TabletService.Write) then the ResultTracker will FATAL. The issue is that the
> authz method is called prior to registering the request on the ResultTracker,
> and the authz method then tries to call RespondFailure(). This triggers code
> in the ResultTracker which tries to look up the RPC and fails because it
> wasn't registered. The error is something like "couldn't find ClientState for
> request"
> One fix would be for the authz method to be called after registering the
> request tracker, but [~danburkert] had some concerns about that back in the
> review https://gerrit.cloudera.org/c/4897/ . Another fix might be to remember
> in the RpcContext whether the RPC has been registered yet, and if not,
> short-circuit the call back into ResultTracker.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
