Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
Description
When using Atlas simple authorization and the default json policy file, attributes can cause a 403 errors. This is because Atlas ends up calling isMatch() and if the string to be matched has a newline character isMatch will return false, which leads to the 403. The error in the log looks like:
2021-11-17 22:03:30,328 ERROR - [pool-2-thread-4 - c347ce48-4f16-45eb-9453-6d49dde3eb9e:] ~ graph rollback due to exception (GraphTransactionInterceptor:167) org.apache.atlas.exception.AtlasBaseException: admin is not authorized to perform read entity: guid=da8c1532-1aa7-4734-bab3-1567f8565ed3 at org.apache.atlas.authorize.AtlasAuthorizationUtils.verifyAccess(AtlasAuthorizationUtils.java:62) at org.apache.atlas.repository.store.graph.v2.AtlasEntityStoreV2.getById(AtlasEntityStoreV2.java:128)