Uploaded image for project: 'Falcon'
  1. Falcon
  2. FALCON-845

superuser falcon is not able to delete/update entity

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Invalid
    • Affects Version/s: 0.6
    • Fix Version/s: 0.6
    • Component/s: None
    • Labels:
      None

      Description

      Sample response is:

      2014-10-29 15:20:28,517 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Request Url: http://ip-172-31-47-32.ec2.internal:15000/api/entities/delete/process/agregator-coord16-22ceac97?user.name=falcon (BaseRequest:163)
      2014-10-29 15:20:28,517 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Request Method: DELETE (BaseRequest:164)
      2014-10-29 15:20:28,517 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Request Header: Name=Content-Type Value=text/xml (BaseRequest:167)
      2014-10-29 15:20:28,518 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Request Header: Name=Cookie Value=hadoop.auth=u=falcon&p=falcon&t=simple&e=1414632028513&s=1nC83wrEf/iOQvualO/fPAH4qE4= (BaseRequest:167)
      2014-10-29 15:20:28,672 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Response Status: HTTP/1.1 400 Bad Request (BaseRequest:193)
      2014-10-29 15:20:28,672 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Response Header: Name=Content-Type Value=text/xml (BaseRequest:195)
      2014-10-29 15:20:28,672 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Response Header: Name=requestId Value=114790f0-0b80-43c0-9899-042705741916 (BaseRequest:195)
      2014-10-29 15:20:28,672 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Response Header: Name=Content-Length Value=263 (BaseRequest:195)
      2014-10-29 15:20:28,672 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ Response Header: Name=Server Value=Jetty(6.1.26.hwx) (BaseRequest:195)
      Warning:  org.apache.xerces.parsers.SAXParser: Property 'http://javax.xml.XMLConstants/property/accessExternalDTD' is not recognized.
      Warning:  org.apache.xerces.parsers.SAXParser: Property 'http://www.oracle.com/xml/jaxp/properties/entityExpansionLimit' is not recognized.
      2014-10-29 15:20:28,675 INFO  - [pool-45-thread-1:othersEditScheduledProcess] ~ The web service response is:
      <?xml version="1.0" encoding="UTF-8"?><result>
        <status>FAILED</status>
        <message>org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.authorize.AuthorizationException): User: falcon is not allowed to impersonate falcon</message>
      </result>
       (ServiceResponse:86)
      

      Relevant log from falcon.application.log:

      2014-10-29 15:20:28,526 INFO  - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916 falcon:DELETE//entities/delete/process/agregator-coord16-22ceac97] ~ Logging in falcon (CurrentUser:69)
      2014-10-29 15:20:28,526 INFO  - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916 falcon:DELETE//entities/delete/process/agregator-coord16-22ceac97] ~ Request from user: falcon, URL=/api/entities/delete/process/agregator-coord16-22ceac97?user.name=falcon (FalconAuthenticationFilter:181)
      2014-10-29 15:20:28,526 INFO  - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916 falcon:DELETE//entities/delete/process/agregator-coord16-22ceac97] ~ Authorizing user=falcon against request=RequestParts{resource='entities', action='delete', entityName='agregator-coord16-22ceac97', entityType='process'} (FalconAuthorizationFilter:70)
      2014-10-29 15:20:28,527 INFO  - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916 falcon:DELETE//entities/delete/process/agregator-coord16-22ceac97] ~ Authorizing authenticatedUser=falcon, against resource=entities, action=delete, entity name=agregator-coord16-22ceac97, entity type=process (DefaultAuthorizationProvider:125)
      2014-10-29 15:20:28,528 DEBUG - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916 falcon:DELETE//entities/delete/process/agregator-coord16-22ceac97] ~ Invoking method delete on service org.apache.falcon.resource.ConfigSyncService (IPCChannel:45)
      2014-10-29 15:20:28,669 ERROR - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916 falcon:DELETE//entities/delete/process/agregator-coord16-22ceac97] ~ Unable to reach workflow engine for deletion or deletion failed (AbstractEntityManager:228)
      org.apache.falcon.FalconException: org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.authorize.AuthorizationException): User: falcon is not allowed to impersonate falcon
      	at org.apache.falcon.entity.EntityUtil.getAllStagingPaths(EntityUtil.java:600)
      	at org.apache.falcon.workflow.engine.OozieWorkflowEngine.findBundles(OozieWorkflowEngine.java:269)
      	at org.apache.falcon.workflow.engine.OozieWorkflowEngine.doBundleAction(OozieWorkflowEngine.java:367)
      	at org.apache.falcon.workflow.engine.OozieWorkflowEngine.doBundleAction(OozieWorkflowEngine.java:361)
      	at org.apache.falcon.workflow.engine.OozieWorkflowEngine.delete(OozieWorkflowEngine.java:345)
      	at org.apache.falcon.resource.AbstractEntityManager.delete(AbstractEntityManager.java:215)
      	at org.apache.falcon.resource.ConfigSyncService.delete(ConfigSyncService.java:56)
      	at sun.reflect.GeneratedMethodAccessor42.invoke(Unknown Source)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:606)
      	at org.apache.falcon.resource.channel.IPCChannel.invoke(IPCChannel.java:49)
      	at org.apache.falcon.resource.proxy.SchedulableEntityManagerProxy$2.doExecute(SchedulableEntityManagerProxy.java:182)
      	at org.apache.falcon.resource.proxy.SchedulableEntityManagerProxy$EntityProxy.execute(SchedulableEntityManagerProxy.java:447)
      	at org.apache.falcon.resource.proxy.SchedulableEntityManagerProxy$2.execute(SchedulableEntityManagerProxy.java:172)
      	at org.apache.falcon.resource.proxy.SchedulableEntityManagerProxy.delete_aroundBody2(SchedulableEntityManagerProxy.java:184)
      	at org.apache.falcon.resource.proxy.SchedulableEntityManagerProxy$AjcClosure3.run(SchedulableEntityManagerProxy.java:1)
      	at org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
      	at org.apache.falcon.aspect.AbstractFalconAspect.logAroundMonitored(AbstractFalconAspect.java:51)
      	at org.apache.falcon.resource.proxy.SchedulableEntityManagerProxy.delete(SchedulableEntityManagerProxy.java:159)
      	at sun.reflect.GeneratedMethodAccessor41.invoke(Unknown Source)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:606)
      	at com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
      	at com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
      	at com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
      	at com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:288)
      	at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
      	at com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:108)
      	at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
      	at com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84)
      	at com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1469)
      	at com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1400)
      	at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1349)
      	at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1339)
      	at com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.java:416)
      	at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:537)
      	at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:699)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
      	at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
      	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1221)
      	at org.apache.falcon.security.FalconAuthorizationFilter.doFilter(FalconAuthorizationFilter.java:80)
      	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1212)
      	at org.apache.falcon.security.FalconAuthenticationFilter$2.doFilter(FalconAuthenticationFilter.java:184)
      	at org.apache.hadoop.security.authentication.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:572)
      	at org.apache.hadoop.security.authentication.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:542)
      	at org.apache.falcon.security.FalconAuthenticationFilter.doFilter(FalconAuthenticationFilter.java:193)
      	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1212)
      	at org.apache.falcon.security.FalconAuditFilter.doFilter(FalconAuditFilter.java:65)
      	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1212)
      	at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:399)
      	at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
      	at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
      	at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
      	at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:450)
      	at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
      	at org.mortbay.jetty.Server.handle(Server.java:326)
      	at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
      	at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:928)
      	at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:549)
      	at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
      	at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
      	at org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)
      	at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
      Caused by: org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.authorize.AuthorizationException): User: falcon is not allowed to impersonate falcon
      	at org.apache.hadoop.ipc.Client.call(Client.java:1468)
      	at org.apache.hadoop.ipc.Client.call(Client.java:1399)
      	at org.apache.hadoop.ipc.ProtobufRpcEngine$Invoker.invoke(ProtobufRpcEngine.java:232)
      	at com.sun.proxy.$Proxy27.getListing(Unknown Source)
      	at org.apache.hadoop.hdfs.protocolPB.ClientNamenodeProtocolTranslatorPB.getListing(ClientNamenodeProtocolTranslatorPB.java:554)
      	at sun.reflect.GeneratedMethodAccessor34.invoke(Unknown Source)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:606)
      	at org.apache.hadoop.io.retry.RetryInvocationHandler.invokeMethod(RetryInvocationHandler.java:187)
      	at org.apache.hadoop.io.retry.RetryInvocationHandler.invoke(RetryInvocationHandler.java:102)
      	at com.sun.proxy.$Proxy28.getListing(Unknown Source)
      	at org.apache.hadoop.hdfs.DFSClient.listPaths(DFSClient.java:1947)
      	at org.apache.hadoop.hdfs.DFSClient.listPaths(DFSClient.java:1930)
      	at org.apache.hadoop.hdfs.DistributedFileSystem.listStatusInternal(DistributedFileSystem.java:693)
      	at org.apache.hadoop.hdfs.DistributedFileSystem.access$600(DistributedFileSystem.java:105)
      	at org.apache.hadoop.hdfs.DistributedFileSystem$15.doCall(DistributedFileSystem.java:755)
      	at org.apache.hadoop.hdfs.DistributedFileSystem$15.doCall(DistributedFileSystem.java:751)
      	at org.apache.hadoop.fs.FileSystemLinkResolver.resolve(FileSystemLinkResolver.java:81)
      	at org.apache.hadoop.hdfs.DistributedFileSystem.listStatus(DistributedFileSystem.java:751)
      	at org.apache.hadoop.fs.FileSystem.listStatus(FileSystem.java:1485)
      	at org.apache.hadoop.fs.FileSystem.listStatus(FileSystem.java:1525)
      	at org.apache.falcon.entity.EntityUtil.getAllStagingPaths(EntityUtil.java:589)
      	... 62 more
      2014-10-29 15:20:28,670 ERROR - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916 falcon:DELETE//entities/delete/process/agregator-coord16-22ceac97] ~ Action failed: Bad Request
      Error: org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.authorize.AuthorizationException): User: falcon is not allowed to impersonate falcon (FalconWebException:68)
      2014-10-29 15:20:28,670 INFO  - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916 falcon:DELETE//entities/delete/process/agregator-coord16-22ceac97] ~ {Action:delete, Dimensions:{entityType=process, colo=NULL, entityName=agregator-coord16-22ceac97}, Status: FAILED, Time-taken:142594851 ns} (METRIC:38)
      2014-10-29 15:20:28,671 DEBUG - [1191920211@qtp-53336067-294:114790f0-0b80-43c0-9899-042705741916] ~ Audit: falcon/172.31.47.32 performed request 
      

        Attachments

        1. core-site.xml
          10 kB
          Raghav Kumar Gautam
        2. entities.txt
          5 kB
          Raghav Kumar Gautam

          Issue Links

            Activity

              People

              • Assignee:
                bvellanki Balu Vellanki
                Reporter:
                raghavgautam Raghav Kumar Gautam
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: