[IMPALA-11298] Compare only the short username when checking session user against connection user - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None

Target Version:

Impala 4.5.0
Epic Color:
ghx-label-12

Description

When checking that the session user matches the user authenticated on the connection, the usernames compared include the client hostname and the realm

        if (!connection_username.empty()
            && session_->connected_user != connection_username) {
          return Status::Expected(TErrorCode::UNAUTHORIZED_SESSION_USER,
              connection_username, session_->connected_user);
        }

This can result in exceptions like so:

The user authorized on the connection 'hue/gateway0.xyz.site@XYZ.SITE' does not match the session username 'hue/gateway1.xyz.site@XYZ.SITE'

We should convert these to short name before comparing.

Attachments

Activity

People

Assignee:: Abhishek Rawat

Reporter:: Vincent Tran

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 17/May/22 18:42

Updated:: 16/Oct/24 04:39

Resolved:: 16/Oct/24 04:39