Details
-
Bug
-
Status: Resolved
-
Critical
-
Resolution: Not A Problem
-
None
-
None
-
None
-
None
Description
This is a recent topic of discussion that keeps coming up (PHOENIX-3189, PHOENIX-3216, and PHOENIX-3126).
The root of the problem are two competing goals:
1. Try to re-use HBase Connections as much as possible
2. Change the "global" Kerberos user state (in UserGroupInformation)
One common manifestation of this problem is when multiple JDBC URLs are used within a single JVM. Instances of PhoenixConnections are not tied to the user that was logged in at construction of the instance, but the global state (shared across the entire JVM). Thus, a second PhoenixConnection constructed with a different user causes the first PhoenixConnection to use the new user's credentials (without any warning).
https://github.com/joshelser/phoenix-test/blob/master/src/main/java/com/github/joshelser/ConcurrentUse.java is a concrete example of how this breaks down. The second use of the connection by "USER A" is actually done as the other user.
Attachments
Attachments
Issue Links
- relates to
-
PHOENIX-3189 HBase/ZooKeeper connection leaks when providing principal/keytab in JDBC url
- Closed