diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java index 03b5e39..517025d 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java @@ -2055,7 +2055,7 @@ public class AccessController extends BaseMasterAndRegionObserver private void requireScannerOwner(InternalScanner s) throws AccessDeniedException { String requestUserName = RpcServer.getRequestUserName(); String owner = scannerOwners.get(s); - if (authorizationEnabled && owner != null && !owner.equals(requestUserName)) { + if (authorizationEnabled && owner != null && requestUserName != null && !owner.equals(requestUserName)) { throw new AccessDeniedException("User '"+ requestUserName +"' is not the scanner owner!"); } } diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityController.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityController.java index 6e659ef..1d4f2c1 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityController.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityController.java @@ -641,7 +641,7 @@ public class VisibilityController extends BaseMasterAndRegionObserver implements // This is duplicated code! String requestUName = RpcServer.getRequestUserName(); String owner = scannerOwners.get(s); - if (authorizationEnabled && owner != null && !owner.equals(requestUName)) { + if (authorizationEnabled && owner != null && requestUName != null && !owner.equals(requestUName)) { throw new AccessDeniedException("User '" + requestUName + "' is not the scanner owner!"); } }