Skip to content

Commit ff7f189

Browse files
ndimidukndimiduk
committed
HBASE-26776 RpcServer failure to SASL handshake always logs user "unknown" to audit log (#4138)
Signed-off-by: Andrew Purtell <[email protected]> Signed-off-by: Peter Somogyi <[email protected]>
1 parent 6aa32f0 commit ff7f189

File tree

1 file changed

+4
-10
lines changed

1 file changed

+4
-10
lines changed

hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java

Lines changed: 4 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
/**
1+
/*
22
* Licensed to the Apache Software Foundation (ASF) under one
33
* or more contributor license agreements. See the NOTICE file
44
* distributed with this work for additional information
@@ -21,15 +21,11 @@
2121
import java.io.DataInputStream;
2222
import java.io.IOException;
2323
import java.util.Map;
24-
import java.util.Optional;
25-
2624
import javax.security.sasl.Sasl;
2725
import javax.security.sasl.SaslException;
2826
import javax.security.sasl.SaslServer;
29-
3027
import org.apache.hadoop.hbase.security.provider.AttemptingUserProvidingSaslServer;
3128
import org.apache.hadoop.hbase.security.provider.SaslServerAuthenticationProvider;
32-
import org.apache.hadoop.security.UserGroupInformation;
3329
import org.apache.hadoop.security.token.SecretManager;
3430
import org.apache.hadoop.security.token.SecretManager.InvalidToken;
3531
import org.apache.hadoop.security.token.TokenIdentifier;
@@ -66,11 +62,9 @@ public void dispose() {
6662
}
6763

6864
public String getAttemptingUser() {
69-
Optional<UserGroupInformation> optionalUser = serverWithProvider.getAttemptingUser();
70-
if (optionalUser.isPresent()) {
71-
optionalUser.get().toString();
72-
}
73-
return "Unknown";
65+
return serverWithProvider.getAttemptingUser()
66+
.map(Object::toString)
67+
.orElse("Unknown");
7468
}
7569

7670
public byte[] wrap(byte[] buf, int off, int len) throws SaslException {

0 commit comments

Comments
 (0)