Skip to content

Commit

Permalink
HBASE-25875 RegionServer failed to start with IllegalThreadStateExcep…
Browse files Browse the repository at this point in the history
…tion due to race condition in AuthenticationTokenSecretManager (#3250)

* HBASE-25875 RegionServer failed to start with IllegalThreadStateException due to race condition in AuthenticationTokenSecretManager's start & retrievePassword method

Signed-off-by: stack <stack@apache.com>
(cherry picked from commit 2126ec9)
  • Loading branch information
pankaj72981 committed May 17, 2021
1 parent 0c5c0e5 commit 21c1dc7
Show file tree
Hide file tree
Showing 3 changed files with 31 additions and 4 deletions.
19 changes: 19 additions & 0 deletions dev-support/spotbugs-exclude.xml
Original file line number Diff line number Diff line change
Expand Up @@ -252,4 +252,23 @@
<Bug pattern="SC_START_IN_CTOR"/>
</Match>

<Match>
<!--
False positives, NettyRpcServer#start & SimpleRpcServer#start are already synchronized and
there is check to ensure single initialization of authTokenSecretMgr field.
Ignore the warning, see HBASE-25875.
!-->
<Or>
<And>
<Class name="org.apache.hadoop.hbase.ipc.NettyRpcServer"/>
<Method name="start"/>
</And>
<And>
<Class name="org.apache.hadoop.hbase.ipc.SimpleRpcServer"/>
<Method name="start"/>
</And>
</Or>
<Bug pattern="ML_SYNC_ON_UPDATED_FIELD"/>
</Match>

</FindBugsFilter>
Original file line number Diff line number Diff line change
Expand Up @@ -136,8 +136,12 @@ public synchronized void start() {
}
authTokenSecretMgr = createSecretManager();
if (authTokenSecretMgr != null) {
setSecretManager(authTokenSecretMgr);
authTokenSecretMgr.start();
// Start AuthenticationTokenSecretManager in synchronized way to avoid race conditions in
// LeaderElector start. See HBASE-25875
synchronized (authTokenSecretMgr) {
setSecretManager(authTokenSecretMgr);
authTokenSecretMgr.start();
}
}
this.authManager = new ServiceAuthorizationManager();
HBasePolicyProvider.init(conf, authManager);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -423,8 +423,12 @@ public synchronized void start() {
}
authTokenSecretMgr = createSecretManager();
if (authTokenSecretMgr != null) {
setSecretManager(authTokenSecretMgr);
authTokenSecretMgr.start();
// Start AuthenticationTokenSecretManager in synchronized way to avoid race conditions in
// LeaderElector start. See HBASE-25875
synchronized (authTokenSecretMgr) {
setSecretManager(authTokenSecretMgr);
authTokenSecretMgr.start();
}
}
this.authManager = new ServiceAuthorizationManager();
HBasePolicyProvider.init(conf, authManager);
Expand Down

0 comments on commit 21c1dc7

Please sign in to comment.