hadoop-common-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From omal...@apache.org
Subject svn commit: r1077185 - in /hadoop/common/branches/branch-0.20-security-patches/src: core/org/apache/hadoop/fs/FileSystem.java test/org/apache/hadoop/fs/TestFileSystem.java
Date Fri, 04 Mar 2011 03:49:40 GMT
Author: omalley
Date: Fri Mar  4 03:49:40 2011
New Revision: 1077185

URL: http://svn.apache.org/viewvc?rev=1077185&view=rev
Log:
commit a331b1434fddae1d86875304b9b7eee852b7b104
Author: Devaraj Das <ddas@yahoo-inc.com>
Date:   Sat Feb 20 12:17:18 2010 -0800

    HADOOP:6545 from https://issues.apache.org/jira/secure/attachment/12436456/6545-bp20.patch
    
    +++ b/YAHOO-CHANGES.txt
    +    HADOOP-6545. Changes the Key for the FileSystem to be UGI. (ddas)
    +

Modified:
    hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/fs/FileSystem.java
    hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/fs/TestFileSystem.java

Modified: hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/fs/FileSystem.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/fs/FileSystem.java?rev=1077185&r1=1077184&r2=1077185&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/fs/FileSystem.java
(original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/fs/FileSystem.java
Fri Mar  4 03:49:40 2011
@@ -1433,17 +1433,17 @@ public abstract class FileSystem extends
     static class Key {
       final String scheme;
       final String authority;
-      final String username;
+      final UserGroupInformation ugi;
 
       Key(URI uri, Configuration conf) throws IOException {
         scheme = uri.getScheme()==null?"":uri.getScheme().toLowerCase();
         authority = uri.getAuthority()==null?"":uri.getAuthority().toLowerCase();
-        username = UserGroupInformation.getCurrentUser().getUserName();
+        this.ugi = UserGroupInformation.getCurrentUser();
       }
 
       /** {@inheritDoc} */
       public int hashCode() {
-        return (scheme + authority + username).hashCode();
+        return (scheme + authority).hashCode() + ugi.hashCode();
       }
 
       static boolean isEqual(Object a, Object b) {
@@ -1459,14 +1459,14 @@ public abstract class FileSystem extends
           Key that = (Key)obj;
           return isEqual(this.scheme, that.scheme)
                  && isEqual(this.authority, that.authority)
-                 && isEqual(this.username, that.username);
+                 && isEqual(this.ugi, that.ugi);
         }
         return false;        
       }
 
       /** {@inheritDoc} */
       public String toString() {
-        return username + "@" + scheme + "://" + authority;        
+        return "("+ugi.toString() + ")@" + scheme + "://" + authority;        
       }
     }
   }

Modified: hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/fs/TestFileSystem.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/fs/TestFileSystem.java?rev=1077185&r1=1077184&r2=1077185&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/fs/TestFileSystem.java
(original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/fs/TestFileSystem.java
Fri Mar  4 03:49:40 2011
@@ -56,6 +56,12 @@ import org.apache.hadoop.mapred.Reporter
 import org.apache.hadoop.mapred.SequenceFileInputFormat;
 import org.apache.hadoop.mapred.lib.LongSumReducer;
 import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.hadoop.security.token.Token;
+import org.apache.hadoop.security.token.TokenIdentifier;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+import static org.mockito.Mockito.mock;
 
 public class TestFileSystem extends TestCase {
   private static final Log LOG = FileSystem.LOG;
@@ -611,4 +617,58 @@ public class TestFileSystem extends Test
     assertTrue(map.containsKey(lowercaseCachekey2));    
 
   }
+
+  @SuppressWarnings("unchecked")
+  public <T extends TokenIdentifier> void testCacheForUgi() throws Exception {
+    final Configuration conf = new Configuration();
+    conf.set("fs.cachedfile.impl", conf.get("fs.file.impl"));
+    UserGroupInformation ugiA = UserGroupInformation.createRemoteUser("foo");
+    UserGroupInformation ugiB = UserGroupInformation.createRemoteUser("bar");
+    FileSystem fsA = ugiA.doAs(new PrivilegedExceptionAction<FileSystem>() {
+      public FileSystem run() throws Exception {
+        return FileSystem.get(new URI("cachedfile://a"), conf);
+      }
+    });
+    FileSystem fsA1 = ugiA.doAs(new PrivilegedExceptionAction<FileSystem>() {
+      public FileSystem run() throws Exception {
+        return FileSystem.get(new URI("cachedfile://a"), conf);
+      }
+    });
+    //Since the UGIs are the same, we should have the same filesystem for both
+    assertSame(fsA, fsA1);
+    
+    FileSystem fsB = ugiB.doAs(new PrivilegedExceptionAction<FileSystem>() {
+      public FileSystem run() throws Exception {
+        return FileSystem.get(new URI("cachedfile://a"), conf);
+      }
+    });
+    //Since the UGIs are different, we should end up with different filesystems
+    //corresponding to the two UGIs
+    assertNotSame(fsA, fsB);
+    
+    Token<T> t1 = mock(Token.class);
+    ugiA = UserGroupInformation.createRemoteUser("foo");
+    ugiA.addToken(t1);
+    
+    fsA = ugiA.doAs(new PrivilegedExceptionAction<FileSystem>() {
+      public FileSystem run() throws Exception {
+        return FileSystem.get(new URI("cachedfile://a"), conf);
+      }
+    });
+    //Although the users in the UGI are same, ugiA has tokens in it, and
+    //we should end up with different filesystems corresponding to the two UGIs
+    assertNotSame(fsA, fsA1);
+    
+    ugiA = UserGroupInformation.createRemoteUser("foo");
+    ugiA.addToken(t1);
+    
+    fsA1 = ugiA.doAs(new PrivilegedExceptionAction<FileSystem>() {
+      public FileSystem run() throws Exception {
+        return FileSystem.get(new URI("cachedfile://a"), conf);
+      }
+    });
+    //Now the users in the UGI are the same, and they also have the same token.
+    //We should have the same filesystem for both
+    assertSame(fsA, fsA1);
+  }
 }



Mime
View raw message