hadoop-common-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From omal...@apache.org
Subject svn commit: r1077408 - /hadoop/common/branches/branch-0.20-security-patches/src/contrib/hdfsproxy/src/java/org/apache/hadoop/hdfsproxy/LdapIpDirFilter.java
Date Fri, 04 Mar 2011 04:12:00 GMT
Author: omalley
Date: Fri Mar  4 04:12:00 2011
New Revision: 1077408

URL: http://svn.apache.org/viewvc?rev=1077408&view=rev
Log:
commit 15edca75860cabd4c2a4a7a95f0d534e168638bd
Author: Srikanth Sundarrajan <sriksun@yahoo-inc.com>
Date:   Tue Apr 20 01:08:10 2010 +0530

    HDFS:1010 from https://issues.apache.org/jira/secure/attachment/12439437/HDFS-1010-bp-y20s.patch
    
    +++ b/YAHOO-CHANGES.txt
    +    HDFS-1010. Retrieve group information from UnixUserGroupInformation instead of LdapEntry
    +    (Srikanth Sundarrajan via Nicholas)
    +

Modified:
    hadoop/common/branches/branch-0.20-security-patches/src/contrib/hdfsproxy/src/java/org/apache/hadoop/hdfsproxy/LdapIpDirFilter.java

Modified: hadoop/common/branches/branch-0.20-security-patches/src/contrib/hdfsproxy/src/java/org/apache/hadoop/hdfsproxy/LdapIpDirFilter.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/contrib/hdfsproxy/src/java/org/apache/hadoop/hdfsproxy/LdapIpDirFilter.java?rev=1077408&r1=1077407&r2=1077408&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/contrib/hdfsproxy/src/java/org/apache/hadoop/hdfsproxy/LdapIpDirFilter.java
(original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/contrib/hdfsproxy/src/java/org/apache/hadoop/hdfsproxy/LdapIpDirFilter.java
Fri Mar  4 04:12:00 2011
@@ -42,19 +42,16 @@ public class LdapIpDirFilter implements 
   private static String hdfsIpSchemaStr;
   private static String hdfsIpSchemaStrPrefix;
   private static String hdfsUidSchemaStr;
-  private static String hdfsGroupSchemaStr;
   private static String hdfsPathSchemaStr;
 
   private InitialLdapContext lctx;
 
   private class LdapRoleEntry {
     String userId;
-    String groupNames;
     ArrayList<Path> paths;
 
-    void init(String userId, String groupNames, ArrayList<Path> paths) {
+    void init(String userId, ArrayList<Path> paths) {
       this.userId = userId;
-      this.groupNames = groupNames;
       this.paths = paths;
     }
 
@@ -65,7 +62,6 @@ public class LdapIpDirFilter implements 
     @Override
     public String toString() {
       return "LdapRoleEntry{" +
-          "groupName='" + groupNames + '\'' +
           ", userId='" + userId + '\'' +
           ", paths=" + paths +
           '}';
@@ -78,7 +74,6 @@ public class LdapIpDirFilter implements 
     hdfsIpSchemaStr = "uniqueMember";
     hdfsIpSchemaStrPrefix = "cn=";
     hdfsUidSchemaStr = "uid";
-    hdfsGroupSchemaStr = "userClass";
     hdfsPathSchemaStr = "documentLocation";
     lctx = ctx;
   }
@@ -122,7 +117,6 @@ public class LdapIpDirFilter implements 
       hdfsIpSchemaStrPrefix = conf.get(
           "hdfsproxy.ldap.ip.schema.string.prefix", "cn=");
       hdfsUidSchemaStr = conf.get("hdfsproxy.ldap.uid.schema.string", "uid");
-      hdfsGroupSchemaStr = conf.get("hdfsproxy.ldap.group.schema.string", "userClass");
       hdfsPathSchemaStr = conf.get("hdfsproxy.ldap.hdfs.path.schema.string",
           "documentLocation");
     }
@@ -182,8 +176,6 @@ public class LdapIpDirFilter implements 
     // different classloaders in different war file, we have to use String attribute.
     rqst.setAttribute("org.apache.hadoop.hdfsproxy.authorized.userID",
         ldapent.userId);
-    rqst.setAttribute("org.apache.hadoop.hdfsproxy.authorized.role",
-        ldapent.groupNames);
     rqst.setAttribute("org.apache.hadoop.hdfsproxy.authorized.paths",
         ldapent.paths);
 
@@ -204,16 +196,14 @@ public class LdapIpDirFilter implements 
     Attributes matchAttrs = new BasicAttributes(true);
     matchAttrs.put(new BasicAttribute(hdfsIpSchemaStr, ipMember));
     matchAttrs.put(new BasicAttribute(hdfsUidSchemaStr));
-    matchAttrs.put(new BasicAttribute(hdfsGroupSchemaStr));
     matchAttrs.put(new BasicAttribute(hdfsPathSchemaStr));
 
-    String[] attrIDs = { hdfsUidSchemaStr, hdfsGroupSchemaStr, hdfsPathSchemaStr };
+    String[] attrIDs = { hdfsUidSchemaStr, hdfsPathSchemaStr };
 
     NamingEnumeration<SearchResult> results = lctx.search(baseName, matchAttrs,
         attrIDs);
     if (results.hasMore()) {
       String userId = null;
-      String groupNames = null;
       ArrayList<Path> paths = new ArrayList<Path>();
       SearchResult sr = results.next();
       Attributes attrs = sr.getAttributes();
@@ -221,8 +211,6 @@ public class LdapIpDirFilter implements 
         Attribute attr = (Attribute) ne.next();
         if (hdfsUidSchemaStr.equalsIgnoreCase(attr.getID())) {
           userId = (String) attr.get();
-        } else if (hdfsGroupSchemaStr.equalsIgnoreCase(attr.getID())) {
-          groupNames = (String) attr.get();
         } else if (hdfsPathSchemaStr.equalsIgnoreCase(attr.getID())) {
           for (NamingEnumeration e = attr.getAll(); e.hasMore();) {
             String pathStr = (String) e.next();
@@ -230,7 +218,7 @@ public class LdapIpDirFilter implements 
           }
         }
       }
-      ldapent.init(userId, groupNames, paths);
+      ldapent.init(userId, paths);
       if (LOG.isDebugEnabled()) LOG.debug(ldapent);
       return true;
     }



Mime
View raw message