Return-Path: Delivered-To: apmail-hadoop-common-commits-archive@www.apache.org Received: (qmail 28755 invoked from network); 4 Mar 2011 04:03:38 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 4 Mar 2011 04:03:38 -0000 Received: (qmail 82396 invoked by uid 500); 4 Mar 2011 04:03:38 -0000 Delivered-To: apmail-hadoop-common-commits-archive@hadoop.apache.org Received: (qmail 82154 invoked by uid 500); 4 Mar 2011 04:03:38 -0000 Mailing-List: contact common-commits-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: common-dev@hadoop.apache.org Delivered-To: mailing list common-commits@hadoop.apache.org Received: (qmail 82116 invoked by uid 99); 4 Mar 2011 04:03:37 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 04 Mar 2011 04:03:37 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 04 Mar 2011 04:03:35 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id B4E4E2388A2C; Fri, 4 Mar 2011 04:03:14 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1077321 - in /hadoop/common/branches/branch-0.20-security-patches/src: hdfs/org/apache/hadoop/hdfs/server/namenode/JspHelper.java webapps/datanode/browseDirectory.jsp Date: Fri, 04 Mar 2011 04:03:14 -0000 To: common-commits@hadoop.apache.org From: omalley@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20110304040314.B4E4E2388A2C@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: omalley Date: Fri Mar 4 04:03:14 2011 New Revision: 1077321 URL: http://svn.apache.org/viewvc?rev=1077321&view=rev Log: commit cc1043c5914bea27225cfdf14ac0384cc851fc8f Author: Jitendra Nath Pandey Date: Tue Mar 16 15:46:02 2010 -0700 HDFS-1039 from https://issues.apache.org/jira/secure/attachment/12438896/HDFS-1039-y20.2.patch +++ b/YAHOO-CHANGES.txt + HDFS-1039. Service should be set in the token in JspHelper.getUGI. + (jitendra) + Modified: hadoop/common/branches/branch-0.20-security-patches/src/hdfs/org/apache/hadoop/hdfs/server/namenode/JspHelper.java hadoop/common/branches/branch-0.20-security-patches/src/webapps/datanode/browseDirectory.jsp Modified: hadoop/common/branches/branch-0.20-security-patches/src/hdfs/org/apache/hadoop/hdfs/server/namenode/JspHelper.java URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/hdfs/org/apache/hadoop/hdfs/server/namenode/JspHelper.java?rev=1077321&r1=1077320&r2=1077321&view=diff ============================================================================== --- hadoop/common/branches/branch-0.20-security-patches/src/hdfs/org/apache/hadoop/hdfs/server/namenode/JspHelper.java (original) +++ hadoop/common/branches/branch-0.20-security-patches/src/hdfs/org/apache/hadoop/hdfs/server/namenode/JspHelper.java Fri Mar 4 04:03:14 2011 @@ -48,6 +48,7 @@ import org.apache.hadoop.hdfs.server.dat import org.apache.hadoop.hdfs.server.namenode.DatanodeDescriptor; import org.apache.hadoop.hdfs.server.namenode.FSNamesystem; import org.apache.hadoop.http.HtmlQuoting; +import org.apache.hadoop.io.Text; import org.apache.hadoop.fs.Path; import org.apache.hadoop.security.AccessControlException; import org.apache.hadoop.security.UserGroupInformation; @@ -354,8 +355,8 @@ public class JspHelper { String[] parts = dir.split(Path.SEPARATOR); StringBuilder tempPath = new StringBuilder(dir.length()); out.print("" + Path.SEPARATOR + ""); + + "&namenodeInfoPort=" + namenodeInfoPort + SET_DELEGATION + + tokenString + "\">" + Path.SEPARATOR + ""); tempPath.append(Path.SEPARATOR); for (int i = 0; i < parts.length-1; i++) { if (!parts[i].equals("")) { @@ -435,6 +436,8 @@ public class JspHelper { Token token = new Token(); token.decodeFromUrlString(tokenString); + token.setService(new Text(nameNodeAddr.getAddress().getHostAddress() + ":" + + nameNodeAddr.getPort())); if (user == null) { //this really doesn't break any security since we use the //delegation token for authentication in Modified: hadoop/common/branches/branch-0.20-security-patches/src/webapps/datanode/browseDirectory.jsp URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/webapps/datanode/browseDirectory.jsp?rev=1077321&r1=1077320&r2=1077321&view=diff ============================================================================== --- hadoop/common/branches/branch-0.20-security-patches/src/webapps/datanode/browseDirectory.jsp (original) +++ hadoop/common/branches/branch-0.20-security-patches/src/webapps/datanode/browseDirectory.jsp Fri Mar 4 04:03:14 2011 @@ -138,7 +138,8 @@ } String datanodeUrl = req.getRequestURL()+"?dir="+ URLEncoder.encode(files[i].getFullName(target).toString(), "UTF-8") + - "&namenodeInfoPort=" + namenodeInfoPort; + "&namenodeInfoPort=" + namenodeInfoPort + JspHelper.SET_DELEGATION + + tokenString; cols[0] = ""+localname+""; cols[5] = FsShell.dateForm.format(new Date((files[i].getModificationTime()))); cols[6] = files[i].getPermission().toString();