hadoop-common-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From s..@apache.org
Subject svn commit: r1346224 - in /hadoop/common/branches/branch-0.22/common: CHANGES.txt src/java/org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.java src/test/core/org/apache/hadoop/security/TestSecurityUtil.java
Date Tue, 05 Jun 2012 03:23:41 GMT
Author: shv
Date: Tue Jun  5 03:23:41 2012
New Revision: 1346224

URL: http://svn.apache.org/viewvc?rev=1346224&view=rev
Log:
HADOOP-8381. Substitute _HOST with hostname for HTTP principals. Contributed by Benoy Antony.

Modified:
    hadoop/common/branches/branch-0.22/common/CHANGES.txt
    hadoop/common/branches/branch-0.22/common/src/java/org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.java
    hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/TestSecurityUtil.java

Modified: hadoop/common/branches/branch-0.22/common/CHANGES.txt
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.22/common/CHANGES.txt?rev=1346224&r1=1346223&r2=1346224&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.22/common/CHANGES.txt (original)
+++ hadoop/common/branches/branch-0.22/common/CHANGES.txt Tue Jun  5 03:23:41 2012
@@ -26,6 +26,9 @@ Release 0.22.1 - Unreleased
     HADOOP-7119. Add Kerberos HTTP SPNEGO authentication support to Hadoop
     JT/NN/DN/TT web-consoles. (Alejandro Abdelnur, Benoy Antony via shv)
 
+    HADOOP-8381. Substitute _HOST with hostname for HTTP principals.
+    (Benoy Antony via shv)
+
 Release 0.22.0 - 2011-11-29
 
   INCOMPATIBLE CHANGES

Modified: hadoop/common/branches/branch-0.22/common/src/java/org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.22/common/src/java/org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.java?rev=1346224&r1=1346223&r2=1346224&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.22/common/src/java/org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.java
(original)
+++ hadoop/common/branches/branch-0.22/common/src/java/org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.java
Tue Jun  5 03:23:41 2012
@@ -18,6 +18,7 @@ import org.apache.hadoop.security.authen
 import com.sun.security.auth.module.Krb5LoginModule;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.hadoop.security.authentication.util.KerberosName;
+import org.apache.hadoop.security.SecurityUtil;
 import org.ietf.jgss.GSSContext;
 import org.ietf.jgss.GSSCredential;
 import org.ietf.jgss.GSSManager;
@@ -143,6 +144,10 @@ public class KerberosAuthenticationHandl
       if (principal == null || principal.trim().length() == 0) {
         throw new ServletException("Principal not defined in configuration");
       }
+
+      // replace _HOST with FQDN if present
+      principal = SecurityUtil.getServerPrincipal(principal, "");
+
       keytab = config.getProperty(KEYTAB, keytab);
       if (keytab == null || keytab.trim().length() == 0) {
         throw new ServletException("Keytab not defined in configuration");

Modified: hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/TestSecurityUtil.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/TestSecurityUtil.java?rev=1346224&r1=1346223&r2=1346224&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/TestSecurityUtil.java
(original)
+++ hadoop/common/branches/branch-0.22/common/src/test/core/org/apache/hadoop/security/TestSecurityUtil.java
Tue Jun  5 03:23:41 2012
@@ -93,6 +93,8 @@ public class TestSecurityUtil {
                  SecurityUtil.getServerPrincipal("hdfs/_HOST@REALM", (String)null));
     assertEquals("hdfs/" + local + "@REALM",
                  SecurityUtil.getServerPrincipal("hdfs/_HOST@REALM", "0.0.0.0"));
+    assertEquals("hdfs/" + local + "@REALM",
+        SecurityUtil.getServerPrincipal("hdfs/_HOST@REALM", ""));
   }
   
   @Test



Mime
View raw message