Return-Path: X-Original-To: apmail-hadoop-common-commits-archive@www.apache.org Delivered-To: apmail-hadoop-common-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id D66D4176E8 for ; Fri, 27 Mar 2015 06:34:26 +0000 (UTC) Received: (qmail 71200 invoked by uid 500); 27 Mar 2015 06:34:06 -0000 Delivered-To: apmail-hadoop-common-commits-archive@hadoop.apache.org Received: (qmail 71005 invoked by uid 500); 27 Mar 2015 06:34:06 -0000 Mailing-List: contact common-commits-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: common-dev@hadoop.apache.org Delivered-To: mailing list common-commits@hadoop.apache.org Received: (qmail 67774 invoked by uid 99); 27 Mar 2015 06:34:04 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 27 Mar 2015 06:34:04 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 61E81E2F3F; Fri, 27 Mar 2015 06:34:04 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: zjshen@apache.org To: common-commits@hadoop.apache.org Date: Fri, 27 Mar 2015 06:34:52 -0000 Message-Id: In-Reply-To: <9552bc5c4b404587906e8b10ff7e3741@git.apache.org> References: <9552bc5c4b404587906e8b10ff7e3741@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [50/50] [abbrv] hadoop git commit: HADOOP-11748. The secrets of auth cookies should not be specified in configuration in clear text. Contributed by Li Lu and Haohui Mai. HADOOP-11748. The secrets of auth cookies should not be specified in configuration in clear text. Contributed by Li Lu and Haohui Mai. Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/526c90e0 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/526c90e0 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/526c90e0 Branch: refs/heads/YARN-2928 Commit: 526c90e0dcc3427f295693d3b4f277042c61218e Parents: fee5961 Author: Haohui Mai Authored: Thu Mar 26 16:29:36 2015 -0700 Committer: Zhijie Shen Committed: Thu Mar 26 23:29:50 2015 -0700 ---------------------------------------------------------------------- .../server/AuthenticationFilter.java | 7 +- .../util/StringSignerSecretProvider.java | 53 ------ .../server/TestAuthenticationFilter.java | 173 ++++++------------- .../util/StringSignerSecretProvider.java | 55 ++++++ .../util/StringSignerSecretProviderCreator.java | 33 ++++ hadoop-common-project/hadoop-common/CHANGES.txt | 3 + hadoop-hdfs-project/hadoop-hdfs-httpfs/pom.xml | 6 + .../hadoop/fs/http/server/TestHttpFSServer.java | 6 +- 8 files changed, 157 insertions(+), 179 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/526c90e0/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java index 43bb4b0..5c22fce 100644 --- a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java +++ b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java @@ -279,14 +279,11 @@ public class AuthenticationFilter implements Filter { = config.getProperty(SIGNER_SECRET_PROVIDER, null); // fallback to old behavior if (signerSecretProviderName == null) { - String signatureSecret = config.getProperty(SIGNATURE_SECRET, null); String signatureSecretFile = config.getProperty( SIGNATURE_SECRET_FILE, null); - // The precedence from high to low : file, inline string, random + // The precedence from high to low : file, random if (signatureSecretFile != null) { providerClassName = FileSignerSecretProvider.class.getName(); - } else if (signatureSecret != null) { - providerClassName = StringSignerSecretProvider.class.getName(); } else { providerClassName = RandomSignerSecretProvider.class.getName(); randomSecret = true; @@ -295,8 +292,6 @@ public class AuthenticationFilter implements Filter { if ("random".equals(signerSecretProviderName)) { providerClassName = RandomSignerSecretProvider.class.getName(); randomSecret = true; - } else if ("string".equals(signerSecretProviderName)) { - providerClassName = StringSignerSecretProvider.class.getName(); } else if ("file".equals(signerSecretProviderName)) { providerClassName = FileSignerSecretProvider.class.getName(); } else if ("zookeeper".equals(signerSecretProviderName)) { http://git-wip-us.apache.org/repos/asf/hadoop/blob/526c90e0/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProvider.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProvider.java b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProvider.java deleted file mode 100644 index 57ddd37..0000000 --- a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProvider.java +++ /dev/null @@ -1,53 +0,0 @@ -/** - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. See accompanying LICENSE file. - */ -package org.apache.hadoop.security.authentication.util; - -import java.nio.charset.Charset; -import java.util.Properties; -import javax.servlet.ServletContext; -import org.apache.hadoop.classification.InterfaceAudience; -import org.apache.hadoop.classification.InterfaceStability; -import org.apache.hadoop.security.authentication.server.AuthenticationFilter; - -/** - * A SignerSecretProvider that simply creates a secret based on a given String. - */ -@InterfaceStability.Unstable -@InterfaceAudience.Private -public class StringSignerSecretProvider extends SignerSecretProvider { - - private byte[] secret; - private byte[][] secrets; - - public StringSignerSecretProvider() {} - - @Override - public void init(Properties config, ServletContext servletContext, - long tokenValidity) throws Exception { - String signatureSecret = config.getProperty( - AuthenticationFilter.SIGNATURE_SECRET, null); - secret = signatureSecret.getBytes(Charset.forName("UTF-8")); - secrets = new byte[][]{secret}; - } - - @Override - public byte[] getCurrentSecret() { - return secret; - } - - @Override - public byte[][] getAllSecrets() { - return secrets; - } -} http://git-wip-us.apache.org/repos/asf/hadoop/blob/526c90e0/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java b/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java index a03894b..26c10a9 100644 --- a/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java +++ b/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java @@ -38,7 +38,7 @@ import org.apache.hadoop.security.authentication.client.AuthenticatedURL; import org.apache.hadoop.security.authentication.client.AuthenticationException; import org.apache.hadoop.security.authentication.util.Signer; import org.apache.hadoop.security.authentication.util.SignerSecretProvider; -import org.apache.hadoop.security.authentication.util.StringSignerSecretProvider; +import org.apache.hadoop.security.authentication.util.StringSignerSecretProviderCreator; import org.junit.Assert; import org.junit.Test; import org.mockito.Mockito; @@ -158,15 +158,15 @@ public class TestAuthenticationFilter { try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn("simple"); - Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TOKEN_VALIDITY)).thenReturn( + Mockito.when(config.getInitParameter( + AuthenticationFilter.AUTH_TOKEN_VALIDITY)).thenReturn( (new Long(TOKEN_VALIDITY_SEC)).toString()); Mockito.when(config.getInitParameterNames()).thenReturn( - new Vector(Arrays.asList(AuthenticationFilter.AUTH_TYPE, - AuthenticationFilter.AUTH_TOKEN_VALIDITY)).elements()); + new Vector(Arrays.asList(AuthenticationFilter.AUTH_TYPE, + AuthenticationFilter.AUTH_TOKEN_VALIDITY)).elements()); ServletContext context = Mockito.mock(ServletContext.class); - Mockito.when(context.getAttribute( - AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) - .thenReturn(null); + Mockito.when(context.getAttribute(AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) + .thenReturn(null); Mockito.when(config.getServletContext()).thenReturn(context); filter.init(config); Assert.assertEquals(PseudoAuthenticationHandler.class, filter.getAuthenticationHandler().getClass()); @@ -179,27 +179,6 @@ public class TestAuthenticationFilter { filter.destroy(); } - // string secret - filter = new AuthenticationFilter(); - try { - FilterConfig config = Mockito.mock(FilterConfig.class); - Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn("simple"); - Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn("secret"); - Mockito.when(config.getInitParameterNames()).thenReturn( - new Vector(Arrays.asList(AuthenticationFilter.AUTH_TYPE, - AuthenticationFilter.SIGNATURE_SECRET)).elements()); - ServletContext context = Mockito.mock(ServletContext.class); - Mockito.when(context.getAttribute( - AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) - .thenReturn(null); - Mockito.when(config.getServletContext()).thenReturn(context); - filter.init(config); - Assert.assertFalse(filter.isRandomSecret()); - Assert.assertFalse(filter.isCustomSignerSecretProvider()); - } finally { - filter.destroy(); - } - // custom secret as inline filter = new AuthenticationFilter(); try { @@ -278,11 +257,7 @@ public class TestAuthenticationFilter { new Vector(Arrays.asList(AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.COOKIE_DOMAIN, AuthenticationFilter.COOKIE_PATH)).elements()); - ServletContext context = Mockito.mock(ServletContext.class); - Mockito.when(context.getAttribute( - AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) - .thenReturn(null); - Mockito.when(config.getServletContext()).thenReturn(context); + getMockedServletContextWithStringSigner(config); filter.init(config); Assert.assertEquals(".foo.com", filter.getCookieDomain()); Assert.assertEquals("/bar", filter.getCookiePath()); @@ -303,11 +278,7 @@ public class TestAuthenticationFilter { new Vector( Arrays.asList(AuthenticationFilter.AUTH_TYPE, "management.operation.return")).elements()); - ServletContext context = Mockito.mock(ServletContext.class); - Mockito.when(context.getAttribute( - AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) - .thenReturn(null); - Mockito.when(config.getServletContext()).thenReturn(context); + getMockedServletContextWithStringSigner(config); filter.init(config); Assert.assertTrue(DummyAuthenticationHandler.init); } finally { @@ -345,11 +316,7 @@ public class TestAuthenticationFilter { Mockito.when(config.getInitParameterNames()).thenReturn( new Vector(Arrays.asList(AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.AUTH_TOKEN_VALIDITY)).elements()); - ServletContext context = Mockito.mock(ServletContext.class); - Mockito.when(context.getAttribute( - AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) - .thenReturn(null); - Mockito.when(config.getServletContext()).thenReturn(context); + getMockedServletContextWithStringSigner(config); filter.init(config); Assert.assertEquals(PseudoAuthenticationHandler.class, @@ -372,11 +339,7 @@ public class TestAuthenticationFilter { new Vector( Arrays.asList(AuthenticationFilter.AUTH_TYPE, "management.operation.return")).elements()); - ServletContext context = Mockito.mock(ServletContext.class); - Mockito.when(context.getAttribute( - AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) - .thenReturn(null); - Mockito.when(config.getServletContext()).thenReturn(context); + getMockedServletContextWithStringSigner(config); filter.init(config); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); @@ -392,6 +355,7 @@ public class TestAuthenticationFilter { @Test public void testGetToken() throws Exception { AuthenticationFilter filter = new AuthenticationFilter(); + try { FilterConfig config = Mockito.mock(FilterConfig.class); Mockito.when(config.getInitParameter("management.operation.return")). @@ -404,21 +368,13 @@ public class TestAuthenticationFilter { Arrays.asList(AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.SIGNATURE_SECRET, "management.operation.return")).elements()); - ServletContext context = Mockito.mock(ServletContext.class); - Mockito.when(context.getAttribute( - AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) - .thenReturn(null); - Mockito.when(config.getServletContext()).thenReturn(context); + SignerSecretProvider secretProvider = + getMockedServletContextWithStringSigner(config); filter.init(config); AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE); token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC); - StringSignerSecretProvider secretProvider - = new StringSignerSecretProvider(); - Properties secretProviderProps = new Properties(); - secretProviderProps.setProperty( - AuthenticationFilter.SIGNATURE_SECRET, "secret"); - secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC); + Signer signer = new Signer(secretProvider); String tokenSigned = signer.sign(token.toString()); @@ -448,18 +404,14 @@ public class TestAuthenticationFilter { Arrays.asList(AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.SIGNATURE_SECRET, "management.operation.return")).elements()); - ServletContext context = Mockito.mock(ServletContext.class); - Mockito.when(context.getAttribute( - AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) - .thenReturn(null); - Mockito.when(config.getServletContext()).thenReturn(context); + getMockedServletContextWithStringSigner(config); filter.init(config); AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE); token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC); - StringSignerSecretProvider secretProvider - = new StringSignerSecretProvider(); + SignerSecretProvider secretProvider = + StringSignerSecretProviderCreator.newStringSignerSecretProvider(); Properties secretProviderProps = new Properties(); secretProviderProps.setProperty( AuthenticationFilter.SIGNATURE_SECRET, "secret"); @@ -500,17 +452,13 @@ public class TestAuthenticationFilter { Arrays.asList(AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.SIGNATURE_SECRET, "management.operation.return")).elements()); - ServletContext context = Mockito.mock(ServletContext.class); - Mockito.when(context.getAttribute( - AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) - .thenReturn(null); - Mockito.when(config.getServletContext()).thenReturn(context); + getMockedServletContextWithStringSigner(config); filter.init(config); AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype"); token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC); - StringSignerSecretProvider secretProvider - = new StringSignerSecretProvider(); + SignerSecretProvider secretProvider = + StringSignerSecretProviderCreator.newStringSignerSecretProvider(); Properties secretProviderProps = new Properties(); secretProviderProps.setProperty( AuthenticationFilter.SIGNATURE_SECRET, "secret"); @@ -536,6 +484,23 @@ public class TestAuthenticationFilter { } } + private static SignerSecretProvider getMockedServletContextWithStringSigner( + FilterConfig config) throws Exception { + Properties secretProviderProps = new Properties(); + secretProviderProps.setProperty(AuthenticationFilter.SIGNATURE_SECRET, + "secret"); + SignerSecretProvider secretProvider = + StringSignerSecretProviderCreator.newStringSignerSecretProvider(); + secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC); + + ServletContext context = Mockito.mock(ServletContext.class); + Mockito.when(context.getAttribute( + AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) + .thenReturn(secretProvider); + Mockito.when(config.getServletContext()).thenReturn(context); + return secretProvider; + } + @Test public void testDoFilterNotAuthenticated() throws Exception { AuthenticationFilter filter = new AuthenticationFilter(); @@ -549,11 +514,7 @@ public class TestAuthenticationFilter { new Vector( Arrays.asList(AuthenticationFilter.AUTH_TYPE, "management.operation.return")).elements()); - ServletContext context = Mockito.mock(ServletContext.class); - Mockito.when(context.getAttribute( - AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) - .thenReturn(null); - Mockito.when(config.getServletContext()).thenReturn(context); + getMockedServletContextWithStringSigner(config); filter.init(config); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); @@ -603,11 +564,7 @@ public class TestAuthenticationFilter { AuthenticationFilter.AUTH_TOKEN_VALIDITY, AuthenticationFilter.SIGNATURE_SECRET, "management.operation" + ".return", "expired.token")).elements()); - ServletContext context = Mockito.mock(ServletContext.class); - Mockito.when(context.getAttribute( - AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) - .thenReturn(null); - Mockito.when(config.getServletContext()).thenReturn(context); + getMockedServletContextWithStringSigner(config); if (withDomainPath) { Mockito.when(config.getInitParameter(AuthenticationFilter @@ -661,8 +618,8 @@ public class TestAuthenticationFilter { Mockito.verify(chain).doFilter(Mockito.any(ServletRequest.class), Mockito.any(ServletResponse.class)); - StringSignerSecretProvider secretProvider - = new StringSignerSecretProvider(); + SignerSecretProvider secretProvider = + StringSignerSecretProviderCreator.newStringSignerSecretProvider(); Properties secretProviderProps = new Properties(); secretProviderProps.setProperty( AuthenticationFilter.SIGNATURE_SECRET, "secret"); @@ -734,11 +691,7 @@ public class TestAuthenticationFilter { new Vector( Arrays.asList(AuthenticationFilter.AUTH_TYPE, "management.operation.return")).elements()); - ServletContext context = Mockito.mock(ServletContext.class); - Mockito.when(context.getAttribute( - AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) - .thenReturn(null); - Mockito.when(config.getServletContext()).thenReturn(context); + getMockedServletContextWithStringSigner(config); filter.init(config); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); @@ -746,8 +699,8 @@ public class TestAuthenticationFilter { AuthenticationToken token = new AuthenticationToken("u", "p", "t"); token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC); - StringSignerSecretProvider secretProvider - = new StringSignerSecretProvider(); + SignerSecretProvider secretProvider = + StringSignerSecretProviderCreator.newStringSignerSecretProvider(); Properties secretProviderProps = new Properties(); secretProviderProps.setProperty( AuthenticationFilter.SIGNATURE_SECRET, "secret"); @@ -795,11 +748,7 @@ public class TestAuthenticationFilter { new Vector( Arrays.asList(AuthenticationFilter.AUTH_TYPE, "management.operation.return")).elements()); - ServletContext context = Mockito.mock(ServletContext.class); - Mockito.when(context.getAttribute( - AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) - .thenReturn(null); - Mockito.when(config.getServletContext()).thenReturn(context); + getMockedServletContextWithStringSigner(config); filter.init(config); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); @@ -863,11 +812,7 @@ public class TestAuthenticationFilter { Arrays.asList(AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.SIGNATURE_SECRET, "management.operation.return")).elements()); - ServletContext context = Mockito.mock(ServletContext.class); - Mockito.when(context.getAttribute( - AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) - .thenReturn(null); - Mockito.when(config.getServletContext()).thenReturn(context); + getMockedServletContextWithStringSigner(config); filter.init(config); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); @@ -875,8 +820,8 @@ public class TestAuthenticationFilter { AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE); token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC); - StringSignerSecretProvider secretProvider - = new StringSignerSecretProvider(); + SignerSecretProvider secretProvider = + StringSignerSecretProviderCreator.newStringSignerSecretProvider(); Properties secretProviderProps = new Properties(); secretProviderProps.setProperty( AuthenticationFilter.SIGNATURE_SECRET, secret); @@ -942,11 +887,7 @@ public class TestAuthenticationFilter { Arrays.asList(AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.SIGNATURE_SECRET, "management.operation.return")).elements()); - ServletContext context = Mockito.mock(ServletContext.class); - Mockito.when(context.getAttribute( - AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) - .thenReturn(null); - Mockito.when(config.getServletContext()).thenReturn(context); + getMockedServletContextWithStringSigner(config); filter.init(config); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); @@ -954,8 +895,8 @@ public class TestAuthenticationFilter { AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype"); token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC); - StringSignerSecretProvider secretProvider - = new StringSignerSecretProvider(); + SignerSecretProvider secretProvider = + StringSignerSecretProviderCreator.newStringSignerSecretProvider(); Properties secretProviderProps = new Properties(); secretProviderProps.setProperty( AuthenticationFilter.SIGNATURE_SECRET, secret); @@ -989,11 +930,7 @@ public class TestAuthenticationFilter { new Vector( Arrays.asList(AuthenticationFilter.AUTH_TYPE, "management.operation.return")).elements()); - ServletContext context = Mockito.mock(ServletContext.class); - Mockito.when(context.getAttribute( - AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)) - .thenReturn(null); - Mockito.when(config.getServletContext()).thenReturn(context); + getMockedServletContextWithStringSigner(config); filter.init(config); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); @@ -1013,8 +950,8 @@ public class TestAuthenticationFilter { AuthenticationToken token = new AuthenticationToken("u", "p", "t"); token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC); - StringSignerSecretProvider secretProvider - = new StringSignerSecretProvider(); + SignerSecretProvider secretProvider = + StringSignerSecretProviderCreator.newStringSignerSecretProvider(); Properties secretProviderProps = new Properties(); secretProviderProps.setProperty( AuthenticationFilter.SIGNATURE_SECRET, "secret"); http://git-wip-us.apache.org/repos/asf/hadoop/blob/526c90e0/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProvider.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProvider.java b/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProvider.java new file mode 100644 index 0000000..7e5b10e --- /dev/null +++ b/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProvider.java @@ -0,0 +1,55 @@ +/** + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. See accompanying LICENSE file. + */ +package org.apache.hadoop.security.authentication.util; + +import java.nio.charset.Charset; +import java.util.Properties; +import javax.servlet.ServletContext; + +import com.google.common.annotations.VisibleForTesting; +import org.apache.hadoop.classification.InterfaceAudience; +import org.apache.hadoop.classification.InterfaceStability; +import org.apache.hadoop.security.authentication.server.AuthenticationFilter; + +/** + * A SignerSecretProvider that simply creates a secret based on a given String. + */ +@InterfaceStability.Unstable +@VisibleForTesting +class StringSignerSecretProvider extends SignerSecretProvider { + + private byte[] secret; + private byte[][] secrets; + + public StringSignerSecretProvider() {} + + @Override + public void init(Properties config, ServletContext servletContext, + long tokenValidity) throws Exception { + String signatureSecret = config.getProperty( + AuthenticationFilter.SIGNATURE_SECRET, null); + secret = signatureSecret.getBytes(Charset.forName("UTF-8")); + secrets = new byte[][]{secret}; + } + + @Override + public byte[] getCurrentSecret() { + return secret; + } + + @Override + public byte[][] getAllSecrets() { + return secrets; + } +} http://git-wip-us.apache.org/repos/asf/hadoop/blob/526c90e0/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProviderCreator.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProviderCreator.java b/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProviderCreator.java new file mode 100644 index 0000000..e567e7b --- /dev/null +++ b/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProviderCreator.java @@ -0,0 +1,33 @@ +/** + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. See accompanying LICENSE file. + */ +package org.apache.hadoop.security.authentication.util; + +import com.google.common.annotations.VisibleForTesting; +import org.apache.hadoop.classification.InterfaceStability; + +/** + * Helper class for creating StringSignerSecretProviders in unit tests + */ +@InterfaceStability.Unstable +@VisibleForTesting +public class StringSignerSecretProviderCreator { + /** + * @return a new StringSignerSecretProvider + * @throws Exception + */ + public static StringSignerSecretProvider newStringSignerSecretProvider() + throws Exception { + return new StringSignerSecretProvider(); + } +} http://git-wip-us.apache.org/repos/asf/hadoop/blob/526c90e0/hadoop-common-project/hadoop-common/CHANGES.txt ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt b/hadoop-common-project/hadoop-common/CHANGES.txt index 40b4f84..e739a8f 100644 --- a/hadoop-common-project/hadoop-common/CHANGES.txt +++ b/hadoop-common-project/hadoop-common/CHANGES.txt @@ -1163,6 +1163,9 @@ Release 2.7.0 - UNRELEASED HADOOP-11738. Fix a link of Protocol Buffers 2.5 for download in BUILDING.txt. (ozawa) + HADOOP-11748. The secrets of auth cookies should not be specified in + configuration in clear text. (Li Lu and Haohui Mai via wheat9) + Release 2.6.1 - UNRELEASED INCOMPATIBLE CHANGES http://git-wip-us.apache.org/repos/asf/hadoop/blob/526c90e0/hadoop-hdfs-project/hadoop-hdfs-httpfs/pom.xml ---------------------------------------------------------------------- diff --git a/hadoop-hdfs-project/hadoop-hdfs-httpfs/pom.xml b/hadoop-hdfs-project/hadoop-hdfs-httpfs/pom.xml index ddc6033..520e30f 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-httpfs/pom.xml +++ b/hadoop-hdfs-project/hadoop-hdfs-httpfs/pom.xml @@ -196,6 +196,12 @@ test-jar + org.apache.hadoop + hadoop-auth + test + test-jar + + log4j log4j compile http://git-wip-us.apache.org/repos/asf/hadoop/blob/526c90e0/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/test/java/org/apache/hadoop/fs/http/server/TestHttpFSServer.java ---------------------------------------------------------------------- diff --git a/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/test/java/org/apache/hadoop/fs/http/server/TestHttpFSServer.java b/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/test/java/org/apache/hadoop/fs/http/server/TestHttpFSServer.java index 763d168..14b7a43 100644 --- a/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/test/java/org/apache/hadoop/fs/http/server/TestHttpFSServer.java +++ b/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/test/java/org/apache/hadoop/fs/http/server/TestHttpFSServer.java @@ -18,6 +18,8 @@ package org.apache.hadoop.fs.http.server; import org.apache.hadoop.hdfs.DFSConfigKeys; +import org.apache.hadoop.security.authentication.util.SignerSecretProvider; +import org.apache.hadoop.security.authentication.util.StringSignerSecretProviderCreator; import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator; import org.apache.hadoop.security.token.delegation.web.KerberosDelegationTokenAuthenticationHandler; import org.json.simple.JSONArray; @@ -68,7 +70,6 @@ import org.mortbay.jetty.webapp.WebAppContext; import com.google.common.collect.Maps; import java.util.Properties; import org.apache.hadoop.security.authentication.server.AuthenticationFilter; -import org.apache.hadoop.security.authentication.util.StringSignerSecretProvider; public class TestHttpFSServer extends HFSTestCase { @@ -687,7 +688,8 @@ public class TestHttpFSServer extends HFSTestCase { new AuthenticationToken("u", "p", new KerberosDelegationTokenAuthenticationHandler().getType()); token.setExpires(System.currentTimeMillis() + 100000000); - StringSignerSecretProvider secretProvider = new StringSignerSecretProvider(); + SignerSecretProvider secretProvider = + StringSignerSecretProviderCreator.newStringSignerSecretProvider(); Properties secretProviderProps = new Properties(); secretProviderProps.setProperty(AuthenticationFilter.SIGNATURE_SECRET, "secret"); secretProvider.init(secretProviderProps, null, -1);