Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id A0865200BBE for ; Fri, 11 Nov 2016 23:42:55 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 9F391160AF6; Fri, 11 Nov 2016 22:42:55 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id C0F1A160B01 for ; Fri, 11 Nov 2016 23:42:54 +0100 (CET) Received: (qmail 91782 invoked by uid 500); 11 Nov 2016 22:42:48 -0000 Mailing-List: contact common-commits-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list common-commits@hadoop.apache.org Received: (qmail 91753 invoked by uid 99); 11 Nov 2016 22:42:48 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 11 Nov 2016 22:42:48 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 3CC50E01F4; Fri, 11 Nov 2016 22:42:48 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: subru@apache.org To: common-commits@hadoop.apache.org Date: Fri, 11 Nov 2016 22:42:48 -0000 Message-Id: <00c3cd38c7224cf6bee16084d5e2a137@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [01/50] [abbrv] hadoop git commit: HADOOP-13346. DelegationTokenAuthenticationHandler writes via closed writer. Contributed by Gregory Chanan and Hrishikesh Gadre. [Forced Update!] archived-at: Fri, 11 Nov 2016 22:42:55 -0000 Repository: hadoop Updated Branches: refs/heads/YARN-2915 c3a56720d -> e38a4a483 (forced update) HADOOP-13346. DelegationTokenAuthenticationHandler writes via closed writer. Contributed by Gregory Chanan and Hrishikesh Gadre. Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/822ae88f Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/822ae88f Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/822ae88f Branch: refs/heads/YARN-2915 Commit: 822ae88f7da638e15a25747f6965caee8198aca6 Parents: c619e9b Author: Xiao Chen Authored: Wed Nov 9 09:32:15 2016 -0800 Committer: Xiao Chen Committed: Wed Nov 9 09:33:00 2016 -0800 ---------------------------------------------------------------------- .../DelegationTokenAuthenticationHandler.java | 32 ++++++++++++- ...tionTokenAuthenticationHandlerWithMocks.java | 50 ++++++++++++++++++++ 2 files changed, 81 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/822ae88f/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationHandler.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationHandler.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationHandler.java index c23a94f..315c9d6 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationHandler.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationHandler.java @@ -48,6 +48,8 @@ import org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdenti import org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager; import org.apache.hadoop.util.HttpExceptionUtils; import org.apache.hadoop.util.StringUtils; +import org.codehaus.jackson.JsonFactory; +import org.codehaus.jackson.JsonGenerator; import org.codehaus.jackson.map.ObjectMapper; import com.google.common.annotations.VisibleForTesting; @@ -89,6 +91,8 @@ public abstract class DelegationTokenAuthenticationHandler public static final String DELEGATION_TOKEN_UGI_ATTRIBUTE = "hadoop.security.delegation-token.ugi"; + public static final String JSON_MAPPER_PREFIX = PREFIX + "json-mapper."; + static { DELEGATION_TOKEN_OPS.add(KerberosDelegationTokenAuthenticator. DelegationTokenOperation.GETDELEGATIONTOKEN.toString()); @@ -101,6 +105,7 @@ public abstract class DelegationTokenAuthenticationHandler private AuthenticationHandler authHandler; private DelegationTokenManager tokenManager; private String authType; + private JsonFactory jsonFactory; public DelegationTokenAuthenticationHandler(AuthenticationHandler handler) { authHandler = handler; @@ -120,6 +125,7 @@ public abstract class DelegationTokenAuthenticationHandler public void init(Properties config) throws ServletException { authHandler.init(config); initTokenManager(config); + initJsonFactory(config); } /** @@ -153,6 +159,30 @@ public abstract class DelegationTokenAuthenticationHandler tokenManager.init(); } + @VisibleForTesting + public void initJsonFactory(Properties config) { + boolean hasFeature = false; + JsonFactory tmpJsonFactory = new JsonFactory(); + + for (Map.Entry entry : config.entrySet()) { + String key = (String)entry.getKey(); + if (key.startsWith(JSON_MAPPER_PREFIX)) { + JsonGenerator.Feature feature = + JsonGenerator.Feature.valueOf(key.substring(JSON_MAPPER_PREFIX + .length())); + if (feature != null) { + hasFeature = true; + boolean enabled = Boolean.parseBoolean((String)entry.getValue()); + tmpJsonFactory.configure(feature, enabled); + } + } + } + + if (hasFeature) { + jsonFactory = tmpJsonFactory; + } + } + @Override public void destroy() { tokenManager.destroy(); @@ -298,7 +328,7 @@ public abstract class DelegationTokenAuthenticationHandler if (map != null) { response.setContentType(MediaType.APPLICATION_JSON); Writer writer = response.getWriter(); - ObjectMapper jsonMapper = new ObjectMapper(); + ObjectMapper jsonMapper = new ObjectMapper(jsonFactory); jsonMapper.writeValue(writer, map); writer.write(ENTER); writer.flush(); http://git-wip-us.apache.org/repos/asf/hadoop/blob/822ae88f/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/token/delegation/web/TestDelegationTokenAuthenticationHandlerWithMocks.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/token/delegation/web/TestDelegationTokenAuthenticationHandlerWithMocks.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/token/delegation/web/TestDelegationTokenAuthenticationHandlerWithMocks.java index d9c4f02..361d7fd 100644 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/token/delegation/web/TestDelegationTokenAuthenticationHandlerWithMocks.java +++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/token/delegation/web/TestDelegationTokenAuthenticationHandlerWithMocks.java @@ -17,6 +17,9 @@ */ package org.apache.hadoop.security.token.delegation.web; +import static org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator.DelegationTokenOperation.*; + +import org.apache.commons.lang.mutable.MutableBoolean; import org.apache.hadoop.io.Text; import org.apache.hadoop.security.UserGroupInformation; import org.apache.hadoop.security.authentication.client.AuthenticationException; @@ -458,4 +461,51 @@ public class TestDelegationTokenAuthenticationHandlerWithMocks { Assert.assertFalse(handler.managementOperation(null, request, response)); Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED); } + + @Test + public void testWriterNotClosed() throws Exception { + Properties conf = new Properties(); + conf.put(KerberosDelegationTokenAuthenticationHandler.TOKEN_KIND, "foo"); + conf.put(DelegationTokenAuthenticationHandler.JSON_MAPPER_PREFIX + + "AUTO_CLOSE_TARGET", "false"); + DelegationTokenAuthenticationHandler noAuthCloseHandler = + new MockDelegationTokenAuthenticationHandler(); + try { + noAuthCloseHandler.initTokenManager(conf); + noAuthCloseHandler.initJsonFactory(conf); + + DelegationTokenAuthenticator.DelegationTokenOperation op = + GETDELEGATIONTOKEN; + HttpServletRequest request = Mockito.mock(HttpServletRequest.class); + HttpServletResponse response = Mockito.mock(HttpServletResponse.class); + Mockito.when(request.getQueryString()).thenReturn( + DelegationTokenAuthenticator.OP_PARAM + "=" + op.toString()); + Mockito.when(request.getMethod()).thenReturn(op.getHttpMethod()); + + AuthenticationToken token = Mockito.mock(AuthenticationToken.class); + Mockito.when(token.getUserName()).thenReturn("user"); + final MutableBoolean closed = new MutableBoolean(); + PrintWriter printWriterCloseCount = new PrintWriter(new StringWriter()) { + @Override + public void close() { + closed.setValue(true); + super.close(); + } + + @Override + public void write(String str) { + if (closed.booleanValue()) { + throw new RuntimeException("already closed!"); + } + super.write(str); + } + + }; + Mockito.when(response.getWriter()).thenReturn(printWriterCloseCount); + Assert.assertFalse(noAuthCloseHandler.managementOperation(token, request, + response)); + } finally { + noAuthCloseHandler.destroy(); + } + } } --------------------------------------------------------------------- To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org For additional commands, e-mail: common-commits-help@hadoop.apache.org