hadoop-hdfs-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bor...@apache.org
Subject svn commit: r957378 - in /hadoop/hdfs/trunk: ./ src/java/org/apache/hadoop/hdfs/server/common/ src/java/org/apache/hadoop/hdfs/server/namenode/ src/test/hdfs/org/apache/hadoop/hdfs/server/namenode/
Date Wed, 23 Jun 2010 22:15:26 GMT
Author: boryas
Date: Wed Jun 23 22:15:26 2010
New Revision: 957378

URL: http://svn.apache.org/viewvc?rev=957378&view=rev
Log:
HDFS-1017. browsedfs jsp should call JspHelper.getUGI rather than using createRemoteUser()

Modified:
    hadoop/hdfs/trunk/CHANGES.txt
    hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/server/common/JspHelper.java
    hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/server/namenode/NamenodeJspHelper.java
    hadoop/hdfs/trunk/src/test/hdfs/org/apache/hadoop/hdfs/server/namenode/TestNameNodeJspHelper.java

Modified: hadoop/hdfs/trunk/CHANGES.txt
URL: http://svn.apache.org/viewvc/hadoop/hdfs/trunk/CHANGES.txt?rev=957378&r1=957377&r2=957378&view=diff
==============================================================================
--- hadoop/hdfs/trunk/CHANGES.txt (original)
+++ hadoop/hdfs/trunk/CHANGES.txt Wed Jun 23 22:15:26 2010
@@ -96,6 +96,9 @@ Trunk (unreleased changes)
 
     HDFS-1036. in DelegationTokenFetch dfs.getURI returns no port (boryas)
 
+    HDFS-1017. browsedfs jsp should call JspHelper.getUGI rather 
+    than using createRemoteUser() (jnp via boryas)
+
 Release 0.21.0 - Unreleased
 
   INCOMPATIBLE CHANGES

Modified: hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/server/common/JspHelper.java
URL: http://svn.apache.org/viewvc/hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/server/common/JspHelper.java?rev=957378&r1=957377&r2=957378&view=diff
==============================================================================
--- hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/server/common/JspHelper.java (original)
+++ hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/server/common/JspHelper.java Wed Jun
23 22:15:26 2010
@@ -491,6 +491,8 @@ public class JspHelper {
                                 "authenticated by filter");
         }
         ugi = UserGroupInformation.createRemoteUser(user);
+        // This is not necessarily true, could have been auth'ed by user-facing
+        // filter
         ugi.setAuthenticationMethod(AuthenticationMethod.KERBEROS_SSL);
       }
     } else { // Security's not on, pull from url

Modified: hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/server/namenode/NamenodeJspHelper.java
URL: http://svn.apache.org/viewvc/hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/server/namenode/NamenodeJspHelper.java?rev=957378&r1=957377&r2=957378&view=diff
==============================================================================
--- hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/server/namenode/NamenodeJspHelper.java
(original)
+++ hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/server/namenode/NamenodeJspHelper.java
Wed Jun 23 22:15:26 2010
@@ -295,20 +295,19 @@ class NamenodeJspHelper {
     }
   }
 
-  static String getDelegationToken(final NameNode nn, final String user
-                                   ) throws IOException, InterruptedException {
-    if (!UserGroupInformation.isSecurityEnabled() ||  user == null) {
-      return null;
-    }
-    UserGroupInformation ugi = UserGroupInformation.createRemoteUser(user);
-    Token<DelegationTokenIdentifier> token =
-      ugi.doAs(
-               new PrivilegedExceptionAction<Token<DelegationTokenIdentifier>>()
{
-                 public Token<DelegationTokenIdentifier> run() throws IOException {
-                   return nn.getDelegationToken(new Text(user));
-                 }
-               });
-    return token.encodeToUrlString();
+  static String getDelegationToken(final NameNode nn,
+      HttpServletRequest request, Configuration conf) throws IOException,
+      InterruptedException {
+    final UserGroupInformation ugi = JspHelper.getUGI(request, conf);
+
+    Token<DelegationTokenIdentifier> token = ugi
+        .doAs(new PrivilegedExceptionAction<Token<DelegationTokenIdentifier>>()
{
+          public Token<DelegationTokenIdentifier> run() throws IOException {
+            return nn.getDelegationToken(new Text(ugi.getUserName()));
+          }
+        });
+
+    return token == null ? null : token.encodeToUrlString();
   }
 
   static void redirectToRandomDataNode(final NameNode nn, 
@@ -318,8 +317,7 @@ class NamenodeJspHelper {
                                        ) throws IOException,
                                                 InterruptedException {
     final DatanodeID datanode = nn.getNamesystem().getRandomDatanode();
-    final String user = request.getRemoteUser();
-    String tokenString = getDelegationToken(nn, user);
+    String tokenString = getDelegationToken(nn, request, conf);
     // if the user is defined, get a delegation token and stringify it
     final String redirectLocation;
     final String nodeToRedirect;

Modified: hadoop/hdfs/trunk/src/test/hdfs/org/apache/hadoop/hdfs/server/namenode/TestNameNodeJspHelper.java
URL: http://svn.apache.org/viewvc/hadoop/hdfs/trunk/src/test/hdfs/org/apache/hadoop/hdfs/server/namenode/TestNameNodeJspHelper.java?rev=957378&r1=957377&r2=957378&view=diff
==============================================================================
--- hadoop/hdfs/trunk/src/test/hdfs/org/apache/hadoop/hdfs/server/namenode/TestNameNodeJspHelper.java
(original)
+++ hadoop/hdfs/trunk/src/test/hdfs/org/apache/hadoop/hdfs/server/namenode/TestNameNodeJspHelper.java
Wed Jun 23 22:15:26 2010
@@ -18,8 +18,12 @@
 package org.apache.hadoop.hdfs.server.namenode;
 
 
+import static org.mockito.Mockito.mock;
+
 import java.io.IOException;
 
+import javax.servlet.http.HttpServletRequest;
+
 import junit.framework.Assert;
 
 import org.apache.hadoop.conf.Configuration;
@@ -32,10 +36,11 @@ import org.junit.Test;
 public class TestNameNodeJspHelper {
 
   private MiniDFSCluster cluster = null;
+  Configuration conf = null;
 
   @Before
   public void setUp() throws Exception {
-    Configuration conf = new HdfsConfiguration();
+    conf = new HdfsConfiguration();
     cluster  = new MiniDFSCluster(conf, 1, true, null);
     cluster.waitActive();
   }
@@ -49,7 +54,9 @@ public class TestNameNodeJspHelper {
   @Test
   public void testDelegationToken() throws IOException, InterruptedException {
     NameNode nn = cluster.getNameNode();
-    String tokenString = NamenodeJspHelper.getDelegationToken(nn, "SomeUser");
+    HttpServletRequest request = mock(HttpServletRequest.class);
+    String tokenString = NamenodeJspHelper
+        .getDelegationToken(nn, request, conf);
     //tokenString returned must be null because security is disabled
     Assert.assertEquals(null, tokenString);
   }



Mime
View raw message