YARN-6989 Ensure timeline service v2 codebase gets UGI from HttpServletRequest in a consistent way. Contributed by Abhishek Modi

This commit is contained in:
Vrushali C 2018-10-10 15:17:05 -07:00
parent bf3d591f0c
commit 045069efec
2 changed files with 3 additions and 20 deletions

View File

@ -269,25 +269,8 @@ public final class TimelineReaderWebServicesUtils {
* @return UGI.
*/
public static UserGroupInformation getUser(HttpServletRequest req) {
return getCallerUserGroupInformation(req, false);
}
/**
* Get UGI from the HTTP request.
*
* @param hsr HTTP request.
* @param usePrincipal if true, use principal name else use remote user name
* @return UGI.
*/
public static UserGroupInformation getCallerUserGroupInformation(
HttpServletRequest hsr, boolean usePrincipal) {
String remoteUser = hsr.getRemoteUser();
if (usePrincipal) {
Principal princ = hsr.getUserPrincipal();
remoteUser = princ == null ? null : princ.getName();
}
Principal princ = req.getUserPrincipal();
String remoteUser = princ == null ? null : princ.getName();
UserGroupInformation callerUGI = null;
if (remoteUser != null) {
callerUGI = UserGroupInformation.createRemoteUser(remoteUser);

View File

@ -67,7 +67,7 @@ public class TimelineReaderWhitelistAuthorizationFilter implements Filter {
if (isWhitelistReadAuthEnabled) {
UserGroupInformation callerUGI = TimelineReaderWebServicesUtils
.getCallerUserGroupInformation(httpRequest, true);
.getUser(httpRequest);
if (callerUGI == null) {
String msg = "Unable to obtain user name, user not authenticated";
throw new AuthorizationException(msg);