From 3a7841aeb8fe1bd861cc4e959f20fbbcb0172f30 Mon Sep 17 00:00:00 2001
From: Boris Shkolnik <boryas@apache.org>
Date: Tue, 16 Feb 2010 22:46:36 +0000
Subject: [PATCH] HADOOP-6549. TestDoAsEffectiveUser should use ip address of
 the host for superuser ip check

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@910741 13f79535-47bb-0310-9956-ffa450edef68
---
 CHANGES.txt                                   |  3 ++
 .../security/TestDoAsEffectiveUser.java       | 47 +++++++++++++++----
 2 files changed, 41 insertions(+), 9 deletions(-)

diff --git a/CHANGES.txt b/CHANGES.txt
index f8a6f7dfa90..d945996001c 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -204,6 +204,9 @@ Trunk (unreleased changes)
 
     HADOOP-6560. Handle invalid har:// uri in HarFileSystem.  (szetszwo)
 
+    HADOOP-6549. TestDoAsEffectiveUser should use ip address of the host
+     for superuser ip check(jnp via boryas)
+
 Release 0.21.0 - Unreleased
 
   INCOMPATIBLE CHANGES
diff --git a/src/test/core/org/apache/hadoop/security/TestDoAsEffectiveUser.java b/src/test/core/org/apache/hadoop/security/TestDoAsEffectiveUser.java
index 2db9acaa916..0f517bdb406 100644
--- a/src/test/core/org/apache/hadoop/security/TestDoAsEffectiveUser.java
+++ b/src/test/core/org/apache/hadoop/security/TestDoAsEffectiveUser.java
@@ -18,8 +18,12 @@
 package org.apache.hadoop.security;
 
 import java.io.IOException;
+import java.net.InetAddress;
 import java.net.InetSocketAddress;
+import java.net.NetworkInterface;
 import java.security.PrivilegedExceptionAction;
+import java.util.ArrayList;
+import java.util.Enumeration;
 
 import junit.framework.Assert;
 
@@ -38,6 +42,7 @@ import org.apache.hadoop.ipc.TestSaslRPC;
 import org.apache.hadoop.ipc.TestSaslRPC.TestTokenSecretManager;
 import org.apache.hadoop.ipc.TestSaslRPC.TestTokenIdentifier;
 import org.apache.hadoop.ipc.TestSaslRPC.TestTokenSelector;
+import org.apache.commons.logging.*;
 
 /**
  *
@@ -52,7 +57,35 @@ public class TestDoAsEffectiveUser {
       GROUP2_NAME };
   private static final String ADDRESS = "0.0.0.0";
   private TestProtocol proxy;
-
+  
+  public static final Log LOG = LogFactory
+      .getLog(TestDoAsEffectiveUser.class);
+  
+  private void configureSuperUserIPAddresses(Configuration conf,
+      String superUserShortName) throws IOException {
+    ArrayList<String> ipList = new ArrayList<String>();
+    Enumeration<NetworkInterface> netInterfaceList = NetworkInterface
+        .getNetworkInterfaces();
+    while (netInterfaceList.hasMoreElements()) {
+      NetworkInterface inf = netInterfaceList.nextElement();
+      Enumeration<InetAddress> addrList = inf.getInetAddresses();
+      while (addrList.hasMoreElements()) {
+        InetAddress addr = addrList.nextElement();
+        ipList.add(addr.getHostAddress());
+      }
+    }
+    StringBuilder builder = new StringBuilder();
+    for (String ip : ipList) {
+      builder.append(ip);
+      builder.append(',');
+    }
+    builder.append("127.0.1.1,");
+    builder.append(InetAddress.getLocalHost().getCanonicalHostName());
+    LOG.info("Local Ip addresses: "+builder.toString());
+    conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(superUserShortName),
+        builder.toString());
+  }
+  
   /**
    * Test method for
    * {@link org.apache.hadoop.security.UserGroupInformation#createProxyUser(java.lang.String, org.apache.hadoop.security.UserGroupInformation)}
@@ -100,8 +133,7 @@ public class TestDoAsEffectiveUser {
     final Configuration conf = new Configuration();
     conf.setStrings(ProxyUsers
         .getProxySuperuserGroupConfKey(REAL_USER_SHORT_NAME), "group1");
-    conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_SHORT_NAME),
-        "127.0.0.1","127.0.1.1", "localhost");
+    configureSuperUserIPAddresses(conf, REAL_USER_SHORT_NAME);
     Server server = RPC.getServer(TestProtocol.class, new TestImpl(), ADDRESS,
         0, 5, true, conf, null);
 
@@ -139,8 +171,7 @@ public class TestDoAsEffectiveUser {
   @Test
   public void testRealUserAuthorizationSuccess() throws IOException {
     final Configuration conf = new Configuration();
-    conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_SHORT_NAME),
-        "127.0.0.1","127.0.1.1", "localhost");
+    configureSuperUserIPAddresses(conf, REAL_USER_SHORT_NAME);
     conf.setStrings(ProxyUsers.getProxySuperuserGroupConfKey(REAL_USER_SHORT_NAME),
         "group1");
     Server server = RPC.getServer(TestProtocol.class, new TestImpl(), ADDRESS,
@@ -264,8 +295,7 @@ public class TestDoAsEffectiveUser {
   @Test
   public void testRealUserGroupNotSpecified() throws IOException {
     final Configuration conf = new Configuration();
-    conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_SHORT_NAME),
-        "127.0.0.1","127.0.1.1","localhost");
+    configureSuperUserIPAddresses(conf, REAL_USER_SHORT_NAME);
     Server server = RPC.getServer(TestProtocol.class, new TestImpl(), ADDRESS,
         0, 2, false, conf, null);
 
@@ -303,8 +333,7 @@ public class TestDoAsEffectiveUser {
   @Test
   public void testRealUserGroupAuthorizationFailure() throws IOException {
     final Configuration conf = new Configuration();
-    conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_SHORT_NAME),
-        "127.0.0.1","127.0.1.1","localhost");
+    configureSuperUserIPAddresses(conf, REAL_USER_SHORT_NAME);
     conf.setStrings(ProxyUsers.getProxySuperuserGroupConfKey(REAL_USER_SHORT_NAME),
         "group3");
     Server server = RPC.getServer(TestProtocol.class, new TestImpl(), ADDRESS,