HADOOP-6549. TestDoAsEffectiveUser should use ip address of the host for superuser ip check
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@910741 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Boris Shkolnik
parent
18c6d65749
commit
3a7841aeb8
|
|
@ -204,6 +204,9 @@ Trunk (unreleased changes)
|
||||||
|
|
||||||
HADOOP-6560. Handle invalid har:// uri in HarFileSystem. (szetszwo)
|
HADOOP-6560. Handle invalid har:// uri in HarFileSystem. (szetszwo)
|
||||||
|
|
||||||
|
HADOOP-6549. TestDoAsEffectiveUser should use ip address of the host
|
||||||
|
for superuser ip check(jnp via boryas)
|
||||||
|
|
||||||
Release 0.21.0 - Unreleased
|
Release 0.21.0 - Unreleased
|
||||||
|
|
||||||
INCOMPATIBLE CHANGES
|
INCOMPATIBLE CHANGES
|
||||||
|
|
|
||||||
|
|
@ -18,8 +18,12 @@
|
||||||
package org.apache.hadoop.security;
|
package org.apache.hadoop.security;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.net.InetAddress;
|
||||||
import java.net.InetSocketAddress;
|
import java.net.InetSocketAddress;
|
||||||
|
import java.net.NetworkInterface;
|
||||||
import java.security.PrivilegedExceptionAction;
|
import java.security.PrivilegedExceptionAction;
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.Enumeration;
|
||||||
|
|
||||||
import junit.framework.Assert;
|
import junit.framework.Assert;
|
||||||
|
|
||||||
|
|
@ -38,6 +42,7 @@ import org.apache.hadoop.ipc.TestSaslRPC;
|
||||||
import org.apache.hadoop.ipc.TestSaslRPC.TestTokenSecretManager;
|
import org.apache.hadoop.ipc.TestSaslRPC.TestTokenSecretManager;
|
||||||
import org.apache.hadoop.ipc.TestSaslRPC.TestTokenIdentifier;
|
import org.apache.hadoop.ipc.TestSaslRPC.TestTokenIdentifier;
|
||||||
import org.apache.hadoop.ipc.TestSaslRPC.TestTokenSelector;
|
import org.apache.hadoop.ipc.TestSaslRPC.TestTokenSelector;
|
||||||
|
import org.apache.commons.logging.*;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
|
|
@ -52,7 +57,35 @@ public class TestDoAsEffectiveUser {
|
||||||
GROUP2_NAME };
|
GROUP2_NAME };
|
||||||
private static final String ADDRESS = "0.0.0.0";
|
private static final String ADDRESS = "0.0.0.0";
|
||||||
private TestProtocol proxy;
|
private TestProtocol proxy;
|
||||||
|
|
||||||
|
public static final Log LOG = LogFactory
|
||||||
|
.getLog(TestDoAsEffectiveUser.class);
|
||||||
|
|
||||||
|
private void configureSuperUserIPAddresses(Configuration conf,
|
||||||
|
String superUserShortName) throws IOException {
|
||||||
|
ArrayList<String> ipList = new ArrayList<String>();
|
||||||
|
Enumeration<NetworkInterface> netInterfaceList = NetworkInterface
|
||||||
|
.getNetworkInterfaces();
|
||||||
|
while (netInterfaceList.hasMoreElements()) {
|
||||||
|
NetworkInterface inf = netInterfaceList.nextElement();
|
||||||
|
Enumeration<InetAddress> addrList = inf.getInetAddresses();
|
||||||
|
while (addrList.hasMoreElements()) {
|
||||||
|
InetAddress addr = addrList.nextElement();
|
||||||
|
ipList.add(addr.getHostAddress());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
StringBuilder builder = new StringBuilder();
|
||||||
|
for (String ip : ipList) {
|
||||||
|
builder.append(ip);
|
||||||
|
builder.append(',');
|
||||||
|
}
|
||||||
|
builder.append("127.0.1.1,");
|
||||||
|
builder.append(InetAddress.getLocalHost().getCanonicalHostName());
|
||||||
|
LOG.info("Local Ip addresses: "+builder.toString());
|
||||||
|
conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(superUserShortName),
|
||||||
|
builder.toString());
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Test method for
|
* Test method for
|
||||||
* {@link org.apache.hadoop.security.UserGroupInformation#createProxyUser(java.lang.String, org.apache.hadoop.security.UserGroupInformation)}
|
* {@link org.apache.hadoop.security.UserGroupInformation#createProxyUser(java.lang.String, org.apache.hadoop.security.UserGroupInformation)}
|
||||||
|
|
@ -100,8 +133,7 @@ public class TestDoAsEffectiveUser {
|
||||||
final Configuration conf = new Configuration();
|
final Configuration conf = new Configuration();
|
||||||
conf.setStrings(ProxyUsers
|
conf.setStrings(ProxyUsers
|
||||||
.getProxySuperuserGroupConfKey(REAL_USER_SHORT_NAME), "group1");
|
.getProxySuperuserGroupConfKey(REAL_USER_SHORT_NAME), "group1");
|
||||||
conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_SHORT_NAME),
|
configureSuperUserIPAddresses(conf, REAL_USER_SHORT_NAME);
|
||||||
"127.0.0.1","127.0.1.1", "localhost");
|
|
||||||
Server server = RPC.getServer(TestProtocol.class, new TestImpl(), ADDRESS,
|
Server server = RPC.getServer(TestProtocol.class, new TestImpl(), ADDRESS,
|
||||||
0, 5, true, conf, null);
|
0, 5, true, conf, null);
|
||||||
|
|
||||||
|
|
@ -139,8 +171,7 @@ public class TestDoAsEffectiveUser {
|
||||||
@Test
|
@Test
|
||||||
public void testRealUserAuthorizationSuccess() throws IOException {
|
public void testRealUserAuthorizationSuccess() throws IOException {
|
||||||
final Configuration conf = new Configuration();
|
final Configuration conf = new Configuration();
|
||||||
conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_SHORT_NAME),
|
configureSuperUserIPAddresses(conf, REAL_USER_SHORT_NAME);
|
||||||
"127.0.0.1","127.0.1.1", "localhost");
|
|
||||||
conf.setStrings(ProxyUsers.getProxySuperuserGroupConfKey(REAL_USER_SHORT_NAME),
|
conf.setStrings(ProxyUsers.getProxySuperuserGroupConfKey(REAL_USER_SHORT_NAME),
|
||||||
"group1");
|
"group1");
|
||||||
Server server = RPC.getServer(TestProtocol.class, new TestImpl(), ADDRESS,
|
Server server = RPC.getServer(TestProtocol.class, new TestImpl(), ADDRESS,
|
||||||
|
|
@ -264,8 +295,7 @@ public class TestDoAsEffectiveUser {
|
||||||
@Test
|
@Test
|
||||||
public void testRealUserGroupNotSpecified() throws IOException {
|
public void testRealUserGroupNotSpecified() throws IOException {
|
||||||
final Configuration conf = new Configuration();
|
final Configuration conf = new Configuration();
|
||||||
conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_SHORT_NAME),
|
configureSuperUserIPAddresses(conf, REAL_USER_SHORT_NAME);
|
||||||
"127.0.0.1","127.0.1.1","localhost");
|
|
||||||
Server server = RPC.getServer(TestProtocol.class, new TestImpl(), ADDRESS,
|
Server server = RPC.getServer(TestProtocol.class, new TestImpl(), ADDRESS,
|
||||||
0, 2, false, conf, null);
|
0, 2, false, conf, null);
|
||||||
|
|
||||||
|
|
@ -303,8 +333,7 @@ public class TestDoAsEffectiveUser {
|
||||||
@Test
|
@Test
|
||||||
public void testRealUserGroupAuthorizationFailure() throws IOException {
|
public void testRealUserGroupAuthorizationFailure() throws IOException {
|
||||||
final Configuration conf = new Configuration();
|
final Configuration conf = new Configuration();
|
||||||
conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_SHORT_NAME),
|
configureSuperUserIPAddresses(conf, REAL_USER_SHORT_NAME);
|
||||||
"127.0.0.1","127.0.1.1","localhost");
|
|
||||||
conf.setStrings(ProxyUsers.getProxySuperuserGroupConfKey(REAL_USER_SHORT_NAME),
|
conf.setStrings(ProxyUsers.getProxySuperuserGroupConfKey(REAL_USER_SHORT_NAME),
|
||||||
"group3");
|
"group3");
|
||||||
Server server = RPC.getServer(TestProtocol.class, new TestImpl(), ADDRESS,
|
Server server = RPC.getServer(TestProtocol.class, new TestImpl(), ADDRESS,
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue