HADOOP-6549. TestDoAsEffectiveUser should use ip address of the host for superuser ip check
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@910741 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
18c6d65749
commit
3a7841aeb8
|
@ -204,6 +204,9 @@ Trunk (unreleased changes)
|
|||
|
||||
HADOOP-6560. Handle invalid har:// uri in HarFileSystem. (szetszwo)
|
||||
|
||||
HADOOP-6549. TestDoAsEffectiveUser should use ip address of the host
|
||||
for superuser ip check(jnp via boryas)
|
||||
|
||||
Release 0.21.0 - Unreleased
|
||||
|
||||
INCOMPATIBLE CHANGES
|
||||
|
|
|
@ -18,8 +18,12 @@
|
|||
package org.apache.hadoop.security;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.net.InetAddress;
|
||||
import java.net.InetSocketAddress;
|
||||
import java.net.NetworkInterface;
|
||||
import java.security.PrivilegedExceptionAction;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Enumeration;
|
||||
|
||||
import junit.framework.Assert;
|
||||
|
||||
|
@ -38,6 +42,7 @@ import org.apache.hadoop.ipc.TestSaslRPC;
|
|||
import org.apache.hadoop.ipc.TestSaslRPC.TestTokenSecretManager;
|
||||
import org.apache.hadoop.ipc.TestSaslRPC.TestTokenIdentifier;
|
||||
import org.apache.hadoop.ipc.TestSaslRPC.TestTokenSelector;
|
||||
import org.apache.commons.logging.*;
|
||||
|
||||
/**
|
||||
*
|
||||
|
@ -53,6 +58,34 @@ public class TestDoAsEffectiveUser {
|
|||
private static final String ADDRESS = "0.0.0.0";
|
||||
private TestProtocol proxy;
|
||||
|
||||
public static final Log LOG = LogFactory
|
||||
.getLog(TestDoAsEffectiveUser.class);
|
||||
|
||||
private void configureSuperUserIPAddresses(Configuration conf,
|
||||
String superUserShortName) throws IOException {
|
||||
ArrayList<String> ipList = new ArrayList<String>();
|
||||
Enumeration<NetworkInterface> netInterfaceList = NetworkInterface
|
||||
.getNetworkInterfaces();
|
||||
while (netInterfaceList.hasMoreElements()) {
|
||||
NetworkInterface inf = netInterfaceList.nextElement();
|
||||
Enumeration<InetAddress> addrList = inf.getInetAddresses();
|
||||
while (addrList.hasMoreElements()) {
|
||||
InetAddress addr = addrList.nextElement();
|
||||
ipList.add(addr.getHostAddress());
|
||||
}
|
||||
}
|
||||
StringBuilder builder = new StringBuilder();
|
||||
for (String ip : ipList) {
|
||||
builder.append(ip);
|
||||
builder.append(',');
|
||||
}
|
||||
builder.append("127.0.1.1,");
|
||||
builder.append(InetAddress.getLocalHost().getCanonicalHostName());
|
||||
LOG.info("Local Ip addresses: "+builder.toString());
|
||||
conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(superUserShortName),
|
||||
builder.toString());
|
||||
}
|
||||
|
||||
/**
|
||||
* Test method for
|
||||
* {@link org.apache.hadoop.security.UserGroupInformation#createProxyUser(java.lang.String, org.apache.hadoop.security.UserGroupInformation)}
|
||||
|
@ -100,8 +133,7 @@ public class TestDoAsEffectiveUser {
|
|||
final Configuration conf = new Configuration();
|
||||
conf.setStrings(ProxyUsers
|
||||
.getProxySuperuserGroupConfKey(REAL_USER_SHORT_NAME), "group1");
|
||||
conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_SHORT_NAME),
|
||||
"127.0.0.1","127.0.1.1", "localhost");
|
||||
configureSuperUserIPAddresses(conf, REAL_USER_SHORT_NAME);
|
||||
Server server = RPC.getServer(TestProtocol.class, new TestImpl(), ADDRESS,
|
||||
0, 5, true, conf, null);
|
||||
|
||||
|
@ -139,8 +171,7 @@ public class TestDoAsEffectiveUser {
|
|||
@Test
|
||||
public void testRealUserAuthorizationSuccess() throws IOException {
|
||||
final Configuration conf = new Configuration();
|
||||
conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_SHORT_NAME),
|
||||
"127.0.0.1","127.0.1.1", "localhost");
|
||||
configureSuperUserIPAddresses(conf, REAL_USER_SHORT_NAME);
|
||||
conf.setStrings(ProxyUsers.getProxySuperuserGroupConfKey(REAL_USER_SHORT_NAME),
|
||||
"group1");
|
||||
Server server = RPC.getServer(TestProtocol.class, new TestImpl(), ADDRESS,
|
||||
|
@ -264,8 +295,7 @@ public class TestDoAsEffectiveUser {
|
|||
@Test
|
||||
public void testRealUserGroupNotSpecified() throws IOException {
|
||||
final Configuration conf = new Configuration();
|
||||
conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_SHORT_NAME),
|
||||
"127.0.0.1","127.0.1.1","localhost");
|
||||
configureSuperUserIPAddresses(conf, REAL_USER_SHORT_NAME);
|
||||
Server server = RPC.getServer(TestProtocol.class, new TestImpl(), ADDRESS,
|
||||
0, 2, false, conf, null);
|
||||
|
||||
|
@ -303,8 +333,7 @@ public class TestDoAsEffectiveUser {
|
|||
@Test
|
||||
public void testRealUserGroupAuthorizationFailure() throws IOException {
|
||||
final Configuration conf = new Configuration();
|
||||
conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_SHORT_NAME),
|
||||
"127.0.0.1","127.0.1.1","localhost");
|
||||
configureSuperUserIPAddresses(conf, REAL_USER_SHORT_NAME);
|
||||
conf.setStrings(ProxyUsers.getProxySuperuserGroupConfKey(REAL_USER_SHORT_NAME),
|
||||
"group3");
|
||||
Server server = RPC.getServer(TestProtocol.class, new TestImpl(), ADDRESS,
|
||||
|
|
Loading…
Reference in New Issue