YARN-2121. Fixed NPE handling in Timeline Server's TimelineAuthenticator. Contributed by Zhijie Shen.

svn merge --ignore-ancestry -c 1601000 ../../trunk/


git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-2@1601001 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Vinod Kumar Vavilapalli 2014-06-06 20:33:10 +00:00
parent 683d4bdbd9
commit 3cc1cddffb
3 changed files with 55 additions and 4 deletions

View File

@ -186,6 +186,9 @@ Release 2.5.0 - UNRELEASED
YARN-2117. Fixed the issue that secret file reader is potentially not
closed in TimelineAuthenticationFilterInitializer. (Chen He via zjshen)
YARN-2121. Fixed NPE handling in Timeline Server's TimelineAuthenticator.
(Zhijie Shen via vinodkv)
Release 2.4.1 - UNRELEASED
INCOMPATIBLE CHANGES

View File

@ -35,13 +35,15 @@ import org.apache.hadoop.security.authentication.client.Authenticator;
import org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.yarn.api.records.timeline.TimelineDelegationTokenResponse;
import org.apache.hadoop.yarn.security.client.TimelineAuthenticationConsts;
import org.apache.hadoop.yarn.security.client.TimelineDelegationTokenIdentifier;
import org.apache.hadoop.yarn.security.client.TimelineDelegationTokenOperation;
import org.apache.hadoop.yarn.security.client.TimelineAuthenticationConsts;
import org.apache.hadoop.yarn.webapp.YarnJacksonJaxbJsonProvider;
import org.codehaus.jackson.JsonNode;
import org.codehaus.jackson.map.ObjectMapper;
import com.google.common.annotations.VisibleForTesting;
/**
* A <code>KerberosAuthenticator</code> subclass that fallback to
* {@link TimelineAuthenticationConsts}.
@ -77,9 +79,15 @@ public class TimelineAuthenticator extends KerberosAuthenticator {
}
}
private boolean hasDelegationToken(URL url) {
return url.getQuery().contains(
TimelineAuthenticationConsts.DELEGATION_PARAM + "=");
@Private
@VisibleForTesting
boolean hasDelegationToken(URL url) {
if (url.getQuery() == null) {
return false;
} else {
return url.getQuery().contains(
TimelineAuthenticationConsts.DELEGATION_PARAM + "=");
}
}
@Override

View File

@ -0,0 +1,40 @@
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.yarn.client.api.impl;
import java.net.URL;
import org.junit.Assert;
import org.junit.Test;
public class TestTimelineAuthenticator {
@Test
public void testHasDelegationTokens() throws Exception {
TimelineAuthenticator authenticator = new TimelineAuthenticator();
Assert.assertFalse(authenticator.hasDelegationToken(new URL(
"http://localhost:8/resource")));
Assert.assertFalse(authenticator.hasDelegationToken(new URL(
"http://localhost:8/resource?other=xxxx")));
Assert.assertTrue(authenticator.hasDelegationToken(new URL(
"http://localhost:8/resource?delegation=yyyy")));
Assert.assertTrue(authenticator.hasDelegationToken(new URL(
"http://localhost:8/resource?other=xxxx&delegation=yyyy")));
}
}