From 44ac7437addedcd1f67a8992194ee29168d342cc Mon Sep 17 00:00:00 2001 From: Vinayakumar B Date: Wed, 18 Jun 2014 05:29:03 +0000 Subject: [PATCH] HADOOP-10590. ServiceAuthorizationManager is not threadsafe. (Contributed by Benoy Antony) git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1603356 13f79535-47bb-0310-9956-ffa450edef68 --- hadoop-common-project/hadoop-common/CHANGES.txt | 2 ++ .../security/authorize/ServiceAuthorizationManager.java | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt b/hadoop-common-project/hadoop-common/CHANGES.txt index e01bacca41f..9453b1bcfb6 100644 --- a/hadoop-common-project/hadoop-common/CHANGES.txt +++ b/hadoop-common-project/hadoop-common/CHANGES.txt @@ -589,6 +589,8 @@ Release 2.5.0 - UNRELEASED HADOOP-10561. Copy command with preserve option should handle Xattrs. (Yi Liu via cnauroth) + HADOOP-10590. ServiceAuthorizationManager is not threadsafe. (Benoy Antony via vinayakumarb) + Release 2.4.1 - 2014-06-23 INCOMPATIBLE CHANGES diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ServiceAuthorizationManager.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ServiceAuthorizationManager.java index 66ab50cc58e..29d4a6ac47b 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ServiceAuthorizationManager.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ServiceAuthorizationManager.java @@ -45,7 +45,7 @@ import com.google.common.annotations.VisibleForTesting; public class ServiceAuthorizationManager { private static final String HADOOP_POLICY_FILE = "hadoop-policy.xml"; - private Map, AccessControlList> protocolToAcl = + private volatile Map, AccessControlList> protocolToAcl = new IdentityHashMap, AccessControlList>(); /** @@ -114,7 +114,7 @@ public class ServiceAuthorizationManager { AUDITLOG.info(AUTHZ_SUCCESSFUL_FOR + user + " for protocol="+protocol); } - public synchronized void refresh(Configuration conf, + public void refresh(Configuration conf, PolicyProvider provider) { // Get the system property 'hadoop.policy.file' String policyFile = @@ -127,7 +127,7 @@ public class ServiceAuthorizationManager { } @Private - public synchronized void refreshWithLoadedConfiguration(Configuration conf, + public void refreshWithLoadedConfiguration(Configuration conf, PolicyProvider provider) { final Map, AccessControlList> newAcls = new IdentityHashMap, AccessControlList>();