HADOOP-10710. hadoop.auth cookie is not properly constructed according to RFC2109. (Juan Yu via tucu)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1606923 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
e8186a9dee
commit
4ac6e1d895
|
@ -425,14 +425,20 @@ public class AuthenticationFilter implements Filter {
|
||||||
* cookie. It has no effect if its value < 0.
|
* cookie. It has no effect if its value < 0.
|
||||||
*
|
*
|
||||||
* XXX the following code duplicate some logic in Jetty / Servlet API,
|
* XXX the following code duplicate some logic in Jetty / Servlet API,
|
||||||
* because of the fact that Hadoop is stuck at servlet 3.0 and jetty 6
|
* because of the fact that Hadoop is stuck at servlet 2.5 and jetty 6
|
||||||
* right now.
|
* right now.
|
||||||
*/
|
*/
|
||||||
public static void createAuthCookie(HttpServletResponse resp, String token,
|
public static void createAuthCookie(HttpServletResponse resp, String token,
|
||||||
String domain, String path, long expires,
|
String domain, String path, long expires,
|
||||||
boolean isSecure) {
|
boolean isSecure) {
|
||||||
StringBuilder sb = new StringBuilder(AuthenticatedURL.AUTH_COOKIE).append
|
StringBuilder sb = new StringBuilder(AuthenticatedURL.AUTH_COOKIE)
|
||||||
("=").append(token);
|
.append("=");
|
||||||
|
if (token != null && token.length() > 0) {
|
||||||
|
sb.append("\"")
|
||||||
|
.append(token)
|
||||||
|
.append("\"");
|
||||||
|
}
|
||||||
|
sb.append("; Version=1");
|
||||||
|
|
||||||
if (path != null) {
|
if (path != null) {
|
||||||
sb.append("; Path=").append(path);
|
sb.append("; Path=").append(path);
|
||||||
|
|
|
@ -531,21 +531,17 @@ public class TestAuthenticationFilter {
|
||||||
|
|
||||||
private static void parseCookieMap(String cookieHeader, HashMap<String,
|
private static void parseCookieMap(String cookieHeader, HashMap<String,
|
||||||
String> cookieMap) {
|
String> cookieMap) {
|
||||||
for (String pair : cookieHeader.split(";")) {
|
List<HttpCookie> cookies = HttpCookie.parse(cookieHeader);
|
||||||
String p = pair.trim();
|
for (HttpCookie cookie : cookies) {
|
||||||
int idx = p.indexOf('=');
|
if (AuthenticatedURL.AUTH_COOKIE.equals(cookie.getName())) {
|
||||||
final String k, v;
|
cookieMap.put(cookie.getName(), cookie.getValue());
|
||||||
if (idx == -1) {
|
if (cookie.getPath() != null) {
|
||||||
k = p;
|
cookieMap.put("Path", cookie.getPath());
|
||||||
v = null;
|
}
|
||||||
} else if (idx == p.length()) {
|
if (cookie.getDomain() != null) {
|
||||||
k = p.substring(0, idx - 1);
|
cookieMap.put("Domain", cookie.getDomain());
|
||||||
v = null;
|
}
|
||||||
} else {
|
|
||||||
k = p.substring(0, idx);
|
|
||||||
v = p.substring(idx + 1);
|
|
||||||
}
|
}
|
||||||
cookieMap.put(k, v);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -665,6 +665,9 @@ Release 2.5.0 - UNRELEASED
|
||||||
|
|
||||||
HADOOP-10715. Remove public GraphiteSink#setWriter (Babak Behzad via raviprak)
|
HADOOP-10715. Remove public GraphiteSink#setWriter (Babak Behzad via raviprak)
|
||||||
|
|
||||||
|
HADOOP-10710. hadoop.auth cookie is not properly constructed according to
|
||||||
|
RFC2109. (Juan Yu via tucu)
|
||||||
|
|
||||||
Release 2.4.1 - 2014-06-23
|
Release 2.4.1 - 2014-06-23
|
||||||
|
|
||||||
INCOMPATIBLE CHANGES
|
INCOMPATIBLE CHANGES
|
||||||
|
|
|
@ -36,6 +36,8 @@ import java.net.MalformedURLException;
|
||||||
import java.net.URI;
|
import java.net.URI;
|
||||||
import java.net.URL;
|
import java.net.URL;
|
||||||
import java.security.GeneralSecurityException;
|
import java.security.GeneralSecurityException;
|
||||||
|
import java.net.HttpCookie;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
public class TestHttpCookieFlag {
|
public class TestHttpCookieFlag {
|
||||||
private static final String BASEDIR = System.getProperty("test.build.dir",
|
private static final String BASEDIR = System.getProperty("test.build.dir",
|
||||||
|
@ -116,8 +118,12 @@ public class TestHttpCookieFlag {
|
||||||
.getConnectorAddress(0)));
|
.getConnectorAddress(0)));
|
||||||
HttpURLConnection conn = (HttpURLConnection) new URL(base,
|
HttpURLConnection conn = (HttpURLConnection) new URL(base,
|
||||||
"/echo").openConnection();
|
"/echo").openConnection();
|
||||||
Assert.assertEquals(AuthenticatedURL.AUTH_COOKIE + "=token; " +
|
|
||||||
"HttpOnly", conn.getHeaderField("Set-Cookie"));
|
String header = conn.getHeaderField("Set-Cookie");
|
||||||
|
List<HttpCookie> cookies = HttpCookie.parse(header);
|
||||||
|
Assert.assertTrue(!cookies.isEmpty());
|
||||||
|
Assert.assertTrue(header.contains("; HttpOnly"));
|
||||||
|
Assert.assertTrue("token".equals(cookies.get(0).getValue()));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@ -127,8 +133,13 @@ public class TestHttpCookieFlag {
|
||||||
HttpsURLConnection conn = (HttpsURLConnection) new URL(base,
|
HttpsURLConnection conn = (HttpsURLConnection) new URL(base,
|
||||||
"/echo").openConnection();
|
"/echo").openConnection();
|
||||||
conn.setSSLSocketFactory(clientSslFactory.createSSLSocketFactory());
|
conn.setSSLSocketFactory(clientSslFactory.createSSLSocketFactory());
|
||||||
Assert.assertEquals(AuthenticatedURL.AUTH_COOKIE + "=token; " +
|
|
||||||
"Secure; HttpOnly", conn.getHeaderField("Set-Cookie"));
|
String header = conn.getHeaderField("Set-Cookie");
|
||||||
|
List<HttpCookie> cookies = HttpCookie.parse(header);
|
||||||
|
Assert.assertTrue(!cookies.isEmpty());
|
||||||
|
Assert.assertTrue(header.contains("; HttpOnly"));
|
||||||
|
Assert.assertTrue(cookies.get(0).getSecure());
|
||||||
|
Assert.assertTrue("token".equals(cookies.get(0).getValue()));
|
||||||
}
|
}
|
||||||
|
|
||||||
@AfterClass
|
@AfterClass
|
||||||
|
|
Loading…
Reference in New Issue