Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HADOOP-8883. Anonymous fallback in KerberosAuthenticator is broken. (rkanter via tucu) 

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-2@1398897 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Alejandro Abdelnur 2012-10-16 17:43:54 +00:00
parent c86cccbf3d
commit 4b27351435
4 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
View File

@ -158,7 +158,7 @@ public class KerberosAuthenticator implements Authenticator {
conn.setRequestMethod(AUTH_HTTP_METHOD); conn.setRequestMethod(AUTH_HTTP_METHOD);
conn.connect(); conn.connect();
if (conn.getResponseCode() == HttpURLConnection.HTTP_OK) { if (conn.getRequestProperty(AUTHORIZATION) != null && conn.getResponseCode() == HttpURLConnection.HTTP_OK) {
LOG.debug("JDK performed authentication on our behalf."); LOG.debug("JDK performed authentication on our behalf.");
// If the JDK already did the SPNEGO back-and-forth for // If the JDK already did the SPNEGO back-and-forth for
// us, just pull out the token. // us, just pull out the token.

2
hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/AuthenticatorTestCase.java
View File

@ -134,9 +134,11 @@ public abstract class AuthenticatorTestCase extends TestCase {
try { try {
URL url = new URL(getBaseURL()); URL url = new URL(getBaseURL());
AuthenticatedURL.Token token = new AuthenticatedURL.Token(); AuthenticatedURL.Token token = new AuthenticatedURL.Token();
Assert.assertFalse(token.isSet());
TestConnectionConfigurator connConf = new TestConnectionConfigurator(); TestConnectionConfigurator connConf = new TestConnectionConfigurator();
AuthenticatedURL aUrl = new AuthenticatedURL(authenticator, connConf); AuthenticatedURL aUrl = new AuthenticatedURL(authenticator, connConf);
HttpURLConnection conn = aUrl.openConnection(url, token); HttpURLConnection conn = aUrl.openConnection(url, token);
Assert.assertTrue(token.isSet());
Assert.assertTrue(connConf.invoked); Assert.assertTrue(connConf.invoked);
String tokenStr = token.toString(); String tokenStr = token.toString();
if (doPost) { if (doPost) {

8
hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestKerberosAuthenticator.java
View File

@ -43,6 +43,14 @@ public class TestKerberosAuthenticator extends AuthenticatorTestCase {
_testAuthentication(new KerberosAuthenticator(), false); _testAuthentication(new KerberosAuthenticator(), false);
} }
public void testFallbacktoPseudoAuthenticatorAnonymous() throws Exception {
Properties props = new Properties();
props.setProperty(AuthenticationFilter.AUTH_TYPE, "simple");
props.setProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "true");
setAuthenticationHandlerConfig(props);
_testAuthentication(new KerberosAuthenticator(), false);
}
public void testNotAuthenticated() throws Exception { public void testNotAuthenticated() throws Exception {
setAuthenticationHandlerConfig(getAuthenticationHandlerConfiguration()); setAuthenticationHandlerConfig(getAuthenticationHandlerConfiguration());
start(); start();

2
hadoop-common-project/hadoop-common/CHANGES.txt
View File

@ -84,6 +84,8 @@ Release 2.0.3-alpha - Unreleased
HADOOP-8901. GZip and Snappy support may not work without unversioned HADOOP-8901. GZip and Snappy support may not work without unversioned
libraries (Colin Patrick McCabe via todd) libraries (Colin Patrick McCabe via todd)
HADOOP-8883. Anonymous fallback in KerberosAuthenticator is broken. (rkanter via tucu)
Release 2.0.2-alpha - 2012-09-07 Release 2.0.2-alpha - 2012-09-07
INCOMPATIBLE CHANGES INCOMPATIBLE CHANGES