HDFS-4983. Numeric usernames do not work with WebHDFS FS. Contributed by Yongjun Zhang.

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-2@1547940 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Andrew Wang 2013-12-04 22:34:52 +00:00
parent 644750fc7d
commit 54d167406d
7 changed files with 122 additions and 6 deletions

View File

@ -345,6 +345,9 @@ Release 2.3.0 - UNRELEASED
HDFS-4997. libhdfs doesn't return correct error codes in most cases (cmccabe)
HDFS-4983. Numeric usernames do not work with WebHDFS FS.
(Yongjun Zhang via wang)
Release 2.2.0 - 2013-10-13
INCOMPATIBLE CHANGES

View File

@ -36,6 +36,7 @@ import org.apache.hadoop.hdfs.server.namenode.web.resources.NamenodeWebHdfsMetho
import org.apache.hadoop.hdfs.web.AuthFilter;
import org.apache.hadoop.hdfs.web.WebHdfsFileSystem;
import org.apache.hadoop.hdfs.web.resources.Param;
import org.apache.hadoop.hdfs.web.resources.UserParam;
import org.apache.hadoop.http.HttpServer;
import org.apache.hadoop.net.NetUtils;
import org.apache.hadoop.security.SecurityUtil;
@ -82,7 +83,10 @@ public class NameNodeHttpServer {
.setKeytabConfKey(DFSUtil.getSpnegoKeytabKey(conf,
DFSConfigKeys.DFS_NAMENODE_KEYTAB_FILE_KEY)).build();
if (WebHdfsFileSystem.isEnabled(conf, HttpServer.LOG)) {
//add SPNEGO authentication filter for webhdfs
// set user pattern based on configuration file
UserParam.setUserPattern(conf);
// add SPNEGO authentication filter for webhdfs
final String name = "SPNEGO";
final String classname = AuthFilter.class.getName();
final String pathSpec = WebHdfsFileSystem.PATH_PREFIX + "/*";

View File

@ -0,0 +1,38 @@
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.hdfs.web;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hdfs.DFSConfigKeys;
/**
* This class contains constants for configuration keys used
* in WebHdfs.
*
*/
@InterfaceAudience.Private
public class WebHdfsConfigKeys extends DFSConfigKeys {
/** User name pattern key */
public static final String USER_PATTERN_KEY =
"webhdfs.user.provider.user.pattern";
/** Default user name pattern value */
public static final String USER_PATTERN_DEFAULT =
"^[A-Za-z_][A-Za-z0-9._-]*[$]?$";
}

View File

@ -167,6 +167,8 @@ public class WebHdfsFileSystem extends FileSystem
) throws IOException {
super.initialize(uri, conf);
setConf(conf);
/** set user pattern based on configuration file */
UserParam.setUserPattern(conf);
initializeTokenAspect();
initializeConnectionFactory(conf);

View File

@ -17,7 +17,11 @@
*/
package org.apache.hadoop.hdfs.web.resources;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.security.UserGroupInformation;
import static org.apache.hadoop.hdfs.web.WebHdfsConfigKeys.USER_PATTERN_KEY;
import static org.apache.hadoop.hdfs.web.WebHdfsConfigKeys.USER_PATTERN_DEFAULT;
import com.google.common.annotations.VisibleForTesting;
import java.text.MessageFormat;
import java.util.regex.Pattern;
@ -29,8 +33,29 @@ public class UserParam extends StringParam {
/** Default parameter value. */
public static final String DEFAULT = "";
private static final Domain DOMAIN = new Domain(NAME,
Pattern.compile("^[A-Za-z_][A-Za-z0-9._-]*[$]?$"));
private static String userPattern = null;
private static Domain domain = null;
static {
setUserPattern(USER_PATTERN_DEFAULT);
}
@VisibleForTesting
public static String getUserPattern() {
return userPattern;
}
@VisibleForTesting
public static void setUserPattern(String pattern) {
userPattern = pattern;
Pattern pt = Pattern.compile(userPattern);
domain = new Domain(NAME, pt);
}
public static void setUserPattern(Configuration conf) {
String pattern = conf.get(USER_PATTERN_KEY, USER_PATTERN_DEFAULT);
setUserPattern(pattern);
}
private static String validateLength(String str) {
if (str == null) {
@ -50,7 +75,7 @@ public class UserParam extends StringParam {
* @param str a string representation of the parameter value.
*/
public UserParam(final String str) {
super(DOMAIN, str == null || str.equals(DEFAULT)? null : validateLength(str));
super(domain, str == null || str.equals(DEFAULT)? null : validateLength(str));
}
/**

View File

@ -38,6 +38,7 @@ import org.apache.hadoop.hdfs.HdfsConfiguration;
import org.apache.hadoop.hdfs.MiniDFSCluster;
import org.apache.hadoop.hdfs.TestDFSClientRetries;
import org.apache.hadoop.hdfs.server.namenode.web.resources.NamenodeWebHdfsMethods;
import org.apache.hadoop.hdfs.web.WebHdfsConfigKeys;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.log4j.Level;
import org.junit.Assert;
@ -261,6 +262,34 @@ public class TestWebHDFS {
}
}
@Test(timeout=300000)
public void testNumericalUserName() throws Exception {
final Configuration conf = WebHdfsTestUtil.createConf();
conf.set(WebHdfsConfigKeys.USER_PATTERN_KEY, "^[A-Za-z0-9_][A-Za-z0-9._-]*[$]?$");
final MiniDFSCluster cluster =
new MiniDFSCluster.Builder(conf).numDataNodes(1).build();
try {
cluster.waitActive();
WebHdfsTestUtil.getWebHdfsFileSystem(conf, WebHdfsFileSystem.SCHEME)
.setPermission(new Path("/"),
new FsPermission(FsAction.ALL, FsAction.ALL, FsAction.ALL));
UserGroupInformation.createUserForTesting("123", new String[]{"my-group"})
.doAs(new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws IOException, URISyntaxException {
FileSystem fs = WebHdfsTestUtil.getWebHdfsFileSystem(conf,
WebHdfsFileSystem.SCHEME);
Path d = new Path("/my-dir");
Assert.assertTrue(fs.mkdirs(d));
return null;
}
});
} finally {
cluster.shutdown();
}
}
/**
* WebHdfs should be enabled by default after HDFS-5532
*

View File

@ -285,4 +285,19 @@ public class TestParam {
Assert.assertEquals(expected, computed.getValue());
}
}
@Test
public void testUserNameOkAfterResettingPattern() {
String oldPattern = UserParam.getUserPattern();
String newPattern = "^[A-Za-z0-9_][A-Za-z0-9._-]*[$]?$";
UserParam.setUserPattern(newPattern);
UserParam userParam = new UserParam("1x");
assertNotNull(userParam.getValue());
userParam = new UserParam("123");
assertNotNull(userParam.getValue());
UserParam.setUserPattern(oldPattern);
}
}