HDFS-5516. Merging change r1578549 from trunk to branch-2.
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-2@1578552 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Chris Nauroth
parent
8e38068076
commit
6db6c6744f
|
|
@ -385,6 +385,9 @@ Release 2.4.0 - UNRELEASED
|
|||
HDFS-6094. The same block can be counted twice towards safe mode
|
||||
threshold. (Arpit Agarwal)
|
||||
|
||||
HDFS-5516. WebHDFS does not require user name when anonymous http requests
|
||||
are disallowed. (Miodrag Radulovic via cnauroth)
|
||||
|
||||
BREAKDOWN OF HDFS-5698 SUBTASKS AND RELATED JIRAS
|
||||
|
||||
HDFS-5717. Save FSImage header in protobuf. (Haohui Mai via jing9)
|
||||
|
|
|
|||
|
|
@ -505,6 +505,7 @@ public class DFSConfigKeys extends CommonConfigurationKeys {
|
|||
public static final String DFS_NAMENODE_CHECKED_VOLUMES_KEY = "dfs.namenode.resource.checked.volumes";
|
||||
public static final String DFS_NAMENODE_CHECKED_VOLUMES_MINIMUM_KEY = "dfs.namenode.resource.checked.volumes.minimum";
|
||||
public static final int DFS_NAMENODE_CHECKED_VOLUMES_MINIMUM_DEFAULT = 1;
|
||||
public static final String DFS_WEB_AUTHENTICATION_SIMPLE_ANONYMOUS_ALLOWED = "dfs.web.authentication.simple.anonymous.allowed";
|
||||
public static final String DFS_WEB_AUTHENTICATION_KERBEROS_PRINCIPAL_KEY = "dfs.web.authentication.kerberos.principal";
|
||||
public static final String DFS_WEB_AUTHENTICATION_KERBEROS_KEYTAB_KEY = "dfs.web.authentication.kerberos.keytab";
|
||||
public static final String DFS_NAMENODE_MAX_OP_SIZE_KEY = "dfs.namenode.max.op.size";
|
||||
|
|
|
|||
|
|
@ -174,6 +174,13 @@ public class NameNodeHttpServer {
|
|||
DFSConfigKeys.DFS_WEB_AUTHENTICATION_KERBEROS_KEYTAB_KEY +
|
||||
"' is not set.");
|
||||
}
|
||||
String anonymousAllowed = conf
|
||||
.get(DFSConfigKeys.DFS_WEB_AUTHENTICATION_SIMPLE_ANONYMOUS_ALLOWED);
|
||||
if (anonymousAllowed != null && !anonymousAllowed.isEmpty()) {
|
||||
params.put(
|
||||
DFSConfigKeys.DFS_WEB_AUTHENTICATION_SIMPLE_ANONYMOUS_ALLOWED,
|
||||
anonymousAllowed);
|
||||
}
|
||||
return params;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -64,8 +64,10 @@ public class AuthFilter extends AuthenticationFilter {
|
|||
// set authentication type
|
||||
p.setProperty(AUTH_TYPE, UserGroupInformation.isSecurityEnabled()?
|
||||
KerberosAuthenticationHandler.TYPE: PseudoAuthenticationHandler.TYPE);
|
||||
//For Pseudo Authentication, allow anonymous.
|
||||
p.setProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "true");
|
||||
// if not set, enable anonymous for pseudo authentication
|
||||
if (p.getProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED) == null) {
|
||||
p.setProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "true");
|
||||
}
|
||||
//set cookie path
|
||||
p.setProperty(COOKIE_PATH, "/");
|
||||
return p;
|
||||
|
|
|
|||
|
|
@ -75,4 +75,27 @@ public class TestAuthFilter {
|
|||
Assert.assertEquals("true",
|
||||
p.getProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testGetSimpleAuthDisabledConfiguration() throws ServletException {
|
||||
AuthFilter filter = new AuthFilter();
|
||||
Map<String, String> m = new HashMap<String,String>();
|
||||
m.put(DFSConfigKeys.DFS_WEB_AUTHENTICATION_SIMPLE_ANONYMOUS_ALLOWED,
|
||||
"false");
|
||||
FilterConfig config = new DummyFilterConfig(m);
|
||||
Properties p = filter.getConfiguration("random", config);
|
||||
Assert.assertEquals("false",
|
||||
p.getProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testGetSimpleAuthDefaultConfiguration() throws ServletException {
|
||||
AuthFilter filter = new AuthFilter();
|
||||
Map<String, String> m = new HashMap<String,String>();
|
||||
|
||||
FilterConfig config = new DummyFilterConfig(m);
|
||||
Properties p = filter.getConfiguration("random", config);
|
||||
Assert.assertEquals("true",
|
||||
p.getProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED));
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue