HDFS-3654. TestJspHelper#testGetUgi fails with NPE. Contributed by Eli Collins
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-2@1361465 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
2e63754888
commit
a9629c6fe7
|
@ -335,6 +335,8 @@ Release 2.0.1-alpha - UNRELEASED
|
||||||
HDFS-3609. libhdfs: don't force the URI to look like hdfs://hostname:port.
|
HDFS-3609. libhdfs: don't force the URI to look like hdfs://hostname:port.
|
||||||
(Colin Patrick McCabe via eli)
|
(Colin Patrick McCabe via eli)
|
||||||
|
|
||||||
|
HDFS-3654. TestJspHelper#testGetUgi fails with NPE. (eli)
|
||||||
|
|
||||||
BREAKDOWN OF HDFS-3042 SUBTASKS
|
BREAKDOWN OF HDFS-3042 SUBTASKS
|
||||||
|
|
||||||
HDFS-2185. HDFS portion of ZK-based FailoverController (todd)
|
HDFS-2185. HDFS portion of ZK-based FailoverController (todd)
|
||||||
|
|
|
@ -538,7 +538,7 @@ public class JspHelper {
|
||||||
final String usernameFromQuery = getUsernameFromQuery(request, tryUgiParameter);
|
final String usernameFromQuery = getUsernameFromQuery(request, tryUgiParameter);
|
||||||
final String doAsUserFromQuery = request.getParameter(DoAsParam.NAME);
|
final String doAsUserFromQuery = request.getParameter(DoAsParam.NAME);
|
||||||
|
|
||||||
if(UserGroupInformation.isSecurityEnabled()) {
|
if (UserGroupInformation.isSecurityEnabled()) {
|
||||||
final String remoteUser = request.getRemoteUser();
|
final String remoteUser = request.getRemoteUser();
|
||||||
String tokenString = request.getParameter(DELEGATION_PARAMETER_NAME);
|
String tokenString = request.getParameter(DELEGATION_PARAMETER_NAME);
|
||||||
if (tokenString != null) {
|
if (tokenString != null) {
|
||||||
|
@ -556,7 +556,7 @@ public class JspHelper {
|
||||||
DelegationTokenIdentifier id = new DelegationTokenIdentifier();
|
DelegationTokenIdentifier id = new DelegationTokenIdentifier();
|
||||||
id.readFields(in);
|
id.readFields(in);
|
||||||
final NameNode nn = NameNodeHttpServer.getNameNodeFromContext(context);
|
final NameNode nn = NameNodeHttpServer.getNameNodeFromContext(context);
|
||||||
nn.getNamesystem().verifyToken(id, token.getPassword());
|
nn.verifyToken(id, token.getPassword());
|
||||||
ugi = id.getUser();
|
ugi = id.getUser();
|
||||||
if (ugi.getRealUser() == null) {
|
if (ugi.getRealUser() == null) {
|
||||||
//non-proxy case
|
//non-proxy case
|
||||||
|
|
|
@ -5445,20 +5445,10 @@ public class FSNamesystem implements Namesystem, FSClusterStats,
|
||||||
return blockManager;
|
return blockManager;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Verifies that the given identifier and password are valid and match.
|
|
||||||
* @param identifier Token identifier.
|
|
||||||
* @param password Password in the token.
|
|
||||||
* @throws InvalidToken
|
|
||||||
*/
|
|
||||||
public synchronized void verifyToken(DelegationTokenIdentifier identifier,
|
|
||||||
byte[] password) throws InvalidToken {
|
|
||||||
getDelegationTokenSecretManager().verifyToken(identifier, password);
|
|
||||||
}
|
|
||||||
|
|
||||||
public boolean isGenStampInFuture(long genStamp) {
|
public boolean isGenStampInFuture(long genStamp) {
|
||||||
return (genStamp > getGenerationStamp());
|
return (genStamp > getGenerationStamp());
|
||||||
}
|
}
|
||||||
|
|
||||||
@VisibleForTesting
|
@VisibleForTesting
|
||||||
public EditLogTailer getEditLogTailer() {
|
public EditLogTailer getEditLogTailer() {
|
||||||
return editLogTailer;
|
return editLogTailer;
|
||||||
|
|
|
@ -51,6 +51,7 @@ import org.apache.hadoop.hdfs.HAUtil;
|
||||||
import org.apache.hadoop.hdfs.HdfsConfiguration;
|
import org.apache.hadoop.hdfs.HdfsConfiguration;
|
||||||
import org.apache.hadoop.hdfs.protocol.ClientProtocol;
|
import org.apache.hadoop.hdfs.protocol.ClientProtocol;
|
||||||
import org.apache.hadoop.hdfs.protocol.HdfsConstants;
|
import org.apache.hadoop.hdfs.protocol.HdfsConstants;
|
||||||
|
import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier;
|
||||||
import org.apache.hadoop.hdfs.server.common.HdfsServerConstants.NamenodeRole;
|
import org.apache.hadoop.hdfs.server.common.HdfsServerConstants.NamenodeRole;
|
||||||
import org.apache.hadoop.hdfs.server.common.HdfsServerConstants.StartupOption;
|
import org.apache.hadoop.hdfs.server.common.HdfsServerConstants.StartupOption;
|
||||||
import org.apache.hadoop.hdfs.server.common.Storage.StorageDirectory;
|
import org.apache.hadoop.hdfs.server.common.Storage.StorageDirectory;
|
||||||
|
@ -79,6 +80,7 @@ import org.apache.hadoop.security.RefreshUserMappingsProtocol;
|
||||||
import org.apache.hadoop.security.SecurityUtil;
|
import org.apache.hadoop.security.SecurityUtil;
|
||||||
import org.apache.hadoop.security.UserGroupInformation;
|
import org.apache.hadoop.security.UserGroupInformation;
|
||||||
import org.apache.hadoop.security.authorize.RefreshAuthorizationPolicyProtocol;
|
import org.apache.hadoop.security.authorize.RefreshAuthorizationPolicyProtocol;
|
||||||
|
import org.apache.hadoop.security.token.SecretManager.InvalidToken;
|
||||||
import org.apache.hadoop.tools.GetUserMappingsProtocol;
|
import org.apache.hadoop.tools.GetUserMappingsProtocol;
|
||||||
import org.apache.hadoop.util.ServicePlugin;
|
import org.apache.hadoop.util.ServicePlugin;
|
||||||
import org.apache.hadoop.util.StringUtils;
|
import org.apache.hadoop.util.StringUtils;
|
||||||
|
@ -1289,7 +1291,18 @@ public class NameNode {
|
||||||
}
|
}
|
||||||
terminate(1, t.getMessage());
|
terminate(1, t.getMessage());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Verifies that the given identifier and password are valid and match.
|
||||||
|
* @param identifier Token identifier.
|
||||||
|
* @param password Password in the token.
|
||||||
|
* @throws InvalidToken
|
||||||
|
*/
|
||||||
|
public synchronized void verifyToken(DelegationTokenIdentifier identifier,
|
||||||
|
byte[] password) throws InvalidToken {
|
||||||
|
namesystem.getDelegationTokenSecretManager().verifyToken(identifier, password);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class used to expose {@link NameNode} as context to {@link HAState}
|
* Class used to expose {@link NameNode} as context to {@link HAState}
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -63,7 +63,7 @@ public class NameNodeHttpServer {
|
||||||
|
|
||||||
public static final String NAMENODE_ADDRESS_ATTRIBUTE_KEY = "name.node.address";
|
public static final String NAMENODE_ADDRESS_ATTRIBUTE_KEY = "name.node.address";
|
||||||
public static final String FSIMAGE_ATTRIBUTE_KEY = "name.system.image";
|
public static final String FSIMAGE_ATTRIBUTE_KEY = "name.system.image";
|
||||||
protected static final String NAMENODE_ATTRIBUTE_KEY = "name.node";
|
public static final String NAMENODE_ATTRIBUTE_KEY = "name.node";
|
||||||
|
|
||||||
public NameNodeHttpServer(
|
public NameNodeHttpServer(
|
||||||
Configuration conf,
|
Configuration conf,
|
||||||
|
|
|
@ -30,6 +30,7 @@ import org.apache.hadoop.conf.Configuration;
|
||||||
import org.apache.hadoop.hdfs.DFSConfigKeys;
|
import org.apache.hadoop.hdfs.DFSConfigKeys;
|
||||||
import org.apache.hadoop.hdfs.HdfsConfiguration;
|
import org.apache.hadoop.hdfs.HdfsConfiguration;
|
||||||
import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier;
|
import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier;
|
||||||
|
import org.apache.hadoop.hdfs.server.namenode.NameNode;
|
||||||
import org.apache.hadoop.hdfs.server.namenode.NameNodeHttpServer;
|
import org.apache.hadoop.hdfs.server.namenode.NameNodeHttpServer;
|
||||||
import org.apache.hadoop.io.Text;
|
import org.apache.hadoop.io.Text;
|
||||||
import org.apache.hadoop.security.UserGroupInformation;
|
import org.apache.hadoop.security.UserGroupInformation;
|
||||||
|
@ -69,6 +70,7 @@ public class TestJspHelper {
|
||||||
conf.set(DFSConfigKeys.FS_DEFAULT_NAME_KEY, "hdfs://localhost:4321/");
|
conf.set(DFSConfigKeys.FS_DEFAULT_NAME_KEY, "hdfs://localhost:4321/");
|
||||||
HttpServletRequest request = mock(HttpServletRequest.class);
|
HttpServletRequest request = mock(HttpServletRequest.class);
|
||||||
ServletContext context = mock(ServletContext.class);
|
ServletContext context = mock(ServletContext.class);
|
||||||
|
NameNode nn = mock(NameNode.class);
|
||||||
String user = "TheDoctor";
|
String user = "TheDoctor";
|
||||||
Text userText = new Text(user);
|
Text userText = new Text(user);
|
||||||
DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(userText,
|
DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(userText,
|
||||||
|
@ -79,6 +81,8 @@ public class TestJspHelper {
|
||||||
when(request.getParameter(JspHelper.DELEGATION_PARAMETER_NAME)).thenReturn(
|
when(request.getParameter(JspHelper.DELEGATION_PARAMETER_NAME)).thenReturn(
|
||||||
tokenString);
|
tokenString);
|
||||||
when(request.getRemoteUser()).thenReturn(user);
|
when(request.getRemoteUser()).thenReturn(user);
|
||||||
|
when(context.getAttribute(
|
||||||
|
NameNodeHttpServer.NAMENODE_ATTRIBUTE_KEY)).thenReturn(nn);
|
||||||
|
|
||||||
//Test attribute in the url to be used as service in the token.
|
//Test attribute in the url to be used as service in the token.
|
||||||
when(request.getParameter(JspHelper.NAMENODE_ADDRESS)).thenReturn(
|
when(request.getParameter(JspHelper.NAMENODE_ADDRESS)).thenReturn(
|
||||||
|
|
Loading…
Reference in New Issue