HADOOP-11169. Fix DelegationTokenAuthenticatedURL to pass the connection Configurator to the authenticator. (Arun Suresh via wang)

2014-10-07 14:46:59 -07:00 · 2014-10-07 14:46:59 -07:00 · b2f6197523
parent c8617ff136
commit b2f6197523
4 changed files with 20 additions and 4 deletions
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@ -803,6 +803,9 @@ Release 2.6.0 - UNRELEASED
    HADOOP-11168. Remove duplicated entry "dfs.webhdfs.enabled" in the useri
    doc. (Yi Liu via wheat9)

+    HADOOP-11169. Fix DelegationTokenAuthenticatedURL to pass the connection
+    Configurator to the authenticator. (Arun Suresh via wang)
+
    BREAKDOWN OF HDFS-6134 AND HADOOP-10150 SUBTASKS AND RELATED JIRAS
  
      HADOOP-10734. Implement high-performance secure random number sources.
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticatedURL.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticatedURL.java
@ -117,9 +117,14 @@ public class DelegationTokenAuthenticatedURL extends AuthenticatedURL {
  }

  private static DelegationTokenAuthenticator
-      obtainDelegationTokenAuthenticator(DelegationTokenAuthenticator dta) {
+      obtainDelegationTokenAuthenticator(DelegationTokenAuthenticator dta,
+            ConnectionConfigurator connConfigurator) {
    try {
-      return (dta != null) ? dta : DEFAULT_AUTHENTICATOR.newInstance();
+      if (dta == null) {
+        dta = DEFAULT_AUTHENTICATOR.newInstance();
+        dta.setConnectionConfigurator(connConfigurator);
+      }
+      return dta;
    } catch (Exception ex) {
      throw new IllegalArgumentException(ex);
    }
@ -169,7 +174,8 @@ public class DelegationTokenAuthenticatedURL extends AuthenticatedURL {
  public DelegationTokenAuthenticatedURL(
      DelegationTokenAuthenticator authenticator,
      ConnectionConfigurator connConfigurator) {
-    super(obtainDelegationTokenAuthenticator(authenticator), connConfigurator);
+    super(obtainDelegationTokenAuthenticator(authenticator, connConfigurator),
+            connConfigurator);
  }

  /**
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticator.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticator.java
@ -95,6 +95,7 @@ public abstract class DelegationTokenAuthenticator implements Authenticator {
  }

  private Authenticator authenticator;
+  private ConnectionConfigurator connConfigurator;

  public DelegationTokenAuthenticator(Authenticator authenticator) {
    this.authenticator = authenticator;
@ -103,6 +104,7 @@ public abstract class DelegationTokenAuthenticator implements Authenticator {
  @Override
  public void setConnectionConfigurator(ConnectionConfigurator configurator) {
    authenticator.setConnectionConfigurator(configurator);
+    connConfigurator = configurator;
  }

  private boolean hasDelegationToken(URL url, AuthenticatedURL.Token token) {
@ -215,7 +217,7 @@ public abstract class DelegationTokenAuthenticator implements Authenticator {
      separator = "&";
    }
    url = new URL(sb.toString());
-    AuthenticatedURL aUrl = new AuthenticatedURL(this);
+    AuthenticatedURL aUrl = new AuthenticatedURL(this, connConfigurator);
    HttpURLConnection conn = aUrl.openConnection(url, token);
    conn.setRequestMethod(operation.getHttpMethod());
    HttpExceptionUtils.validateResponse(conn, HttpURLConnection.HTTP_OK);
--- a/hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java
+++ b/hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java
@ -35,6 +35,7 @@ import org.apache.hadoop.security.UserGroupInformation;
 import org.apache.hadoop.security.authentication.client.AuthenticatedURL;
 import org.apache.hadoop.security.authorize.AuthorizationException;
 import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
+import org.apache.hadoop.security.token.Token;
 import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL;
 import org.junit.AfterClass;
 import org.junit.Assert;
@ -321,6 +322,10 @@ public class TestKMS {
          KeyProvider kp = new KMSClientProvider(uri, conf);
          // getKeys() empty
          Assert.assertTrue(kp.getKeys().isEmpty());
+
+          Token<?>[] tokens = ((KMSClientProvider)kp).addDelegationTokens("myuser", new Credentials());
+          Assert.assertEquals(1, tokens.length);
+          Assert.assertEquals("kms-dt", tokens[0].getKind().toString());
        }
        return null;
      }