Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HADOOP-10656. The password keystore file is not picked by LDAP group mapping. Contributed by Brandon Li 

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1601985 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Brandon Li 2014-06-11 18:54:09 +00:00
parent 473e83ab71
commit ca8f112d2f
2 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
hadoop-common-project/hadoop-common/CHANGES.txt
View File

@ -547,6 +547,9 @@ Release 2.5.0 - UNRELEASED
HADOOP-10664. TestNetUtils.testNormalizeHostName fails. (atm) HADOOP-10664. TestNetUtils.testNormalizeHostName fails. (atm)
HADOOP-10656. The password keystore file is not picked by LDAP group mapping
(brandonli)
Release 2.4.1 - UNRELEASED Release 2.4.1 - UNRELEASED
INCOMPATIBLE CHANGES INCOMPATIBLE CHANGES

11
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
View File

@ -40,6 +40,7 @@ import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability; import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.conf.Configurable; import org.apache.hadoop.conf.Configurable;
import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.io.IOUtils;
/** /**
* An implementation of {@link GroupMappingServiceProvider} which * An implementation of {@link GroupMappingServiceProvider} which
@ -312,8 +313,8 @@ public class LdapGroupsMapping
keystorePass = keystorePass =
conf.get(LDAP_KEYSTORE_PASSWORD_KEY, LDAP_KEYSTORE_PASSWORD_DEFAULT); conf.get(LDAP_KEYSTORE_PASSWORD_KEY, LDAP_KEYSTORE_PASSWORD_DEFAULT);
if (keystorePass.isEmpty()) { if (keystorePass.isEmpty()) {
keystorePass = extractPassword( keystorePass = extractPassword(conf.get(LDAP_KEYSTORE_PASSWORD_FILE_KEY,
conf.get(LDAP_KEYSTORE_PASSWORD_KEY, LDAP_KEYSTORE_PASSWORD_DEFAULT)); LDAP_KEYSTORE_PASSWORD_FILE_DEFAULT));
} }
bindUser = conf.get(BIND_USER_KEY, BIND_USER_DEFAULT); bindUser = conf.get(BIND_USER_KEY, BIND_USER_DEFAULT);
@ -346,18 +347,20 @@ public class LdapGroupsMapping
return ""; return "";
} }
Reader reader = null;
try { try {
StringBuilder password = new StringBuilder(); StringBuilder password = new StringBuilder();
Reader reader = new FileReader(pwFile); reader = new FileReader(pwFile);
int c = reader.read(); int c = reader.read();
while (c > -1) { while (c > -1) {
password.append((char)c); password.append((char)c);
c = reader.read(); c = reader.read();
} }
reader.close();
return password.toString().trim(); return password.toString().trim();
} catch (IOException ioe) { } catch (IOException ioe) {
throw new RuntimeException("Could not read password file: " + pwFile, ioe); throw new RuntimeException("Could not read password file: " + pwFile, ioe);
} finally {
IOUtils.cleanup(LOG, reader);
} }
} }
} }