YARN-8108. Added option to disable loading existing filters to prevent

security filter from initialize twice.
            Contributed by Sunil Govindan

(cherry picked from commit b69ba0f330)
This commit is contained in:
Eric Yang 2018-06-26 17:34:57 -04:00
parent 9e9530f505
commit f6aa6a6981
2 changed files with 12 additions and 4 deletions

View File

@ -83,6 +83,7 @@ public class WebApps {
public String name; public String name;
public String spec; public String spec;
public Map<String, String> params; public Map<String, String> params;
public boolean loadExistingFilters = true;
} }
final String name; final String name;
@ -151,12 +152,13 @@ public class WebApps {
public Builder<T> withServlet(String name, String pathSpec, public Builder<T> withServlet(String name, String pathSpec,
Class<? extends HttpServlet> servlet, Class<? extends HttpServlet> servlet,
Map<String, String> params) { Map<String, String> params,boolean loadExistingFilters) {
ServletStruct struct = new ServletStruct(); ServletStruct struct = new ServletStruct();
struct.clazz = servlet; struct.clazz = servlet;
struct.name = name; struct.name = name;
struct.spec = pathSpec; struct.spec = pathSpec;
struct.params = params; struct.params = params;
struct.loadExistingFilters = loadExistingFilters;
servlets.add(struct); servlets.add(struct);
return this; return this;
} }
@ -256,11 +258,17 @@ public class WebApps {
pathList.add("/" + wsName + "/*"); pathList.add("/" + wsName + "/*");
} }
} }
for (ServletStruct s : servlets) { for (ServletStruct s : servlets) {
if (!pathList.contains(s.spec)) { if (!pathList.contains(s.spec)) {
// The servlet told us to not load-existing filters, but we still want
// to add the default authentication filter always, so add it to the
// pathList
if (!s.loadExistingFilters) {
pathList.add(s.spec); pathList.add(s.spec);
} }
} }
}
if (conf == null) { if (conf == null) {
conf = new Configuration(); conf = new Configuration();
} }
@ -333,7 +341,7 @@ public class WebApps {
HttpServer2 server = builder.build(); HttpServer2 server = builder.build();
for(ServletStruct struct: servlets) { for(ServletStruct struct: servlets) {
if (struct.params != null) { if (!struct.loadExistingFilters) {
server.addInternalServlet(struct.name, struct.spec, server.addInternalServlet(struct.name, struct.spec,
struct.clazz, struct.params); struct.clazz, struct.params);
} else { } else {

View File

@ -1111,7 +1111,7 @@ public class ResourceManager extends CompositeService implements Recoverable {
"ws") "ws")
.with(conf) .with(conf)
.withServlet("API-Service", "/app/*", .withServlet("API-Service", "/app/*",
ServletContainer.class, params) ServletContainer.class, params, false)
.withHttpSpnegoPrincipalKey( .withHttpSpnegoPrincipalKey(
YarnConfiguration.RM_WEBAPP_SPNEGO_USER_NAME_KEY) YarnConfiguration.RM_WEBAPP_SPNEGO_USER_NAME_KEY)
.withHttpSpnegoKeytabKey( .withHttpSpnegoKeytabKey(