Merge -r 1310234:1310235 from trunk to branch. FIXES: HADOOP-8249

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-2@1310238 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Alejandro Abdelnur 2012-04-06 08:48:09 +00:00
parent a6dd605132
commit fbe5e35742
3 changed files with 27 additions and 4 deletions

View File

@ -331,7 +331,14 @@ public class AuthenticationFilter implements Filter {
HttpServletResponse httpResponse = (HttpServletResponse) response; HttpServletResponse httpResponse = (HttpServletResponse) response;
try { try {
boolean newToken = false; boolean newToken = false;
AuthenticationToken token = getToken(httpRequest); AuthenticationToken token;
try {
token = getToken(httpRequest);
}
catch (AuthenticationException ex) {
LOG.warn("AuthenticationToken ignored: " + ex.getMessage());
token = null;
}
if (token == null) { if (token == null) {
if (LOG.isDebugEnabled()) { if (LOG.isDebugEnabled()) {
LOG.debug("Request [{}] triggering authentication", getRequestURL(httpRequest)); LOG.debug("Request [{}] triggering authentication", getRequestURL(httpRequest));
@ -371,6 +378,9 @@ public class AuthenticationFilter implements Filter {
} }
filterChain.doFilter(httpRequest, httpResponse); filterChain.doFilter(httpRequest, httpResponse);
} }
else {
throw new AuthenticationException("Missing AuthenticationToken");
}
} catch (AuthenticationException ex) { } catch (AuthenticationException ex) {
if (!httpResponse.isCommitted()) { if (!httpResponse.isCommitted()) {
Cookie cookie = createCookie(""); Cookie cookie = createCookie("");

View File

@ -349,7 +349,7 @@ public class TestAuthenticationFilter extends TestCase {
} }
} }
private void _testDoFilterAuthentication(boolean withDomainPath) throws Exception { private void _testDoFilterAuthentication(boolean withDomainPath, boolean invalidToken) throws Exception {
AuthenticationFilter filter = new AuthenticationFilter(); AuthenticationFilter filter = new AuthenticationFilter();
try { try {
FilterConfig config = Mockito.mock(FilterConfig.class); FilterConfig config = Mockito.mock(FilterConfig.class);
@ -380,6 +380,12 @@ public class TestAuthenticationFilter extends TestCase {
Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar")); Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));
Mockito.when(request.getQueryString()).thenReturn("authenticated=true"); Mockito.when(request.getQueryString()).thenReturn("authenticated=true");
if (invalidToken) {
Mockito.when(request.getCookies()).thenReturn(
new Cookie[] { new Cookie(AuthenticatedURL.AUTH_COOKIE, "foo")}
);
}
HttpServletResponse response = Mockito.mock(HttpServletResponse.class); HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
FilterChain chain = Mockito.mock(FilterChain.class); FilterChain chain = Mockito.mock(FilterChain.class);
@ -437,11 +443,15 @@ public class TestAuthenticationFilter extends TestCase {
} }
public void testDoFilterAuthentication() throws Exception { public void testDoFilterAuthentication() throws Exception {
_testDoFilterAuthentication(false); _testDoFilterAuthentication(false, false);
}
public void testDoFilterAuthenticationWithInvalidToken() throws Exception {
_testDoFilterAuthentication(false, true);
} }
public void testDoFilterAuthenticationWithDomainPath() throws Exception { public void testDoFilterAuthenticationWithDomainPath() throws Exception {
_testDoFilterAuthentication(true); _testDoFilterAuthentication(true, false);
} }
public void testDoFilterAuthenticated() throws Exception { public void testDoFilterAuthenticated() throws Exception {

View File

@ -219,6 +219,9 @@ Release 2.0.0 - UNRELEASED
HADOOP-8251. Fix SecurityUtil.fetchServiceTicket after HADOOP-6941 (todd) HADOOP-8251. Fix SecurityUtil.fetchServiceTicket after HADOOP-6941 (todd)
HADOOP-8249. invalid hadoop-auth cookies should trigger authentication
if info is avail before returning HTTP 401 (tucu)
BREAKDOWN OF HADOOP-7454 SUBTASKS BREAKDOWN OF HADOOP-7454 SUBTASKS
HADOOP-7455. HA: Introduce HA Service Protocol Interface. (suresh) HADOOP-7455. HA: Introduce HA Service Protocol Interface. (suresh)