YARN-2121. Fixed NPE handling in Timeline Server's TimelineAuthenticator. Contributed by Zhijie Shen.
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1601000 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
08b4aa699a
commit
825365d1d0
@ -201,6 +201,9 @@ Release 2.5.0 - UNRELEASED
|
||||
YARN-2117. Fixed the issue that secret file reader is potentially not
|
||||
closed in TimelineAuthenticationFilterInitializer. (Chen He via zjshen)
|
||||
|
||||
YARN-2121. Fixed NPE handling in Timeline Server's TimelineAuthenticator.
|
||||
(Zhijie Shen via vinodkv)
|
||||
|
||||
Release 2.4.1 - UNRELEASED
|
||||
|
||||
INCOMPATIBLE CHANGES
|
||||
|
@ -35,13 +35,15 @@
|
||||
import org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
|
||||
import org.apache.hadoop.security.token.Token;
|
||||
import org.apache.hadoop.yarn.api.records.timeline.TimelineDelegationTokenResponse;
|
||||
import org.apache.hadoop.yarn.security.client.TimelineAuthenticationConsts;
|
||||
import org.apache.hadoop.yarn.security.client.TimelineDelegationTokenIdentifier;
|
||||
import org.apache.hadoop.yarn.security.client.TimelineDelegationTokenOperation;
|
||||
import org.apache.hadoop.yarn.security.client.TimelineAuthenticationConsts;
|
||||
import org.apache.hadoop.yarn.webapp.YarnJacksonJaxbJsonProvider;
|
||||
import org.codehaus.jackson.JsonNode;
|
||||
import org.codehaus.jackson.map.ObjectMapper;
|
||||
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
|
||||
/**
|
||||
* A <code>KerberosAuthenticator</code> subclass that fallback to
|
||||
* {@link TimelineAuthenticationConsts}.
|
||||
@ -77,10 +79,16 @@ public static void injectDelegationToken(Map<String, String> params,
|
||||
}
|
||||
}
|
||||
|
||||
private boolean hasDelegationToken(URL url) {
|
||||
@Private
|
||||
@VisibleForTesting
|
||||
boolean hasDelegationToken(URL url) {
|
||||
if (url.getQuery() == null) {
|
||||
return false;
|
||||
} else {
|
||||
return url.getQuery().contains(
|
||||
TimelineAuthenticationConsts.DELEGATION_PARAM + "=");
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void authenticate(URL url, AuthenticatedURL.Token token)
|
||||
|
@ -0,0 +1,40 @@
|
||||
/**
|
||||
* Licensed to the Apache Software Foundation (ASF) under one
|
||||
* or more contributor license agreements. See the NOTICE file
|
||||
* distributed with this work for additional information
|
||||
* regarding copyright ownership. The ASF licenses this file
|
||||
* to you under the Apache License, Version 2.0 (the
|
||||
* "License"); you may not use this file except in compliance
|
||||
* with the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.apache.hadoop.yarn.client.api.impl;
|
||||
|
||||
import java.net.URL;
|
||||
|
||||
import org.junit.Assert;
|
||||
import org.junit.Test;
|
||||
|
||||
public class TestTimelineAuthenticator {
|
||||
|
||||
@Test
|
||||
public void testHasDelegationTokens() throws Exception {
|
||||
TimelineAuthenticator authenticator = new TimelineAuthenticator();
|
||||
Assert.assertFalse(authenticator.hasDelegationToken(new URL(
|
||||
"http://localhost:8/resource")));
|
||||
Assert.assertFalse(authenticator.hasDelegationToken(new URL(
|
||||
"http://localhost:8/resource?other=xxxx")));
|
||||
Assert.assertTrue(authenticator.hasDelegationToken(new URL(
|
||||
"http://localhost:8/resource?delegation=yyyy")));
|
||||
Assert.assertTrue(authenticator.hasDelegationToken(new URL(
|
||||
"http://localhost:8/resource?other=xxxx&delegation=yyyy")));
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user