HDFS-4566. Webdhfs token cancelation should use authentication (daryn)

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1454059 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Daryn Sharp 2013-03-07 19:58:04 +00:00
parent 49b2c6ab77
commit 8a4f03cb70
3 changed files with 7 additions and 3 deletions

View File

@ -2374,6 +2374,8 @@ Release 0.23.7 - UNRELEASED
HDFS-4560. Webhdfs cannot use tokens obtained by another user (daryn) HDFS-4560. Webhdfs cannot use tokens obtained by another user (daryn)
HDFS-4566. Webdhfs token cancelation should use authentication (daryn)
Release 0.23.6 - UNRELEASED Release 0.23.6 - UNRELEASED
INCOMPATIBLE CHANGES INCOMPATIBLE CHANGES

View File

@ -341,7 +341,8 @@ Param<?,?>[] getAuthParameters(final HttpOpParam.Op op) throws IOException {
boolean hasToken = false; boolean hasToken = false;
if (UserGroupInformation.isSecurityEnabled() && if (UserGroupInformation.isSecurityEnabled() &&
op != GetOpParam.Op.GETDELEGATIONTOKEN && op != GetOpParam.Op.GETDELEGATIONTOKEN &&
op != PutOpParam.Op.RENEWDELEGATIONTOKEN) { op != PutOpParam.Op.RENEWDELEGATIONTOKEN &&
op != PutOpParam.Op.CANCELDELEGATIONTOKEN) {
synchronized (this) { synchronized (this) {
hasToken = (delegationToken != null); hasToken = (delegationToken != null);
if (hasToken) { if (hasToken) {

View File

@ -140,8 +140,8 @@ public void testSecureAuthParamsInUrl() throws IOException {
checkQueryParams( checkQueryParams(
new String[]{ new String[]{
PutOpParam.Op.CANCELDELEGATIONTOKEN.toQueryString(), PutOpParam.Op.CANCELDELEGATIONTOKEN.toQueryString(),
new UserParam(ugi.getShortUserName()).toString(),
new TokenArgumentParam(tokenString).toString(), new TokenArgumentParam(tokenString).toString(),
new DelegationParam(tokenString).toString()
}, },
cancelTokenUrl); cancelTokenUrl);
@ -223,8 +223,9 @@ public void testSecureProxyAuthParamsInUrl() throws IOException {
checkQueryParams( checkQueryParams(
new String[]{ new String[]{
PutOpParam.Op.CANCELDELEGATIONTOKEN.toQueryString(), PutOpParam.Op.CANCELDELEGATIONTOKEN.toQueryString(),
new UserParam(ugi.getRealUser().getShortUserName()).toString(),
new DoAsParam(ugi.getShortUserName()).toString(),
new TokenArgumentParam(tokenString).toString(), new TokenArgumentParam(tokenString).toString(),
new DelegationParam(tokenString).toString()
}, },
cancelTokenUrl); cancelTokenUrl);