HDFS-4566. Webdhfs token cancelation should use authentication (daryn)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1454059 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
49b2c6ab77
commit
8a4f03cb70
@ -2374,6 +2374,8 @@ Release 0.23.7 - UNRELEASED
|
||||
|
||||
HDFS-4560. Webhdfs cannot use tokens obtained by another user (daryn)
|
||||
|
||||
HDFS-4566. Webdhfs token cancelation should use authentication (daryn)
|
||||
|
||||
Release 0.23.6 - UNRELEASED
|
||||
|
||||
INCOMPATIBLE CHANGES
|
||||
|
@ -341,7 +341,8 @@ Param<?,?>[] getAuthParameters(final HttpOpParam.Op op) throws IOException {
|
||||
boolean hasToken = false;
|
||||
if (UserGroupInformation.isSecurityEnabled() &&
|
||||
op != GetOpParam.Op.GETDELEGATIONTOKEN &&
|
||||
op != PutOpParam.Op.RENEWDELEGATIONTOKEN) {
|
||||
op != PutOpParam.Op.RENEWDELEGATIONTOKEN &&
|
||||
op != PutOpParam.Op.CANCELDELEGATIONTOKEN) {
|
||||
synchronized (this) {
|
||||
hasToken = (delegationToken != null);
|
||||
if (hasToken) {
|
||||
|
@ -140,8 +140,8 @@ public void testSecureAuthParamsInUrl() throws IOException {
|
||||
checkQueryParams(
|
||||
new String[]{
|
||||
PutOpParam.Op.CANCELDELEGATIONTOKEN.toQueryString(),
|
||||
new UserParam(ugi.getShortUserName()).toString(),
|
||||
new TokenArgumentParam(tokenString).toString(),
|
||||
new DelegationParam(tokenString).toString()
|
||||
},
|
||||
cancelTokenUrl);
|
||||
|
||||
@ -223,8 +223,9 @@ public void testSecureProxyAuthParamsInUrl() throws IOException {
|
||||
checkQueryParams(
|
||||
new String[]{
|
||||
PutOpParam.Op.CANCELDELEGATIONTOKEN.toQueryString(),
|
||||
new UserParam(ugi.getRealUser().getShortUserName()).toString(),
|
||||
new DoAsParam(ugi.getShortUserName()).toString(),
|
||||
new TokenArgumentParam(tokenString).toString(),
|
||||
new DelegationParam(tokenString).toString()
|
||||
},
|
||||
cancelTokenUrl);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user