HADOOP-11169. Fix DelegationTokenAuthenticatedURL to pass the connection Configurator to the authenticator. (Arun Suresh via wang)
This commit is contained in:
parent
c8617ff136
commit
b2f6197523
@ -803,6 +803,9 @@ Release 2.6.0 - UNRELEASED
|
||||
HADOOP-11168. Remove duplicated entry "dfs.webhdfs.enabled" in the useri
|
||||
doc. (Yi Liu via wheat9)
|
||||
|
||||
HADOOP-11169. Fix DelegationTokenAuthenticatedURL to pass the connection
|
||||
Configurator to the authenticator. (Arun Suresh via wang)
|
||||
|
||||
BREAKDOWN OF HDFS-6134 AND HADOOP-10150 SUBTASKS AND RELATED JIRAS
|
||||
|
||||
HADOOP-10734. Implement high-performance secure random number sources.
|
||||
|
@ -117,9 +117,14 @@ public static void setDefaultDelegationTokenAuthenticator(
|
||||
}
|
||||
|
||||
private static DelegationTokenAuthenticator
|
||||
obtainDelegationTokenAuthenticator(DelegationTokenAuthenticator dta) {
|
||||
obtainDelegationTokenAuthenticator(DelegationTokenAuthenticator dta,
|
||||
ConnectionConfigurator connConfigurator) {
|
||||
try {
|
||||
return (dta != null) ? dta : DEFAULT_AUTHENTICATOR.newInstance();
|
||||
if (dta == null) {
|
||||
dta = DEFAULT_AUTHENTICATOR.newInstance();
|
||||
dta.setConnectionConfigurator(connConfigurator);
|
||||
}
|
||||
return dta;
|
||||
} catch (Exception ex) {
|
||||
throw new IllegalArgumentException(ex);
|
||||
}
|
||||
@ -169,7 +174,8 @@ public DelegationTokenAuthenticatedURL(
|
||||
public DelegationTokenAuthenticatedURL(
|
||||
DelegationTokenAuthenticator authenticator,
|
||||
ConnectionConfigurator connConfigurator) {
|
||||
super(obtainDelegationTokenAuthenticator(authenticator), connConfigurator);
|
||||
super(obtainDelegationTokenAuthenticator(authenticator, connConfigurator),
|
||||
connConfigurator);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -95,6 +95,7 @@ public boolean requiresKerberosCredentials() {
|
||||
}
|
||||
|
||||
private Authenticator authenticator;
|
||||
private ConnectionConfigurator connConfigurator;
|
||||
|
||||
public DelegationTokenAuthenticator(Authenticator authenticator) {
|
||||
this.authenticator = authenticator;
|
||||
@ -103,6 +104,7 @@ public DelegationTokenAuthenticator(Authenticator authenticator) {
|
||||
@Override
|
||||
public void setConnectionConfigurator(ConnectionConfigurator configurator) {
|
||||
authenticator.setConnectionConfigurator(configurator);
|
||||
connConfigurator = configurator;
|
||||
}
|
||||
|
||||
private boolean hasDelegationToken(URL url, AuthenticatedURL.Token token) {
|
||||
@ -215,7 +217,7 @@ private Map doDelegationTokenOperation(URL url,
|
||||
separator = "&";
|
||||
}
|
||||
url = new URL(sb.toString());
|
||||
AuthenticatedURL aUrl = new AuthenticatedURL(this);
|
||||
AuthenticatedURL aUrl = new AuthenticatedURL(this, connConfigurator);
|
||||
HttpURLConnection conn = aUrl.openConnection(url, token);
|
||||
conn.setRequestMethod(operation.getHttpMethod());
|
||||
HttpExceptionUtils.validateResponse(conn, HttpURLConnection.HTTP_OK);
|
||||
|
@ -35,6 +35,7 @@
|
||||
import org.apache.hadoop.security.authentication.client.AuthenticatedURL;
|
||||
import org.apache.hadoop.security.authorize.AuthorizationException;
|
||||
import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
|
||||
import org.apache.hadoop.security.token.Token;
|
||||
import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL;
|
||||
import org.junit.AfterClass;
|
||||
import org.junit.Assert;
|
||||
@ -321,6 +322,10 @@ public Void run() throws Exception {
|
||||
KeyProvider kp = new KMSClientProvider(uri, conf);
|
||||
// getKeys() empty
|
||||
Assert.assertTrue(kp.getKeys().isEmpty());
|
||||
|
||||
Token<?>[] tokens = ((KMSClientProvider)kp).addDelegationTokens("myuser", new Credentials());
|
||||
Assert.assertEquals(1, tokens.length);
|
||||
Assert.assertEquals("kms-dt", tokens[0].getKind().toString());
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user