HADOOP-11169. Fix DelegationTokenAuthenticatedURL to pass the connection Configurator to the authenticator. (Arun Suresh via wang)
This commit is contained in:
parent
c8617ff136
commit
b2f6197523
@ -803,6 +803,9 @@ Release 2.6.0 - UNRELEASED
|
|||||||
HADOOP-11168. Remove duplicated entry "dfs.webhdfs.enabled" in the useri
|
HADOOP-11168. Remove duplicated entry "dfs.webhdfs.enabled" in the useri
|
||||||
doc. (Yi Liu via wheat9)
|
doc. (Yi Liu via wheat9)
|
||||||
|
|
||||||
|
HADOOP-11169. Fix DelegationTokenAuthenticatedURL to pass the connection
|
||||||
|
Configurator to the authenticator. (Arun Suresh via wang)
|
||||||
|
|
||||||
BREAKDOWN OF HDFS-6134 AND HADOOP-10150 SUBTASKS AND RELATED JIRAS
|
BREAKDOWN OF HDFS-6134 AND HADOOP-10150 SUBTASKS AND RELATED JIRAS
|
||||||
|
|
||||||
HADOOP-10734. Implement high-performance secure random number sources.
|
HADOOP-10734. Implement high-performance secure random number sources.
|
||||||
|
@ -117,9 +117,14 @@ public static void setDefaultDelegationTokenAuthenticator(
|
|||||||
}
|
}
|
||||||
|
|
||||||
private static DelegationTokenAuthenticator
|
private static DelegationTokenAuthenticator
|
||||||
obtainDelegationTokenAuthenticator(DelegationTokenAuthenticator dta) {
|
obtainDelegationTokenAuthenticator(DelegationTokenAuthenticator dta,
|
||||||
|
ConnectionConfigurator connConfigurator) {
|
||||||
try {
|
try {
|
||||||
return (dta != null) ? dta : DEFAULT_AUTHENTICATOR.newInstance();
|
if (dta == null) {
|
||||||
|
dta = DEFAULT_AUTHENTICATOR.newInstance();
|
||||||
|
dta.setConnectionConfigurator(connConfigurator);
|
||||||
|
}
|
||||||
|
return dta;
|
||||||
} catch (Exception ex) {
|
} catch (Exception ex) {
|
||||||
throw new IllegalArgumentException(ex);
|
throw new IllegalArgumentException(ex);
|
||||||
}
|
}
|
||||||
@ -169,7 +174,8 @@ public DelegationTokenAuthenticatedURL(
|
|||||||
public DelegationTokenAuthenticatedURL(
|
public DelegationTokenAuthenticatedURL(
|
||||||
DelegationTokenAuthenticator authenticator,
|
DelegationTokenAuthenticator authenticator,
|
||||||
ConnectionConfigurator connConfigurator) {
|
ConnectionConfigurator connConfigurator) {
|
||||||
super(obtainDelegationTokenAuthenticator(authenticator), connConfigurator);
|
super(obtainDelegationTokenAuthenticator(authenticator, connConfigurator),
|
||||||
|
connConfigurator);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -95,6 +95,7 @@ public boolean requiresKerberosCredentials() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private Authenticator authenticator;
|
private Authenticator authenticator;
|
||||||
|
private ConnectionConfigurator connConfigurator;
|
||||||
|
|
||||||
public DelegationTokenAuthenticator(Authenticator authenticator) {
|
public DelegationTokenAuthenticator(Authenticator authenticator) {
|
||||||
this.authenticator = authenticator;
|
this.authenticator = authenticator;
|
||||||
@ -103,6 +104,7 @@ public DelegationTokenAuthenticator(Authenticator authenticator) {
|
|||||||
@Override
|
@Override
|
||||||
public void setConnectionConfigurator(ConnectionConfigurator configurator) {
|
public void setConnectionConfigurator(ConnectionConfigurator configurator) {
|
||||||
authenticator.setConnectionConfigurator(configurator);
|
authenticator.setConnectionConfigurator(configurator);
|
||||||
|
connConfigurator = configurator;
|
||||||
}
|
}
|
||||||
|
|
||||||
private boolean hasDelegationToken(URL url, AuthenticatedURL.Token token) {
|
private boolean hasDelegationToken(URL url, AuthenticatedURL.Token token) {
|
||||||
@ -215,7 +217,7 @@ private Map doDelegationTokenOperation(URL url,
|
|||||||
separator = "&";
|
separator = "&";
|
||||||
}
|
}
|
||||||
url = new URL(sb.toString());
|
url = new URL(sb.toString());
|
||||||
AuthenticatedURL aUrl = new AuthenticatedURL(this);
|
AuthenticatedURL aUrl = new AuthenticatedURL(this, connConfigurator);
|
||||||
HttpURLConnection conn = aUrl.openConnection(url, token);
|
HttpURLConnection conn = aUrl.openConnection(url, token);
|
||||||
conn.setRequestMethod(operation.getHttpMethod());
|
conn.setRequestMethod(operation.getHttpMethod());
|
||||||
HttpExceptionUtils.validateResponse(conn, HttpURLConnection.HTTP_OK);
|
HttpExceptionUtils.validateResponse(conn, HttpURLConnection.HTTP_OK);
|
||||||
|
@ -35,6 +35,7 @@
|
|||||||
import org.apache.hadoop.security.authentication.client.AuthenticatedURL;
|
import org.apache.hadoop.security.authentication.client.AuthenticatedURL;
|
||||||
import org.apache.hadoop.security.authorize.AuthorizationException;
|
import org.apache.hadoop.security.authorize.AuthorizationException;
|
||||||
import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
|
import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
|
||||||
|
import org.apache.hadoop.security.token.Token;
|
||||||
import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL;
|
import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL;
|
||||||
import org.junit.AfterClass;
|
import org.junit.AfterClass;
|
||||||
import org.junit.Assert;
|
import org.junit.Assert;
|
||||||
@ -321,6 +322,10 @@ public Void run() throws Exception {
|
|||||||
KeyProvider kp = new KMSClientProvider(uri, conf);
|
KeyProvider kp = new KMSClientProvider(uri, conf);
|
||||||
// getKeys() empty
|
// getKeys() empty
|
||||||
Assert.assertTrue(kp.getKeys().isEmpty());
|
Assert.assertTrue(kp.getKeys().isEmpty());
|
||||||
|
|
||||||
|
Token<?>[] tokens = ((KMSClientProvider)kp).addDelegationTokens("myuser", new Credentials());
|
||||||
|
Assert.assertEquals(1, tokens.length);
|
||||||
|
Assert.assertEquals("kms-dt", tokens[0].getKind().toString());
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user