HADOOP-11169. Fix DelegationTokenAuthenticatedURL to pass the connection Configurator to the authenticator. (Arun Suresh via wang)

This commit is contained in:
Andrew Wang 2014-10-07 14:46:59 -07:00
parent c8617ff136
commit b2f6197523
4 changed files with 20 additions and 4 deletions

View File

@ -803,6 +803,9 @@ Release 2.6.0 - UNRELEASED
HADOOP-11168. Remove duplicated entry "dfs.webhdfs.enabled" in the useri HADOOP-11168. Remove duplicated entry "dfs.webhdfs.enabled" in the useri
doc. (Yi Liu via wheat9) doc. (Yi Liu via wheat9)
HADOOP-11169. Fix DelegationTokenAuthenticatedURL to pass the connection
Configurator to the authenticator. (Arun Suresh via wang)
BREAKDOWN OF HDFS-6134 AND HADOOP-10150 SUBTASKS AND RELATED JIRAS BREAKDOWN OF HDFS-6134 AND HADOOP-10150 SUBTASKS AND RELATED JIRAS
HADOOP-10734. Implement high-performance secure random number sources. HADOOP-10734. Implement high-performance secure random number sources.

View File

@ -117,9 +117,14 @@ public static void setDefaultDelegationTokenAuthenticator(
} }
private static DelegationTokenAuthenticator private static DelegationTokenAuthenticator
obtainDelegationTokenAuthenticator(DelegationTokenAuthenticator dta) { obtainDelegationTokenAuthenticator(DelegationTokenAuthenticator dta,
ConnectionConfigurator connConfigurator) {
try { try {
return (dta != null) ? dta : DEFAULT_AUTHENTICATOR.newInstance(); if (dta == null) {
dta = DEFAULT_AUTHENTICATOR.newInstance();
dta.setConnectionConfigurator(connConfigurator);
}
return dta;
} catch (Exception ex) { } catch (Exception ex) {
throw new IllegalArgumentException(ex); throw new IllegalArgumentException(ex);
} }
@ -169,7 +174,8 @@ public DelegationTokenAuthenticatedURL(
public DelegationTokenAuthenticatedURL( public DelegationTokenAuthenticatedURL(
DelegationTokenAuthenticator authenticator, DelegationTokenAuthenticator authenticator,
ConnectionConfigurator connConfigurator) { ConnectionConfigurator connConfigurator) {
super(obtainDelegationTokenAuthenticator(authenticator), connConfigurator); super(obtainDelegationTokenAuthenticator(authenticator, connConfigurator),
connConfigurator);
} }
/** /**

View File

@ -95,6 +95,7 @@ public boolean requiresKerberosCredentials() {
} }
private Authenticator authenticator; private Authenticator authenticator;
private ConnectionConfigurator connConfigurator;
public DelegationTokenAuthenticator(Authenticator authenticator) { public DelegationTokenAuthenticator(Authenticator authenticator) {
this.authenticator = authenticator; this.authenticator = authenticator;
@ -103,6 +104,7 @@ public DelegationTokenAuthenticator(Authenticator authenticator) {
@Override @Override
public void setConnectionConfigurator(ConnectionConfigurator configurator) { public void setConnectionConfigurator(ConnectionConfigurator configurator) {
authenticator.setConnectionConfigurator(configurator); authenticator.setConnectionConfigurator(configurator);
connConfigurator = configurator;
} }
private boolean hasDelegationToken(URL url, AuthenticatedURL.Token token) { private boolean hasDelegationToken(URL url, AuthenticatedURL.Token token) {
@ -215,7 +217,7 @@ private Map doDelegationTokenOperation(URL url,
separator = "&"; separator = "&";
} }
url = new URL(sb.toString()); url = new URL(sb.toString());
AuthenticatedURL aUrl = new AuthenticatedURL(this); AuthenticatedURL aUrl = new AuthenticatedURL(this, connConfigurator);
HttpURLConnection conn = aUrl.openConnection(url, token); HttpURLConnection conn = aUrl.openConnection(url, token);
conn.setRequestMethod(operation.getHttpMethod()); conn.setRequestMethod(operation.getHttpMethod());
HttpExceptionUtils.validateResponse(conn, HttpURLConnection.HTTP_OK); HttpExceptionUtils.validateResponse(conn, HttpURLConnection.HTTP_OK);

View File

@ -35,6 +35,7 @@
import org.apache.hadoop.security.authentication.client.AuthenticatedURL; import org.apache.hadoop.security.authentication.client.AuthenticatedURL;
import org.apache.hadoop.security.authorize.AuthorizationException; import org.apache.hadoop.security.authorize.AuthorizationException;
import org.apache.hadoop.security.ssl.KeyStoreTestUtil; import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL; import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL;
import org.junit.AfterClass; import org.junit.AfterClass;
import org.junit.Assert; import org.junit.Assert;
@ -321,6 +322,10 @@ public Void run() throws Exception {
KeyProvider kp = new KMSClientProvider(uri, conf); KeyProvider kp = new KMSClientProvider(uri, conf);
// getKeys() empty // getKeys() empty
Assert.assertTrue(kp.getKeys().isEmpty()); Assert.assertTrue(kp.getKeys().isEmpty());
Token<?>[] tokens = ((KMSClientProvider)kp).addDelegationTokens("myuser", new Credentials());
Assert.assertEquals(1, tokens.length);
Assert.assertEquals("kms-dt", tokens[0].getKind().toString());
} }
return null; return null;
} }