HADOOP-11169. Fix DelegationTokenAuthenticatedURL to pass the connection Configurator to the authenticator. (Arun Suresh via wang)

This commit is contained in:
Andrew Wang 2014-10-07 14:46:59 -07:00
parent c8617ff136
commit b2f6197523
4 changed files with 20 additions and 4 deletions

View File

@ -803,6 +803,9 @@ Release 2.6.0 - UNRELEASED
HADOOP-11168. Remove duplicated entry "dfs.webhdfs.enabled" in the useri
doc. (Yi Liu via wheat9)
HADOOP-11169. Fix DelegationTokenAuthenticatedURL to pass the connection
Configurator to the authenticator. (Arun Suresh via wang)
BREAKDOWN OF HDFS-6134 AND HADOOP-10150 SUBTASKS AND RELATED JIRAS
HADOOP-10734. Implement high-performance secure random number sources.

View File

@ -117,9 +117,14 @@ public static void setDefaultDelegationTokenAuthenticator(
}
private static DelegationTokenAuthenticator
obtainDelegationTokenAuthenticator(DelegationTokenAuthenticator dta) {
obtainDelegationTokenAuthenticator(DelegationTokenAuthenticator dta,
ConnectionConfigurator connConfigurator) {
try {
return (dta != null) ? dta : DEFAULT_AUTHENTICATOR.newInstance();
if (dta == null) {
dta = DEFAULT_AUTHENTICATOR.newInstance();
dta.setConnectionConfigurator(connConfigurator);
}
return dta;
} catch (Exception ex) {
throw new IllegalArgumentException(ex);
}
@ -169,7 +174,8 @@ public DelegationTokenAuthenticatedURL(
public DelegationTokenAuthenticatedURL(
DelegationTokenAuthenticator authenticator,
ConnectionConfigurator connConfigurator) {
super(obtainDelegationTokenAuthenticator(authenticator), connConfigurator);
super(obtainDelegationTokenAuthenticator(authenticator, connConfigurator),
connConfigurator);
}
/**

View File

@ -95,6 +95,7 @@ public boolean requiresKerberosCredentials() {
}
private Authenticator authenticator;
private ConnectionConfigurator connConfigurator;
public DelegationTokenAuthenticator(Authenticator authenticator) {
this.authenticator = authenticator;
@ -103,6 +104,7 @@ public DelegationTokenAuthenticator(Authenticator authenticator) {
@Override
public void setConnectionConfigurator(ConnectionConfigurator configurator) {
authenticator.setConnectionConfigurator(configurator);
connConfigurator = configurator;
}
private boolean hasDelegationToken(URL url, AuthenticatedURL.Token token) {
@ -215,7 +217,7 @@ private Map doDelegationTokenOperation(URL url,
separator = "&";
}
url = new URL(sb.toString());
AuthenticatedURL aUrl = new AuthenticatedURL(this);
AuthenticatedURL aUrl = new AuthenticatedURL(this, connConfigurator);
HttpURLConnection conn = aUrl.openConnection(url, token);
conn.setRequestMethod(operation.getHttpMethod());
HttpExceptionUtils.validateResponse(conn, HttpURLConnection.HTTP_OK);

View File

@ -35,6 +35,7 @@
import org.apache.hadoop.security.authentication.client.AuthenticatedURL;
import org.apache.hadoop.security.authorize.AuthorizationException;
import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL;
import org.junit.AfterClass;
import org.junit.Assert;
@ -321,6 +322,10 @@ public Void run() throws Exception {
KeyProvider kp = new KMSClientProvider(uri, conf);
// getKeys() empty
Assert.assertTrue(kp.getKeys().isEmpty());
Token<?>[] tokens = ((KMSClientProvider)kp).addDelegationTokens("myuser", new Credentials());
Assert.assertEquals(1, tokens.length);
Assert.assertEquals("kms-dt", tokens[0].getKind().toString());
}
return null;
}