big-data/hadoop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HADOOP-6938. ConnectionId.getRemotePrincipal() should check if security is enabled. Contributed by Kan Zhang.

Browse Source 
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@992479 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Hairong Kuang 2010-09-03 21:24:29 +00:00
parent fa75e35f9e
commit becf8e919a
3 changed files with 47 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES.txt
View File

@ -232,6 +232,9 @@ Trunk (unreleased changes)
HADOOP-6907. Rpc client doesn't use the per-connection conf to figure HADOOP-6907. Rpc client doesn't use the per-connection conf to figure
out server's Kerberos principal (Kan Zhang via hairong) out server's Kerberos principal (Kan Zhang via hairong)
HADOOP-6938. ConnectionId.getRemotePrincipal() should check if security
is enabled. (Kan Zhang via hairong)
Release 0.21.0 - Unreleased Release 0.21.0 - Unreleased
INCOMPATIBLE CHANGES INCOMPATIBLE CHANGES

9
src/java/org/apache/hadoop/ipc/Client.java
View File

@ -87,7 +87,7 @@ public class Client {
private SocketFactory socketFactory; // how to create sockets private SocketFactory socketFactory; // how to create sockets
private int refCount = 1; private int refCount = 1;
final private static String PING_INTERVAL_NAME = "ipc.ping.interval"; final static String PING_INTERVAL_NAME = "ipc.ping.interval";
final static int DEFAULT_PING_INTERVAL = 60000; // 1 min final static int DEFAULT_PING_INTERVAL = 60000; // 1 min
final static int PING_CALL_ID = -1; final static int PING_CALL_ID = -1;
@ -1244,18 +1244,19 @@ static ConnectionId getConnectionId(InetSocketAddress addr,
Class<?> protocol, UserGroupInformation ticket, int rpcTimeout, Class<?> protocol, UserGroupInformation ticket, int rpcTimeout,
Configuration conf) throws IOException { Configuration conf) throws IOException {
String remotePrincipal = getRemotePrincipal(conf, addr, protocol); String remotePrincipal = getRemotePrincipal(conf, addr, protocol);
boolean doPing = conf.getBoolean("ipc.client.ping", true);
return new ConnectionId(addr, protocol, ticket, return new ConnectionId(addr, protocol, ticket,
rpcTimeout, remotePrincipal, rpcTimeout, remotePrincipal,
conf.getInt("ipc.client.connection.maxidletime", 10000), // 10s conf.getInt("ipc.client.connection.maxidletime", 10000), // 10s
conf.getInt("ipc.client.connect.max.retries", 10), conf.getInt("ipc.client.connect.max.retries", 10),
conf.getBoolean("ipc.client.tcpnodelay", false), conf.getBoolean("ipc.client.tcpnodelay", false),
conf.getBoolean("ipc.client.ping", true), doPing,
Client.getPingInterval(conf)); (doPing ? Client.getPingInterval(conf) : 0));
} }
private static String getRemotePrincipal(Configuration conf, private static String getRemotePrincipal(Configuration conf,
InetSocketAddress address, Class<?> protocol) throws IOException { InetSocketAddress address, Class<?> protocol) throws IOException {
if (protocol == null) { if (!UserGroupInformation.isSecurityEnabled() || protocol == null) {
return null; return null;
} }
KerberosInfo krbInfo = protocol.getAnnotation(KerberosInfo.class); KerberosInfo krbInfo = protocol.getAnnotation(KerberosInfo.class);

39
src/test/core/org/apache/hadoop/ipc/TestSaslRPC.java
View File

@ -254,6 +254,45 @@ private void doDigestRpc(Server server, TestTokenSecretManager sm)
} }
} }
@Test
public void testPingInterval() throws Exception {
Configuration newConf = new Configuration(conf);
newConf.set(SERVER_PRINCIPAL_KEY, SERVER_PRINCIPAL_1);
conf.setInt(Client.PING_INTERVAL_NAME, Client.DEFAULT_PING_INTERVAL);
// set doPing to true
newConf.setBoolean("ipc.client.ping", true);
ConnectionId remoteId = ConnectionId.getConnectionId(
new InetSocketAddress(0), TestSaslProtocol.class, null, 0, newConf);
assertEquals(Client.DEFAULT_PING_INTERVAL, remoteId.getPingInterval());
// set doPing to false
newConf.setBoolean("ipc.client.ping", false);
remoteId = ConnectionId.getConnectionId(
new InetSocketAddress(0), TestSaslProtocol.class, null, 0, newConf);
assertEquals(0, remoteId.getPingInterval());
}
@Test
public void testGetRemotePrincipal() throws Exception {
try {
Configuration newConf = new Configuration(conf);
newConf.set(SERVER_PRINCIPAL_KEY, SERVER_PRINCIPAL_1);
ConnectionId remoteId = ConnectionId.getConnectionId(
new InetSocketAddress(0), TestSaslProtocol.class, null, 0, newConf);
assertEquals(SERVER_PRINCIPAL_1, remoteId.getServerPrincipal());
// this following test needs security to be off
newConf.set(HADOOP_SECURITY_AUTHENTICATION, "simple");
UserGroupInformation.setConfiguration(newConf);
remoteId = ConnectionId.getConnectionId(new InetSocketAddress(0),
TestSaslProtocol.class, null, 0, newConf);
assertEquals(
"serverPrincipal should be null when security is turned off", null,
remoteId.getServerPrincipal());
} finally {
// revert back to security is on
UserGroupInformation.setConfiguration(conf);
}
}
@Test @Test
public void testPerConnectionConf() throws Exception { public void testPerConnectionConf() throws Exception {
TestTokenSecretManager sm = new TestTokenSecretManager(); TestTokenSecretManager sm = new TestTokenSecretManager();