diff --git a/hadoop-yarn-project/CHANGES.txt b/hadoop-yarn-project/CHANGES.txt index 72e8a1e244..5503c4edf9 100644 --- a/hadoop-yarn-project/CHANGES.txt +++ b/hadoop-yarn-project/CHANGES.txt @@ -257,6 +257,9 @@ Release 2.6.0 - UNRELEASED YARN-2450. Fix typos in log messages. (Ray Chiang via hitesh) + YARN-2447. RM web service app submission doesn't pass secrets correctly. + (Varun Vasudev via jianhe) + Release 2.5.1 - UNRELEASED INCOMPATIBLE CHANGES diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMWebServices.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMWebServices.java index a8ec19260e..24a90bd69a 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMWebServices.java +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMWebServices.java @@ -1061,7 +1061,7 @@ private Credentials createCredentials(CredentialsInfo credentials) { token.decodeFromUrlString(entry.getValue()); ret.addToken(alias, token); } - for (Map.Entry entry : credentials.getTokens().entrySet()) { + for (Map.Entry entry : credentials.getSecrets().entrySet()) { Text alias = new Text(entry.getKey()); Base64 decoder = new Base64(0, null, true); byte[] secret = decoder.decode(entry.getValue()); diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/TestRMWebServicesAppsModification.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/TestRMWebServicesAppsModification.java index 12c5686e3e..e02e410c5a 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/TestRMWebServicesAppsModification.java +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/TestRMWebServicesAppsModification.java @@ -22,9 +22,7 @@ import static org.junit.Assert.assertTrue; import static org.junit.Assume.assumeTrue; -import java.io.IOException; -import java.io.StringReader; -import java.io.StringWriter; +import java.io.*; import java.net.URI; import java.util.ArrayList; import java.util.Arrays; @@ -47,6 +45,9 @@ import org.apache.commons.codec.binary.Base64; import org.apache.hadoop.conf.Configuration; +import org.apache.hadoop.io.DataInputBuffer; +import org.apache.hadoop.io.Text; +import org.apache.hadoop.security.Credentials; import org.apache.hadoop.security.authentication.server.AuthenticationFilter; import org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler; import org.apache.hadoop.yarn.api.records.ApplicationAccessType; @@ -77,6 +78,7 @@ import org.codehaus.jettison.json.JSONException; import org.codehaus.jettison.json.JSONObject; import org.junit.After; +import org.junit.Assert; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; @@ -684,7 +686,8 @@ public void testAppSubmit(String acceptMedia, String contentMedia) CredentialsInfo credentials = new CredentialsInfo(); HashMap tokens = new HashMap(); HashMap secrets = new HashMap(); - secrets.put("secret1", Base64.encodeBase64URLSafeString("secret1".getBytes("UTF8"))); + secrets.put("secret1", Base64.encodeBase64String( + "mysecret".getBytes("UTF8"))); credentials.setSecrets(secrets); credentials.setTokens(tokens); ApplicationSubmissionContextInfo appInfo = new ApplicationSubmissionContextInfo(); @@ -757,6 +760,16 @@ public void testAppSubmit(String acceptMedia, String contentMedia) assertEquals(y.getType(), exampleLR.getType()); assertEquals(y.getPattern(), exampleLR.getPattern()); assertEquals(y.getVisibility(), exampleLR.getVisibility()); + Credentials cs = new Credentials(); + ByteArrayInputStream str = + new ByteArrayInputStream(app.getApplicationSubmissionContext() + .getAMContainerSpec().getTokens().array()); + DataInputStream di = new DataInputStream(str); + cs.readTokenStorageStream(di); + Text key = new Text("secret1"); + assertTrue("Secrets missing from credentials object", cs + .getAllSecretKeys().contains(key)); + assertEquals("mysecret", new String(cs.getSecretKey(key), "UTF-8")); response = this.constructWebResource("apps", appId).accept(acceptMedia)