YARN-2447. RM web service app submission doesn't pass secrets correctly. Contributed by Varun Vasudev

This commit is contained in:
Jian He 2014-08-29 11:40:47 -07:00
parent 156e6a4f8a
commit c686aa3533
3 changed files with 21 additions and 5 deletions

View File

@ -257,6 +257,9 @@ Release 2.6.0 - UNRELEASED
YARN-2450. Fix typos in log messages. (Ray Chiang via hitesh) YARN-2450. Fix typos in log messages. (Ray Chiang via hitesh)
YARN-2447. RM web service app submission doesn't pass secrets correctly.
(Varun Vasudev via jianhe)
Release 2.5.1 - UNRELEASED Release 2.5.1 - UNRELEASED
INCOMPATIBLE CHANGES INCOMPATIBLE CHANGES

View File

@ -1061,7 +1061,7 @@ private Credentials createCredentials(CredentialsInfo credentials) {
token.decodeFromUrlString(entry.getValue()); token.decodeFromUrlString(entry.getValue());
ret.addToken(alias, token); ret.addToken(alias, token);
} }
for (Map.Entry<String, String> entry : credentials.getTokens().entrySet()) { for (Map.Entry<String, String> entry : credentials.getSecrets().entrySet()) {
Text alias = new Text(entry.getKey()); Text alias = new Text(entry.getKey());
Base64 decoder = new Base64(0, null, true); Base64 decoder = new Base64(0, null, true);
byte[] secret = decoder.decode(entry.getValue()); byte[] secret = decoder.decode(entry.getValue());

View File

@ -22,9 +22,7 @@
import static org.junit.Assert.assertTrue; import static org.junit.Assert.assertTrue;
import static org.junit.Assume.assumeTrue; import static org.junit.Assume.assumeTrue;
import java.io.IOException; import java.io.*;
import java.io.StringReader;
import java.io.StringWriter;
import java.net.URI; import java.net.URI;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
@ -47,6 +45,9 @@
import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.binary.Base64;
import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.io.DataInputBuffer;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.security.Credentials;
import org.apache.hadoop.security.authentication.server.AuthenticationFilter; import org.apache.hadoop.security.authentication.server.AuthenticationFilter;
import org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler; import org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler;
import org.apache.hadoop.yarn.api.records.ApplicationAccessType; import org.apache.hadoop.yarn.api.records.ApplicationAccessType;
@ -77,6 +78,7 @@
import org.codehaus.jettison.json.JSONException; import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject; import org.codehaus.jettison.json.JSONObject;
import org.junit.After; import org.junit.After;
import org.junit.Assert;
import org.junit.Before; import org.junit.Before;
import org.junit.Test; import org.junit.Test;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
@ -684,7 +686,8 @@ public void testAppSubmit(String acceptMedia, String contentMedia)
CredentialsInfo credentials = new CredentialsInfo(); CredentialsInfo credentials = new CredentialsInfo();
HashMap<String, String> tokens = new HashMap<String, String>(); HashMap<String, String> tokens = new HashMap<String, String>();
HashMap<String, String> secrets = new HashMap<String, String>(); HashMap<String, String> secrets = new HashMap<String, String>();
secrets.put("secret1", Base64.encodeBase64URLSafeString("secret1".getBytes("UTF8"))); secrets.put("secret1", Base64.encodeBase64String(
"mysecret".getBytes("UTF8")));
credentials.setSecrets(secrets); credentials.setSecrets(secrets);
credentials.setTokens(tokens); credentials.setTokens(tokens);
ApplicationSubmissionContextInfo appInfo = new ApplicationSubmissionContextInfo(); ApplicationSubmissionContextInfo appInfo = new ApplicationSubmissionContextInfo();
@ -757,6 +760,16 @@ public void testAppSubmit(String acceptMedia, String contentMedia)
assertEquals(y.getType(), exampleLR.getType()); assertEquals(y.getType(), exampleLR.getType());
assertEquals(y.getPattern(), exampleLR.getPattern()); assertEquals(y.getPattern(), exampleLR.getPattern());
assertEquals(y.getVisibility(), exampleLR.getVisibility()); assertEquals(y.getVisibility(), exampleLR.getVisibility());
Credentials cs = new Credentials();
ByteArrayInputStream str =
new ByteArrayInputStream(app.getApplicationSubmissionContext()
.getAMContainerSpec().getTokens().array());
DataInputStream di = new DataInputStream(str);
cs.readTokenStorageStream(di);
Text key = new Text("secret1");
assertTrue("Secrets missing from credentials object", cs
.getAllSecretKeys().contains(key));
assertEquals("mysecret", new String(cs.getSecretKey(key), "UTF-8"));
response = response =
this.constructWebResource("apps", appId).accept(acceptMedia) this.constructWebResource("apps", appId).accept(acceptMedia)