YARN-2447. RM web service app submission doesn't pass secrets correctly. Contributed by Varun Vasudev
This commit is contained in:
parent
156e6a4f8a
commit
c686aa3533
@ -257,6 +257,9 @@ Release 2.6.0 - UNRELEASED
|
|||||||
|
|
||||||
YARN-2450. Fix typos in log messages. (Ray Chiang via hitesh)
|
YARN-2450. Fix typos in log messages. (Ray Chiang via hitesh)
|
||||||
|
|
||||||
|
YARN-2447. RM web service app submission doesn't pass secrets correctly.
|
||||||
|
(Varun Vasudev via jianhe)
|
||||||
|
|
||||||
Release 2.5.1 - UNRELEASED
|
Release 2.5.1 - UNRELEASED
|
||||||
|
|
||||||
INCOMPATIBLE CHANGES
|
INCOMPATIBLE CHANGES
|
||||||
|
@ -1061,7 +1061,7 @@ private Credentials createCredentials(CredentialsInfo credentials) {
|
|||||||
token.decodeFromUrlString(entry.getValue());
|
token.decodeFromUrlString(entry.getValue());
|
||||||
ret.addToken(alias, token);
|
ret.addToken(alias, token);
|
||||||
}
|
}
|
||||||
for (Map.Entry<String, String> entry : credentials.getTokens().entrySet()) {
|
for (Map.Entry<String, String> entry : credentials.getSecrets().entrySet()) {
|
||||||
Text alias = new Text(entry.getKey());
|
Text alias = new Text(entry.getKey());
|
||||||
Base64 decoder = new Base64(0, null, true);
|
Base64 decoder = new Base64(0, null, true);
|
||||||
byte[] secret = decoder.decode(entry.getValue());
|
byte[] secret = decoder.decode(entry.getValue());
|
||||||
|
@ -22,9 +22,7 @@
|
|||||||
import static org.junit.Assert.assertTrue;
|
import static org.junit.Assert.assertTrue;
|
||||||
import static org.junit.Assume.assumeTrue;
|
import static org.junit.Assume.assumeTrue;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.*;
|
||||||
import java.io.StringReader;
|
|
||||||
import java.io.StringWriter;
|
|
||||||
import java.net.URI;
|
import java.net.URI;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
@ -47,6 +45,9 @@
|
|||||||
|
|
||||||
import org.apache.commons.codec.binary.Base64;
|
import org.apache.commons.codec.binary.Base64;
|
||||||
import org.apache.hadoop.conf.Configuration;
|
import org.apache.hadoop.conf.Configuration;
|
||||||
|
import org.apache.hadoop.io.DataInputBuffer;
|
||||||
|
import org.apache.hadoop.io.Text;
|
||||||
|
import org.apache.hadoop.security.Credentials;
|
||||||
import org.apache.hadoop.security.authentication.server.AuthenticationFilter;
|
import org.apache.hadoop.security.authentication.server.AuthenticationFilter;
|
||||||
import org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler;
|
import org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler;
|
||||||
import org.apache.hadoop.yarn.api.records.ApplicationAccessType;
|
import org.apache.hadoop.yarn.api.records.ApplicationAccessType;
|
||||||
@ -77,6 +78,7 @@
|
|||||||
import org.codehaus.jettison.json.JSONException;
|
import org.codehaus.jettison.json.JSONException;
|
||||||
import org.codehaus.jettison.json.JSONObject;
|
import org.codehaus.jettison.json.JSONObject;
|
||||||
import org.junit.After;
|
import org.junit.After;
|
||||||
|
import org.junit.Assert;
|
||||||
import org.junit.Before;
|
import org.junit.Before;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.junit.runner.RunWith;
|
import org.junit.runner.RunWith;
|
||||||
@ -684,7 +686,8 @@ public void testAppSubmit(String acceptMedia, String contentMedia)
|
|||||||
CredentialsInfo credentials = new CredentialsInfo();
|
CredentialsInfo credentials = new CredentialsInfo();
|
||||||
HashMap<String, String> tokens = new HashMap<String, String>();
|
HashMap<String, String> tokens = new HashMap<String, String>();
|
||||||
HashMap<String, String> secrets = new HashMap<String, String>();
|
HashMap<String, String> secrets = new HashMap<String, String>();
|
||||||
secrets.put("secret1", Base64.encodeBase64URLSafeString("secret1".getBytes("UTF8")));
|
secrets.put("secret1", Base64.encodeBase64String(
|
||||||
|
"mysecret".getBytes("UTF8")));
|
||||||
credentials.setSecrets(secrets);
|
credentials.setSecrets(secrets);
|
||||||
credentials.setTokens(tokens);
|
credentials.setTokens(tokens);
|
||||||
ApplicationSubmissionContextInfo appInfo = new ApplicationSubmissionContextInfo();
|
ApplicationSubmissionContextInfo appInfo = new ApplicationSubmissionContextInfo();
|
||||||
@ -757,6 +760,16 @@ public void testAppSubmit(String acceptMedia, String contentMedia)
|
|||||||
assertEquals(y.getType(), exampleLR.getType());
|
assertEquals(y.getType(), exampleLR.getType());
|
||||||
assertEquals(y.getPattern(), exampleLR.getPattern());
|
assertEquals(y.getPattern(), exampleLR.getPattern());
|
||||||
assertEquals(y.getVisibility(), exampleLR.getVisibility());
|
assertEquals(y.getVisibility(), exampleLR.getVisibility());
|
||||||
|
Credentials cs = new Credentials();
|
||||||
|
ByteArrayInputStream str =
|
||||||
|
new ByteArrayInputStream(app.getApplicationSubmissionContext()
|
||||||
|
.getAMContainerSpec().getTokens().array());
|
||||||
|
DataInputStream di = new DataInputStream(str);
|
||||||
|
cs.readTokenStorageStream(di);
|
||||||
|
Text key = new Text("secret1");
|
||||||
|
assertTrue("Secrets missing from credentials object", cs
|
||||||
|
.getAllSecretKeys().contains(key));
|
||||||
|
assertEquals("mysecret", new String(cs.getSecretKey(key), "UTF-8"));
|
||||||
|
|
||||||
response =
|
response =
|
||||||
this.constructWebResource("apps", appId).accept(acceptMedia)
|
this.constructWebResource("apps", appId).accept(acceptMedia)
|
||||||
|
Loading…
Reference in New Issue
Block a user