HDFS-5690. DataNode fails to start in secure mode when dfs.http.policy equals to HTTP_ONLY. Contributed by Haohui Mai.
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1553167 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
624703ed7b
commit
e8de319789
@ -305,12 +305,13 @@ public HttpServer build() throws IOException {
|
||||
}
|
||||
}
|
||||
|
||||
if (endpoints.size() == 0) {
|
||||
if (endpoints.size() == 0 && connector == null) {
|
||||
throw new HadoopIllegalArgumentException("No endpoints specified");
|
||||
}
|
||||
|
||||
if (hostName == null) {
|
||||
hostName = endpoints.get(0).getHost();
|
||||
hostName = endpoints.size() == 0 ? connector.getHost() : endpoints.get(
|
||||
0).getHost();
|
||||
}
|
||||
|
||||
if (this.conf == null) {
|
||||
|
@ -66,6 +66,8 @@
|
||||
import org.mortbay.jetty.Connector;
|
||||
import org.mortbay.util.ajax.JSON;
|
||||
|
||||
import static org.mockito.Mockito.*;
|
||||
|
||||
public class TestHttpServer extends HttpServerFunctionalTest {
|
||||
static final Log LOG = LogFactory.getLog(TestHttpServer.class);
|
||||
private static HttpServer server;
|
||||
@ -588,4 +590,15 @@ public void testNoCacheHeader() throws Exception {
|
||||
assertEquals(conn.getHeaderField("Expires"), conn.getHeaderField("Date"));
|
||||
}
|
||||
|
||||
/**
|
||||
* HTTPServer.Builder should proceed if a external connector is available.
|
||||
*/
|
||||
@Test
|
||||
public void testHttpServerBuilderWithExternalConnector() throws Exception {
|
||||
Connector c = mock(Connector.class);
|
||||
doReturn("localhost").when(c).getHost();
|
||||
HttpServer s = new HttpServer.Builder().setName("test").setConnector(c)
|
||||
.build();
|
||||
s.stop();
|
||||
}
|
||||
}
|
||||
|
@ -830,6 +830,9 @@ Release 2.4.0 - UNRELEASED
|
||||
HDFS-5691. Fix typo in ShortCircuitLocalRead document.
|
||||
(Akira Ajisaka via suresh)
|
||||
|
||||
HDFS-5690. DataNode fails to start in secure mode when dfs.http.policy equals to
|
||||
HTTP_ONLY. (Haohui Mai via jing9)
|
||||
|
||||
Release 2.3.0 - UNRELEASED
|
||||
|
||||
INCOMPATIBLE CHANGES
|
||||
|
@ -87,6 +87,7 @@ public void start() throws Exception {
|
||||
public static SecureResources getSecureResources(Configuration conf)
|
||||
throws Exception {
|
||||
HttpConfig.Policy policy = DFSUtil.getHttpPolicy(conf);
|
||||
boolean isSecure = UserGroupInformation.isSecurityEnabled();
|
||||
|
||||
// Obtain secure port for data streaming to datanode
|
||||
InetSocketAddress streamingAddr = DataNode.getStreamingAddr(conf);
|
||||
@ -106,6 +107,11 @@ public static SecureResources getSecureResources(Configuration conf)
|
||||
+ ss.getLocalPort());
|
||||
}
|
||||
|
||||
if (ss.getLocalPort() > 1023 && isSecure) {
|
||||
throw new RuntimeException(
|
||||
"Cannot start secure datanode with unprivileged RPC ports");
|
||||
}
|
||||
|
||||
System.err.println("Opened streaming server at " + streamingAddr);
|
||||
|
||||
// Bind a port for the web server. The code intends to bind HTTP server to
|
||||
@ -126,9 +132,9 @@ public static SecureResources getSecureResources(Configuration conf)
|
||||
System.err.println("Successfully obtained privileged resources (streaming port = "
|
||||
+ ss + " ) (http listener port = " + listener.getConnection() +")");
|
||||
|
||||
if ((ss.getLocalPort() > 1023 || listener.getPort() > 1023) &&
|
||||
UserGroupInformation.isSecurityEnabled()) {
|
||||
throw new RuntimeException("Cannot start secure datanode with unprivileged ports");
|
||||
if (listener.getPort() > 1023 && isSecure) {
|
||||
throw new RuntimeException(
|
||||
"Cannot start secure datanode with unprivileged HTTP ports");
|
||||
}
|
||||
System.err.println("Opened info server at " + infoSocAddr);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user