HADOOP-6583. Captures authentication and authorization metrics. Contributed by Devaraj Das.
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@915095 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
115ef5b8c7
commit
ffdde40b9f
@ -156,6 +156,8 @@ Trunk (unreleased changes)
|
||||
meaningful exceptions when there are failures instead of returning
|
||||
false. (omalley)
|
||||
|
||||
HADOOP-6583. Captures authentication and authorization metrics. (ddas)
|
||||
|
||||
OPTIMIZATIONS
|
||||
|
||||
BUG FIXES
|
||||
|
@ -220,6 +220,11 @@ public static void bind(ServerSocket socket, InetSocketAddress address,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/*Returns a handle to the rpcMetrics (required in tests)*/
|
||||
public RpcMetrics getRpcMetrics() {
|
||||
return rpcMetrics;
|
||||
}
|
||||
|
||||
/** A call queued for handling. */
|
||||
private static class Call {
|
||||
@ -877,7 +882,13 @@ public Object run() throws IOException {
|
||||
if (LOG.isDebugEnabled())
|
||||
LOG.debug("Have read input token of size " + saslToken.length
|
||||
+ " for processing by saslServer.evaluateResponse()");
|
||||
byte[] replyToken = saslServer.evaluateResponse(saslToken);
|
||||
byte[] replyToken;
|
||||
try {
|
||||
replyToken = saslServer.evaluateResponse(saslToken);
|
||||
} catch (SaslException se) {
|
||||
rpcMetrics.authenticationFailures.inc();
|
||||
throw se;
|
||||
}
|
||||
if (replyToken != null) {
|
||||
if (LOG.isDebugEnabled())
|
||||
LOG.debug("Will send token of size " + replyToken.length
|
||||
@ -1078,6 +1089,7 @@ private void processUnwrappedData(byte[] inBuf) throws IOException,
|
||||
|
||||
private void processOneRpc(byte[] buf) throws IOException,
|
||||
InterruptedException {
|
||||
rpcMetrics.authenticationSuccesses.inc();
|
||||
if (headerRead) {
|
||||
processData(buf);
|
||||
} else {
|
||||
@ -1121,7 +1133,9 @@ private boolean authorizeConnection() throws IOException {
|
||||
if (LOG.isDebugEnabled()) {
|
||||
LOG.debug("Successfully authorized " + header);
|
||||
}
|
||||
rpcMetrics.authorizationSuccesses.inc();
|
||||
} catch (AuthorizationException ae) {
|
||||
rpcMetrics.authorizationFailures.inc();
|
||||
authFailedCall.connection = this;
|
||||
setupResponse(authFailedResponse, authFailedCall, Status.FATAL, null,
|
||||
ae.getClass().getName(), ae.getMessage());
|
||||
|
@ -27,6 +27,7 @@
|
||||
import org.apache.hadoop.metrics.util.MetricsBase;
|
||||
import org.apache.hadoop.metrics.util.MetricsIntValue;
|
||||
import org.apache.hadoop.metrics.util.MetricsRegistry;
|
||||
import org.apache.hadoop.metrics.util.MetricsTimeVaryingInt;
|
||||
import org.apache.hadoop.metrics.util.MetricsTimeVaryingRate;
|
||||
|
||||
/**
|
||||
@ -79,7 +80,14 @@ public RpcMetrics(String hostName, String port, Server server) {
|
||||
new MetricsIntValue("NumOpenConnections", registry);
|
||||
public MetricsIntValue callQueueLen =
|
||||
new MetricsIntValue("callQueueLen", registry);
|
||||
|
||||
public MetricsTimeVaryingInt authenticationFailures =
|
||||
new MetricsTimeVaryingInt("rpcAuthenticationFailures", registry);
|
||||
public MetricsTimeVaryingInt authenticationSuccesses =
|
||||
new MetricsTimeVaryingInt("rpcAuthenticationSuccesses", registry);
|
||||
public MetricsTimeVaryingInt authorizationFailures =
|
||||
new MetricsTimeVaryingInt("rpcAuthorizationFailures", registry);
|
||||
public MetricsTimeVaryingInt authorizationSuccesses =
|
||||
new MetricsTimeVaryingInt("rpcAuthorizationSuccesses", registry);
|
||||
/**
|
||||
* Push the metrics to the monitoring subsystem on doUpdate() call.
|
||||
*/
|
||||
|
@ -368,6 +368,31 @@ private void doRPCs(Configuration conf, boolean expectFailure) throws Exception
|
||||
if (proxy != null) {
|
||||
RPC.stopProxy(proxy);
|
||||
}
|
||||
if (expectFailure) {
|
||||
assertTrue("Expected 1 but got " +
|
||||
server.getRpcMetrics().authorizationFailures
|
||||
.getCurrentIntervalValue(),
|
||||
server.getRpcMetrics().authorizationFailures
|
||||
.getCurrentIntervalValue() == 1);
|
||||
} else {
|
||||
assertTrue("Expected 1 but got " +
|
||||
server.getRpcMetrics().authorizationSuccesses
|
||||
.getCurrentIntervalValue(),
|
||||
server.getRpcMetrics().authorizationSuccesses
|
||||
.getCurrentIntervalValue() == 1);
|
||||
}
|
||||
//since we don't have authentication turned ON, we should see
|
||||
// >0 for the authentication successes and 0 for failure
|
||||
assertTrue("Expected 0 but got " +
|
||||
server.getRpcMetrics().authenticationFailures
|
||||
.getCurrentIntervalValue(),
|
||||
server.getRpcMetrics().authenticationFailures
|
||||
.getCurrentIntervalValue() == 0);
|
||||
assertTrue("Expected greater than 0 but got " +
|
||||
server.getRpcMetrics().authenticationSuccesses
|
||||
.getCurrentIntervalValue(),
|
||||
server.getRpcMetrics().authenticationSuccesses
|
||||
.getCurrentIntervalValue() > 0);
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user