Home Explore Help
Register Sign In
apache
/
hadoop
mirror of https://github.com/apache/hadoop.git
2
0
Fork 1
Files Issues 0 Wiki
Browse Source

HADOOP-11083. After refactoring of HTTP proxyuser to common, doAs param is case sensitive. (tucu)

Alejandro Abdelnur 10 years ago
parent
b4ab7aa110
commit
2924de58ce
3 changed files with 22 additions and 1 deletions
Unified View Show Diff Stats
  1. 3 0
      hadoop-common-project/hadoop-common/CHANGES.txt
  2. 2 1
      hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationFilter.java
  3. 17 0
      hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/token/delegation/web/TestWebDelegationToken.java

+ 3 - 0
hadoop-common-project/hadoop-common/CHANGES.txt
View File 

@@ -457,6 +457,9 @@ Release 2.6.0 - UNRELEASED
 
     HADOOP-11085. Excessive logging by org.apache.hadoop.util.Progress when
 
     HADOOP-11085. Excessive logging by org.apache.hadoop.util.Progress when
 
     value is NaN (Mit Desai via jlowe)
 
     value is NaN (Mit Desai via jlowe)
 
 
 
+    HADOOP-11083. After refactoring of HTTP proxyuser to common, doAs param is 
+    case sensitive. (tucu)
 
+
 
 Release 2.5.1 - UNRELEASED
 
 Release 2.5.1 - UNRELEASED
 
 
 
   INCOMPATIBLE CHANGES
 
   INCOMPATIBLE CHANGES

+ 2 - 1
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationFilter.java
View File 

@@ -188,7 +188,8 @@ public class DelegationTokenAuthenticationFilter
 
         UTF8_CHARSET);
 
         UTF8_CHARSET);
 
     if (list != null) {
 
     if (list != null) {
 
       for (NameValuePair nv : list) {
 
       for (NameValuePair nv : list) {
 
-        if (DelegationTokenAuthenticatedURL.DO_AS.equals(nv.getName())) {
 
+        if (DelegationTokenAuthenticatedURL.DO_AS.
 
+            equalsIgnoreCase(nv.getName())) {
 
           return nv.getValue();
 
           return nv.getValue();
 
         }
 
         }
 
       }
 
       }

+ 17 - 0
hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/token/delegation/web/TestWebDelegationToken.java
View File 

@@ -795,6 +795,23 @@ public class TestWebDelegationToken {
 
       jetty.start();
 
       jetty.start();
 
       final URL url = new URL(getJettyURL() + "/foo/bar");
 
       final URL url = new URL(getJettyURL() + "/foo/bar");
 
 
 
+      // proxyuser using raw HTTP, verifying doAs is case insensitive
 
+      String strUrl = String.format("%s?user.name=%s&doas=%s", 
+          url.toExternalForm(), FOO_USER, OK_USER);
 
+      HttpURLConnection conn = 
+          (HttpURLConnection) new URL(strUrl).openConnection();
 
+      Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
 
+      List<String> ret = IOUtils.readLines(conn.getInputStream());
 
+      Assert.assertEquals(1, ret.size());
 
+      Assert.assertEquals(OK_USER, ret.get(0));
 
+      strUrl = String.format("%s?user.name=%s&DOAS=%s", url.toExternalForm(), 
+          FOO_USER, OK_USER);
 
+      conn = (HttpURLConnection) new URL(strUrl).openConnection();
 
+      Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
 
+      ret = IOUtils.readLines(conn.getInputStream());
 
+      Assert.assertEquals(1, ret.size());
 
+      Assert.assertEquals(OK_USER, ret.get(0));
 
+
 
       UserGroupInformation ugi = UserGroupInformation.createRemoteUser(FOO_USER);
 
       UserGroupInformation ugi = UserGroupInformation.createRemoteUser(FOO_USER);
 
       ugi.doAs(new PrivilegedExceptionAction<Void>() {
 
       ugi.doAs(new PrivilegedExceptionAction<Void>() {
 
         @Override
 
         @Override