11 년 전 · 34ac8a56c3
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -199,6 +199,9 @@ Release 1.3.0 - unreleased
 
				     HDFS-5944. LeaseManager:findLeaseWithPrefixPath can't handle path like /a/b/
			
 
				     and cause SecondaryNameNode failed do checkpoint (Yunjiong Zhao via brandonli)
			
 
				 
			
 
				+    HDFS-5516. WebHDFS does not require user name when anonymous http requests
			
 
				+    are disallowed. (Miodrag Radulovic via cnauroth)
			
 
				+
			
 
				 Release 1.2.2 - unreleased
			
 
				 
			
 
				   INCOMPATIBLE CHANGES
			
--- a/src/hdfs/org/apache/hadoop/hdfs/DFSConfigKeys.java
+++ b/src/hdfs/org/apache/hadoop/hdfs/DFSConfigKeys.java
@@ -282,7 +282,8 @@ public class DFSConfigKeys extends CommonConfigurationKeys {
 
				   public static final String  DFS_SECONDARY_NAMENODE_INTERNAL_SPENGO_USER_NAME_KEY = "dfs.secondary.namenode.kerberos.internal.spnego.principal";
			
 
				   public static final String  DFS_NAMENODE_NAME_CACHE_THRESHOLD_KEY = "dfs.namenode.name.cache.threshold";
			
 
				   public static final int     DFS_NAMENODE_NAME_CACHE_THRESHOLD_DEFAULT = 10;
			
 
				-  
			
 
				+
			
 
				+  public static final String  DFS_WEB_AUTHENTICATION_SIMPLE_ANONYMOUS_ALLOWED = "dfs.web.authentication.simple.anonymous.allowed";
			
 
				   public static final String  DFS_WEB_AUTHENTICATION_KERBEROS_PRINCIPAL_KEY = "dfs.web.authentication.kerberos.principal";
			
 
				   public static final String  DFS_WEB_AUTHENTICATION_KERBEROS_KEYTAB_KEY = "dfs.web.authentication.kerberos.keytab";
			
 
				   public static final String  DFS_BLOCK_LOCAL_PATH_ACCESS_USER_KEY = "dfs.block.local-path-access.user";
			
--- a/src/hdfs/org/apache/hadoop/hdfs/server/namenode/NameNode.java
+++ b/src/hdfs/org/apache/hadoop/hdfs/server/namenode/NameNode.java
@@ -502,6 +502,13 @@ public class NameNode implements ClientProtocol, DatanodeProtocol,
 
				                     DFSConfigKeys.DFS_WEB_AUTHENTICATION_KERBEROS_KEYTAB_KEY,
			
 
				                     httpKeytab);
			
 
				               }
			
 
				+              String anonymousAllowed = conf
			
 
				+                  .get(DFSConfigKeys.DFS_WEB_AUTHENTICATION_SIMPLE_ANONYMOUS_ALLOWED);
			
 
				+              if (anonymousAllowed != null && !anonymousAllowed.isEmpty()) {
			
 
				+                params.put(
			
 
				+                    DFSConfigKeys.DFS_WEB_AUTHENTICATION_SIMPLE_ANONYMOUS_ALLOWED,
			
 
				+                    anonymousAllowed);
			
 
				+              }
			
 
				               return params;
			
 
				             }
			
 
				           };
			
--- a/src/hdfs/org/apache/hadoop/hdfs/web/AuthFilter.java
+++ b/src/hdfs/org/apache/hadoop/hdfs/web/AuthFilter.java
@@ -64,8 +64,10 @@ public class AuthFilter extends AuthenticationFilter {
 
				     // set authentication type
			
 
				     p.setProperty(AUTH_TYPE, UserGroupInformation.isSecurityEnabled()?
			
 
				         KerberosAuthenticationHandler.TYPE: PseudoAuthenticationHandler.TYPE);
			
 
				-    //For Pseudo Authentication, allow anonymous.
			
 
				-    p.setProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "true");
			
 
				+    // if not set, enable anonymous for pseudo authentication
			
 
				+    if (p.getProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED) == null) {
			
 
				+      p.setProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "true");
			
 
				+    }
			
 
				     //set cookie path
			
 
				     p.setProperty(COOKIE_PATH, "/");
			
 
				     return p;
			
--- a/src/test/org/apache/hadoop/hdfs/web/TestAuthFilter.java
+++ b/src/test/org/apache/hadoop/hdfs/web/TestAuthFilter.java
@@ -75,4 +75,27 @@ public class TestAuthFilter {
 
				     Assert.assertEquals("true",
			
 
				         p.getProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED));
			
 
				   }
			
 
				+  
			
 
				+  @Test
			
 
				+  public void testGetSimpleAuthDisabledConfiguration() throws ServletException {
			
 
				+    AuthFilter filter = new AuthFilter();
			
 
				+    Map<String, String> m = new HashMap<String,String>();
			
 
				+    m.put(DFSConfigKeys.DFS_WEB_AUTHENTICATION_SIMPLE_ANONYMOUS_ALLOWED,
			
 
				+        "false");
			
 
				+    FilterConfig config = new DummyFilterConfig(m);
			
 
				+    Properties p = filter.getConfiguration("random", config);
			
 
				+    Assert.assertEquals("false",
			
 
				+        p.getProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED));
			
 
				+  }
			
 
				+  
			
 
				+  @Test
			
 
				+  public void testGetSimpleAuthDefaultConfiguration() throws ServletException {
			
 
				+    AuthFilter filter = new AuthFilter();
			
 
				+    Map<String, String> m = new HashMap<String,String>();
			
 
				+    
			
 
				+    FilterConfig config = new DummyFilterConfig(m);
			
 
				+    Properties p = filter.getConfiguration("random", config);
			
 
				+    Assert.assertEquals("true",
			
 
				+        p.getProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED));
			
 
				+  }
			
 
				 }