|
|
@@ -23,20 +23,14 @@ package org.apache.hadoop.hdfs.security;
|
|
|
import java.io.ByteArrayInputStream;
|
|
|
import java.io.DataInputStream;
|
|
|
import java.io.IOException;
|
|
|
-import java.net.HttpURLConnection;
|
|
|
import java.net.InetAddress;
|
|
|
import java.net.NetworkInterface;
|
|
|
-import java.net.URL;
|
|
|
import java.security.PrivilegedExceptionAction;
|
|
|
import java.util.ArrayList;
|
|
|
import java.util.Enumeration;
|
|
|
-import java.util.Map;
|
|
|
-
|
|
|
-import javax.servlet.http.HttpServletResponse;
|
|
|
|
|
|
import org.apache.commons.logging.Log;
|
|
|
import org.apache.commons.logging.LogFactory;
|
|
|
-import org.apache.commons.logging.impl.Log4JLogger;
|
|
|
import org.apache.hadoop.conf.Configuration;
|
|
|
import org.apache.hadoop.fs.FSDataOutputStream;
|
|
|
import org.apache.hadoop.fs.FileStatus;
|
|
|
@@ -47,23 +41,17 @@ import org.apache.hadoop.hdfs.DFSConfigKeys;
|
|
|
import org.apache.hadoop.hdfs.HdfsConfiguration;
|
|
|
import org.apache.hadoop.hdfs.MiniDFSCluster;
|
|
|
import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier;
|
|
|
-import org.apache.hadoop.hdfs.server.namenode.web.resources.NamenodeWebHdfsMethods;
|
|
|
import org.apache.hadoop.hdfs.web.WebHdfsFileSystem;
|
|
|
import org.apache.hadoop.hdfs.web.WebHdfsTestUtil;
|
|
|
-import org.apache.hadoop.hdfs.web.resources.DoAsParam;
|
|
|
-import org.apache.hadoop.hdfs.web.resources.ExceptionHandler;
|
|
|
-import org.apache.hadoop.hdfs.web.resources.GetOpParam;
|
|
|
-import org.apache.hadoop.hdfs.web.resources.PostOpParam;
|
|
|
-import org.apache.hadoop.hdfs.web.resources.PutOpParam;
|
|
|
import org.apache.hadoop.security.TestDoAsEffectiveUser;
|
|
|
import org.apache.hadoop.security.UserGroupInformation;
|
|
|
import org.apache.hadoop.security.authorize.ProxyUsers;
|
|
|
import org.apache.hadoop.security.token.Token;
|
|
|
-import org.apache.log4j.Level;
|
|
|
import org.junit.AfterClass;
|
|
|
import org.junit.Assert;
|
|
|
import org.junit.BeforeClass;
|
|
|
import org.junit.Test;
|
|
|
+import org.mockito.internal.util.reflection.Whitebox;
|
|
|
|
|
|
public class TestDelegationTokenForProxyUser {
|
|
|
private static MiniDFSCluster cluster;
|
|
|
@@ -155,56 +143,26 @@ public class TestDelegationTokenForProxyUser {
|
|
|
}
|
|
|
}
|
|
|
|
|
|
- @Test(timeout=20000)
|
|
|
+ @Test(timeout=5000)
|
|
|
public void testWebHdfsDoAs() throws Exception {
|
|
|
WebHdfsTestUtil.LOG.info("START: testWebHdfsDoAs()");
|
|
|
- ((Log4JLogger)NamenodeWebHdfsMethods.LOG).getLogger().setLevel(Level.ALL);
|
|
|
- ((Log4JLogger)ExceptionHandler.LOG).getLogger().setLevel(Level.ALL);
|
|
|
WebHdfsTestUtil.LOG.info("ugi.getShortUserName()=" + ugi.getShortUserName());
|
|
|
final WebHdfsFileSystem webhdfs = WebHdfsTestUtil.getWebHdfsFileSystemAs(ugi, config);
|
|
|
|
|
|
final Path root = new Path("/");
|
|
|
cluster.getFileSystem().setPermission(root, new FsPermission((short)0777));
|
|
|
|
|
|
- {
|
|
|
- //test GETHOMEDIRECTORY with doAs
|
|
|
- final URL url = WebHdfsTestUtil.toUrl(webhdfs,
|
|
|
- GetOpParam.Op.GETHOMEDIRECTORY, root, new DoAsParam(PROXY_USER));
|
|
|
- final HttpURLConnection conn = (HttpURLConnection) url.openConnection();
|
|
|
- final Map<?, ?> m = WebHdfsTestUtil.connectAndGetJson(conn, HttpServletResponse.SC_OK);
|
|
|
- conn.disconnect();
|
|
|
-
|
|
|
- final Object responsePath = m.get(Path.class.getSimpleName());
|
|
|
- WebHdfsTestUtil.LOG.info("responsePath=" + responsePath);
|
|
|
- Assert.assertEquals("/user/" + PROXY_USER, responsePath);
|
|
|
- }
|
|
|
+ Whitebox.setInternalState(webhdfs, "ugi", proxyUgi);
|
|
|
|
|
|
{
|
|
|
- //test GETHOMEDIRECTORY with DOas
|
|
|
- final URL url = WebHdfsTestUtil.toUrl(webhdfs,
|
|
|
- GetOpParam.Op.GETHOMEDIRECTORY, root, new DoAsParam(PROXY_USER) {
|
|
|
- @Override
|
|
|
- public String getName() {
|
|
|
- return "DOas";
|
|
|
- }
|
|
|
- });
|
|
|
- final HttpURLConnection conn = (HttpURLConnection) url.openConnection();
|
|
|
- final Map<?, ?> m = WebHdfsTestUtil.connectAndGetJson(conn, HttpServletResponse.SC_OK);
|
|
|
- conn.disconnect();
|
|
|
-
|
|
|
- final Object responsePath = m.get(Path.class.getSimpleName());
|
|
|
+ Path responsePath = webhdfs.getHomeDirectory();
|
|
|
WebHdfsTestUtil.LOG.info("responsePath=" + responsePath);
|
|
|
- Assert.assertEquals("/user/" + PROXY_USER, responsePath);
|
|
|
+ Assert.assertEquals(webhdfs.getUri() + "/user/" + PROXY_USER, responsePath.toString());
|
|
|
}
|
|
|
|
|
|
final Path f = new Path("/testWebHdfsDoAs/a.txt");
|
|
|
{
|
|
|
- //test create file with doAs
|
|
|
- final PutOpParam.Op op = PutOpParam.Op.CREATE;
|
|
|
- final URL url = WebHdfsTestUtil.toUrl(webhdfs, op, f, new DoAsParam(PROXY_USER));
|
|
|
- HttpURLConnection conn = (HttpURLConnection) url.openConnection();
|
|
|
- conn = WebHdfsTestUtil.twoStepWrite(webhdfs, op, conn);
|
|
|
- final FSDataOutputStream out = WebHdfsTestUtil.write(webhdfs, op, conn, 4096);
|
|
|
+ FSDataOutputStream out = webhdfs.create(f);
|
|
|
out.write("Hello, webhdfs user!".getBytes());
|
|
|
out.close();
|
|
|
|
|
|
@@ -214,12 +172,7 @@ public class TestDelegationTokenForProxyUser {
|
|
|
}
|
|
|
|
|
|
{
|
|
|
- //test append file with doAs
|
|
|
- final PostOpParam.Op op = PostOpParam.Op.APPEND;
|
|
|
- final URL url = WebHdfsTestUtil.toUrl(webhdfs, op, f, new DoAsParam(PROXY_USER));
|
|
|
- HttpURLConnection conn = (HttpURLConnection) url.openConnection();
|
|
|
- conn = WebHdfsTestUtil.twoStepWrite(webhdfs, op, conn);
|
|
|
- final FSDataOutputStream out = WebHdfsTestUtil.write(webhdfs, op, conn, 4096);
|
|
|
+ final FSDataOutputStream out = webhdfs.append(f);
|
|
|
out.write("\nHello again!".getBytes());
|
|
|
out.close();
|
|
|
|
Jing Zhao