4 tahun lalu · 9fe779d0e2
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/ipc/Client.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/ipc/Client.java
@@ -18,6 +18,7 @@
 
				 
			
 
				 package org.apache.hadoop.ipc;
			
 
				 
			
 
				+import org.apache.hadoop.security.AccessControlException;
			
 
				 import com.google.common.annotations.VisibleForTesting;
			
 
				 import com.google.common.base.Preconditions;
			
 
				 import com.google.common.util.concurrent.ThreadFactoryBuilder;
			
@@ -848,7 +849,8 @@ public class Client implements AutoCloseable {
 
				               }
			
 
				             } else if (UserGroupInformation.isSecurityEnabled()) {
			
 
				               if (!fallbackAllowed) {
			
 
				-                throw new IOException("Server asks us to fall back to SIMPLE " +
			
 
				+                throw new AccessControlException(
			
 
				+                    "Server asks us to fall back to SIMPLE " +
			
 
				                     "auth, but this client is configured to only allow secure " +
			
 
				                     "connections.");
			
 
				               }
			
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/ipc/Server.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/ipc/Server.java
@@ -2192,7 +2192,7 @@ public abstract class Server {
 
				     private void doSaslReply(Exception ioe) throws IOException {
			
 
				       setupResponse(authFailedCall,
			
 
				           RpcStatusProto.FATAL, RpcErrorCodeProto.FATAL_UNAUTHORIZED,
			
 
				-          null, ioe.getClass().getName(), ioe.toString());
			
 
				+          null, ioe.getClass().getName(), ioe.getMessage());
			
 
				       sendResponse(authFailedCall);
			
 
				     }
			
 
				 
			
@@ -2587,8 +2587,7 @@ public abstract class Server {
 
				         final RpcCall call = new RpcCall(this, callId, retry);
			
 
				         setupResponse(call,
			
 
				             rse.getRpcStatusProto(), rse.getRpcErrorCodeProto(), null,
			
 
				-            t.getClass().getName(),
			
 
				-            t.getMessage() != null ? t.getMessage() : t.toString());
			
 
				+            t.getClass().getName(), t.getMessage());
			
 
				         sendResponse(call);
			
 
				       }
			
 
				     }
			
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/NetUtils.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/NetUtils.java
@@ -45,6 +45,7 @@ import java.util.concurrent.ConcurrentHashMap;
 
				 
			
 
				 import javax.net.SocketFactory;
			
 
				 
			
 
				+import org.apache.hadoop.security.AccessControlException;
			
 
				 import org.apache.commons.net.util.SubnetUtils;
			
 
				 import org.apache.commons.net.util.SubnetUtils.SubnetInfo;
			
 
				 import org.apache.hadoop.classification.InterfaceAudience;
			
@@ -806,6 +807,11 @@ public class NetUtils {
 
				                 + " failed on socket exception: " + exception
			
 
				                 + ";"
			
 
				                 + see("SocketException"));
			
 
				+      } else if (exception instanceof AccessControlException) {
			
 
				+        return wrapWithMessage(exception,
			
 
				+            "Call From "
			
 
				+                + localHost + " to " + destHost + ":" + destPort
			
 
				+                + " failed: " + exception.getMessage());
			
 
				       } else {
			
 
				         // Return instance of same type if Exception has a String constructor
			
 
				         return wrapWithMessage(exception,
			
--- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/ipc/TestSaslRPC.java
+++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/ipc/TestSaslRPC.java
@@ -533,13 +533,16 @@ public class TestSaslRPC extends TestRpcBase {
 
				   }
			
 
				   
			
 
				   private static Pattern BadToken =
			
 
				-      Pattern.compile(".*DIGEST-MD5: digest response format violation.*");
			
 
				+      Pattern.compile("^" + RemoteException.class.getName() +
			
 
				+          "\\("+ SaslException.class.getName() + "\\): " +
			
 
				+          "DIGEST-MD5: digest response format violation.*");
			
 
				   private static Pattern KrbFailed =
			
 
				       Pattern.compile(".*Failed on local exception:.* " +
			
 
				                       "Failed to specify server's Kerberos principal name.*");
			
 
				   private static Pattern Denied(AuthMethod method) {
			
 
				-      return Pattern.compile(".*RemoteException.*AccessControlException.*: "
			
 
				-          + method + " authentication is not enabled.*");
			
 
				+    return Pattern.compile("^" + RemoteException.class.getName() +
			
 
				+        "\\(" + AccessControlException.class.getName() + "\\): "
			
 
				+        + method + " authentication is not enabled.*");
			
 
				   }
			
 
				   private static Pattern No(AuthMethod ... method) {
			
 
				     String methods = StringUtils.join(method, ",\\s*");
			
@@ -547,10 +550,10 @@ public class TestSaslRPC extends TestRpcBase {
 
				         "Client cannot authenticate via:\\[" + methods + "\\].*");
			
 
				   }
			
 
				   private static Pattern NoTokenAuth =
			
 
				-      Pattern.compile(".*IllegalArgumentException: " +
			
 
				+      Pattern.compile("^" + IllegalArgumentException.class.getName() + ": " +
			
 
				                       "TOKEN authentication requires a secret manager");
			
 
				   private static Pattern NoFallback = 
			
 
				-      Pattern.compile(".*Failed on local exception:.* " +
			
 
				+      Pattern.compile("^" + AccessControlException.class.getName() + ":.* " +
			
 
				           "Server asks us to fall back to SIMPLE auth, " +
			
 
				           "but this client is configured to only allow secure connections.*");