Home Explore Help
Sign In
apache
/
hadoop
mirror of https://github.com/apache/hadoop.git
2
0
Fork 1
Files Issues 0 Wiki
Browse Source

HADOOP-7101. UserGroupInformation.getCurrentUser() fails when called from non-Hadoop JAAS context. Backported by Suresh Srinivas.

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-1@1455953 13f79535-47bb-0310-9956-ffa450edef68
Suresh Srinivas 12 years ago
parent
be8571b7b1
commit
b3cf3618fb
3 changed files with 28 additions and 7 deletions
Split View Show Diff Stats
  1. 3 0
      CHANGES.txt
  2. 5 1
      src/core/org/apache/hadoop/security/UserGroupInformation.java
  3. 20 6
      src/test/org/apache/hadoop/security/TestUserGroupInformation.java

+ 3 - 0
CHANGES.txt
View File 

@@ -536,6 +536,9 @@ Release 1.2.0 - unreleased
 
     HADOOP-9379. capture the ulimit info after printing the log to the console.
 
     (Arpit Gupta via suresh)
 
 
+    HADOOP-7101. UserGroupInformation.getCurrentUser() fails when called from
 
+    non-Hadoop JAAS context. (todd, backported by suresh)
 
+
 
 Release 1.1.2 - 2013.01.30
 
 
   INCOMPATIBLE CHANGES

+ 5 - 1
src/core/org/apache/hadoop/security/UserGroupInformation.java
View File 

@@ -465,7 +465,11 @@ public class UserGroupInformation {
 
   static UserGroupInformation getCurrentUser() throws IOException {
 
     AccessControlContext context = AccessController.getContext();
 
     Subject subject = Subject.getSubject(context);
 
-    return subject == null ? getLoginUser() : new UserGroupInformation(subject);
 
+    if (subject == null || subject.getPrincipals(User.class).isEmpty()) {
 
+      return getLoginUser();
 
+    } else {
 
+      return new UserGroupInformation(subject);
 
+    }
 
   }
 
 
   /**

+ 20 - 6
src/test/org/apache/hadoop/security/TestUserGroupInformation.java
View File 

@@ -16,12 +16,7 @@
 
  */
 
 package org.apache.hadoop.security;
 
 
-import static org.junit.Assert.assertArrayEquals;
 
-import static org.junit.Assert.assertEquals;
 
-import static org.junit.Assert.assertFalse;
 
-import static org.junit.Assert.assertTrue;
 
-import static org.junit.Assert.fail;
 
-
 
+import static org.junit.Assert.*;
 
 import static org.mockito.Mockito.mock;
 
 
 import java.io.BufferedReader;
 
@@ -32,6 +27,7 @@ import java.util.Collection;
 
 import java.util.LinkedHashSet;
 
 import java.util.Set;
 
 
+import javax.security.auth.Subject;
 
 import javax.security.auth.login.AppConfigurationEntry;
 
 
 import junit.framework.Assert;
 
@@ -339,4 +335,22 @@ public class TestUserGroupInformation {
 
       assertGaugeGt("loginFailure_avg_time", 0, rb);
 
     }
 
   }
 
+
 
+  /**
 
+   * Test for the case that UserGroupInformation.getCurrentUser()
 
+   * is called when the AccessControlContext has a Subject associated
 
+   * with it, but that Subject was not created by Hadoop (ie it has no
 
+   * associated User principal)
 
+   */
 
+  @Test
 
+  public void testUGIUnderNonHadoopContext() throws Exception {
 
+    Subject nonHadoopSubject = new Subject();
 
+    Subject.doAs(nonHadoopSubject, new PrivilegedExceptionAction<Void>() {
 
+        public Void run() throws IOException {
 
+          UserGroupInformation ugi = UserGroupInformation.getCurrentUser();
 
+          assertNotNull(ugi);
 
+          return null;
 
+        }
 
+      });
 
+  }
 
 }