Domů Procházet Nápověda
Registrovat se Přihlásit se
liuzhangxing
/
hadoop
rozštěpen z apache/hadoop
1
0
Rozštěpit 0
Soubory
Procházet zdrojové kódy

HDFS-14835. RBF: Secured Router should not run when it can't initialize DelegationTokenSecretManager. (#1414)

Takanobu Asanuma před 5 roky
rodič
f8f8598ea5
revize
524b553a5f
2 změnil soubory, kde provedl 19 přidání a 2 odebrání
Rozdělené zobrazení Ukázat statistiku rozdílových dat
  1. 4 1
      hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/security/RouterSecurityManager.java
  2. 15 1
      hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/hdfs/server/federation/security/TestRouterSecurityManager.java

+ 4 - 1
hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/security/RouterSecurityManager.java
Zobrazit soubor 

@@ -51,13 +51,16 @@ public class RouterSecurityManager {
 
   private AbstractDelegationTokenSecretManager<DelegationTokenIdentifier>
 
       dtSecretManager = null;
 
 
-  public RouterSecurityManager(Configuration conf) {
 
+  public RouterSecurityManager(Configuration conf) throws IOException {
 
     AuthenticationMethod authMethodConfigured =
 
         SecurityUtil.getAuthenticationMethod(conf);
 
     AuthenticationMethod authMethodToInit =
 
         AuthenticationMethod.KERBEROS;
 
     if (authMethodConfigured.equals(authMethodToInit)) {
 
       this.dtSecretManager = FederationUtil.newSecretManager(conf);
 
+      if (this.dtSecretManager == null) {
 
+        throw new IOException("Failed to create SecretManager");
 
+      }
 
     }
 
   }

+ 15 - 1
hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/hdfs/server/federation/security/TestRouterSecurityManager.java
Zobrazit soubor 

@@ -26,17 +26,20 @@ import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifie
 
 import org.apache.hadoop.hdfs.server.federation.RouterConfigBuilder;
 
 import org.apache.hadoop.hdfs.server.federation.router.security.RouterSecurityManager;
 
 import org.apache.hadoop.hdfs.server.federation.router.Router;
 
+import org.apache.hadoop.hdfs.server.federation.router.security.token.ZKDelegationTokenSecretManagerImpl;
 
 import org.apache.hadoop.io.Text;
 
 import org.apache.hadoop.security.Credentials;
 
 import org.apache.hadoop.security.UserGroupInformation;
 
 import org.apache.hadoop.security.token.SecretManager;
 
 import org.apache.hadoop.security.token.Token;
 
 import org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager;
 
+import org.apache.hadoop.service.ServiceStateException;
 
 import org.junit.rules.ExpectedException;
 
 import org.junit.BeforeClass;
 
 import org.junit.Rule;
 
 import org.junit.Test;
 
 
+import static org.apache.hadoop.test.LambdaTestUtils.intercept;
 
 import static org.junit.Assert.assertTrue;
 
 import static org.junit.Assert.assertFalse;
 
 import static org.junit.Assert.assertNotNull;
 
@@ -77,7 +80,7 @@ public class TestRouterSecurityManager {
 
   public ExpectedException exceptionRule = ExpectedException.none();
 
 
   @Test
 
-  public void testCreateSecretManagerUsingReflection() {
 
+  public void testCreateSecretManagerUsingReflection() throws IOException {
 
     Configuration conf = new HdfsConfiguration();
 
     conf.set(
 
         DFS_ROUTER_DELEGATION_TOKEN_DRIVER_CLASS,
 
@@ -187,4 +190,15 @@ public class TestRouterSecurityManager {
 
     String[] groupsForTesting = {"router_group"};
 
     return groupsForTesting;
 
   }
 
+
 
+  @Test
 
+  public void testWithoutSecretManager() throws Exception {
 
+    Configuration conf = initSecurity();
 
+    conf.set(DFS_ROUTER_DELEGATION_TOKEN_DRIVER_CLASS,
 
+        ZKDelegationTokenSecretManagerImpl.class.getName());
 
+    Router router = new Router();
 
+    // router will throw an exception since zookeeper isn't running
 
+    intercept(ServiceStateException.class, "Failed to create SecretManager",
 
+        () -> router.init(conf));
 
+  }
 
 }