[hbase] branch master updated: HBASE-27792 Guard Master/RS Dump Servlet behind admin walls (#5176)

[rajeshbabu]

This is an automated email from the ASF dual-hosted git repository.

rajeshbabu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hbase.git


The following commit(s) were added to refs/heads/master by this push:
     new a1f2b4e1d0a HBASE-27792 Guard Master/RS Dump Servlet behind admin 
walls (#5176)
a1f2b4e1d0a is described below

commit a1f2b4e1d0a4d8adf8ab3c4d5e7ff600bbbb3e76
Author: Nihal Jain <nihaljain...@gmail.com>
AuthorDate: Tue Apr 25 09:42:01 2023 +0530

    HBASE-27792 Guard Master/RS Dump Servlet behind admin walls (#5176)
---
 .../java/org/apache/hadoop/hbase/master/http/MasterDumpServlet.java   | 4 ++++
 .../java/org/apache/hadoop/hbase/regionserver/http/RSDumpServlet.java | 4 ++++
 2 files changed, 8 insertions(+)

diff --git 
a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/http/MasterDumpServlet.java
 
b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/http/MasterDumpServlet.java
index 4a822593ea7..402c248072f 100644
--- 
a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/http/MasterDumpServlet.java
+++ 
b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/http/MasterDumpServlet.java
@@ -28,6 +28,7 @@ import javax.servlet.http.HttpServletResponse;
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.hbase.ServerMetrics;
 import org.apache.hadoop.hbase.ServerName;
+import org.apache.hadoop.hbase.http.HttpServer;
 import org.apache.hadoop.hbase.master.HMaster;
 import org.apache.hadoop.hbase.master.ServerManager;
 import org.apache.hadoop.hbase.master.assignment.AssignmentManager;
@@ -45,6 +46,9 @@ public class MasterDumpServlet extends StateDumpServlet {
 
   @Override
   public void doGet(HttpServletRequest request, HttpServletResponse response) 
throws IOException {
+    if (!HttpServer.isInstrumentationAccessAllowed(getServletContext(), 
request, response)) {
+      return;
+    }
     HMaster master = (HMaster) 
getServletContext().getAttribute(HMaster.MASTER);
     assert master != null : "No Master in context!";
 
diff --git 
a/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/http/RSDumpServlet.java
 
b/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/http/RSDumpServlet.java
index fe9e41a960c..4c98c08b072 100644
--- 
a/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/http/RSDumpServlet.java
+++ 
b/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/http/RSDumpServlet.java
@@ -25,6 +25,7 @@ import java.util.Date;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.hbase.http.HttpServer;
 import org.apache.hadoop.hbase.ipc.CallQueueInfo;
 import org.apache.hadoop.hbase.monitoring.StateDumpServlet;
 import org.apache.hadoop.hbase.monitoring.TaskMonitor;
@@ -42,6 +43,9 @@ public class RSDumpServlet extends StateDumpServlet {
 
   @Override
   public void doGet(HttpServletRequest request, HttpServletResponse response) 
throws IOException {
+    if (!HttpServer.isInstrumentationAccessAllowed(getServletContext(), 
request, response)) {
+      return;
+    }
     HRegionServer hrs =
       (HRegionServer) 
getServletContext().getAttribute(HRegionServer.REGIONSERVER);
     assert hrs != null : "No RS in context!";