Author: jitendra
Date: Wed Nov 2 21:31:38 2011
New Revision: 1196812
URL: http://svn.apache.org/viewvc?rev=1196812&view=rev
Log:
Merged r1196434 and r1196386 from trunk for HADOOP-7792 and HDFS-2416.
Modified:
hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/CHANGES.txt
hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/token/delegation/TestDelegationToken.java
Modified:
hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/CHANGES.txt
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/CHANGES.txt?rev=1196812&r1=1196811&r2=1196812&view=diff
==============================================================================
---
hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/CHANGES.txt
(original)
+++
hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/CHANGES.txt
Wed Nov 2 21:31:38 2011
@@ -441,6 +441,9 @@ Release 0.23.0 - 2011-11-01
HADOOP-7789. Improvements to site navigation. (acmurthy)
+ HADOOP-7792. Add verifyToken method to
AbstractDelegationTokenSecretManager.
+ (jitendra)
+
OPTIMIZATIONS
HADOOP-7333. Performance improvement in PureJavaCrc32. (Eric Caspole
Modified:
hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java?rev=1196812&r1=1196811&r2=1196812&view=diff
==============================================================================
---
hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
(original)
+++
hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
Wed Nov 2 21:31:38 2011
@@ -210,6 +210,21 @@ extends AbstractDelegationTokenIdentifie
}
/**
+ * Verifies that the given identifier and password are valid and match.
+ * @param identifier Token identifier.
+ * @param password Password in the token.
+ * @throws InvalidToken
+ */
+ public synchronized void verifyToken(TokenIdent identifier, byte[] password)
+ throws InvalidToken {
+ byte[] storedPassword = retrievePassword(identifier);
+ if (!Arrays.equals(password, storedPassword)) {
+ throw new InvalidToken("token (" + identifier
+ + ") is invalid, password doesn't match");
+ }
+ }
+
+ /**
* Renew a delegation token.
* @param token the token to renew
* @param renewer the full principal name of the user doing the renewal
Modified:
hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/token/delegation/TestDelegationToken.java
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/token/delegation/TestDelegationToken.java?rev=1196812&r1=1196811&r2=1196812&view=diff
==============================================================================
---
hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/token/delegation/TestDelegationToken.java
(original)
+++
hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/token/delegation/TestDelegationToken.java
Wed Nov 2 21:31:38 2011
@@ -360,6 +360,8 @@ public class TestDelegationToken {
byte[] storedPassword = dtSecretManager.retrievePassword(id);
byte[] password = dtSecretManager.createPassword(id, key);
Assert.assertTrue(Arrays.equals(password, storedPassword));
+ //verify by secret manager api
+ dtSecretManager.verifyToken(id, password);
}
} finally {
dtSecretManager.stopThreads();