Author: tucu
Date: Fri Apr 6 08:48:09 2012
New Revision: 1310238
URL: http://svn.apache.org/viewvc?rev=1310238&view=rev
Log:
Merge -r 1310234:1310235 from trunk to branch. FIXES: HADOOP-8249
Modified:
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt
Modified:
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java?rev=1310238&r1=1310237&r2=1310238&view=diff
==============================================================================
---
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
(original)
+++
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
Fri Apr 6 08:48:09 2012
@@ -331,7 +331,14 @@ public class AuthenticationFilter implem
HttpServletResponse httpResponse = (HttpServletResponse) response;
try {
boolean newToken = false;
- AuthenticationToken token = getToken(httpRequest);
+ AuthenticationToken token;
+ try {
+ token = getToken(httpRequest);
+ }
+ catch (AuthenticationException ex) {
+ LOG.warn("AuthenticationToken ignored: " + ex.getMessage());
+ token = null;
+ }
if (token == null) {
if (LOG.isDebugEnabled()) {
LOG.debug("Request [{}] triggering authentication",
getRequestURL(httpRequest));
@@ -371,6 +378,9 @@ public class AuthenticationFilter implem
}
filterChain.doFilter(httpRequest, httpResponse);
}
+ else {
+ throw new AuthenticationException("Missing AuthenticationToken");
+ }
} catch (AuthenticationException ex) {
if (!httpResponse.isCommitted()) {
Cookie cookie = createCookie("");
Modified:
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java?rev=1310238&r1=1310237&r2=1310238&view=diff
==============================================================================
---
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
(original)
+++
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
Fri Apr 6 08:48:09 2012
@@ -349,7 +349,7 @@ public class TestAuthenticationFilter ex
}
}
- private void _testDoFilterAuthentication(boolean withDomainPath) throws
Exception {
+ private void _testDoFilterAuthentication(boolean withDomainPath, boolean
invalidToken) throws Exception {
AuthenticationFilter filter = new AuthenticationFilter();
try {
FilterConfig config = Mockito.mock(FilterConfig.class);
@@ -380,6 +380,12 @@ public class TestAuthenticationFilter ex
Mockito.when(request.getRequestURL()).thenReturn(new
StringBuffer("http://foo:8080/bar";));
Mockito.when(request.getQueryString()).thenReturn("authenticated=true");
+ if (invalidToken) {
+ Mockito.when(request.getCookies()).thenReturn(
+ new Cookie[] { new Cookie(AuthenticatedURL.AUTH_COOKIE, "foo")}
+ );
+ }
+
HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
FilterChain chain = Mockito.mock(FilterChain.class);
@@ -437,11 +443,15 @@ public class TestAuthenticationFilter ex
}
public void testDoFilterAuthentication() throws Exception {
- _testDoFilterAuthentication(false);
+ _testDoFilterAuthentication(false, false);
+ }
+
+ public void testDoFilterAuthenticationWithInvalidToken() throws Exception {
+ _testDoFilterAuthentication(false, true);
}
public void testDoFilterAuthenticationWithDomainPath() throws Exception {
- _testDoFilterAuthentication(true);
+ _testDoFilterAuthentication(true, false);
}
public void testDoFilterAuthenticated() throws Exception {
Modified:
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt?rev=1310238&r1=1310237&r2=1310238&view=diff
==============================================================================
---
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt
(original)
+++
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt
Fri Apr 6 08:48:09 2012
@@ -219,6 +219,9 @@ Release 2.0.0 - UNRELEASED
HADOOP-8251. Fix SecurityUtil.fetchServiceTicket after HADOOP-6941 (todd)
+ HADOOP-8249. invalid hadoop-auth cookies should trigger authentication
+ if info is avail before returning HTTP 401 (tucu)
+
BREAKDOWN OF HADOOP-7454 SUBTASKS
HADOOP-7455. HA: Introduce HA Service Protocol Interface. (suresh)
