YARN-6989 Ensure timeline service v2 codebase gets UGI from HttpServletRequest 
in a consistent way. Contributed by Abhishek Modi


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/c6cc6858
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/c6cc6858
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/c6cc6858

Branch: refs/heads/branch-2-jhung-test
Commit: c6cc685881ee4e3b445116ea5a11af02ed360190
Parents: c102ebf
Author: Vrushali C <[email protected]>
Authored: Wed Oct 10 15:25:58 2018 -0700
Committer: Jonathan Hung <[email protected]>
Committed: Fri Dec 14 16:03:55 2018 -0800

----------------------------------------------------------------------
 .../reader/TimelineReaderWebServicesUtils.java  | 21 ++------------------
 ...elineReaderWhitelistAuthorizationFilter.java |  2 +-
 2 files changed, 3 insertions(+), 20 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/c6cc6858/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-timelineservice/src/main/java/org/apache/hadoop/yarn/server/timelineservice/reader/TimelineReaderWebServicesUtils.java
----------------------------------------------------------------------
diff --git 
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-timelineservice/src/main/java/org/apache/hadoop/yarn/server/timelineservice/reader/TimelineReaderWebServicesUtils.java
 
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-timelineservice/src/main/java/org/apache/hadoop/yarn/server/timelineservice/reader/TimelineReaderWebServicesUtils.java
index ae19b21..02f510a 100644
--- 
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-timelineservice/src/main/java/org/apache/hadoop/yarn/server/timelineservice/reader/TimelineReaderWebServicesUtils.java
+++ 
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-timelineservice/src/main/java/org/apache/hadoop/yarn/server/timelineservice/reader/TimelineReaderWebServicesUtils.java
@@ -269,25 +269,8 @@ public final class TimelineReaderWebServicesUtils {
    * @return UGI.
    */
   public static UserGroupInformation getUser(HttpServletRequest req) {
-    return getCallerUserGroupInformation(req, false);
-  }
-
-  /**
-   * Get UGI from the HTTP request.
-   *
-   * @param hsr HTTP request.
-   * @param usePrincipal if true, use principal name else use remote user name
-   * @return UGI.
-   */
-  public static UserGroupInformation getCallerUserGroupInformation(
-      HttpServletRequest hsr, boolean usePrincipal) {
-
-    String remoteUser = hsr.getRemoteUser();
-    if (usePrincipal) {
-      Principal princ = hsr.getUserPrincipal();
-      remoteUser = princ == null ? null : princ.getName();
-    }
-
+    Principal princ = req.getUserPrincipal();
+    String remoteUser = princ == null ? null : princ.getName();
     UserGroupInformation callerUGI = null;
     if (remoteUser != null) {
       callerUGI = UserGroupInformation.createRemoteUser(remoteUser);

http://git-wip-us.apache.org/repos/asf/hadoop/blob/c6cc6858/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-timelineservice/src/main/java/org/apache/hadoop/yarn/server/timelineservice/reader/security/TimelineReaderWhitelistAuthorizationFilter.java
----------------------------------------------------------------------
diff --git 
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-timelineservice/src/main/java/org/apache/hadoop/yarn/server/timelineservice/reader/security/TimelineReaderWhitelistAuthorizationFilter.java
 
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-timelineservice/src/main/java/org/apache/hadoop/yarn/server/timelineservice/reader/security/TimelineReaderWhitelistAuthorizationFilter.java
index d3f63e5..4ed3f23 100644
--- 
a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-timelineservice/src/main/java/org/apache/hadoop/yarn/server/timelineservice/reader/security/TimelineReaderWhitelistAuthorizationFilter.java
+++ 
b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-timelineservice/src/main/java/org/apache/hadoop/yarn/server/timelineservice/reader/security/TimelineReaderWhitelistAuthorizationFilter.java
@@ -67,7 +67,7 @@ public class TimelineReaderWhitelistAuthorizationFilter 
implements Filter {
 
     if (isWhitelistReadAuthEnabled) {
       UserGroupInformation callerUGI = TimelineReaderWebServicesUtils
-          .getCallerUserGroupInformation(httpRequest, true);
+          .getUser(httpRequest);
       if (callerUGI == null) {
         String msg = "Unable to obtain user name, user not authenticated";
         throw new AuthorizationException(msg);


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to