[
https://issues.apache.org/jira/browse/HADOOP-19212?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17890913#comment-17890913
]
ASF GitHub Bot commented on HADOOP-19212:
-----------------------------------------
steveloughran commented on code in PR #7081:
URL: https://github.com/apache/hadoop/pull/7081#discussion_r1806337086
##########
hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/util/subject/TestSubjectAdapter.java:
##########
@@ -0,0 +1,34 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.util.subject;
+
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
+
+class TestSubjectAdapter {
+
+ @Test
+ void getSubject() {
+ // how getSubject operates depends on the JVM calling it.
+ // asserting that it does not throw is a valid test, especially on
Java 18 and above
+ // prior to Java 18, this method is just a simple wrapper
+ assertDoesNotThrow(() -> SubjectAdapter.getSubject());
Review Comment:
Use our LambdaTestUtils.intercept() here as it fails better, can validates
the type and message
##########
hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/util/subject/SubjectAdapterJava18AndAbove.java:
##########
@@ -0,0 +1,48 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.util.subject;
+
+import javax.security.auth.Subject;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+
+/**
+ * Indirectly calls Subject.current(), which exists in Java 18 and above only
+ */
+class SubjectAdapterJava18AndAbove implements HiddenSubjectAdapter {
Review Comment:
Please use our new DynMethods classes, (which we copied from parquet and
which is also found in iceberg). It fails better and as it is so common it's
good to get familiar with it
> [JDK23] org.apache.hadoop.security.UserGroupInformation use of Subject needs
> to move to replacement APIs
> --------------------------------------------------------------------------------------------------------
>
> Key: HADOOP-19212
> URL: https://issues.apache.org/jira/browse/HADOOP-19212
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: security
> Affects Versions: 3.5.0
> Reporter: Alan Bateman
> Priority: Major
> Labels: pull-request-available
>
> `javax.security.auth.Subject.getSubject` and `Subject.doAs` were deprecated
> for removal in JDK 17. The replacement APIs are `Subject.current` and
> `callAs`. See [JEP 411]([https://openjdk.org/jeps/411]) for background.
> The `Subject.getSubject` API has been "degraded" in JDK 23 to throw
> `UnsupportedOperationException` if not running with the option to allow a
> SecurityManager. In a future JDK release, the `Subject.getSubject` API will
> be degraded further to throw`UnsupportedOperationException` unconditionally.
> [renaissance/issues/439]([https://github.com/renaissance-benchmarks/renaissance/issues/439])
> is a failure with a Spark benchmark due to the code in
> `org.apache.hadoop.security.UserGroupInformation` using the deprecated
> `Subject.getSubject` method. The maintainers of this code need to migrate
> this code to the replacement APIs to ensure that this code will continue to
> work once the security manager feature is removed.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
