Author: eli
Date: Wed Jul 18 05:18:27 2012
New Revision: 1362767
URL: http://svn.apache.org/viewvc?rev=1362767&view=rev
Log:
Revert HDFS-3639. JspHelper#getUGI should always verify the token if security
is enabled.
Modified:
hadoop/common/branches/branch-2.1.0-alpha/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
hadoop/common/branches/branch-2.1.0-alpha/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/common/JspHelper.java
Modified:
hadoop/common/branches/branch-2.1.0-alpha/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/branch-2.1.0-alpha/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt?rev=1362767&r1=1362766&r2=1362767&view=diff
==============================================================================
---
hadoop/common/branches/branch-2.1.0-alpha/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
(original)
+++
hadoop/common/branches/branch-2.1.0-alpha/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
Wed Jul 18 05:18:27 2012
@@ -337,9 +337,6 @@ Release 2.0.1-alpha - UNRELEASED
HDFS-3615. Two BlockTokenSecretManager findbugs warnings. (atm)
- HDFS-3639. JspHelper#getUGI should always verify the token if
- security is enabled. (eli)
-
HDFS-470. libhdfs should handle 0-length reads from FSInputStream
correctly. (Colin Patrick McCabe via eli)
Modified:
hadoop/common/branches/branch-2.1.0-alpha/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/common/JspHelper.java
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/branch-2.1.0-alpha/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/common/JspHelper.java?rev=1362767&r1=1362766&r2=1362767&view=diff
==============================================================================
---
hadoop/common/branches/branch-2.1.0-alpha/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/common/JspHelper.java
(original)
+++
hadoop/common/branches/branch-2.1.0-alpha/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/common/JspHelper.java
Wed Jul 18 05:18:27 2012
@@ -44,6 +44,7 @@ import org.apache.hadoop.conf.Configurat
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.hdfs.BlockReader;
import org.apache.hadoop.hdfs.BlockReaderFactory;
+import org.apache.hadoop.hdfs.DFSConfigKeys;
import org.apache.hadoop.hdfs.DFSUtil;
import org.apache.hadoop.hdfs.protocol.DatanodeInfo;
import org.apache.hadoop.hdfs.protocol.ExtendedBlock;
@@ -58,6 +59,7 @@ import org.apache.hadoop.hdfs.web.resour
import org.apache.hadoop.hdfs.web.resources.DoAsParam;
import org.apache.hadoop.hdfs.web.resources.UserParam;
import org.apache.hadoop.http.HtmlQuoting;
+import org.apache.hadoop.io.Text;
import org.apache.hadoop.net.NetUtils;
import org.apache.hadoop.security.AccessControlException;
import org.apache.hadoop.security.SecurityUtil;
@@ -557,8 +559,13 @@ public class JspHelper {
DataInputStream in = new DataInputStream(buf);
DelegationTokenIdentifier id = new DelegationTokenIdentifier();
id.readFields(in);
- final NameNode nn = NameNodeHttpServer.getNameNodeFromContext(context);
- nn.getNamesystem().verifyToken(id, token.getPassword());
+ if (context != null) {
+ final NameNode nn =
NameNodeHttpServer.getNameNodeFromContext(context);
+ if (nn != null) {
+ // Verify the token.
+ nn.getNamesystem().verifyToken(id, token.getPassword());
+ }
+ }
ugi = id.getUser();
if (ugi.getRealUser() == null) {
//non-proxy case
