[2/3] hadoop git commit: Revert "HADOOP-13119. Add ability to secure log servlet using proxy users. Contribute by Yuanbo Liu."
Revert "HADOOP-13119. Add ability to secure log servlet using proxy users. Contribute by Yuanbo Liu." This reverts commit b13492a0ab6e92517528d2f622591d4682071ead. Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/2b05559b Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/2b05559b Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/2b05559b Branch: refs/heads/branch-2.9 Commit: 2b05559b2e2c3f3c10c482265ad2ea604f189783 Parents: fbc76d3 Author: Konstantin V ShvachkoAuthored: Fri Mar 16 16:57:37 2018 -0700 Committer: Konstantin V Shvachko Committed: Fri Mar 16 16:59:04 2018 -0700 -- .../AuthenticationFilterInitializer.java| 9 +- .../AuthenticationWithProxyUserFilter.java | 119 - .../hadoop/http/TestHttpServerWithSpengo.java | 480 --- .../security/TestAuthenticationFilter.java | 13 +- .../TestAuthenticationWithProxyUserFilter.java | 78 --- 5 files changed, 13 insertions(+), 686 deletions(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/2b05559b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java -- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java index 65d2211..ca221f5 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java @@ -29,9 +29,8 @@ import java.util.HashMap; import java.util.Map; /** - * Initializes {@link AuthenticationWithProxyUserFilter} - * which provides support for Kerberos HTTP SPNEGO authentication - * and proxy user authentication. + * Initializes hadoop-auth AuthenticationFilter which provides support for + * Kerberos HTTP SPNEGO authentication. * * It enables anonymous access, simple/speudo and Kerberos HTTP SPNEGO * authentication for Hadoop JobTracker, NameNode, DataNodes and @@ -59,10 +58,8 @@ public class AuthenticationFilterInitializer extends FilterInitializer { public void initFilter(FilterContainer container, Configuration conf) { Map filterConfig = getFilterConfigMap(conf, PREFIX); -// extend AuthenticationFilter's feature to -// support proxy user operation. container.addFilter("authentication", -AuthenticationWithProxyUserFilter.class.getName(), +AuthenticationFilter.class.getName(), filterConfig); } http://git-wip-us.apache.org/repos/asf/hadoop/blob/2b05559b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java -- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java deleted file mode 100644 index ea9b282..000 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java +++ /dev/null @@ -1,119 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.hadoop.security; - -import org.apache.hadoop.security.authentication.server.AuthenticationFilter; -import org.apache.hadoop.security.authorize.AuthorizationException; -import org.apache.hadoop.security.authorize.ProxyUsers; -import org.apache.hadoop.util.HttpExceptionUtils; -import org.apache.http.NameValuePair; -import org.apache.http.client.utils.URLEncodedUtils; - -import javax.servlet.FilterChain; -import
[2/3] hadoop git commit: Revert "HADOOP-13119. Add ability to secure log servlet using proxy users. Contribute by Yuanbo Liu."
Revert "HADOOP-13119. Add ability to secure log servlet using proxy users. Contribute by Yuanbo Liu." This reverts commit a847903b6e64c6edb11d852b91f2c816b1253eb3. Change-Id: I3122a2142f5bdf8507dece930e447556a43cd9ae (cherry picked from commit 8fad3ec76070ccfcd3ed80feaba4355077bc6f5c) Conflicts: hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestHttpServerWithSpengo.java Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/493924de Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/493924de Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/493924de Branch: refs/heads/branch-3.0.1 Commit: 493924def8f184e74d57153afc9c22b0eeb95e9c Parents: f49b044 Author: Owen O'MalleyAuthored: Thu Mar 1 10:15:22 2018 -0800 Committer: Lei Xu Committed: Sat Mar 10 13:46:18 2018 -0800 -- .../AuthenticationFilterInitializer.java| 9 +- .../AuthenticationWithProxyUserFilter.java | 119 - .../hadoop/http/TestHttpServerWithSpengo.java | 480 --- .../security/TestAuthenticationFilter.java | 13 +- .../TestAuthenticationWithProxyUserFilter.java | 79 --- 5 files changed, 13 insertions(+), 687 deletions(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/493924de/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java -- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java index 65d2211..ca221f5 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java @@ -29,9 +29,8 @@ import java.util.HashMap; import java.util.Map; /** - * Initializes {@link AuthenticationWithProxyUserFilter} - * which provides support for Kerberos HTTP SPNEGO authentication - * and proxy user authentication. + * Initializes hadoop-auth AuthenticationFilter which provides support for + * Kerberos HTTP SPNEGO authentication. * * It enables anonymous access, simple/speudo and Kerberos HTTP SPNEGO * authentication for Hadoop JobTracker, NameNode, DataNodes and @@ -59,10 +58,8 @@ public class AuthenticationFilterInitializer extends FilterInitializer { public void initFilter(FilterContainer container, Configuration conf) { Map filterConfig = getFilterConfigMap(conf, PREFIX); -// extend AuthenticationFilter's feature to -// support proxy user operation. container.addFilter("authentication", -AuthenticationWithProxyUserFilter.class.getName(), +AuthenticationFilter.class.getName(), filterConfig); } http://git-wip-us.apache.org/repos/asf/hadoop/blob/493924de/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java -- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java deleted file mode 100644 index ea9b282..000 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java +++ /dev/null @@ -1,119 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.hadoop.security; - -import org.apache.hadoop.security.authentication.server.AuthenticationFilter; -import org.apache.hadoop.security.authorize.AuthorizationException; -import
[2/3] hadoop git commit: Revert "HADOOP-13119. Add ability to secure log servlet using proxy users. Contribute by Yuanbo Liu."
Revert "HADOOP-13119. Add ability to secure log servlet using proxy users. Contribute by Yuanbo Liu." This reverts commit a847903b6e64c6edb11d852b91f2c816b1253eb3. Change-Id: I3122a2142f5bdf8507dece930e447556a43cd9ae (cherry picked from commit 8fad3ec76070ccfcd3ed80feaba4355077bc6f5c) Conflicts: hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/http/TestHttpServerWithSpengo.java Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/0f3b6102 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/0f3b6102 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/0f3b6102 Branch: refs/heads/branch-3.0 Commit: 0f3b6102efd54f58020af601329fe70547df1120 Parents: 0f106df Author: Owen O'MalleyAuthored: Thu Mar 1 10:15:22 2018 -0800 Committer: Lei Xu Committed: Sat Mar 10 13:35:47 2018 -0800 -- .../AuthenticationFilterInitializer.java| 9 +- .../AuthenticationWithProxyUserFilter.java | 119 - .../hadoop/http/TestHttpServerWithSpengo.java | 480 --- .../security/TestAuthenticationFilter.java | 13 +- .../TestAuthenticationWithProxyUserFilter.java | 79 --- 5 files changed, 13 insertions(+), 687 deletions(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/0f3b6102/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java -- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java index 65d2211..ca221f5 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java @@ -29,9 +29,8 @@ import java.util.HashMap; import java.util.Map; /** - * Initializes {@link AuthenticationWithProxyUserFilter} - * which provides support for Kerberos HTTP SPNEGO authentication - * and proxy user authentication. + * Initializes hadoop-auth AuthenticationFilter which provides support for + * Kerberos HTTP SPNEGO authentication. * * It enables anonymous access, simple/speudo and Kerberos HTTP SPNEGO * authentication for Hadoop JobTracker, NameNode, DataNodes and @@ -59,10 +58,8 @@ public class AuthenticationFilterInitializer extends FilterInitializer { public void initFilter(FilterContainer container, Configuration conf) { Map filterConfig = getFilterConfigMap(conf, PREFIX); -// extend AuthenticationFilter's feature to -// support proxy user operation. container.addFilter("authentication", -AuthenticationWithProxyUserFilter.class.getName(), +AuthenticationFilter.class.getName(), filterConfig); } http://git-wip-us.apache.org/repos/asf/hadoop/blob/0f3b6102/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java -- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java deleted file mode 100644 index ea9b282..000 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java +++ /dev/null @@ -1,119 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.hadoop.security; - -import org.apache.hadoop.security.authentication.server.AuthenticationFilter; -import org.apache.hadoop.security.authorize.AuthorizationException; -import
[2/3] hadoop git commit: Revert "HADOOP-13119. Add ability to secure log servlet using proxy users. Contribute by Yuanbo Liu."
Revert "HADOOP-13119. Add ability to secure log servlet using proxy users. Contribute by Yuanbo Liu." This reverts commit a847903b6e64c6edb11d852b91f2c816b1253eb3. Change-Id: I3122a2142f5bdf8507dece930e447556a43cd9ae (cherry picked from commit 8fad3ec76070ccfcd3ed80feaba4355077bc6f5c) Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/4cd42192 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/4cd42192 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/4cd42192 Branch: refs/heads/branch-3.1 Commit: 4cd4219206e973a07fd454c141268f95365e293c Parents: 26540a6 Author: Owen O'MalleyAuthored: Thu Mar 1 10:15:22 2018 -0800 Committer: Wangda Tan Committed: Fri Mar 9 23:01:11 2018 -0800 -- .../AuthenticationFilterInitializer.java| 9 +- .../AuthenticationWithProxyUserFilter.java | 119 --- .../security/TestAuthenticationFilter.java | 13 +- .../TestAuthenticationWithProxyUserFilter.java | 79 4 files changed, 13 insertions(+), 207 deletions(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/4cd42192/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java -- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java index 65d2211..ca221f5 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java @@ -29,9 +29,8 @@ import java.util.HashMap; import java.util.Map; /** - * Initializes {@link AuthenticationWithProxyUserFilter} - * which provides support for Kerberos HTTP SPNEGO authentication - * and proxy user authentication. + * Initializes hadoop-auth AuthenticationFilter which provides support for + * Kerberos HTTP SPNEGO authentication. * * It enables anonymous access, simple/speudo and Kerberos HTTP SPNEGO * authentication for Hadoop JobTracker, NameNode, DataNodes and @@ -59,10 +58,8 @@ public class AuthenticationFilterInitializer extends FilterInitializer { public void initFilter(FilterContainer container, Configuration conf) { Map filterConfig = getFilterConfigMap(conf, PREFIX); -// extend AuthenticationFilter's feature to -// support proxy user operation. container.addFilter("authentication", -AuthenticationWithProxyUserFilter.class.getName(), +AuthenticationFilter.class.getName(), filterConfig); } http://git-wip-us.apache.org/repos/asf/hadoop/blob/4cd42192/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java -- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java deleted file mode 100644 index ea9b282..000 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java +++ /dev/null @@ -1,119 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.hadoop.security; - -import org.apache.hadoop.security.authentication.server.AuthenticationFilter; -import org.apache.hadoop.security.authorize.AuthorizationException; -import org.apache.hadoop.security.authorize.ProxyUsers; -import org.apache.hadoop.util.HttpExceptionUtils; -import org.apache.http.NameValuePair; -import
[2/3] hadoop git commit: Revert "HADOOP-13119. Add ability to secure log servlet using proxy users. Contribute by Yuanbo Liu."
Revert "HADOOP-13119. Add ability to secure log servlet using proxy users. Contribute by Yuanbo Liu." This reverts commit a847903b6e64c6edb11d852b91f2c816b1253eb3. Change-Id: I3122a2142f5bdf8507dece930e447556a43cd9ae (cherry picked from commit 8fad3ec76070ccfcd3ed80feaba4355077bc6f5c) Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/fa6a8b78 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/fa6a8b78 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/fa6a8b78 Branch: refs/heads/trunk Commit: fa6a8b78d481d3b4d355e1bf078f30dd5e09850d Parents: 3a8dade Author: Owen O'MalleyAuthored: Thu Mar 1 10:15:22 2018 -0800 Committer: Wangda Tan Committed: Fri Mar 9 22:46:41 2018 -0800 -- .../AuthenticationFilterInitializer.java| 9 +- .../AuthenticationWithProxyUserFilter.java | 119 - .../hadoop/http/TestHttpServerWithSpengo.java | 481 --- .../security/TestAuthenticationFilter.java | 13 +- .../TestAuthenticationWithProxyUserFilter.java | 79 --- 5 files changed, 13 insertions(+), 688 deletions(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/fa6a8b78/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java -- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java index 65d2211..ca221f5 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationFilterInitializer.java @@ -29,9 +29,8 @@ import java.util.HashMap; import java.util.Map; /** - * Initializes {@link AuthenticationWithProxyUserFilter} - * which provides support for Kerberos HTTP SPNEGO authentication - * and proxy user authentication. + * Initializes hadoop-auth AuthenticationFilter which provides support for + * Kerberos HTTP SPNEGO authentication. * * It enables anonymous access, simple/speudo and Kerberos HTTP SPNEGO * authentication for Hadoop JobTracker, NameNode, DataNodes and @@ -59,10 +58,8 @@ public class AuthenticationFilterInitializer extends FilterInitializer { public void initFilter(FilterContainer container, Configuration conf) { Map filterConfig = getFilterConfigMap(conf, PREFIX); -// extend AuthenticationFilter's feature to -// support proxy user operation. container.addFilter("authentication", -AuthenticationWithProxyUserFilter.class.getName(), +AuthenticationFilter.class.getName(), filterConfig); } http://git-wip-us.apache.org/repos/asf/hadoop/blob/fa6a8b78/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java -- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java deleted file mode 100644 index ea9b282..000 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AuthenticationWithProxyUserFilter.java +++ /dev/null @@ -1,119 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.hadoop.security; - -import org.apache.hadoop.security.authentication.server.AuthenticationFilter; -import org.apache.hadoop.security.authorize.AuthorizationException; -import org.apache.hadoop.security.authorize.ProxyUsers; -import org.apache.hadoop.util.HttpExceptionUtils; -import org.apache.http.NameValuePair;