HADOOP-15922. Revert patch 004.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/38ea3814 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/38ea3814 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/38ea3814 Branch: refs/heads/HDFS-12943 Commit: 38ea3814bd0641d895e5d3b7415c6308e7f8491e Parents: 62f8211 Author: Eric Yang <ey...@apache.org> Authored: Fri Nov 30 12:49:46 2018 -0500 Committer: Eric Yang <ey...@apache.org> Committed: Fri Nov 30 12:49:46 2018 -0500 ---------------------------------------------------------------------- .../DelegationTokenAuthenticationFilter.java | 8 +-- .../hadoop/crypto/key/kms/server/TestKMS.java | 64 -------------------- 2 files changed, 1 insertion(+), 71 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/38ea3814/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationFilter.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationFilter.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationFilter.java index 6b3fc1d..5275526 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationFilter.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationFilter.java @@ -51,7 +51,6 @@ import javax.servlet.http.HttpServletRequestWrapper; import javax.servlet.http.HttpServletResponse; import java.io.IOException; -import java.net.URLDecoder; import java.nio.charset.Charset; import java.security.Principal; import java.util.Enumeration; @@ -231,12 +230,7 @@ public class DelegationTokenAuthenticationFilter for (NameValuePair nv : list) { if (DelegationTokenAuthenticatedURL.DO_AS. equalsIgnoreCase(nv.getName())) { - String doAsUser = nv.getValue(); - try { - doAsUser = URLDecoder.decode(nv.getValue(), UTF8_CHARSET.name()); - } finally { - return doAsUser; - } + return nv.getValue(); } } } http://git-wip-us.apache.org/repos/asf/hadoop/blob/38ea3814/hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java b/hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java index 064ae83..af59877 100644 --- a/hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java +++ b/hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java @@ -2115,70 +2115,6 @@ public class TestKMS { }); } - @Test - public void testGetDelegationTokenByProxyUser() throws Exception { - Configuration conf = new Configuration(); - conf.set("hadoop.security.authentication", "kerberos"); - UserGroupInformation.setConfiguration(conf); - final File testDir = getTestDir(); - - conf = createBaseKMSConf(testDir, conf); - conf.set("hadoop.kms.authentication.type", "kerberos"); - conf.set("hadoop.kms.authentication.kerberos.keytab", - keytab.getAbsolutePath()); - conf.set("hadoop.kms.authentication.kerberos.principal", "HTTP/localhost"); - conf.set("hadoop.kms.authentication.kerberos.name.rules", "DEFAULT"); - conf.set("hadoop.kms.proxyuser.client.users", "foo/localhost"); - conf.set("hadoop.kms.proxyuser.client.hosts", "localhost"); - conf.set(KeyAuthorizationKeyProvider.KEY_ACL + "kcc.ALL", - "foo/localhost"); - - writeConf(testDir, conf); - - runServer(null, null, testDir, new KMSCallable<Void>() { - @Override - public Void call() throws Exception { - final Configuration conf = new Configuration(); - final URI uri = createKMSUri(getKMSUrl()); - - // proxyuser client using kerberos credentials - UserGroupInformation proxyUgi = UserGroupInformation. - loginUserFromKeytabAndReturnUGI("client/host", keytab.getAbsolutePath()); - UserGroupInformation foo = UserGroupInformation.createProxyUser( - "foo/localhost", proxyUgi); - final Credentials credentials = new Credentials(); - foo.doAs(new PrivilegedExceptionAction<Void>() { - @Override - public Void run() throws Exception { - final KeyProvider kp = createProvider(uri, conf); - KeyProviderDelegationTokenExtension keyProviderDelegationTokenExtension - = KeyProviderDelegationTokenExtension - .createKeyProviderDelegationTokenExtension(kp); - keyProviderDelegationTokenExtension.addDelegationTokens("client", - credentials); - Assert.assertNotNull(kp.createKey("kcc", - new KeyProvider.Options(conf))); - return null; - } - }); - - // current user client using token credentials for proxy user - UserGroupInformation nonKerberosUgi - = UserGroupInformation.getCurrentUser(); - nonKerberosUgi.addCredentials(credentials); - nonKerberosUgi.doAs(new PrivilegedExceptionAction<Void>() { - @Override - public Void run() throws Exception { - final KeyProvider kp = createProvider(uri, conf); - Assert.assertNotNull(kp.getMetadata("kcc")); - return null; - } - }); - return null; - } - }); - } - private Configuration setupConfForKerberos(File confDir) throws Exception { final Configuration conf = createBaseKMSConf(confDir, null); conf.set("hadoop.security.authentication", "kerberos"); --------------------------------------------------------------------- To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-commits-h...@hadoop.apache.org