hadoop git commit: HADOOP-13174. Add more debug logs for delegation tokens and authentication.
Repository: hadoop Updated Branches: refs/heads/branch-2.8 2e63f67b4 -> 5f8ab3a6b HADOOP-13174. Add more debug logs for delegation tokens and authentication. (cherry picked from commit 4a56bde6ba1f72588a25cd96acc76089706cb786) Conflicts: hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationHandler.java (cherry picked from commit ffaf24e308506ec4c27104bf6b3769328e55c1c6) Conflicts: hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/AuthenticatedURL.java hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/5f8ab3a6 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/5f8ab3a6 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/5f8ab3a6 Branch: refs/heads/branch-2.8 Commit: 5f8ab3a6b7080991c19e1e9562f28301053680f4 Parents: 2e63f67 Author: Xiao ChenAuthored: Thu Jun 8 21:27:06 2017 -0700 Committer: Xiao Chen Committed: Mon Apr 9 12:06:45 2018 -0700 -- .../authentication/client/AuthenticatedURL.java | 1 + .../authentication/server/AuthenticationFilter.java | 12 ++-- .../authentication/server/TestAuthenticationFilter.java | 1 + .../apache/hadoop/crypto/key/kms/KMSClientProvider.java | 6 ++ .../AbstractDelegationTokenSecretManager.java | 1 + .../delegation/web/DelegationTokenAuthenticatedURL.java | 11 +++ .../web/DelegationTokenAuthenticationHandler.java | 8 .../delegation/web/DelegationTokenAuthenticator.java| 11 +++ 8 files changed, 49 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/5f8ab3a6/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/AuthenticatedURL.java -- diff --git a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/AuthenticatedURL.java b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/AuthenticatedURL.java index e772d63..d037377 100644 --- a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/AuthenticatedURL.java +++ b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/AuthenticatedURL.java @@ -388,6 +388,7 @@ public class AuthenticatedURL { // not opened via this instance. token.cookieHandler.put(null, conn.getHeaderFields()); } else { + LOG.trace("Setting token value to null ({}), resp={}", token, respCode); token.set(null); throw new AuthenticationException("Authentication failed, status: " + conn.getResponseCode() + ", message: " + conn.getResponseMessage()); http://git-wip-us.apache.org/repos/asf/hadoop/blob/5f8ab3a6/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java -- diff --git a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java index 264d991..22b5a86 100644 --- a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java +++ b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java @@ -516,6 +516,10 @@ public class AuthenticationFilter implements Filter { AuthenticationToken token; try { token = getToken(httpRequest); +if (LOG.isDebugEnabled()) { + LOG.debug("Got token {} from httpRequest {}", token, + getRequestURL(httpRequest)); +} } catch (AuthenticationException ex) { LOG.warn("AuthenticationToken ignored: " + ex.getMessage()); @@ -526,8 +530,8 @@ public class AuthenticationFilter implements Filter { if (authHandler.managementOperation(token, httpRequest, httpResponse)) { if (token == null) { if (LOG.isDebugEnabled()) { -LOG.debug("Request [{}] triggering authentication", -getRequestURL(httpRequest)); +LOG.debug("Request [{}] triggering authentication. handler: {}", +getRequestURL(httpRequest), authHandler.getClass()); } token =
hadoop git commit: HADOOP-13174. Add more debug logs for delegation tokens and authentication.
Repository: hadoop Updated Branches: refs/heads/trunk 7c9694c56 -> 020248074 HADOOP-13174. Add more debug logs for delegation tokens and authentication. Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/02024807 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/02024807 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/02024807 Branch: refs/heads/trunk Commit: 0202480742b8539aa7aa1e94dc9cab75d863cc4e Parents: 7c9694c Author: Xiao ChenAuthored: Thu Jun 8 21:27:06 2017 -0700 Committer: Xiao Chen Committed: Thu Jun 8 21:34:15 2017 -0700 -- .../authentication/client/AuthenticatedURL.java | 8 .../authentication/server/AuthenticationFilter.java | 12 ++-- .../authentication/server/TestAuthenticationFilter.java | 1 + .../apache/hadoop/crypto/key/kms/KMSClientProvider.java | 10 ++ .../AbstractDelegationTokenSecretManager.java | 1 + .../delegation/web/DelegationTokenAuthenticatedURL.java | 11 +++ .../web/DelegationTokenAuthenticationHandler.java | 8 .../delegation/web/DelegationTokenAuthenticator.java| 11 +++ 8 files changed, 60 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/02024807/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/AuthenticatedURL.java -- diff --git a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/AuthenticatedURL.java b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/AuthenticatedURL.java index 6604c3f..5696ba0 100644 --- a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/AuthenticatedURL.java +++ b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/AuthenticatedURL.java @@ -14,6 +14,8 @@ package org.apache.hadoop.security.authentication.client; import org.apache.hadoop.security.authentication.server.AuthenticationFilter; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import java.io.FileNotFoundException; import java.io.IOException; @@ -59,6 +61,8 @@ import java.util.Map; * */ public class AuthenticatedURL { + private static final Logger LOG = + LoggerFactory.getLogger(AuthenticatedURL.class); /** * Name of the HTTP cookie used for the authentication token between the client and the server. @@ -265,15 +269,19 @@ public class AuthenticatedURL { value = value.substring(0, separator); } if (value.length() > 0) { + LOG.trace("Setting token value to {} ({}), resp={}", value, + token, respCode); token.set(value); } } } } } else if (respCode == HttpURLConnection.HTTP_NOT_FOUND) { + LOG.trace("Setting token value to null ({}), resp={}", token, respCode); token.set(null); throw new FileNotFoundException(conn.getURL().toString()); } else { + LOG.trace("Setting token value to null ({}), resp={}", token, respCode); token.set(null); throw new AuthenticationException("Authentication failed" + ", URL: " + conn.getURL() + http://git-wip-us.apache.org/repos/asf/hadoop/blob/02024807/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java -- diff --git a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java index b10fc84..5aeddac 100644 --- a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java +++ b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java @@ -516,6 +516,10 @@ public class AuthenticationFilter implements Filter { AuthenticationToken token; try { token = getToken(httpRequest); +if (LOG.isDebugEnabled()) { + LOG.debug("Got token {} from httpRequest {}", token, + getRequestURL(httpRequest)); +} } catch (AuthenticationException ex) { LOG.warn("AuthenticationToken ignored: " + ex.getMessage()); @@ -526,8 +530,8 @@ public class AuthenticationFilter implements Filter { if (authHandler.managementOperation(token, httpRequest,
hadoop git commit: HADOOP-13174. Add more debug logs for delegation tokens and authentication.
Repository: hadoop Updated Branches: refs/heads/branch-2 87f4428de -> ffaf24e30 HADOOP-13174. Add more debug logs for delegation tokens and authentication. (cherry picked from commit 4a56bde6ba1f72588a25cd96acc76089706cb786) Conflicts: hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationHandler.java Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/ffaf24e3 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/ffaf24e3 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/ffaf24e3 Branch: refs/heads/branch-2 Commit: ffaf24e308506ec4c27104bf6b3769328e55c1c6 Parents: 87f4428 Author: Xiao ChenAuthored: Thu Jun 8 21:27:06 2017 -0700 Committer: Xiao Chen Committed: Thu Jun 8 21:34:09 2017 -0700 -- .../authentication/client/AuthenticatedURL.java | 8 .../authentication/server/AuthenticationFilter.java | 12 ++-- .../authentication/server/TestAuthenticationFilter.java | 1 + .../apache/hadoop/crypto/key/kms/KMSClientProvider.java | 10 ++ .../AbstractDelegationTokenSecretManager.java | 1 + .../delegation/web/DelegationTokenAuthenticatedURL.java | 11 +++ .../web/DelegationTokenAuthenticationHandler.java | 8 .../delegation/web/DelegationTokenAuthenticator.java| 11 +++ 8 files changed, 60 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/ffaf24e3/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/AuthenticatedURL.java -- diff --git a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/AuthenticatedURL.java b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/AuthenticatedURL.java index 6604c3f..5696ba0 100644 --- a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/AuthenticatedURL.java +++ b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/AuthenticatedURL.java @@ -14,6 +14,8 @@ package org.apache.hadoop.security.authentication.client; import org.apache.hadoop.security.authentication.server.AuthenticationFilter; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import java.io.FileNotFoundException; import java.io.IOException; @@ -59,6 +61,8 @@ import java.util.Map; * */ public class AuthenticatedURL { + private static final Logger LOG = + LoggerFactory.getLogger(AuthenticatedURL.class); /** * Name of the HTTP cookie used for the authentication token between the client and the server. @@ -265,15 +269,19 @@ public class AuthenticatedURL { value = value.substring(0, separator); } if (value.length() > 0) { + LOG.trace("Setting token value to {} ({}), resp={}", value, + token, respCode); token.set(value); } } } } } else if (respCode == HttpURLConnection.HTTP_NOT_FOUND) { + LOG.trace("Setting token value to null ({}), resp={}", token, respCode); token.set(null); throw new FileNotFoundException(conn.getURL().toString()); } else { + LOG.trace("Setting token value to null ({}), resp={}", token, respCode); token.set(null); throw new AuthenticationException("Authentication failed" + ", URL: " + conn.getURL() + http://git-wip-us.apache.org/repos/asf/hadoop/blob/ffaf24e3/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java -- diff --git a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java index 264d991..22b5a86 100644 --- a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java +++ b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java @@ -516,6 +516,10 @@ public class AuthenticationFilter implements Filter { AuthenticationToken token; try { token = getToken(httpRequest); +if (LOG.isDebugEnabled()) { + LOG.debug("Got token {} from httpRequest {}", token, + getRequestURL(httpRequest)); +} } catch