You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by to...@apache.org on 2011/01/14 08:17:06 UTC
svn commit: r1058875 - in /hadoop/common/trunk: CHANGES.txt
src/java/org/apache/hadoop/security/UserGroupInformation.java
src/test/core/org/apache/hadoop/security/TestUserGroupInformation.java
Author: todd
Date: Fri Jan 14 07:17:06 2011
New Revision: 1058875
URL: http://svn.apache.org/viewvc?rev=1058875&view=rev
Log:
HADOOP-7101. UserGroupInformation.getCurrentUser() fails when called from non-Hadoop JAAS context. Contributed by Todd Lipcon
Modified:
hadoop/common/trunk/CHANGES.txt
hadoop/common/trunk/src/java/org/apache/hadoop/security/UserGroupInformation.java
hadoop/common/trunk/src/test/core/org/apache/hadoop/security/TestUserGroupInformation.java
Modified: hadoop/common/trunk/CHANGES.txt
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/CHANGES.txt?rev=1058875&r1=1058874&r2=1058875&view=diff
==============================================================================
--- hadoop/common/trunk/CHANGES.txt (original)
+++ hadoop/common/trunk/CHANGES.txt Fri Jan 14 07:17:06 2011
@@ -440,6 +440,9 @@ Release 0.22.0 - Unreleased
HADOOP-7093. Servlets should default to text/plain (todd)
+ HADOOP-7101. UserGroupInformation.getCurrentUser() fails when called from
+ non-Hadoop JAAS context. (todd)
+
Release 0.21.1 - Unreleased
IMPROVEMENTS
Modified: hadoop/common/trunk/src/java/org/apache/hadoop/security/UserGroupInformation.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/src/java/org/apache/hadoop/security/UserGroupInformation.java?rev=1058875&r1=1058874&r2=1058875&view=diff
==============================================================================
--- hadoop/common/trunk/src/java/org/apache/hadoop/security/UserGroupInformation.java (original)
+++ hadoop/common/trunk/src/java/org/apache/hadoop/security/UserGroupInformation.java Fri Jan 14 07:17:06 2011
@@ -468,7 +468,11 @@ public class UserGroupInformation {
public static UserGroupInformation getCurrentUser() throws IOException {
AccessControlContext context = AccessController.getContext();
Subject subject = Subject.getSubject(context);
- return subject == null ? getLoginUser() : new UserGroupInformation(subject);
+ if (subject == null || subject.getPrincipals(User.class).isEmpty()) {
+ return getLoginUser();
+ } else {
+ return new UserGroupInformation(subject);
+ }
}
/**
Modified: hadoop/common/trunk/src/test/core/org/apache/hadoop/security/TestUserGroupInformation.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/src/test/core/org/apache/hadoop/security/TestUserGroupInformation.java?rev=1058875&r1=1058874&r2=1058875&view=diff
==============================================================================
--- hadoop/common/trunk/src/test/core/org/apache/hadoop/security/TestUserGroupInformation.java (original)
+++ hadoop/common/trunk/src/test/core/org/apache/hadoop/security/TestUserGroupInformation.java Fri Jan 14 07:17:06 2011
@@ -16,11 +16,7 @@
*/
package org.apache.hadoop.security;
-import static org.junit.Assert.assertArrayEquals;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
+import static org.junit.Assert.*;
import org.mockito.Mockito;
import static org.mockito.Mockito.mock;
@@ -32,6 +28,7 @@ import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
+import javax.security.auth.Subject;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.LoginContext;
@@ -383,4 +380,22 @@ public class TestUserGroupInformation {
// for "foobar"
LoginContext login = new LoginContext("foobar-app");
}
+
+ /**
+ * Test for the case that UserGroupInformation.getCurrentUser()
+ * is called when the AccessControlContext has a Subject associated
+ * with it, but that Subject was not created by Hadoop (ie it has no
+ * associated User principal)
+ */
+ @Test
+ public void testUGIUnderNonHadoopContext() throws Exception {
+ Subject nonHadoopSubject = new Subject();
+ Subject.doAs(nonHadoopSubject, new PrivilegedExceptionAction<Void>() {
+ public Void run() throws IOException {
+ UserGroupInformation ugi = UserGroupInformation.getCurrentUser();
+ assertNotNull(ugi);
+ return null;
+ }
+ });
+ }
}