Author: arp
Date: Wed May 28 21:12:06 2014
New Revision: 1598140
URL: http://svn.apache.org/r1598140
Log:
HADOOP-10566. Refactor proxyservers out of ProxyUsers. (Contributed by Benoy Antony)
Added:
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ProxyServers.java
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/authorize/TestProxyServers.java
Modified:
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ProxyUsers.java
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/authorize/TestProxyUsers.java
Modified: hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt?rev=1598140&r1=1598139&r2=1598140&view=diff
==============================================================================
--- hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt (original)
+++ hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt Wed May 28 21:12:06 2014
@@ -57,6 +57,9 @@ Release 2.5.0 - UNRELEASED
HADOOP-10618. Remove SingleNodeSetup.apt.vm. (Akira Ajisaka via
Arpit Agarwal)
+ HADOOP-10566. Refactor proxyservers out of ProxyUsers. (Benoy Antony via
+ Arpit Agarwal)
+
OPTIMIZATIONS
BUG FIXES
Added: hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ProxyServers.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ProxyServers.java?rev=1598140&view=auto
==============================================================================
--- hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ProxyServers.java (added)
+++ hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ProxyServers.java Wed May 28 21:12:06 2014
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.security.authorize;
+
+import java.net.InetSocketAddress;
+import java.util.Collection;
+import java.util.HashSet;
+
+import org.apache.hadoop.conf.Configuration;
+
+public class ProxyServers {
+ public static final String CONF_HADOOP_PROXYSERVERS = "hadoop.proxyservers";
+ private static volatile Collection<String> proxyServers;
+
+ public static void refresh() {
+ refresh(new Configuration());
+ }
+
+ public static void refresh(Configuration conf){
+ Collection<String> tempServers = new HashSet<String>();
+ // trusted proxy servers such as http proxies
+ for (String host : conf.getTrimmedStrings(CONF_HADOOP_PROXYSERVERS)) {
+ InetSocketAddress addr = new InetSocketAddress(host, 0);
+ if (!addr.isUnresolved()) {
+ tempServers.add(addr.getAddress().getHostAddress());
+ }
+ }
+ proxyServers = tempServers;
+ }
+
+ public static boolean isProxyServer(String remoteAddr) {
+ if (proxyServers == null) {
+ refresh();
+ }
+ return proxyServers.contains(remoteAddr);
+ }
+}
Modified: hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ProxyUsers.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ProxyUsers.java?rev=1598140&r1=1598139&r2=1598140&view=diff
==============================================================================
--- hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ProxyUsers.java (original)
+++ hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ProxyUsers.java Wed May 28 21:12:06 2014
@@ -42,7 +42,6 @@ public class ProxyUsers {
private static final String CONF_GROUPS = ".groups";
private static final String CONF_HADOOP_PROXYUSER = "hadoop.proxyuser.";
private static final String CONF_HADOOP_PROXYUSER_RE = "hadoop\\.proxyuser\\.";
- public static final String CONF_HADOOP_PROXYSERVERS = "hadoop.proxyservers";
private static boolean init = false;
//list of users, groups and hosts per proxyuser
@@ -52,8 +51,6 @@ public class ProxyUsers {
new HashMap<String, Collection<String>>();
private static Map<String, Collection<String>> proxyHosts =
new HashMap<String, Collection<String>>();
- private static Collection<String> proxyServers =
- new HashSet<String>();
/**
* reread the conf and get new values for "hadoop.proxyuser.*.groups/users/hosts"
@@ -73,7 +70,6 @@ public class ProxyUsers {
proxyGroups.clear();
proxyHosts.clear();
proxyUsers.clear();
- proxyServers.clear();
// get all the new keys for users
String regex = CONF_HADOOP_PROXYUSER_RE+"[^.]*\\"+CONF_USERS;
@@ -98,22 +94,8 @@ public class ProxyUsers {
proxyHosts.put(entry.getKey(),
StringUtils.getTrimmedStringCollection(entry.getValue()));
}
-
- // trusted proxy servers such as http proxies
- for (String host : conf.getTrimmedStrings(CONF_HADOOP_PROXYSERVERS)) {
- InetSocketAddress addr = new InetSocketAddress(host, 0);
- if (!addr.isUnresolved()) {
- proxyServers.add(addr.getAddress().getHostAddress());
- }
- }
init = true;
- }
-
- public static synchronized boolean isProxyServer(String remoteAddr) {
- if(!init) {
- refreshSuperUserGroupsConfiguration();
- }
- return proxyServers.contains(remoteAddr);
+ ProxyServers.refresh(conf);
}
/**
Added: hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/authorize/TestProxyServers.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/authorize/TestProxyServers.java?rev=1598140&view=auto
==============================================================================
--- hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/authorize/TestProxyServers.java (added)
+++ hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/authorize/TestProxyServers.java Wed May 28 21:12:06 2014
@@ -0,0 +1,38 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.security.authorize;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.hadoop.conf.Configuration;
+import org.junit.Test;
+
+public class TestProxyServers {
+
+ @Test
+ public void testProxyServer() {
+ Configuration conf = new Configuration();
+ assertFalse(ProxyServers.isProxyServer("1.1.1.1"));
+ conf.set(ProxyServers.CONF_HADOOP_PROXYSERVERS, "2.2.2.2, 3.3.3.3");
+ ProxyUsers.refreshSuperUserGroupsConfiguration(conf);
+ assertFalse(ProxyServers.isProxyServer("1.1.1.1"));
+ assertTrue(ProxyServers.isProxyServer("2.2.2.2"));
+ assertTrue(ProxyServers.isProxyServer("3.3.3.3"));
+ }
+}
Modified: hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/authorize/TestProxyUsers.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/authorize/TestProxyUsers.java?rev=1598140&r1=1598139&r2=1598140&view=diff
==============================================================================
--- hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/authorize/TestProxyUsers.java (original)
+++ hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/authorize/TestProxyUsers.java Wed May 28 21:12:06 2014
@@ -238,17 +238,6 @@ public class TestProxyUsers {
assertEquals (1,hosts.size());
}
- @Test
- public void testProxyServer() {
- Configuration conf = new Configuration();
- assertFalse(ProxyUsers.isProxyServer("1.1.1.1"));
- conf.set(ProxyUsers.CONF_HADOOP_PROXYSERVERS, "2.2.2.2, 3.3.3.3");
- ProxyUsers.refreshSuperUserGroupsConfiguration(conf);
- assertFalse(ProxyUsers.isProxyServer("1.1.1.1"));
- assertTrue(ProxyUsers.isProxyServer("2.2.2.2"));
- assertTrue(ProxyUsers.isProxyServer("3.3.3.3"));
- }
-
private void assertNotAuthorized(UserGroupInformation proxyUgi, String host) {
try {
ProxyUsers.authorize(proxyUgi, host);