You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hbase.apache.org by st...@apache.org on 2011/12/19 17:26:22 UTC
svn commit: r1220829 - in
/hbase/trunk/src/main/java/org/apache/hadoop/hbase: rest/Main.java
thrift/ThriftServer.java util/Strings.java
Author: stack
Date: Mon Dec 19 16:26:22 2011
New Revision: 1220829
URL: http://svn.apache.org/viewvc?rev=1220829&view=rev
Log:
HBASE-5062 Missing logons if security is enabled
Modified:
hbase/trunk/src/main/java/org/apache/hadoop/hbase/rest/Main.java
hbase/trunk/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServer.java
hbase/trunk/src/main/java/org/apache/hadoop/hbase/util/Strings.java
Modified: hbase/trunk/src/main/java/org/apache/hadoop/hbase/rest/Main.java
URL: http://svn.apache.org/viewvc/hbase/trunk/src/main/java/org/apache/hadoop/hbase/rest/Main.java?rev=1220829&r1=1220828&r2=1220829&view=diff
==============================================================================
--- hbase/trunk/src/main/java/org/apache/hadoop/hbase/rest/Main.java (original)
+++ hbase/trunk/src/main/java/org/apache/hadoop/hbase/rest/Main.java Mon Dec 19 16:26:22 2011
@@ -31,7 +31,10 @@ import org.apache.commons.logging.LogFac
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HBaseConfiguration;
import org.apache.hadoop.hbase.rest.filter.GzipFilter;
+import org.apache.hadoop.hbase.security.User;
+import org.apache.hadoop.hbase.util.Strings;
import org.apache.hadoop.hbase.util.VersionInfo;
+import org.apache.hadoop.net.DNS;
import java.util.List;
import java.util.ArrayList;
@@ -137,6 +140,16 @@ public class Main implements Constants {
context.addServlet(sh, "/*");
context.addFilter(GzipFilter.class, "/*", 0);
+ // login the server principal (if using secure Hadoop)
+ if (User.isSecurityEnabled() && User.isHBaseSecurityEnabled(conf)) {
+ String machineName = Strings.domainNamePointerToHostName(
+ DNS.getDefaultHost(conf.get("hbase.rest.dns.interface", "default"),
+ conf.get("hbase.rest.dns.nameserver", "default")));
+ User.login(conf, "hbase.rest.keytab.file", "hbase.rest.kerberos.principal",
+ machineName);
+ }
+
+ // start server
server.start();
server.join();
}
Modified: hbase/trunk/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServer.java
URL: http://svn.apache.org/viewvc/hbase/trunk/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServer.java?rev=1220829&r1=1220828&r2=1220829&view=diff
==============================================================================
--- hbase/trunk/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServer.java (original)
+++ hbase/trunk/src/main/java/org/apache/hadoop/hbase/thrift/ThriftServer.java Mon Dec 19 16:26:22 2011
@@ -58,6 +58,9 @@ import org.apache.hadoop.hbase.client.Re
import org.apache.hadoop.hbase.client.Scan;
import org.apache.hadoop.hbase.filter.Filter;
import org.apache.hadoop.hbase.filter.ParseFilter;
+import org.apache.hadoop.hbase.security.User;
+import org.apache.hadoop.hbase.util.Strings;
+import org.apache.hadoop.net.DNS;
import org.apache.hadoop.hbase.filter.PrefixFilter;
import org.apache.hadoop.hbase.filter.WhileMatchFilter;
import org.apache.hadoop.hbase.thrift.generated.AlreadyExists;
@@ -1241,6 +1244,16 @@ public class ThriftServer {
server.getClass().getName());
}
+ // login the server principal (if using secure Hadoop)
+ Configuration conf = handler.conf;
+ if (User.isSecurityEnabled() && User.isHBaseSecurityEnabled(conf)) {
+ String machineName = Strings.domainNamePointerToHostName(
+ DNS.getDefaultHost(conf.get("hbase.thrift.dns.interface", "default"),
+ conf.get("hbase.thrift.dns.nameserver", "default")));
+ User.login(conf, "hbase.thrift.keytab.file", "hbase.thrift.kerberos.principal",
+ machineName);
+ }
+
server.serve();
}
Modified: hbase/trunk/src/main/java/org/apache/hadoop/hbase/util/Strings.java
URL: http://svn.apache.org/viewvc/hbase/trunk/src/main/java/org/apache/hadoop/hbase/util/Strings.java?rev=1220829&r1=1220828&r2=1220829&view=diff
==============================================================================
--- hbase/trunk/src/main/java/org/apache/hadoop/hbase/util/Strings.java (original)
+++ hbase/trunk/src/main/java/org/apache/hadoop/hbase/util/Strings.java Mon Dec 19 16:26:22 2011
@@ -58,4 +58,18 @@ public class Strings {
}
return sb.append(key).append(separator).append(value);
}
+
+ /**
+ * Given a PTR string generated via reverse DNS lookup, return everything
+ * except the trailing period. Example for host.example.com., return
+ * host.example.com
+ * @param dnPtr a domain name pointer (PTR) string.
+ * @return Sanitized hostname with last period stripped off.
+ *
+ */
+ public static String domainNamePointerToHostName(String dnPtr) {
+ if (dnPtr == null)
+ return null;
+ return dnPtr.endsWith(".") ? dnPtr.substring(0, dnPtr.length()-1) : dnPtr;
+ }
}
\ No newline at end of file