You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by om...@apache.org on 2011/03/04 04:52:12 UTC
svn commit: r1077210 -
/hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/security/TestDoAsEffectiveUser.java
Author: omalley
Date: Fri Mar 4 03:52:12 2011
New Revision: 1077210
URL: http://svn.apache.org/viewvc?rev=1077210&view=rev
Log:
commit 7568257ecc7b2136dff218cff7611c8f332f67d5
Author: Jitendra Nath Pandey <jitendra@sufferhome-lm.(none)>
Date: Tue Feb 23 16:58:04 2010 -0800
HADOOP-6549 from https://issues.apache.org/jira/secure/attachment/12436794/HADOOP-6549-0_20.1.patch
+++ b/YAHOO-CHANGES.txt
+ HADOOP-6549. TestDoAsEffectiveUser should use ip address of the host
+ for superuser ip check. (jitendra)
+
Modified:
hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/security/TestDoAsEffectiveUser.java
Modified: hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/security/TestDoAsEffectiveUser.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/security/TestDoAsEffectiveUser.java?rev=1077210&r1=1077209&r2=1077210&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/security/TestDoAsEffectiveUser.java (original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/security/TestDoAsEffectiveUser.java Fri Mar 4 03:52:12 2011
@@ -18,8 +18,12 @@
package org.apache.hadoop.security;
import java.io.IOException;
+import java.net.InetAddress;
import java.net.InetSocketAddress;
+import java.net.NetworkInterface;
import java.security.PrivilegedExceptionAction;
+import java.util.ArrayList;
+import java.util.Enumeration;
import junit.framework.Assert;
@@ -38,6 +42,7 @@ import org.apache.hadoop.ipc.TestSaslRPC
import org.apache.hadoop.ipc.TestSaslRPC.TestTokenSecretManager;
import org.apache.hadoop.ipc.TestSaslRPC.TestTokenIdentifier;
import org.apache.hadoop.ipc.TestSaslRPC.TestTokenSelector;
+import org.apache.commons.logging.*;
/**
*
@@ -52,7 +57,35 @@ public class TestDoAsEffectiveUser {
GROUP2_NAME };
private static final String ADDRESS = "0.0.0.0";
private TestProtocol proxy;
-
+
+ public static final Log LOG = LogFactory
+ .getLog(TestDoAsEffectiveUser.class);
+
+ private void configureSuperUserIPAddresses(Configuration conf,
+ String superUserShortName) throws IOException {
+ ArrayList<String> ipList = new ArrayList<String>();
+ Enumeration<NetworkInterface> netInterfaceList = NetworkInterface
+ .getNetworkInterfaces();
+ while (netInterfaceList.hasMoreElements()) {
+ NetworkInterface inf = netInterfaceList.nextElement();
+ Enumeration<InetAddress> addrList = inf.getInetAddresses();
+ while (addrList.hasMoreElements()) {
+ InetAddress addr = addrList.nextElement();
+ ipList.add(addr.getHostAddress());
+ }
+ }
+ StringBuilder builder = new StringBuilder();
+ for (String ip : ipList) {
+ builder.append(ip);
+ builder.append(',');
+ }
+ builder.append("127.0.1.1,");
+ builder.append(InetAddress.getLocalHost().getCanonicalHostName());
+ LOG.info("Local Ip addresses: "+builder.toString());
+ conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(superUserShortName),
+ builder.toString());
+ }
+
/**
* Test method for
* {@link org.apache.hadoop.security.UserGroupInformation#createProxyUser(java.lang.String, org.apache.hadoop.security.UserGroupInformation)}
@@ -100,8 +133,7 @@ public class TestDoAsEffectiveUser {
final Configuration conf = new Configuration();
conf.setStrings(ProxyUsers
.getProxySuperuserGroupConfKey(REAL_USER_SHORT_NAME), "group1");
- conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_SHORT_NAME),
- "127.0.0.1","127.0.1.1", "localhost");
+ configureSuperUserIPAddresses(conf, REAL_USER_SHORT_NAME);
Server server = RPC.getServer(new TestImpl(), ADDRESS,
0, 5, true, conf, null);
@@ -139,8 +171,7 @@ public class TestDoAsEffectiveUser {
@Test
public void testRealUserAuthorizationSuccess() throws IOException {
final Configuration conf = new Configuration();
- conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_SHORT_NAME),
- "127.0.0.1","127.0.1.1", "localhost");
+ configureSuperUserIPAddresses(conf, REAL_USER_SHORT_NAME);
conf.setStrings(ProxyUsers.getProxySuperuserGroupConfKey(REAL_USER_SHORT_NAME),
"group1");
Server server = RPC.getServer(new TestImpl(), ADDRESS,
@@ -264,8 +295,7 @@ public class TestDoAsEffectiveUser {
@Test
public void testRealUserGroupNotSpecified() throws IOException {
final Configuration conf = new Configuration();
- conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_SHORT_NAME),
- "127.0.0.1","127.0.1.1","localhost");
+ configureSuperUserIPAddresses(conf, REAL_USER_SHORT_NAME);
Server server = RPC.getServer(new TestImpl(), ADDRESS,
0, 2, false, conf, null);
@@ -303,8 +333,7 @@ public class TestDoAsEffectiveUser {
@Test
public void testRealUserGroupAuthorizationFailure() throws IOException {
final Configuration conf = new Configuration();
- conf.setStrings(ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_SHORT_NAME),
- "127.0.0.1","127.0.1.1","localhost");
+ configureSuperUserIPAddresses(conf, REAL_USER_SHORT_NAME);
conf.setStrings(ProxyUsers.getProxySuperuserGroupConfKey(REAL_USER_SHORT_NAME),
"group3");
Server server = RPC.getServer(new TestImpl(), ADDRESS,