You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hbase.apache.org by ra...@apache.org on 2023/05/03 13:00:00 UTC

[hbase] branch branch-2.4 updated: HBASE-27792 Guard Master/RS Dump Servlet behind admin walls (#5217)

This is an automated email from the ASF dual-hosted git repository.

rajeshbabu pushed a commit to branch branch-2.4
in repository https://gitbox.apache.org/repos/asf/hbase.git


The following commit(s) were added to refs/heads/branch-2.4 by this push:
     new d23bd5fda8c HBASE-27792 Guard Master/RS Dump Servlet behind admin walls (#5217)
d23bd5fda8c is described below

commit d23bd5fda8c4149aac5af017a853182dc3797de7
Author: Nihal Jain <ni...@gmail.com>
AuthorDate: Wed May 3 18:29:54 2023 +0530

    HBASE-27792 Guard Master/RS Dump Servlet behind admin walls (#5217)
---
 .../main/java/org/apache/hadoop/hbase/master/MasterDumpServlet.java   | 4 ++++
 .../main/java/org/apache/hadoop/hbase/regionserver/RSDumpServlet.java | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/MasterDumpServlet.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/MasterDumpServlet.java
index 4ca19cfe010..5f56fa8397d 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/MasterDumpServlet.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/MasterDumpServlet.java
@@ -28,6 +28,7 @@ import javax.servlet.http.HttpServletResponse;
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.hbase.ServerMetrics;
 import org.apache.hadoop.hbase.ServerName;
+import org.apache.hadoop.hbase.http.HttpServer;
 import org.apache.hadoop.hbase.master.assignment.AssignmentManager;
 import org.apache.hadoop.hbase.master.assignment.RegionStateNode;
 import org.apache.hadoop.hbase.monitoring.StateDumpServlet;
@@ -44,6 +45,9 @@ public class MasterDumpServlet extends StateDumpServlet {
 
   @Override
   public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
+    if (!HttpServer.isInstrumentationAccessAllowed(getServletContext(), request, response)) {
+      return;
+    }
     HMaster master = (HMaster) getServletContext().getAttribute(HMaster.MASTER);
     assert master != null : "No Master in context!";
 
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/RSDumpServlet.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/RSDumpServlet.java
index be4160ab950..b07ba157b28 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/RSDumpServlet.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/RSDumpServlet.java
@@ -25,6 +25,7 @@ import java.util.Date;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.hbase.http.HttpServer;
 import org.apache.hadoop.hbase.ipc.CallQueueInfo;
 import org.apache.hadoop.hbase.monitoring.StateDumpServlet;
 import org.apache.hadoop.hbase.monitoring.TaskMonitor;
@@ -39,6 +40,9 @@ public class RSDumpServlet extends StateDumpServlet {
 
   @Override
   public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
+    if (!HttpServer.isInstrumentationAccessAllowed(getServletContext(), request, response)) {
+      return;
+    }
     HRegionServer hrs =
       (HRegionServer) getServletContext().getAttribute(HRegionServer.REGIONSERVER);
     assert hrs != null : "No RS in context!";