You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hbase.apache.org by ra...@apache.org on 2023/05/03 13:00:00 UTC
[hbase] branch branch-2.4 updated: HBASE-27792 Guard Master/RS Dump Servlet behind admin walls (#5217)
This is an automated email from the ASF dual-hosted git repository.
rajeshbabu pushed a commit to branch branch-2.4
in repository https://gitbox.apache.org/repos/asf/hbase.git
The following commit(s) were added to refs/heads/branch-2.4 by this push:
new d23bd5fda8c HBASE-27792 Guard Master/RS Dump Servlet behind admin walls (#5217)
d23bd5fda8c is described below
commit d23bd5fda8c4149aac5af017a853182dc3797de7
Author: Nihal Jain <ni...@gmail.com>
AuthorDate: Wed May 3 18:29:54 2023 +0530
HBASE-27792 Guard Master/RS Dump Servlet behind admin walls (#5217)
---
.../main/java/org/apache/hadoop/hbase/master/MasterDumpServlet.java | 4 ++++
.../main/java/org/apache/hadoop/hbase/regionserver/RSDumpServlet.java | 4 ++++
2 files changed, 8 insertions(+)
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/MasterDumpServlet.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/MasterDumpServlet.java
index 4ca19cfe010..5f56fa8397d 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/MasterDumpServlet.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/MasterDumpServlet.java
@@ -28,6 +28,7 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.ServerMetrics;
import org.apache.hadoop.hbase.ServerName;
+import org.apache.hadoop.hbase.http.HttpServer;
import org.apache.hadoop.hbase.master.assignment.AssignmentManager;
import org.apache.hadoop.hbase.master.assignment.RegionStateNode;
import org.apache.hadoop.hbase.monitoring.StateDumpServlet;
@@ -44,6 +45,9 @@ public class MasterDumpServlet extends StateDumpServlet {
@Override
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
+ if (!HttpServer.isInstrumentationAccessAllowed(getServletContext(), request, response)) {
+ return;
+ }
HMaster master = (HMaster) getServletContext().getAttribute(HMaster.MASTER);
assert master != null : "No Master in context!";
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/RSDumpServlet.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/RSDumpServlet.java
index be4160ab950..b07ba157b28 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/RSDumpServlet.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/RSDumpServlet.java
@@ -25,6 +25,7 @@ import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.hbase.http.HttpServer;
import org.apache.hadoop.hbase.ipc.CallQueueInfo;
import org.apache.hadoop.hbase.monitoring.StateDumpServlet;
import org.apache.hadoop.hbase.monitoring.TaskMonitor;
@@ -39,6 +40,9 @@ public class RSDumpServlet extends StateDumpServlet {
@Override
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
+ if (!HttpServer.isInstrumentationAccessAllowed(getServletContext(), request, response)) {
+ return;
+ }
HRegionServer hrs =
(HRegionServer) getServletContext().getAttribute(HRegionServer.REGIONSERVER);
assert hrs != null : "No RS in context!";