You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by om...@apache.org on 2011/03/04 04:51:03 UTC
svn commit: r1077198 - in /hadoop/common/branches/branch-0.20-security-patches/src: core/org/apache/hadoop/ipc/Server.java core/org/apache/hadoop/ipc/metrics/RpcMetrics.java test/org/apache/hadoop/ipc/TestRPC.java

Author: omalley
Date: Fri Mar  4 03:51:03 2011
New Revision: 1077198

URL: http://svn.apache.org/viewvc?rev=1077198&view=rev
Log:
commit 0f10509ebda95a724ca24bce13dec0965ced6d37
Author: Devaraj Das <dd...@yahoo-inc.com>
Date:   Mon Feb 22 15:21:20 2010 -0800

    HADOOP:6583 from https://issues.apache.org/jira/secure/attachment/12436643/6583-bp20.patch
    
    +++ b/YAHOO-CHANGES.txt
    +    HADOOP-6583. Captures authentication and authorization metrics. (ddas)
    +

Modified:
    hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/Server.java
    hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/metrics/RpcMetrics.java
    hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/ipc/TestRPC.java

Modified: hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/Server.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/Server.java?rev=1077198&r1=1077197&r2=1077198&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/Server.java (original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/Server.java Fri Mar  4 03:51:03 2011
@@ -222,6 +222,11 @@ public abstract class Server {
       }
     }
   }
+  
+  /*Returns a handle to the rpcMetrics (required in tests)*/
+  public RpcMetrics getRpcMetrics() {
+    return rpcMetrics;
+  }
 
   /** A call queued for handling. */
   private static class Call {
@@ -876,7 +881,13 @@ public abstract class Server {
         if (LOG.isDebugEnabled())
           LOG.debug("Have read input token of size " + saslToken.length
               + " for processing by saslServer.evaluateResponse()");
-        byte[] replyToken = saslServer.evaluateResponse(saslToken);
+        byte[] replyToken;
+        try {
+          replyToken = saslServer.evaluateResponse(saslToken);
+        } catch (SaslException se) {
+          rpcMetrics.authenticationFailures.inc();
+          throw se;
+        }
         if (replyToken != null) {
           if (LOG.isDebugEnabled())
             LOG.debug("Will send token of size " + replyToken.length
@@ -1077,6 +1088,7 @@ public abstract class Server {
     
     private void processOneRpc(byte[] buf) throws IOException,
         InterruptedException {
+      rpcMetrics.authenticationSuccesses.inc();
       if (headerRead) {
         processData(buf);
       } else {
@@ -1120,7 +1132,9 @@ public abstract class Server {
         if (LOG.isDebugEnabled()) {
           LOG.debug("Successfully authorized " + header);
         }
+        rpcMetrics.authorizationSuccesses.inc();
       } catch (AuthorizationException ae) {
+        rpcMetrics.authorizationFailures.inc();
         authFailedCall.connection = this;
         setupResponse(authFailedResponse, authFailedCall, Status.FATAL, null,
             ae.getClass().getName(), ae.getMessage());

Modified: hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/metrics/RpcMetrics.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/metrics/RpcMetrics.java?rev=1077198&r1=1077197&r2=1077198&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/metrics/RpcMetrics.java (original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/metrics/RpcMetrics.java Fri Mar  4 03:51:03 2011
@@ -27,6 +27,7 @@ import org.apache.hadoop.metrics.Updater
 import org.apache.hadoop.metrics.util.MetricsBase;
 import org.apache.hadoop.metrics.util.MetricsIntValue;
 import org.apache.hadoop.metrics.util.MetricsRegistry;
+import org.apache.hadoop.metrics.util.MetricsTimeVaryingInt;
 import org.apache.hadoop.metrics.util.MetricsTimeVaryingRate;
 
 /**
@@ -79,7 +80,14 @@ public class RpcMetrics implements Updat
           new MetricsIntValue("NumOpenConnections", registry);
   public MetricsIntValue callQueueLen = 
           new MetricsIntValue("callQueueLen", registry);
-  
+  public MetricsTimeVaryingInt authenticationFailures = 
+          new MetricsTimeVaryingInt("rpcAuthenticationFailures", registry);
+  public MetricsTimeVaryingInt authenticationSuccesses = 
+          new MetricsTimeVaryingInt("rpcAuthenticationSuccesses", registry);
+  public MetricsTimeVaryingInt authorizationFailures = 
+          new MetricsTimeVaryingInt("rpcAuthorizationFailures", registry);
+  public MetricsTimeVaryingInt authorizationSuccesses = 
+         new MetricsTimeVaryingInt("rpcAuthorizationSuccesses", registry);
   /**
    * Push the metrics to the monitoring subsystem on doUpdate() call.
    */

Modified: hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/ipc/TestRPC.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/ipc/TestRPC.java?rev=1077198&r1=1077197&r2=1077198&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/ipc/TestRPC.java (original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/ipc/TestRPC.java Fri Mar  4 03:51:03 2011
@@ -364,6 +364,31 @@ public class TestRPC extends TestCase {
       if (proxy != null) {
         RPC.stopProxy(proxy);
       }
+      if (expectFailure) {
+        assertTrue("Expected 1 but got " + 
+            server.getRpcMetrics().authorizationFailures
+            .getCurrentIntervalValue(), 
+            server.getRpcMetrics().authorizationFailures
+            .getCurrentIntervalValue() == 1);
+      } else {
+        assertTrue("Expected 1 but got " + 
+            server.getRpcMetrics().authorizationSuccesses
+            .getCurrentIntervalValue(),
+            server.getRpcMetrics().authorizationSuccesses
+            .getCurrentIntervalValue() == 1);
+      }
+      //since we don't have authentication turned ON, we should see 
+      // >0 for the authentication successes and 0 for failure
+      assertTrue("Expected 0 but got " + 
+          server.getRpcMetrics().authenticationFailures
+          .getCurrentIntervalValue(),
+          server.getRpcMetrics().authenticationFailures
+          .getCurrentIntervalValue() == 0);
+      assertTrue("Expected greater than 0 but got " + 
+          server.getRpcMetrics().authenticationSuccesses
+          .getCurrentIntervalValue(),
+          server.getRpcMetrics().authenticationSuccesses
+          .getCurrentIntervalValue() > 0);
     }
   }