You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by om...@apache.org on 2011/03/04 04:51:03 UTC
svn commit: r1077198 - in
/hadoop/common/branches/branch-0.20-security-patches/src:
core/org/apache/hadoop/ipc/Server.java
core/org/apache/hadoop/ipc/metrics/RpcMetrics.java
test/org/apache/hadoop/ipc/TestRPC.java
Author: omalley
Date: Fri Mar 4 03:51:03 2011
New Revision: 1077198
URL: http://svn.apache.org/viewvc?rev=1077198&view=rev
Log:
commit 0f10509ebda95a724ca24bce13dec0965ced6d37
Author: Devaraj Das <dd...@yahoo-inc.com>
Date: Mon Feb 22 15:21:20 2010 -0800
HADOOP:6583 from https://issues.apache.org/jira/secure/attachment/12436643/6583-bp20.patch
+++ b/YAHOO-CHANGES.txt
+ HADOOP-6583. Captures authentication and authorization metrics. (ddas)
+
Modified:
hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/Server.java
hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/metrics/RpcMetrics.java
hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/ipc/TestRPC.java
Modified: hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/Server.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/Server.java?rev=1077198&r1=1077197&r2=1077198&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/Server.java (original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/Server.java Fri Mar 4 03:51:03 2011
@@ -222,6 +222,11 @@ public abstract class Server {
}
}
}
+
+ /*Returns a handle to the rpcMetrics (required in tests)*/
+ public RpcMetrics getRpcMetrics() {
+ return rpcMetrics;
+ }
/** A call queued for handling. */
private static class Call {
@@ -876,7 +881,13 @@ public abstract class Server {
if (LOG.isDebugEnabled())
LOG.debug("Have read input token of size " + saslToken.length
+ " for processing by saslServer.evaluateResponse()");
- byte[] replyToken = saslServer.evaluateResponse(saslToken);
+ byte[] replyToken;
+ try {
+ replyToken = saslServer.evaluateResponse(saslToken);
+ } catch (SaslException se) {
+ rpcMetrics.authenticationFailures.inc();
+ throw se;
+ }
if (replyToken != null) {
if (LOG.isDebugEnabled())
LOG.debug("Will send token of size " + replyToken.length
@@ -1077,6 +1088,7 @@ public abstract class Server {
private void processOneRpc(byte[] buf) throws IOException,
InterruptedException {
+ rpcMetrics.authenticationSuccesses.inc();
if (headerRead) {
processData(buf);
} else {
@@ -1120,7 +1132,9 @@ public abstract class Server {
if (LOG.isDebugEnabled()) {
LOG.debug("Successfully authorized " + header);
}
+ rpcMetrics.authorizationSuccesses.inc();
} catch (AuthorizationException ae) {
+ rpcMetrics.authorizationFailures.inc();
authFailedCall.connection = this;
setupResponse(authFailedResponse, authFailedCall, Status.FATAL, null,
ae.getClass().getName(), ae.getMessage());
Modified: hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/metrics/RpcMetrics.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/metrics/RpcMetrics.java?rev=1077198&r1=1077197&r2=1077198&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/metrics/RpcMetrics.java (original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/metrics/RpcMetrics.java Fri Mar 4 03:51:03 2011
@@ -27,6 +27,7 @@ import org.apache.hadoop.metrics.Updater
import org.apache.hadoop.metrics.util.MetricsBase;
import org.apache.hadoop.metrics.util.MetricsIntValue;
import org.apache.hadoop.metrics.util.MetricsRegistry;
+import org.apache.hadoop.metrics.util.MetricsTimeVaryingInt;
import org.apache.hadoop.metrics.util.MetricsTimeVaryingRate;
/**
@@ -79,7 +80,14 @@ public class RpcMetrics implements Updat
new MetricsIntValue("NumOpenConnections", registry);
public MetricsIntValue callQueueLen =
new MetricsIntValue("callQueueLen", registry);
-
+ public MetricsTimeVaryingInt authenticationFailures =
+ new MetricsTimeVaryingInt("rpcAuthenticationFailures", registry);
+ public MetricsTimeVaryingInt authenticationSuccesses =
+ new MetricsTimeVaryingInt("rpcAuthenticationSuccesses", registry);
+ public MetricsTimeVaryingInt authorizationFailures =
+ new MetricsTimeVaryingInt("rpcAuthorizationFailures", registry);
+ public MetricsTimeVaryingInt authorizationSuccesses =
+ new MetricsTimeVaryingInt("rpcAuthorizationSuccesses", registry);
/**
* Push the metrics to the monitoring subsystem on doUpdate() call.
*/
Modified: hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/ipc/TestRPC.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/ipc/TestRPC.java?rev=1077198&r1=1077197&r2=1077198&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/ipc/TestRPC.java (original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/ipc/TestRPC.java Fri Mar 4 03:51:03 2011
@@ -364,6 +364,31 @@ public class TestRPC extends TestCase {
if (proxy != null) {
RPC.stopProxy(proxy);
}
+ if (expectFailure) {
+ assertTrue("Expected 1 but got " +
+ server.getRpcMetrics().authorizationFailures
+ .getCurrentIntervalValue(),
+ server.getRpcMetrics().authorizationFailures
+ .getCurrentIntervalValue() == 1);
+ } else {
+ assertTrue("Expected 1 but got " +
+ server.getRpcMetrics().authorizationSuccesses
+ .getCurrentIntervalValue(),
+ server.getRpcMetrics().authorizationSuccesses
+ .getCurrentIntervalValue() == 1);
+ }
+ //since we don't have authentication turned ON, we should see
+ // >0 for the authentication successes and 0 for failure
+ assertTrue("Expected 0 but got " +
+ server.getRpcMetrics().authenticationFailures
+ .getCurrentIntervalValue(),
+ server.getRpcMetrics().authenticationFailures
+ .getCurrentIntervalValue() == 0);
+ assertTrue("Expected greater than 0 but got " +
+ server.getRpcMetrics().authenticationSuccesses
+ .getCurrentIntervalValue(),
+ server.getRpcMetrics().authenticationSuccesses
+ .getCurrentIntervalValue() > 0);
}
}