You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by ma...@apache.org on 2011/10/06 19:48:18 UTC
svn commit: r1179720 - in
/hadoop/common/branches/branch-0.20-security-205/src/hdfs/org/apache/hadoop/hdfs:
DFSUtil.java HftpFileSystem.java web/WebHdfsFileSystem.java
Author: mattf
Date: Thu Oct 6 17:48:17 2011
New Revision: 1179720
URL: http://svn.apache.org/viewvc?rev=1179720&view=rev
Log:
Amend to HDFS-2385 - merge r1179490
Modified:
hadoop/common/branches/branch-0.20-security-205/src/hdfs/org/apache/hadoop/hdfs/DFSUtil.java
hadoop/common/branches/branch-0.20-security-205/src/hdfs/org/apache/hadoop/hdfs/HftpFileSystem.java
hadoop/common/branches/branch-0.20-security-205/src/hdfs/org/apache/hadoop/hdfs/web/WebHdfsFileSystem.java
Modified: hadoop/common/branches/branch-0.20-security-205/src/hdfs/org/apache/hadoop/hdfs/DFSUtil.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-205/src/hdfs/org/apache/hadoop/hdfs/DFSUtil.java?rev=1179720&r1=1179719&r2=1179720&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-205/src/hdfs/org/apache/hadoop/hdfs/DFSUtil.java (original)
+++ hadoop/common/branches/branch-0.20-security-205/src/hdfs/org/apache/hadoop/hdfs/DFSUtil.java Thu Oct 6 17:48:17 2011
@@ -19,6 +19,9 @@
package org.apache.hadoop.hdfs;
import java.io.UnsupportedEncodingException;
+import java.net.InetSocketAddress;
+import java.net.URI;
+import java.net.URISyntaxException;
import java.util.StringTokenizer;
import org.apache.hadoop.fs.BlockLocation;
@@ -110,5 +113,15 @@ public class DFSUtil {
}
return blkLocations;
}
+
+ /** Create a URI from the scheme and address */
+ public static URI createUri(String scheme, InetSocketAddress address) {
+ try {
+ return new URI(scheme, null, address.getHostName(), address.getPort(),
+ null, null, null);
+ } catch (URISyntaxException ue) {
+ throw new IllegalArgumentException(ue);
+ }
+ }
}
Modified: hadoop/common/branches/branch-0.20-security-205/src/hdfs/org/apache/hadoop/hdfs/HftpFileSystem.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-205/src/hdfs/org/apache/hadoop/hdfs/HftpFileSystem.java?rev=1179720&r1=1179719&r2=1179720&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-205/src/hdfs/org/apache/hadoop/hdfs/HftpFileSystem.java (original)
+++ hadoop/common/branches/branch-0.20-security-205/src/hdfs/org/apache/hadoop/hdfs/HftpFileSystem.java Thu Oct 6 17:48:17 2011
@@ -149,7 +149,7 @@ public class HftpFileSystem extends File
this.ugi = UserGroupInformation.getCurrentUser();
this.nnAddr = getNamenodeAddr(name);
this.nnSecureAddr = getNamenodeSecureAddr(name);
- this.hftpURI = createUri(name.getScheme(), nnAddr);
+ this.hftpURI = DFSUtil.createUri(name.getScheme(), nnAddr);
if (UserGroupInformation.isSecurityEnabled()) {
initDelegationToken();
@@ -192,15 +192,6 @@ public class HftpFileSystem extends File
nnAddr, ugi, getConf());
}
- private static URI createUri(String scheme, InetSocketAddress addr) {
- URI uri = null;
- try {
- uri = new URI(scheme, null, addr.getHostName(), addr.getPort(), null, null, null);
- } catch (URISyntaxException ue) {
- throw new IllegalArgumentException(ue);
- }
- return uri;
- }
@Override
public Token<?> getRenewToken() {
@@ -224,12 +215,12 @@ public class HftpFileSystem extends File
@Override
public synchronized Token<?> getDelegationToken(final String renewer
) throws IOException {
- final String nnHttpUrl = createUri("https", nnSecureAddr).toString();
try {
//Renew TGT if needed
ugi.checkTGTAndReloginFromKeytab();
return ugi.doAs(new PrivilegedExceptionAction<Token<?>>() {
public Token<?> run() throws IOException {
+ final String nnHttpUrl = DFSUtil.createUri("https", nnSecureAddr).toString();
Credentials c;
try {
c = DelegationTokenFetcher.getDTfromRemote(nnHttpUrl, renewer);
@@ -682,7 +673,7 @@ public class HftpFileSystem extends File
// use https to renew the token
InetSocketAddress serviceAddr = SecurityUtil.getTokenServiceAddr(token);
return DelegationTokenFetcher.renewDelegationToken(
- createUri("https", serviceAddr).toString(),
+ DFSUtil.createUri("https", serviceAddr).toString(),
(Token<DelegationTokenIdentifier>) token
);
}
@@ -696,7 +687,7 @@ public class HftpFileSystem extends File
// use https to cancel the token
InetSocketAddress serviceAddr = SecurityUtil.getTokenServiceAddr(token);
DelegationTokenFetcher.cancelDelegationToken(
- createUri("https", serviceAddr).toString(),
+ DFSUtil.createUri("https", serviceAddr).toString(),
(Token<DelegationTokenIdentifier>) token
);
}
Modified: hadoop/common/branches/branch-0.20-security-205/src/hdfs/org/apache/hadoop/hdfs/web/WebHdfsFileSystem.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-205/src/hdfs/org/apache/hadoop/hdfs/web/WebHdfsFileSystem.java?rev=1179720&r1=1179719&r2=1179720&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-205/src/hdfs/org/apache/hadoop/hdfs/web/WebHdfsFileSystem.java (original)
+++ hadoop/common/branches/branch-0.20-security-205/src/hdfs/org/apache/hadoop/hdfs/web/WebHdfsFileSystem.java Thu Oct 6 17:48:17 2011
@@ -595,24 +595,30 @@ public class WebHdfsFileSystem extends F
public boolean isManaged(Token<?> token) throws IOException {
return true;
}
-
+
+ private static WebHdfsFileSystem getWebHdfs(
+ final Token<?> token, final Configuration conf
+ ) throws IOException, InterruptedException, URISyntaxException {
+
+ final InetSocketAddress nnAddr = SecurityUtil.getTokenServiceAddr(token);
+ final URI uri = DFSUtil.createUri(WebHdfsFileSystem.SCHEME, nnAddr);
+ return (WebHdfsFileSystem)FileSystem.get(uri, conf);
+ }
+
@Override
public long renew(final Token<?> token, final Configuration conf
) throws IOException, InterruptedException {
final UserGroupInformation ugi = UserGroupInformation.getLoginUser();
// update the kerberos credentials, if they are coming from a keytab
ugi.checkTGTAndReloginFromKeytab();
-
- final String uri = WebHdfsFileSystem.SCHEME + "://"
- + conf.get("dfs.http.address");
- final WebHdfsFileSystem webhdfs = ugi.doAs(new PrivilegedExceptionAction<WebHdfsFileSystem>() {
+
+ return ugi.doAs(new PrivilegedExceptionAction<Long>() {
@Override
- public WebHdfsFileSystem run() throws Exception {
- return (WebHdfsFileSystem)FileSystem.get(new URI(uri), conf);
+ public Long run() throws Exception {
+ final WebHdfsFileSystem webhdfs = getWebHdfs(token, conf);
+ return webhdfs.renewDelegationToken(token);
}
});
-
- return webhdfs.renewDelegationToken(token);
}
@Override
@@ -622,16 +628,14 @@ public class WebHdfsFileSystem extends F
// update the kerberos credentials, if they are coming from a keytab
ugi.checkTGTAndReloginFromKeytab();
- final String uri = WebHdfsFileSystem.SCHEME + "://"
- + conf.get("dfs.http.address");
- final WebHdfsFileSystem webhdfs = ugi.doAs(new PrivilegedExceptionAction<WebHdfsFileSystem>() {
+ ugi.doAs(new PrivilegedExceptionAction<Void>() {
@Override
- public WebHdfsFileSystem run() throws Exception {
- return (WebHdfsFileSystem)FileSystem.get(new URI(uri), conf);
+ public Void run() throws Exception {
+ final WebHdfsFileSystem webhdfs = getWebHdfs(token, conf);
+ webhdfs.cancelDelegationToken(token);
+ return null;
}
});
-
- webhdfs.cancelDelegationToken(token);
}
}
}
\ No newline at end of file