You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by om...@apache.org on 2011/03/04 04:49:40 UTC
svn commit: r1077185 - in
/hadoop/common/branches/branch-0.20-security-patches/src:
core/org/apache/hadoop/fs/FileSystem.java
test/org/apache/hadoop/fs/TestFileSystem.java
Author: omalley
Date: Fri Mar 4 03:49:40 2011
New Revision: 1077185
URL: http://svn.apache.org/viewvc?rev=1077185&view=rev
Log:
commit a331b1434fddae1d86875304b9b7eee852b7b104
Author: Devaraj Das <dd...@yahoo-inc.com>
Date: Sat Feb 20 12:17:18 2010 -0800
HADOOP:6545 from https://issues.apache.org/jira/secure/attachment/12436456/6545-bp20.patch
+++ b/YAHOO-CHANGES.txt
+ HADOOP-6545. Changes the Key for the FileSystem to be UGI. (ddas)
+
Modified:
hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/fs/FileSystem.java
hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/fs/TestFileSystem.java
Modified: hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/fs/FileSystem.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/fs/FileSystem.java?rev=1077185&r1=1077184&r2=1077185&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/fs/FileSystem.java (original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/fs/FileSystem.java Fri Mar 4 03:49:40 2011
@@ -1433,17 +1433,17 @@ public abstract class FileSystem extends
static class Key {
final String scheme;
final String authority;
- final String username;
+ final UserGroupInformation ugi;
Key(URI uri, Configuration conf) throws IOException {
scheme = uri.getScheme()==null?"":uri.getScheme().toLowerCase();
authority = uri.getAuthority()==null?"":uri.getAuthority().toLowerCase();
- username = UserGroupInformation.getCurrentUser().getUserName();
+ this.ugi = UserGroupInformation.getCurrentUser();
}
/** {@inheritDoc} */
public int hashCode() {
- return (scheme + authority + username).hashCode();
+ return (scheme + authority).hashCode() + ugi.hashCode();
}
static boolean isEqual(Object a, Object b) {
@@ -1459,14 +1459,14 @@ public abstract class FileSystem extends
Key that = (Key)obj;
return isEqual(this.scheme, that.scheme)
&& isEqual(this.authority, that.authority)
- && isEqual(this.username, that.username);
+ && isEqual(this.ugi, that.ugi);
}
return false;
}
/** {@inheritDoc} */
public String toString() {
- return username + "@" + scheme + "://" + authority;
+ return "("+ugi.toString() + ")@" + scheme + "://" + authority;
}
}
}
Modified: hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/fs/TestFileSystem.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/fs/TestFileSystem.java?rev=1077185&r1=1077184&r2=1077185&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/fs/TestFileSystem.java (original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/fs/TestFileSystem.java Fri Mar 4 03:49:40 2011
@@ -56,6 +56,12 @@ import org.apache.hadoop.mapred.Reporter
import org.apache.hadoop.mapred.SequenceFileInputFormat;
import org.apache.hadoop.mapred.lib.LongSumReducer;
import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.hadoop.security.token.Token;
+import org.apache.hadoop.security.token.TokenIdentifier;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+import static org.mockito.Mockito.mock;
public class TestFileSystem extends TestCase {
private static final Log LOG = FileSystem.LOG;
@@ -611,4 +617,58 @@ public class TestFileSystem extends Test
assertTrue(map.containsKey(lowercaseCachekey2));
}
+
+ @SuppressWarnings("unchecked")
+ public <T extends TokenIdentifier> void testCacheForUgi() throws Exception {
+ final Configuration conf = new Configuration();
+ conf.set("fs.cachedfile.impl", conf.get("fs.file.impl"));
+ UserGroupInformation ugiA = UserGroupInformation.createRemoteUser("foo");
+ UserGroupInformation ugiB = UserGroupInformation.createRemoteUser("bar");
+ FileSystem fsA = ugiA.doAs(new PrivilegedExceptionAction<FileSystem>() {
+ public FileSystem run() throws Exception {
+ return FileSystem.get(new URI("cachedfile://a"), conf);
+ }
+ });
+ FileSystem fsA1 = ugiA.doAs(new PrivilegedExceptionAction<FileSystem>() {
+ public FileSystem run() throws Exception {
+ return FileSystem.get(new URI("cachedfile://a"), conf);
+ }
+ });
+ //Since the UGIs are the same, we should have the same filesystem for both
+ assertSame(fsA, fsA1);
+
+ FileSystem fsB = ugiB.doAs(new PrivilegedExceptionAction<FileSystem>() {
+ public FileSystem run() throws Exception {
+ return FileSystem.get(new URI("cachedfile://a"), conf);
+ }
+ });
+ //Since the UGIs are different, we should end up with different filesystems
+ //corresponding to the two UGIs
+ assertNotSame(fsA, fsB);
+
+ Token<T> t1 = mock(Token.class);
+ ugiA = UserGroupInformation.createRemoteUser("foo");
+ ugiA.addToken(t1);
+
+ fsA = ugiA.doAs(new PrivilegedExceptionAction<FileSystem>() {
+ public FileSystem run() throws Exception {
+ return FileSystem.get(new URI("cachedfile://a"), conf);
+ }
+ });
+ //Although the users in the UGI are same, ugiA has tokens in it, and
+ //we should end up with different filesystems corresponding to the two UGIs
+ assertNotSame(fsA, fsA1);
+
+ ugiA = UserGroupInformation.createRemoteUser("foo");
+ ugiA.addToken(t1);
+
+ fsA1 = ugiA.doAs(new PrivilegedExceptionAction<FileSystem>() {
+ public FileSystem run() throws Exception {
+ return FileSystem.get(new URI("cachedfile://a"), conf);
+ }
+ });
+ //Now the users in the UGI are the same, and they also have the same token.
+ //We should have the same filesystem for both
+ assertSame(fsA, fsA1);
+ }
}