You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by ae...@apache.org on 2018/02/15 23:51:05 UTC
[36/50] [abbrv] hadoop git commit: Revert "HADOOP-12897.
KerberosAuthenticator.authenticate to include URL on IO failures. Contributed
by Ajay Kumar."
Revert "HADOOP-12897. KerberosAuthenticator.authenticate to include URL on IO failures. Contributed by Ajay Kumar."
This reverts commit 332269de065d0f40eb54ee5e53b765217c24081e.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/1f20f432
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/1f20f432
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/1f20f432
Branch: refs/heads/HDFS-7240
Commit: 1f20f432d2472f92797ea01711ca4cc97e7b2b23
Parents: f20dc0d
Author: Xiao Chen <xi...@apache.org>
Authored: Wed Feb 14 10:22:37 2018 -0800
Committer: Xiao Chen <xi...@apache.org>
Committed: Wed Feb 14 10:25:05 2018 -0800
----------------------------------------------------------------------
.../client/KerberosAuthenticator.java | 80 +++++++-------------
.../client/TestKerberosAuthenticator.java | 29 -------
2 files changed, 27 insertions(+), 82 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hadoop/blob/1f20f432/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
index 64d4330..942d13c 100644
--- a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
+++ b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
@@ -13,8 +13,6 @@
*/
package org.apache.hadoop.security.authentication.client;
-import com.google.common.annotations.VisibleForTesting;
-import java.lang.reflect.Constructor;
import org.apache.commons.codec.binary.Base64;
import org.apache.hadoop.security.authentication.server.HttpConstants;
import org.apache.hadoop.security.authentication.util.AuthToken;
@@ -179,62 +177,38 @@ public class KerberosAuthenticator implements Authenticator {
*/
@Override
public void authenticate(URL url, AuthenticatedURL.Token token)
- throws IOException, AuthenticationException {
+ throws IOException, AuthenticationException {
if (!token.isSet()) {
this.url = url;
base64 = new Base64(0);
- try {
- HttpURLConnection conn = token.openConnection(url, connConfigurator);
- conn.setRequestMethod(AUTH_HTTP_METHOD);
- conn.connect();
-
- boolean needFallback = false;
- if (conn.getResponseCode() == HttpURLConnection.HTTP_OK) {
- LOG.debug("JDK performed authentication on our behalf.");
- // If the JDK already did the SPNEGO back-and-forth for
- // us, just pull out the token.
- AuthenticatedURL.extractToken(conn, token);
- if (isTokenKerberos(token)) {
- return;
- }
- needFallback = true;
+ HttpURLConnection conn = token.openConnection(url, connConfigurator);
+ conn.setRequestMethod(AUTH_HTTP_METHOD);
+ conn.connect();
+
+ boolean needFallback = false;
+ if (conn.getResponseCode() == HttpURLConnection.HTTP_OK) {
+ LOG.debug("JDK performed authentication on our behalf.");
+ // If the JDK already did the SPNEGO back-and-forth for
+ // us, just pull out the token.
+ AuthenticatedURL.extractToken(conn, token);
+ if (isTokenKerberos(token)) {
+ return;
}
- if (!needFallback && isNegotiate(conn)) {
- LOG.debug("Performing our own SPNEGO sequence.");
- doSpnegoSequence(token);
- } else {
- LOG.debug("Using fallback authenticator sequence.");
- Authenticator auth = getFallBackAuthenticator();
- // Make sure that the fall back authenticator have the same
- // ConnectionConfigurator, since the method might be overridden.
- // Otherwise the fall back authenticator might not have the
- // information to make the connection (e.g., SSL certificates)
- auth.setConnectionConfigurator(connConfigurator);
- auth.authenticate(url, token);
- }
- } catch (IOException ex){
- throw wrapExceptionWithMessage(ex,
- "Error while authenticating with endpoint: " + url);
- } catch (AuthenticationException ex){
- throw wrapExceptionWithMessage(ex,
- "Error while authenticating with endpoint: " + url);
+ needFallback = true;
+ }
+ if (!needFallback && isNegotiate(conn)) {
+ LOG.debug("Performing our own SPNEGO sequence.");
+ doSpnegoSequence(token);
+ } else {
+ LOG.debug("Using fallback authenticator sequence.");
+ Authenticator auth = getFallBackAuthenticator();
+ // Make sure that the fall back authenticator have the same
+ // ConnectionConfigurator, since the method might be overridden.
+ // Otherwise the fall back authenticator might not have the information
+ // to make the connection (e.g., SSL certificates)
+ auth.setConnectionConfigurator(connConfigurator);
+ auth.authenticate(url, token);
}
- }
- }
-
- @VisibleForTesting
- static <T extends Exception> T wrapExceptionWithMessage(
- T exception, String msg) {
- Class<? extends Throwable> exceptionClass = exception.getClass();
- try {
- Constructor<? extends Throwable> ctor = exceptionClass
- .getConstructor(String.class);
- Throwable t = ctor.newInstance(msg);
- return (T) (t.initCause(exception));
- } catch (Throwable e) {
- LOG.debug("Unable to wrap exception of type {}, it has "
- + "no (String) constructor.", exceptionClass, e);
- return exception;
}
}
http://git-wip-us.apache.org/repos/asf/hadoop/blob/1f20f432/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestKerberosAuthenticator.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestKerberosAuthenticator.java b/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestKerberosAuthenticator.java
index 4aabb34..7db53ba 100644
--- a/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestKerberosAuthenticator.java
+++ b/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestKerberosAuthenticator.java
@@ -20,9 +20,6 @@ import static org.apache.hadoop.security.authentication.server.KerberosAuthentic
import static org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler.KEYTAB;
import static org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler.NAME_RULES;
-import java.io.IOException;
-import java.nio.charset.CharacterCodingException;
-import javax.security.sasl.AuthenticationException;
import org.apache.hadoop.minikdc.KerberosSecurityTestcase;
import org.apache.hadoop.security.authentication.KerberosTestUtils;
import org.apache.hadoop.security.authentication.server.AuthenticationFilter;
@@ -221,30 +218,4 @@ public class TestKerberosAuthenticator extends KerberosSecurityTestcase {
});
}
- @Test(timeout = 60000)
- public void testWrapExceptionWithMessage() {
- IOException ex;
- ex = new IOException("Induced exception");
- ex = KerberosAuthenticator.wrapExceptionWithMessage(ex, "Error while "
- + "authenticating with endpoint: localhost");
- Assert.assertEquals("Induced exception", ex.getCause().getMessage());
- Assert.assertEquals("Error while authenticating with endpoint: localhost",
- ex.getMessage());
-
- ex = new AuthenticationException("Auth exception");
- ex = KerberosAuthenticator.wrapExceptionWithMessage(ex, "Error while "
- + "authenticating with endpoint: localhost");
- Assert.assertEquals("Auth exception", ex.getCause().getMessage());
- Assert.assertEquals("Error while authenticating with endpoint: localhost",
- ex.getMessage());
-
- // Test for Exception with no (String) constructor
- // redirect the LOG to and check log message
- ex = new CharacterCodingException();
- Exception ex2 = KerberosAuthenticator.wrapExceptionWithMessage(ex,
- "Error while authenticating with endpoint: localhost");
- Assert.assertTrue(ex instanceof CharacterCodingException);
- Assert.assertTrue(ex.equals(ex2));
- }
-
}
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org