You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by ji...@apache.org on 2014/03/31 22:55:15 UTC
svn commit: r1583457 - in
/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common: ./
src/main/java/org/apache/hadoop/security/authorize/
src/main/java/org/apache/hadoop/util/
src/test/java/org/apache/hadoop/security/authorize/ src/test/ja...
Author: jing9
Date: Mon Mar 31 20:55:14 2014
New Revision: 1583457
URL: http://svn.apache.org/r1583457
Log:
HADOOP-10345. Merge change r1583454 from trunk.
Modified:
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ProxyUsers.java
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/util/StringUtils.java
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/authorize/TestProxyUsers.java
hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/util/TestStringUtils.java
Modified: hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt?rev=1583457&r1=1583456&r2=1583457&view=diff
==============================================================================
--- hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt (original)
+++ hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/CHANGES.txt Mon Mar 31 20:55:14 2014
@@ -11,6 +11,9 @@ Release 2.5.0 - UNRELEASED
HADOOP-10451. Remove unused field and imports from SaslRpcServer.
(Benoy Antony via jing9)
+ HADOOP-10345. Sanitize the the inputs (groups and hosts) for the proxyuser
+ configuration. (Benoy Antony via jing9)
+
OPTIMIZATIONS
BUG FIXES
Modified: hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ProxyUsers.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ProxyUsers.java?rev=1583457&r1=1583456&r2=1583457&view=diff
==============================================================================
--- hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ProxyUsers.java (original)
+++ hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/ProxyUsers.java Mon Mar 31 20:55:14 2014
@@ -69,7 +69,7 @@ public class ProxyUsers {
Map<String,String> allMatchKeys = conf.getValByRegex(regex);
for(Entry<String, String> entry : allMatchKeys.entrySet()) {
proxyGroups.put(entry.getKey(),
- StringUtils.getStringCollection(entry.getValue()));
+ StringUtils.getTrimmedStringCollection(entry.getValue()));
}
// now hosts
@@ -77,7 +77,7 @@ public class ProxyUsers {
allMatchKeys = conf.getValByRegex(regex);
for(Entry<String, String> entry : allMatchKeys.entrySet()) {
proxyHosts.put(entry.getKey(),
- StringUtils.getStringCollection(entry.getValue()));
+ StringUtils.getTrimmedStringCollection(entry.getValue()));
}
init = true;
Modified: hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/util/StringUtils.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/util/StringUtils.java?rev=1583457&r1=1583456&r2=1583457&view=diff
==============================================================================
--- hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/util/StringUtils.java (original)
+++ hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/util/StringUtils.java Mon Mar 31 20:55:14 2014
@@ -28,9 +28,11 @@ import java.util.Arrays;
import java.util.Collection;
import java.util.Date;
import java.util.Iterator;
+import java.util.LinkedHashSet;
import java.util.List;
import java.util.Locale;
import java.util.Map;
+import java.util.Set;
import java.util.StringTokenizer;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
@@ -351,12 +353,15 @@ public class StringUtils {
/**
* Splits a comma separated value <code>String</code>, trimming leading and trailing whitespace on each value.
+ * Duplicate and empty values are removed.
* @param str a comma separated <String> with values
* @return a <code>Collection</code> of <code>String</code> values
*/
public static Collection<String> getTrimmedStringCollection(String str){
- return new ArrayList<String>(
+ Set<String> set = new LinkedHashSet<String>(
Arrays.asList(getTrimmedStrings(str)));
+ set.remove("");
+ return set;
}
/**
Modified: hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/authorize/TestProxyUsers.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/authorize/TestProxyUsers.java?rev=1583457&r1=1583456&r2=1583457&view=diff
==============================================================================
--- hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/authorize/TestProxyUsers.java (original)
+++ hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/authorize/TestProxyUsers.java Mon Mar 31 20:55:14 2014
@@ -18,6 +18,8 @@
package org.apache.hadoop.security.authorize;
import java.util.Arrays;
+import java.util.Collection;
+
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.util.StringUtils;
import org.apache.hadoop.security.UserGroupInformation;
@@ -133,6 +135,41 @@ public class TestProxyUsers {
assertNotAuthorized(proxyUserUgi, "1.2.3.5");
}
+ @Test
+ public void testWithDuplicateProxyGroups() throws Exception {
+ Configuration conf = new Configuration();
+ conf.set(
+ ProxyUsers.getProxySuperuserGroupConfKey(REAL_USER_NAME),
+ StringUtils.join(",", Arrays.asList(GROUP_NAMES,GROUP_NAMES)));
+ conf.set(
+ ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_NAME),
+ PROXY_IP);
+ ProxyUsers.refreshSuperUserGroupsConfiguration(conf);
+
+ Collection<String> groupsToBeProxied = ProxyUsers.getProxyGroups().get(
+ ProxyUsers.getProxySuperuserGroupConfKey(REAL_USER_NAME));
+
+ assertEquals (1,groupsToBeProxied.size());
+ }
+
+ @Test
+ public void testWithDuplicateProxyHosts() throws Exception {
+ Configuration conf = new Configuration();
+ conf.set(
+ ProxyUsers.getProxySuperuserGroupConfKey(REAL_USER_NAME),
+ StringUtils.join(",", Arrays.asList(GROUP_NAMES)));
+ conf.set(
+ ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_NAME),
+ StringUtils.join(",", Arrays.asList(PROXY_IP,PROXY_IP)));
+ ProxyUsers.refreshSuperUserGroupsConfiguration(conf);
+
+ Collection<String> hosts = ProxyUsers.getProxyHosts().get(
+ ProxyUsers.getProxySuperuserIpConfKey(REAL_USER_NAME));
+
+ assertEquals (1,hosts.size());
+ }
+
+
private void assertNotAuthorized(UserGroupInformation proxyUgi, String host) {
try {
ProxyUsers.authorize(proxyUgi, host, null);
Modified: hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/util/TestStringUtils.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/util/TestStringUtils.java?rev=1583457&r1=1583456&r2=1583457&view=diff
==============================================================================
--- hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/util/TestStringUtils.java (original)
+++ hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/util/TestStringUtils.java Mon Mar 31 20:55:14 2014
@@ -22,9 +22,12 @@ import static org.apache.hadoop.util.Str
import static org.apache.hadoop.util.StringUtils.TraditionalBinaryPrefix.string2long;
import static org.junit.Assert.assertArrayEquals;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -401,6 +404,14 @@ public class TestStringUtils extends Uni
"begin %foo%_%bar%_%baz% end", pattern, replacements));
}
+ @Test
+ public void testGetUniqueNonEmptyTrimmedStrings (){
+ final String TO_SPLIT = ",foo, bar,baz,,blah,blah,bar,";
+ Collection<String> col = StringUtils.getTrimmedStringCollection(TO_SPLIT);
+ assertEquals(4, col.size());
+ assertTrue(col.containsAll(Arrays.asList(new String[]{"foo","bar","baz","blah"})));
+ }
+
// Benchmark for StringUtils split
public static void main(String []args) {
final String TO_SPLIT = "foo,bar,baz,blah,blah";