You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Hadoop QA (JIRA)" <ji...@apache.org> on 2014/10/10 06:53:34 UTC
[jira] [Commented] (HADOOP-11181)
o.a.h.security.token.delegation.DelegationTokenManager should be more
generalized to handle other DelegationTokenIdentifier
[ https://issues.apache.org/jira/browse/HADOOP-11181?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14166395#comment-14166395 ]
Hadoop QA commented on HADOOP-11181:
------------------------------------
{color:red}-1 overall{color}. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12674094/HADOOP-11181.1.patch
against trunk revision 5b12df6.
{color:green}+1 @author{color}. The patch does not contain any @author tags.
{color:green}+1 tests included{color}. The patch appears to include 3 new or modified test files.
{color:green}+1 javac{color}. The applied patch does not increase the total number of javac compiler warnings.
{color:green}+1 javadoc{color}. There were no new javadoc warning messages.
{color:green}+1 eclipse:eclipse{color}. The patch built with eclipse:eclipse.
{color:red}-1 findbugs{color}. The patch appears to introduce 2 new Findbugs (version 2.0.3) warnings.
{color:red}-1 release audit{color}. The applied patch generated 1 release audit warnings.
{color:green}+1 core tests{color}. The patch passed unit tests in hadoop-common-project/hadoop-common.
{color:green}+1 contrib tests{color}. The patch passed contrib unit tests.
Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/4897//testReport/
Release audit warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/4897//artifact/patchprocess/patchReleaseAuditProblems.txt
Findbugs warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/4897//artifact/patchprocess/newPatchFindbugsWarningshadoop-common.html
Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/4897//console
This message is automatically generated.
> o.a.h.security.token.delegation.DelegationTokenManager should be more generalized to handle other DelegationTokenIdentifier
> ---------------------------------------------------------------------------------------------------------------------------
>
> Key: HADOOP-11181
> URL: https://issues.apache.org/jira/browse/HADOOP-11181
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Reporter: Zhijie Shen
> Assignee: Zhijie Shen
> Attachments: HADOOP-11181.1.patch
>
>
> While DelegationTokenManager can set external secretManager, it have the assumption that the token is going to be o.a.h.security.token.delegation.DelegationTokenIdentifier, and use DelegationTokenIdentifier method to decode a token.
> {code}
> @SuppressWarnings("unchecked")
> public UserGroupInformation verifyToken(Token<DelegationTokenIdentifier>
> token) throws IOException {
> ByteArrayInputStream buf = new ByteArrayInputStream(token.getIdentifier());
> DataInputStream dis = new DataInputStream(buf);
> DelegationTokenIdentifier id = new DelegationTokenIdentifier(tokenKind);
> id.readFields(dis);
> dis.close();
> secretManager.verifyToken(id, token.getPassword());
> return id.getUser();
> }
> {code}
> It's not going to work it the token kind is other than web.DelegationTokenIdentifier. For example, RM want to reuse it but hook it to RMDelegationTokenSecretManager and RMDelegationTokenIdentifier, which has the customized way to decode a token.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)