knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dillido...@apache.org
Subject git commit: KNOX-173, leverage presence of delegation token to avoid buffering request entity
Date Tue, 01 Oct 2013 00:41:39 GMT
Updated Branches:
  refs/heads/master af92049c7 -> 832e86c86


KNOX-173, leverage presence of delegation token to avoid buffering request entity


Project: http://git-wip-us.apache.org/repos/asf/incubator-knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-knox/commit/832e86c8
Tree: http://git-wip-us.apache.org/repos/asf/incubator-knox/tree/832e86c8
Diff: http://git-wip-us.apache.org/repos/asf/incubator-knox/diff/832e86c8

Branch: refs/heads/master
Commit: 832e86c86e0a82b93fa651f926f3bf76a43cdead
Parents: af92049
Author: Dilli Dorai Arumugam <darumugam@hortonworks.com>
Authored: Mon Sep 30 17:39:49 2013 -0700
Committer: Dilli Dorai Arumugam <darumugam@hortonworks.com>
Committed: Mon Sep 30 17:39:55 2013 -0700

----------------------------------------------------------------------
 .../gateway/dispatch/HttpClientDispatch.java    | 15 ++++-
 .../dispatch/HttpClientDispatchTest.java        | 67 +++++++++++++++-----
 2 files changed, 65 insertions(+), 17 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/832e86c8/gateway-server/src/main/java/org/apache/hadoop/gateway/dispatch/HttpClientDispatch.java
----------------------------------------------------------------------
diff --git a/gateway-server/src/main/java/org/apache/hadoop/gateway/dispatch/HttpClientDispatch.java
b/gateway-server/src/main/java/org/apache/hadoop/gateway/dispatch/HttpClientDispatch.java
index 1398253..616630c 100644
--- a/gateway-server/src/main/java/org/apache/hadoop/gateway/dispatch/HttpClientDispatch.java
+++ b/gateway-server/src/main/java/org/apache/hadoop/gateway/dispatch/HttpClientDispatch.java
@@ -183,8 +183,19 @@ public class HttpClientDispatch extends AbstractGatewayDispatch {
       entity = new InputStreamEntity(contentStream, contentLength, ContentType.parse( contentType
) );
     }
 
-    if ("true".equals(System.getProperty(GatewayConfig.HADOOP_KERBEROS_SECURED))) {
-      entity = new PartiallyRepeatableHttpEntity( entity );
+ 
+    if ("true".equals(System.getProperty(GatewayConfig.HADOOP_KERBEROS_SECURED))) {  
+   
+      //Check if delegation token is supplied in the request
+      boolean delegationTokenPresent = false;
+      String queryString = request.getQueryString();
+      if (queryString != null) {
+        delegationTokenPresent = queryString.startsWith("delegation=") || 
+            queryString.contains("&delegation=");
+      }     
+      if (!delegationTokenPresent) {
+        entity = new PartiallyRepeatableHttpEntity( entity );
+      }
     }
 
     return entity;

http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/832e86c8/gateway-server/src/test/java/org/apache/hadoop/gateway/dispatch/HttpClientDispatchTest.java
----------------------------------------------------------------------
diff --git a/gateway-server/src/test/java/org/apache/hadoop/gateway/dispatch/HttpClientDispatchTest.java
b/gateway-server/src/test/java/org/apache/hadoop/gateway/dispatch/HttpClientDispatchTest.java
index 06daef1..d429deb 100644
--- a/gateway-server/src/test/java/org/apache/hadoop/gateway/dispatch/HttpClientDispatchTest.java
+++ b/gateway-server/src/test/java/org/apache/hadoop/gateway/dispatch/HttpClientDispatchTest.java
@@ -17,28 +17,34 @@
  */
 package org.apache.hadoop.gateway.dispatch;
 
-import org.apache.http.client.methods.HttpUriRequest;
-import org.apache.http.params.BasicHttpParams;
-import org.easymock.EasyMock;
-import org.easymock.IAnswer;
-import org.eclipse.jetty.server.HttpOutput;
-import org.junit.Test;
-
-import javax.servlet.ServletOutputStream;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.net.UnknownHostException;
-
 import static org.hamcrest.Matchers.containsString;
 import static org.hamcrest.Matchers.greaterThan;
 import static org.hamcrest.Matchers.instanceOf;
 import static org.hamcrest.Matchers.not;
+import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertThat;
+import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.net.UnknownHostException;
+
+import javax.servlet.ServletInputStream;
+import javax.servlet.ServletOutputStream;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.hadoop.gateway.config.GatewayConfig;
+import org.apache.http.HttpEntity;
+import org.apache.http.client.methods.HttpUriRequest;
+import org.apache.http.params.BasicHttpParams;
+import org.easymock.EasyMock;
+import org.easymock.IAnswer;
+import org.junit.Test;
+
 public class HttpClientDispatchTest {
 
   // Make sure Hadoop cluster topology isn't exposed to client when there is a connectivity
issue.
@@ -81,4 +87,35 @@ public class HttpClientDispatchTest {
     }
   }
 
+  @Test
+  public void testCallToSecureClusterWithDelegationTpken() throws URISyntaxException, IOException
{
+    System.setProperty(GatewayConfig.HADOOP_KERBEROS_SECURED, "true");
+    HttpClientDispatch httpClientDispatch = new HttpClientDispatch();
+    ServletInputStream inputStream = EasyMock.createNiceMock( ServletInputStream.class );
+    HttpServletRequest inboundRequest = EasyMock.createNiceMock( HttpServletRequest.class
);
+    EasyMock.expect(inboundRequest.getQueryString()).andReturn( "delegation=123").anyTimes();
+    EasyMock.expect(inboundRequest.getInputStream()).andReturn( inputStream).anyTimes();
+    EasyMock.replay( inboundRequest );
+    HttpEntity httpEntity = httpClientDispatch.createRequestEntity(inboundRequest);
+    System.setProperty(GatewayConfig.HADOOP_KERBEROS_SECURED, "false");
+    assertFalse("buffering in the presence of delegation token", 
+        (httpEntity instanceof PartiallyRepeatableHttpEntity));
+  }
+  
+  @Test
+  public void testCallToSecureClusterWithoutDelegationTpken() throws URISyntaxException,
IOException {
+    System.setProperty(GatewayConfig.HADOOP_KERBEROS_SECURED, "true");
+    HttpClientDispatch httpClientDispatch = new HttpClientDispatch();
+    ServletInputStream inputStream = EasyMock.createNiceMock( ServletInputStream.class );
+    HttpServletRequest inboundRequest = EasyMock.createNiceMock( HttpServletRequest.class
);
+    EasyMock.expect(inboundRequest.getQueryString()).andReturn( "a=123").anyTimes();
+    EasyMock.expect(inboundRequest.getInputStream()).andReturn( inputStream).anyTimes();
+    EasyMock.replay( inboundRequest );
+    HttpEntity httpEntity = httpClientDispatch.createRequestEntity(inboundRequest);
+    System.setProperty(GatewayConfig.HADOOP_KERBEROS_SECURED, "false");
+    assertTrue("not buffering in the absence of delegation token", 
+        (httpEntity instanceof PartiallyRepeatableHttpEntity));
+  }
+  
+  
 }


Mime
View raw message