Repository: hadoop Updated Branches: refs/heads/trunk 156e6a4f8 -> c686aa353
YARN-2447. RM web service app submission doesn't pass secrets correctly. Contributed by Varun Vasudev Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/c686aa35 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/c686aa35 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/c686aa35 Branch: refs/heads/trunk Commit: c686aa3533b42e1baf62a78bc1bfb0ac05be53bb Parents: 156e6a4 Author: Jian He <jia...@apache.org> Authored: Fri Aug 29 11:40:47 2014 -0700 Committer: Jian He <jia...@apache.org> Committed: Fri Aug 29 11:40:47 2014 -0700 ---------------------------------------------------------------------- hadoop-yarn-project/CHANGES.txt | 3 +++ .../resourcemanager/webapp/RMWebServices.java | 2 +- .../TestRMWebServicesAppsModification.java | 21 ++++++++++++++++---- 3 files changed, 21 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/c686aa35/hadoop-yarn-project/CHANGES.txt ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/CHANGES.txt b/hadoop-yarn-project/CHANGES.txt index 72e8a1e..5503c4e 100644 --- a/hadoop-yarn-project/CHANGES.txt +++ b/hadoop-yarn-project/CHANGES.txt @@ -257,6 +257,9 @@ Release 2.6.0 - UNRELEASED YARN-2450. Fix typos in log messages. (Ray Chiang via hitesh) + YARN-2447. RM web service app submission doesn't pass secrets correctly. + (Varun Vasudev via jianhe) + Release 2.5.1 - UNRELEASED INCOMPATIBLE CHANGES http://git-wip-us.apache.org/repos/asf/hadoop/blob/c686aa35/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMWebServices.java ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMWebServices.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMWebServices.java index a8ec192..24a90bd 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMWebServices.java +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMWebServices.java @@ -1061,7 +1061,7 @@ public class RMWebServices { token.decodeFromUrlString(entry.getValue()); ret.addToken(alias, token); } - for (Map.Entry<String, String> entry : credentials.getTokens().entrySet()) { + for (Map.Entry<String, String> entry : credentials.getSecrets().entrySet()) { Text alias = new Text(entry.getKey()); Base64 decoder = new Base64(0, null, true); byte[] secret = decoder.decode(entry.getValue()); http://git-wip-us.apache.org/repos/asf/hadoop/blob/c686aa35/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/TestRMWebServicesAppsModification.java ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/TestRMWebServicesAppsModification.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/TestRMWebServicesAppsModification.java index 12c5686..e02e410 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/TestRMWebServicesAppsModification.java +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/TestRMWebServicesAppsModification.java @@ -22,9 +22,7 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertTrue; import static org.junit.Assume.assumeTrue; -import java.io.IOException; -import java.io.StringReader; -import java.io.StringWriter; +import java.io.*; import java.net.URI; import java.util.ArrayList; import java.util.Arrays; @@ -47,6 +45,9 @@ import javax.xml.parsers.ParserConfigurationException; import org.apache.commons.codec.binary.Base64; import org.apache.hadoop.conf.Configuration; +import org.apache.hadoop.io.DataInputBuffer; +import org.apache.hadoop.io.Text; +import org.apache.hadoop.security.Credentials; import org.apache.hadoop.security.authentication.server.AuthenticationFilter; import org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler; import org.apache.hadoop.yarn.api.records.ApplicationAccessType; @@ -77,6 +78,7 @@ import org.apache.hadoop.yarn.webapp.WebServicesTestUtils; import org.codehaus.jettison.json.JSONException; import org.codehaus.jettison.json.JSONObject; import org.junit.After; +import org.junit.Assert; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; @@ -684,7 +686,8 @@ public class TestRMWebServicesAppsModification extends JerseyTest { CredentialsInfo credentials = new CredentialsInfo(); HashMap<String, String> tokens = new HashMap<String, String>(); HashMap<String, String> secrets = new HashMap<String, String>(); - secrets.put("secret1", Base64.encodeBase64URLSafeString("secret1".getBytes("UTF8"))); + secrets.put("secret1", Base64.encodeBase64String( + "mysecret".getBytes("UTF8"))); credentials.setSecrets(secrets); credentials.setTokens(tokens); ApplicationSubmissionContextInfo appInfo = new ApplicationSubmissionContextInfo(); @@ -757,6 +760,16 @@ public class TestRMWebServicesAppsModification extends JerseyTest { assertEquals(y.getType(), exampleLR.getType()); assertEquals(y.getPattern(), exampleLR.getPattern()); assertEquals(y.getVisibility(), exampleLR.getVisibility()); + Credentials cs = new Credentials(); + ByteArrayInputStream str = + new ByteArrayInputStream(app.getApplicationSubmissionContext() + .getAMContainerSpec().getTokens().array()); + DataInputStream di = new DataInputStream(str); + cs.readTokenStorageStream(di); + Text key = new Text("secret1"); + assertTrue("Secrets missing from credentials object", cs + .getAllSecretKeys().contains(key)); + assertEquals("mysecret", new String(cs.getSecretKey(key), "UTF-8")); response = this.constructWebResource("apps", appId).accept(acceptMedia)