This is an automated email from the ASF dual-hosted git repository.

weichiu pushed a commit to branch branch-3.2
in repository https://gitbox.apache.org/repos/asf/hadoop.git

commit 85aff9faccd4252f73994c79020b3590e323ed7c
Author: Zsombor Gegesy <zsom...@apache.org>
AuthorDate: Tue Apr 16 05:27:29 2019 -0700

    HADOOP-15014. KMS should log the IP address of the clients. Contributed by 
Zsombor Gegesy.
    
    Signed-off-by: Wei-Chiu Chuang <weic...@apache.org>
    (cherry picked from commit 008766c119d9ed9d568f9458ed0c02136962da5b)
---
 .../key/kms/server/KMSExceptionsProvider.java      |  5 +-
 .../hadoop/crypto/key/kms/server/KMSMDCFilter.java | 58 +++++++++++++++++-----
 2 files changed, 48 insertions(+), 15 deletions(-)

diff --git 
a/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSExceptionsProvider.java
 
b/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSExceptionsProvider.java
index 3d97753..ceaa8bc 100644
--- 
a/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSExceptionsProvider.java
+++ 
b/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSExceptionsProvider.java
@@ -111,9 +111,10 @@ public class KMSExceptionsProvider implements 
ExceptionMapper<Exception> {
     UserGroupInformation ugi = KMSMDCFilter.getUgi();
     String method = KMSMDCFilter.getMethod();
     String url = KMSMDCFilter.getURL();
+    String remoteClientAddress = KMSMDCFilter.getRemoteClientAddress();
     String msg = getOneLineMessage(ex);
-    LOG.warn("User:'{}' Method:{} URL:{} Response:{}-{}", ugi, method, url,
-        status, msg, ex);
+    LOG.warn("User:'{}' Method:{} URL:{} From:{} Response:{}-{}", ugi, method,
+        url, remoteClientAddress, status, msg, ex);
   }
 
 }
diff --git 
a/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSMDCFilter.java
 
b/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSMDCFilter.java
index 81591e5..f3c0bbd 100644
--- 
a/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSMDCFilter.java
+++ 
b/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSMDCFilter.java
@@ -21,6 +21,8 @@ import org.apache.hadoop.classification.InterfaceAudience;
 import org.apache.hadoop.security.UserGroupInformation;
 import 
org.apache.hadoop.security.token.delegation.web.HttpUserGroupInformation;
 
+import com.google.common.annotations.VisibleForTesting;
+
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
@@ -38,29 +40,40 @@ import java.io.IOException;
 public class KMSMDCFilter implements Filter {
 
   private static class Data {
-    private UserGroupInformation ugi;
-    private String method;
-    private StringBuffer url;
+    private final UserGroupInformation ugi;
+    private final String method;
+    private final String url;
+    private final String remoteClientAddress;
 
-    private Data(UserGroupInformation ugi, String method, StringBuffer url) {
+    private Data(UserGroupInformation ugi, String method, String url,
+        String remoteClientAddress) {
       this.ugi = ugi;
       this.method = method;
       this.url = url;
+      this.remoteClientAddress = remoteClientAddress;
     }
   }
 
   private static final ThreadLocal<Data> DATA_TL = new ThreadLocal<Data>();
 
   public static UserGroupInformation getUgi() {
-    return DATA_TL.get().ugi;
+    Data data = DATA_TL.get();
+    return data != null ? data.ugi : null;
   }
 
   public static String getMethod() {
-    return DATA_TL.get().method;
+    Data data = DATA_TL.get();
+    return data != null ? data.method : null;
   }
 
   public static String getURL() {
-    return DATA_TL.get().url.toString();
+    Data data = DATA_TL.get();
+    return data != null ? data.url : null;
+  }
+
+  public static String getRemoteClientAddress() {
+    Data data = DATA_TL.get();
+    return data != null ? data.remoteClientAddress : null;
   }
 
   @Override
@@ -72,22 +85,41 @@ public class KMSMDCFilter implements Filter {
       FilterChain chain)
       throws IOException, ServletException {
     try {
-      DATA_TL.remove();
+      clearContext();
       UserGroupInformation ugi = HttpUserGroupInformation.get();
-      String method = ((HttpServletRequest) request).getMethod();
-      StringBuffer requestURL = ((HttpServletRequest) request).getRequestURL();
-      String queryString = ((HttpServletRequest) request).getQueryString();
+      HttpServletRequest httpServletRequest = (HttpServletRequest) request;
+      String method = httpServletRequest.getMethod();
+      StringBuffer requestURL = httpServletRequest.getRequestURL();
+      String queryString = httpServletRequest.getQueryString();
       if (queryString != null) {
         requestURL.append("?").append(queryString);
       }
-      DATA_TL.set(new Data(ugi, method, requestURL));
+      setContext(ugi, method, requestURL.toString(), request.getRemoteAddr());
       chain.doFilter(request, response);
     } finally {
-      DATA_TL.remove();
+      clearContext();
     }
   }
 
   @Override
   public void destroy() {
   }
+
+  /**
+   * Sets the context with the given parameters.
+   * @param ugi the {@link UserGroupInformation} for the current request.
+   * @param method the http method
+   * @param requestURL the requested URL.
+   * @param remoteAddr the remote address of the client.
+   */
+  @VisibleForTesting
+  public static void setContext(UserGroupInformation ugi,
+      String method, String requestURL, String remoteAddr) {
+    DATA_TL.set(new Data(ugi, method, requestURL, remoteAddr));
+  }
+
+  private static void clearContext() {
+    DATA_TL.remove();
+  }
+
 }


---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-commits-h...@hadoop.apache.org

Reply via email to