This is an automated email from the ASF dual-hosted git repository.
stevel pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/hadoop.git
The following commit(s) were added to refs/heads/trunk by this push:
new 3f2eac7495f HADOOP-19744. Do not use SecurityManager in
SubjectUtil.checkThreadInheritsSubject (#8088)
3f2eac7495f is described below
commit 3f2eac7495f512fe8143b9e6d708fa53c54f06d9
Author: Istvan Toth <[email protected]>
AuthorDate: Wed Nov 19 12:37:58 2025 +0100
HADOOP-19744. Do not use SecurityManager in
SubjectUtil.checkThreadInheritsSubject (#8088)
Contributed by Istvan Toth
---
.../security/authentication/util/SubjectUtil.java | 24 ++++++++++------------
.../util/concurrent/TestSubjectPropagation.java | 5 +++++
2 files changed, 16 insertions(+), 13 deletions(-)
diff --git
a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/SubjectUtil.java
b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/SubjectUtil.java
index e364f040596..67c3be1f7f8 100644
---
a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/SubjectUtil.java
+++
b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/SubjectUtil.java
@@ -90,20 +90,18 @@ private static MethodHandle lookupCallAs() {
*/
private static boolean checkThreadInheritsSubject() {
- boolean securityManagerEnabled = true;
- try {
- // TODO this needs SecurityManager to compile, use reflection to look it
up instead
- SecurityManager sm = System.getSecurityManager();
- System.setSecurityManager(sm);
- } catch (UnsupportedOperationException e) {
- // JDK24+ unconditionally throws this, so we don't need to check for
JDK24+
- // explicitly
- securityManagerEnabled = false;
- } catch (Throwable t) {
- // don't care
+ if (JAVA_SPEC_VER <= 21) {
+ return true;
+ } else {
+ // 24+ never inherits the Subject.
+ // For 22 and 23 the behavior actually depends on whether the
SecurityManager
+ // is enabled, but this check is only used to determine whether a
doAs/callAs
+ // call can be optimized out in SubjectInheritingThread and Daemon.
+ // We accept that possible minor performance cost for those EOL non-LTS
versions
+ // to avoid the extra complexity and to prevent the JVM from logging
+ // SecurityManager warnings to the console.
+ return false;
}
-
- return JAVA_SPEC_VER < 22 || securityManagerEnabled;
}
/**
diff --git
a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/util/concurrent/TestSubjectPropagation.java
b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/util/concurrent/TestSubjectPropagation.java
index 018a91cdfc2..30acb828ace 100644
---
a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/util/concurrent/TestSubjectPropagation.java
+++
b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/util/concurrent/TestSubjectPropagation.java
@@ -147,9 +147,12 @@ public void run() {
});
if (SubjectUtil.THREAD_INHERITS_SUBJECT) {
+
assertEquals(parentSubject, childSubject);
} else {
// This is the behaviour that breaks Hadoop authorization
+ // This would fail for Java 22-23 if the SecurityManager would be
enabled,
+ // but we don't run tests with the SecurityManager enabled.
assertNull(childSubject);
}
}
@@ -179,6 +182,8 @@ public void run() {
assertEquals(parentSubject, childSubject);
} else {
// This is the behaviour that breaks Hadoop authorization
+ // This would fail for Java 22-23 if the SecurityManager would be
enabled,
+ // but we don't run tests with the SecurityManager enabled.
assertNull(childSubject);
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
