[
https://issues.apache.org/jira/browse/HADOOP-13346?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Gregory Chanan updated HADOOP-13346:
------------------------------------
Attachment: HADOOP-13346.patch
Here's a patch with a test. The test fails without the code changes and
demonstrates that a Writer that checks whether it has been closed will cause a
problem with the current code.
There are a number of ways to fix this, I simply added a configuration step
that checks if any of jackson's JsonFactory features are configured, and in
turn configures them for the DelegationTokenAuthenticationHandler. This lets
you specify arbitrary jackson features, which is nice, but it does have some
risk in terms of feature names changing. Alternatively, you could define a
static mapping from features to auth handler configs, or allow the user to pass
in a JsonFactory to init (although the code currently casts everything to
String, so that would have to change).
> DelegationTokenAuthenticationHandler writes via closed writer
> -------------------------------------------------------------
>
> Key: HADOOP-13346
> URL: https://issues.apache.org/jira/browse/HADOOP-13346
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Reporter: Gregory Chanan
> Priority: Minor
> Attachments: HADOOP-13346.patch
>
>
> By default, jackson's ObjectMapper closes the writer after writing, so in the
> following code
> {code}
> ObjectMapper jsonMapper = new ObjectMapper();
> jsonMapper.writeValue(writer, map);
> writer.write(ENTER);
> {code}
> (https://github.com/apache/hadoop/blob/8a9d293dd60f6d51e1574e412d40746ba8175fe1/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationHandler.java#L280-L282)
> writer.write actually writes to a closed stream. This doesn't seem to cause
> a problem with the version of jetty that hadoop uses (those just ignore
> closes), but causes problems on later verisons of jetty -- I hit this on
> jetty 8 while implementing SOLR-9200.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
