[ https://issues.apache.org/jira/browse/HADOOP-11181?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14172379#comment-14172379 ]
Hudson commented on HADOOP-11181: --------------------------------- FAILURE: Integrated in Hadoop-Hdfs-trunk #1902 (See [https://builds.apache.org/job/Hadoop-Hdfs-trunk/1902/]) HADOOP-11181. Generalized o.a.h.s.t.d.DelegationTokenManager to handle all sub-classes of AbstractDelegationTokenIdentifier. Contributed by Zhijie Shen. (zjshen: rev cdce88376a60918dfe2f3bcd82a7666d74992a19) * hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenManager.java * hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticationHandler.java * hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java * hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenIdentifier.java * hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/token/delegation/web/TestDelegationTokenManager.java * hadoop-common-project/hadoop-common/CHANGES.txt * hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/token/delegation/TestZKDelegationTokenSecretManager.java * hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/token/delegation/web/TestDelegationTokenAuthenticationHandlerWithMocks.java * hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/TestRMWebServicesDelegationTokens.java > o.a.h.security.token.delegation.DelegationTokenManager should be more > generalized to handle other DelegationTokenIdentifier > --------------------------------------------------------------------------------------------------------------------------- > > Key: HADOOP-11181 > URL: https://issues.apache.org/jira/browse/HADOOP-11181 > Project: Hadoop Common > Issue Type: Bug > Components: security > Reporter: Zhijie Shen > Assignee: Zhijie Shen > Fix For: 2.6.0 > > Attachments: HADOOP-11181.1.patch, HADOOP-11181.2.patch, > HADOOP-11181.3.patch, HADOOP-11181.4.patch, HADOOP-11181.5.patch > > > While DelegationTokenManager can set external secretManager, it have the > assumption that the token is going to be > o.a.h.security.token.delegation.DelegationTokenIdentifier, and use > DelegationTokenIdentifier method to decode a token. > {code} > @SuppressWarnings("unchecked") > public UserGroupInformation verifyToken(Token<DelegationTokenIdentifier> > token) throws IOException { > ByteArrayInputStream buf = new > ByteArrayInputStream(token.getIdentifier()); > DataInputStream dis = new DataInputStream(buf); > DelegationTokenIdentifier id = new DelegationTokenIdentifier(tokenKind); > id.readFields(dis); > dis.close(); > secretManager.verifyToken(id, token.getPassword()); > return id.getUser(); > } > {code} > It's not going to work it the token kind is other than > web.DelegationTokenIdentifier. For example, RM want to reuse it but hook it > to RMDelegationTokenSecretManager and RMDelegationTokenIdentifier, which has > the customized way to decode a token. -- This message was sent by Atlassian JIRA (v6.3.4#6332)