[jira] [Commented] (HADOOP-11181) o.a.h.security.token.delegation.DelegationTokenManager should be more generalized to handle other DelegationTokenIdentifier

Thu, 16 Oct 2014 07:00:17 -0700 

    [ 
https://issues.apache.org/jira/browse/HADOOP-11181?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14173766#comment-14173766
 ] 

Hudson commented on HADOOP-11181:
---------------------------------

FAILURE: Integrated in Hadoop-Hdfs-trunk #1903 (See 
[https://builds.apache.org/job/Hadoop-Hdfs-trunk/1903/])
HADOOP-11181. GraphiteSink emits wrong timestamps (Sascha Coenen via raviprak) 
(raviprak: rev 466f08792f11c2f95bf293ac9b6facd7018a5bb8)
* 
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/metrics2/sink/GraphiteSink.java
* hadoop-common-project/hadoop-common/CHANGES.txt
* 
hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/metrics2/impl/TestGraphiteMetrics.java


> o.a.h.security.token.delegation.DelegationTokenManager should be more 
> generalized to handle other DelegationTokenIdentifier
> ---------------------------------------------------------------------------------------------------------------------------
>
>                 Key: HADOOP-11181
>                 URL: https://issues.apache.org/jira/browse/HADOOP-11181
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>            Reporter: Zhijie Shen
>            Assignee: Zhijie Shen
>             Fix For: 2.6.0
>
>         Attachments: HADOOP-11181.1.patch, HADOOP-11181.2.patch, 
> HADOOP-11181.3.patch, HADOOP-11181.4.patch, HADOOP-11181.5.patch
>
>
> While DelegationTokenManager can set external secretManager, it have the 
> assumption that the token is going to be 
> o.a.h.security.token.delegation.DelegationTokenIdentifier, and use 
> DelegationTokenIdentifier method to decode a token. 
> {code}
>   @SuppressWarnings("unchecked")
>   public UserGroupInformation verifyToken(Token<DelegationTokenIdentifier>
>       token) throws IOException {
>     ByteArrayInputStream buf = new 
> ByteArrayInputStream(token.getIdentifier());
>     DataInputStream dis = new DataInputStream(buf);
>     DelegationTokenIdentifier id = new DelegationTokenIdentifier(tokenKind);
>     id.readFields(dis);
>     dis.close();
>     secretManager.verifyToken(id, token.getPassword());
>     return id.getUser();
>   }
> {code}
> It's not going to work it the token kind is other than 
> web.DelegationTokenIdentifier. For example, RM want to reuse it but hook it 
> to RMDelegationTokenSecretManager and RMDelegationTokenIdentifier, which has 
> the customized way to decode a token.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to