Hadoop Common
  1. Hadoop Common
  2. HADOOP-10791

AuthenticationFilter should support externalizing the secret for signing and provide rotation support

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.4.1
    • Fix Version/s: 2.6.0
    • Component/s: security
    • Labels:
      None
    • Target Version/s:
    • Hadoop Flags:
      Reviewed

      Description

      It should be possible to externalize the secret used to sign the hadoop-auth cookies.

      In the case of WebHDFS the shared secret used by NN and DNs could be used. In the case of Oozie HA, the secret could be stored in Oozie HA control data in ZooKeeper.

      In addition, it is desirable for the secret to change periodically, this means that the AuthenticationService should remember a previous secret for the max duration of hadoop-auth cookie.

      1. HADOOP-10791.patch
        43 kB
        Robert Kanter
      2. HADOOP-10791.patch
        43 kB
        Robert Kanter
      3. HADOOP-10791.patch
        53 kB
        Robert Kanter
      4. HADOOP-10791.patch
        54 kB
        Robert Kanter

        Issue Links

          Activity

          Hide
          Larry McCay added a comment -

          Hi Alejandro Abdelnur - I was planning on adding support for the credential provider API for this.
          What do you have in mind? Am I correct in assuming you mean the secret stored in hadoop.http.authentication.signature.secret.file?

          Show
          Larry McCay added a comment - Hi Alejandro Abdelnur - I was planning on adding support for the credential provider API for this. What do you have in mind? Am I correct in assuming you mean the secret stored in hadoop.http.authentication.signature.secret.file?
          Hide
          Alejandro Abdelnur added a comment -

          Larry McCay, my idea was to break the hadoop-auth Signer into an interface/impl and provide 2 impls in hadoop-auth, random/secret-file. WebHDFS would have its own impl that uses the same secret use for block tokens. in common we could have one that goes to the credentials provider, sure. And, the rotation of secret, if supported, is taken care by the impl itself.

          Show
          Alejandro Abdelnur added a comment - Larry McCay , my idea was to break the hadoop-auth Signer into an interface/impl and provide 2 impls in hadoop-auth, random/secret-file. WebHDFS would have its own impl that uses the same secret use for block tokens. in common we could have one that goes to the credentials provider, sure. And, the rotation of secret, if supported, is taken care by the impl itself.
          Hide
          Larry McCay added a comment -

          So, how does the signature get validated if it is a randomized secret? It has to be stored somewhere, no?
          If the random impl eliminates storing clear text secrets for this then we may not need the credential api impl after all.

          Show
          Larry McCay added a comment - So, how does the signature get validated if it is a randomized secret? It has to be stored somewhere, no? If the random impl eliminates storing clear text secrets for this then we may not need the credential api impl after all.
          Hide
          Alejandro Abdelnur added a comment -

          the signer implementation would keep it.

          Show
          Alejandro Abdelnur added a comment - the signer implementation would keep it.
          Hide
          Owen O'Malley added a comment -

          With random, how do you synchronize between different servers and machines?

          Show
          Owen O'Malley added a comment - With random, how do you synchronize between different servers and machines?
          Hide
          Robert Kanter added a comment -

          We'd use ZooKeeper to synchronize the random secret and it's rollover.

          Show
          Robert Kanter added a comment - We'd use ZooKeeper to synchronize the random secret and it's rollover.
          Hide
          Alejandro Abdelnur added a comment -

          If you have multiple instances of the same service (i.e. multiple Oozie, HttpFS or KMS instances in an HA/horizontal-scalability setup), you need, similar to DTs, to share the generated secret.

          Show
          Alejandro Abdelnur added a comment - If you have multiple instances of the same service (i.e. multiple Oozie, HttpFS or KMS instances in an HA/horizontal-scalability setup), you need, similar to DTs, to share the generated secret.
          Hide
          Owen O'Malley added a comment -

          Alejandro, that is obvious. The synchronization is exactly why I was asking the question.

          Robert, that makes sense to me. I assume you are going to use a single secret for all of the Hadoop services so that you get single sign on. Are you going to need a separate server to update the secrets or are you going to have the various servers pick a leader to roll the secrets?

          Show
          Owen O'Malley added a comment - Alejandro, that is obvious. The synchronization is exactly why I was asking the question. Robert, that makes sense to me. I assume you are going to use a single secret for all of the Hadoop services so that you get single sign on. Are you going to need a separate server to update the secrets or are you going to have the various servers pick a leader to roll the secrets?
          Hide
          Robert Kanter added a comment -

          I assume you are going to use a single secret for all of the Hadoop services so that you get single sign on.

          I hadn't thought about this, but it sounds like a good idea. I'm going to store the information in a znode, so if you configure all Hadoop services to point to the same anode for their secret, then they should all use the same secret.

          Are you going to need a separate server to update the secrets or are you going to have the various servers pick a leader to roll the secrets?

          I'm going to do neither. Basically, at the rollover time, each server will "propose" a new secret to use, but only one of them will succeed (because of the version number); then all servers will use the secret of whichever one won. I like this approach because even if they're synchronized properly on the rollover, there's likely to be variance in when they actually run the rollover code, so this ensures that there will always be a new secret; If the leader is slower or later than the others, we'd have to handle that properly. We also don't have to worry about the leader dying at an inconvenient time. If you want I can write up something describing the design in more detail.

          Show
          Robert Kanter added a comment - I assume you are going to use a single secret for all of the Hadoop services so that you get single sign on. I hadn't thought about this, but it sounds like a good idea. I'm going to store the information in a znode, so if you configure all Hadoop services to point to the same anode for their secret, then they should all use the same secret. Are you going to need a separate server to update the secrets or are you going to have the various servers pick a leader to roll the secrets? I'm going to do neither. Basically, at the rollover time, each server will "propose" a new secret to use, but only one of them will succeed (because of the version number); then all servers will use the secret of whichever one won. I like this approach because even if they're synchronized properly on the rollover, there's likely to be variance in when they actually run the rollover code, so this ensures that there will always be a new secret; If the leader is slower or later than the others, we'd have to handle that properly. We also don't have to worry about the leader dying at an inconvenient time. If you want I can write up something describing the design in more detail.
          Hide
          Robert Kanter added a comment -

          I've spun off the ZooKeeper-backed signer provider to a separate JIRA (HADOOP-10868) because it will require a bit more work and testing than the other providers, especially to add support for Kerberos ACLs on the znode with the secrets. I should be able to put up a patch for everything else soon.

          Show
          Robert Kanter added a comment - I've spun off the ZooKeeper-backed signer provider to a separate JIRA ( HADOOP-10868 ) because it will require a bit more work and testing than the other providers, especially to add support for Kerberos ACLs on the znode with the secrets. I should be able to put up a patch for everything else soon.
          Hide
          Larry McCay added a comment -

          That's a great idea, Robert Kanter.

          Show
          Larry McCay added a comment - That's a great idea, Robert Kanter .
          Hide
          Robert Kanter added a comment -

          The patch adds the SignerSecretProvider class, which can be subclassed for different providers. There’s also a StringSignerSecretProvider, which just provides a configured string, and a RandomSignerSecretProvider, which provides a random number that rolls over. These are equivalent to the current behavior (minus that the random secret rolls over now) and are enabled the same way as before. In addition, an arbitrary subclass of SignerSecretProvider can be provided programmatically by any subclasses of AuthenticationFilter. There’s also a RolloverSignerSecretProvider (which RandomSignerSecretProvider and HADOOP-10868 use); it supports rolling secrets and handles a bunch of stuff for its subclasses. It rolls over at the same interval as the token expiration.

          Show
          Robert Kanter added a comment - The patch adds the SignerSecretProvider class, which can be subclassed for different providers. There’s also a StringSignerSecretProvider , which just provides a configured string, and a RandomSignerSecretProvider , which provides a random number that rolls over. These are equivalent to the current behavior (minus that the random secret rolls over now) and are enabled the same way as before. In addition, an arbitrary subclass of SignerSecretProvider can be provided programmatically by any subclasses of AuthenticationFilter . There’s also a RolloverSignerSecretProvider (which RandomSignerSecretProvider and HADOOP-10868 use); it supports rolling secrets and handles a bunch of stuff for its subclasses. It rolls over at the same interval as the token expiration.
          Hide
          Hadoop QA added a comment -

          -1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12657156/HADOOP-10791.patch
          against trunk revision .

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 5 new or modified test files.

          +1 javac. The applied patch does not increase the total number of javac compiler warnings.

          +1 javadoc. There were no new javadoc warning messages.

          +1 eclipse:eclipse. The patch built with eclipse:eclipse.

          -1 findbugs. The patch appears to introduce 2 new Findbugs (version 2.0.3) warnings.

          +1 release audit. The applied patch does not increase the total number of release audit warnings.

          +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-auth.

          +1 contrib tests. The patch passed contrib unit tests.

          Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/4339//testReport/
          Findbugs warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/4339//artifact/trunk/patchprocess/newPatchFindbugsWarningshadoop-auth.html
          Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/4339//console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - -1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12657156/HADOOP-10791.patch against trunk revision . +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 5 new or modified test files. +1 javac . The applied patch does not increase the total number of javac compiler warnings. +1 javadoc . There were no new javadoc warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. -1 findbugs . The patch appears to introduce 2 new Findbugs (version 2.0.3) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-auth. +1 contrib tests . The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/4339//testReport/ Findbugs warnings: https://builds.apache.org/job/PreCommit-HADOOP-Build/4339//artifact/trunk/patchprocess/newPatchFindbugsWarningshadoop-auth.html Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/4339//console This message is automatically generated.
          Hide
          Robert Kanter added a comment -

          New patch fixes findbugs warnings

          Show
          Robert Kanter added a comment - New patch fixes findbugs warnings
          Hide
          Hadoop QA added a comment -

          -1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12657210/HADOOP-10791.patch
          against trunk revision .

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 5 new or modified test files.

          +1 javac. The applied patch does not increase the total number of javac compiler warnings.

          +1 javadoc. There were no new javadoc warning messages.

          +1 eclipse:eclipse. The patch built with eclipse:eclipse.

          +1 findbugs. The patch does not introduce any new Findbugs (version 2.0.3) warnings.

          +1 release audit. The applied patch does not increase the total number of release audit warnings.

          -1 core tests. The patch failed these unit tests in hadoop-common-project/hadoop-auth:

          org.apache.hadoop.security.authentication.client.TestKerberosAuthenticator

          +1 contrib tests. The patch passed contrib unit tests.

          Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/4341//testReport/
          Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/4341//console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - -1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12657210/HADOOP-10791.patch against trunk revision . +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 5 new or modified test files. +1 javac . The applied patch does not increase the total number of javac compiler warnings. +1 javadoc . There were no new javadoc warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 2.0.3) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. -1 core tests . The patch failed these unit tests in hadoop-common-project/hadoop-auth: org.apache.hadoop.security.authentication.client.TestKerberosAuthenticator +1 contrib tests . The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/4341//testReport/ Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/4341//console This message is automatically generated.
          Hide
          Robert Kanter added a comment -

          I ran the failed test multiple times and it always succeeded; I think it was just being flakey.

          Show
          Robert Kanter added a comment - I ran the failed test multiple times and it always succeeded; I think it was just being flakey.
          Hide
          Larry McCay added a comment -

          Hi Robert Kanter - I've been trying to see where/how to leverage the credential provider API within this pluggable mechanism. I think that I am missing the persistence of the random signer secret - unless you are just keeping it in memory for now and waiting for the ZK implementation to persist. What I would like to see is a persistence hook that we can have multiple mechanisms for persistence.

          We would have at least three persistent stores that I can see off the bat:
          1. current file
          2. zookeeper
          3. java keystore (available through cred provider already)

          If we implement all three as credential provider api providers then that contract could be the hook.
          If not, we need another abstraction to plug in the various implementations.

          Am I misunderstanding the thinking behind the pluggability being introduced here and/or missing the persistence of the random impl in this patch?

          Show
          Larry McCay added a comment - Hi Robert Kanter - I've been trying to see where/how to leverage the credential provider API within this pluggable mechanism. I think that I am missing the persistence of the random signer secret - unless you are just keeping it in memory for now and waiting for the ZK implementation to persist. What I would like to see is a persistence hook that we can have multiple mechanisms for persistence. We would have at least three persistent stores that I can see off the bat: 1. current file 2. zookeeper 3. java keystore (available through cred provider already) If we implement all three as credential provider api providers then that contract could be the hook. If not, we need another abstraction to plug in the various implementations. Am I misunderstanding the thinking behind the pluggability being introduced here and/or missing the persistence of the random impl in this patch?
          Hide
          Larry McCay added a comment -

          BTW - thank you for this patch and opening up this for pluggable implementations!

          Show
          Larry McCay added a comment - BTW - thank you for this patch and opening up this for pluggable implementations!
          Hide
          Alejandro Abdelnur added a comment -

          Larry, imo, if an impl wants to persist the secret, it should do it transparently when doing a rotation, i don't think we need a api for that.

          thoughts?

          Show
          Alejandro Abdelnur added a comment - Larry, imo, if an impl wants to persist the secret, it should do it transparently when doing a rotation, i don't think we need a api for that. thoughts?
          Hide
          Larry McCay added a comment -

          It certainly should be transparent and that is a fine place to do it - exactly what I expected to see actually. I just think that the fact that the RandomSignerSecretProvider introduces a way to get a randomized secret that it should be able to be used with any number of persistence strategies which can be abstracted by the credential provider API or something else if desirable. Otherwise, we may see a proliferation of SignerSecretProviders just to change the persistence.

          If we added a method to the abstract base class then it could be used by derived classes or not as appropriate for the concrete implementation.

          If this is not seen as useful then I can add a CredProviderRandomSecretProvider so that we can control where and how it is stored - it just seems unfortunate to have a whole new implementation for it.

          Of course the added benefit is that it would potentially build out cred provider impls that can be used elsewhere too. For instance, a zookeeper credential provider would be useful on its own.

          Like I said, we can work around it but it seems like an opportunity to me.

          Show
          Larry McCay added a comment - It certainly should be transparent and that is a fine place to do it - exactly what I expected to see actually. I just think that the fact that the RandomSignerSecretProvider introduces a way to get a randomized secret that it should be able to be used with any number of persistence strategies which can be abstracted by the credential provider API or something else if desirable. Otherwise, we may see a proliferation of SignerSecretProviders just to change the persistence. If we added a method to the abstract base class then it could be used by derived classes or not as appropriate for the concrete implementation. If this is not seen as useful then I can add a CredProviderRandomSecretProvider so that we can control where and how it is stored - it just seems unfortunate to have a whole new implementation for it. Of course the added benefit is that it would potentially build out cred provider impls that can be used elsewhere too. For instance, a zookeeper credential provider would be useful on its own. Like I said, we can work around it but it seems like an opportunity to me.
          Hide
          Owen O'Malley added a comment -

          Alejandro,
          It looks like it would make sense to use the KeyProvider for this. Having a KeyProvider implementation that reads from Zookeeper would be pretty easy.

          Show
          Owen O'Malley added a comment - Alejandro, It looks like it would make sense to use the KeyProvider for this. Having a KeyProvider implementation that reads from Zookeeper would be pretty easy.
          Hide
          Owen O'Malley added a comment -

          In particular, this is just a rolling random key that you want to preserve the last two values of. It doesn't make sense to require zookeeper if the user doesn't already have it deployed.

          Show
          Owen O'Malley added a comment - In particular, this is just a rolling random key that you want to preserve the last two values of. It doesn't make sense to require zookeeper if the user doesn't already have it deployed.
          Hide
          Alejandro Abdelnur added a comment -

          Larry McCay, on adding the persistent method, sure. Lets see how the ZK impl ends up being to see if we can generalize it for other impls in a superclass.

          Owen O'Malley, we are already using ZK for all HA related things in Hadoop, so ZK is already there if you care about HA & failover. Having an signature secret provider going to keystore to go to zookeeper seems unnecessary complexity. Plus hadoop-auth does not have access to hadoop-common stuff.

          Show
          Alejandro Abdelnur added a comment - Larry McCay , on adding the persistent method, sure. Lets see how the ZK impl ends up being to see if we can generalize it for other impls in a superclass. Owen O'Malley , we are already using ZK for all HA related things in Hadoop, so ZK is already there if you care about HA & failover. Having an signature secret provider going to keystore to go to zookeeper seems unnecessary complexity. Plus hadoop-auth does not have access to hadoop-common stuff.
          Hide
          Owen O'Malley added a comment -

          Alejandro, there is a huge difference between requiring zookeeper for HA and requiring zookeeper for spnego. The unnecessary complexity is creating a plugin interface for the one use case that is completely covered by the plugin interface you already have.

          Show
          Owen O'Malley added a comment - Alejandro, there is a huge difference between requiring zookeeper for HA and requiring zookeeper for spnego. The unnecessary complexity is creating a plugin interface for the one use case that is completely covered by the plugin interface you already have.
          Hide
          Alejandro Abdelnur added a comment -

          Owen, I would say that persisting the rolling secret for other purposes of HA (to share it with other HA instances) is kind of not very useful. Without HA, on restart, simply generate a new random secret; all cookies signed with the now-gone secret will be rejected triggering a re-authentication. Now, note that we are talking about hadoop-auth cookies being signed, hadoop-auth cookies are not meant to be transferred to other processes (ie tasks). On the other hand, delegation tokens are, delegation tokens as you know, are keep in the secret store of the server(s), thus you need HA for delegation tokens to be useful across failures.

          Said that, I’m not opposed to have an API to save it, just it should not be in the contract API but in a base impl.

          Show
          Alejandro Abdelnur added a comment - Owen, I would say that persisting the rolling secret for other purposes of HA (to share it with other HA instances) is kind of not very useful. Without HA, on restart, simply generate a new random secret; all cookies signed with the now-gone secret will be rejected triggering a re-authentication. Now, note that we are talking about hadoop-auth cookies being signed, hadoop-auth cookies are not meant to be transferred to other processes (ie tasks). On the other hand, delegation tokens are, delegation tokens as you know, are keep in the secret store of the server(s), thus you need HA for delegation tokens to be useful across failures. Said that, I’m not opposed to have an API to save it, just it should not be in the contract API but in a base impl.
          Hide
          Alejandro Abdelnur added a comment -

          AuthenticationFilter.java:

          The boostrap of the signer secret provider logic is a bit complex, how about?

              validity = Long.parseLong(config.getProperty(AUTH_TOKEN_VALIDITY, "36000"))
                  * 1000; //10 hours
              secretProvider = (SignerSecretProvider) filterConfig.getServletContext().
                  getAttribute(SIGNATURE_PROVIDER_ATTRIBUTE);
              if (secretProvider == null) {
                String signerSecretProviderClassName = 
                    config.getProperty(configPrefix + SIGNER_SECRET_PROVIDER_CLASS, null);
                if (signerSecretProviderClassName == null) {
                  String signatureSecret = 
                      config.getProperty(configPrefix + SIGNATURE_SECRET, null);
                  if (signatureSecret != null) {
                    secretProvider = new StringSignerSecretProvider(signatureSecret);
                  } else {
                    secretProvider = new RandomSignerSecretProvider();
                  }
                } else {
                  try {
                    Class<?> klass = Thread.currentThread().getContextClassLoader().
                        loadClass(signerSecretProviderClassName);
                    secretProvider = (SignerSecretProvider) klass.newInstance();          
                  } catch (ClassNotFoundException ex) {
                    throw new ServletException(ex);
                  } catch (InstantiationException ex) {
                    throw new ServletException(ex);
                  } catch (IllegalAccessException ex) {
                    throw new ServletException(ex);
                  }
                }
                try {
                  secretProvider.init(config, validity);
                } catch (Exception ex) {
                  throw new ServletException(ex);
                }
              }
          

          Note the StringSignerSecretProvider would have a constructor that takes a secret besides the default one.

          RollingSignerSecretProvider.java:

          • the scheduler should be created in the init() method, to avoid a run away thread if an exception happens before init.
          • if rollSecret() is synched so it cannot run simultaneously with destroy() then we need to have a boolean that indicates if the provider is destroyed, and check that in rollSecret(), if destroy do a NOP.

          Signer.java:

          • we can get rid of the Signer(byte[]) constructor.

          SignerSecretProvider.java:

          • init() should not have a secretStr param, that is impl specific.

          Logic change:

          Now we are creating a new array on every getAllSecrets() call on every getCurrentSecret() call. this is because we don’t want a caller to be able to modify the secret.

          How about moving the signing/verification logic into the SignerSecretProvider, then you don’t give away the secrets, then you don’t have to clone them either.

          Show
          Alejandro Abdelnur added a comment - AuthenticationFilter.java : The boostrap of the signer secret provider logic is a bit complex, how about? validity = Long .parseLong(config.getProperty(AUTH_TOKEN_VALIDITY, "36000" )) * 1000; //10 hours secretProvider = (SignerSecretProvider) filterConfig.getServletContext(). getAttribute(SIGNATURE_PROVIDER_ATTRIBUTE); if (secretProvider == null ) { String signerSecretProviderClassName = config.getProperty(configPrefix + SIGNER_SECRET_PROVIDER_CLASS, null ); if (signerSecretProviderClassName == null ) { String signatureSecret = config.getProperty(configPrefix + SIGNATURE_SECRET, null ); if (signatureSecret != null ) { secretProvider = new StringSignerSecretProvider(signatureSecret); } else { secretProvider = new RandomSignerSecretProvider(); } } else { try { Class <?> klass = Thread .currentThread().getContextClassLoader(). loadClass(signerSecretProviderClassName); secretProvider = (SignerSecretProvider) klass.newInstance(); } catch (ClassNotFoundException ex) { throw new ServletException(ex); } catch (InstantiationException ex) { throw new ServletException(ex); } catch (IllegalAccessException ex) { throw new ServletException(ex); } } try { secretProvider.init(config, validity); } catch (Exception ex) { throw new ServletException(ex); } } Note the StringSignerSecretProvider would have a constructor that takes a secret besides the default one. RollingSignerSecretProvider.java : the scheduler should be created in the init() method, to avoid a run away thread if an exception happens before init. if rollSecret() is synched so it cannot run simultaneously with destroy() then we need to have a boolean that indicates if the provider is destroyed, and check that in rollSecret() , if destroy do a NOP. Signer.java : we can get rid of the Signer(byte[]) constructor. SignerSecretProvider.java : init() should not have a secretStr param, that is impl specific. Logic change: Now we are creating a new array on every getAllSecrets() call on every getCurrentSecret() call. this is because we don’t want a caller to be able to modify the secret. How about moving the signing/verification logic into the SignerSecretProvider , then you don’t give away the secrets, then you don’t have to clone them either.
          Hide
          Robert Kanter added a comment -

          The patch addresses Tucu's comments.

          I spoke with him about hist last point (the logic change) and we decided it should be fine to leave the code where it is and instead not create new arrays and document that these should not be modified by the caller. I also added findbugs excludes for this.

          Show
          Robert Kanter added a comment - The patch addresses Tucu's comments. I spoke with him about hist last point (the logic change) and we decided it should be fine to leave the code where it is and instead not create new arrays and document that these should not be modified by the caller. I also added findbugs excludes for this.
          Hide
          Hadoop QA added a comment -

          +1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12659280/HADOOP-10791.patch
          against trunk revision .

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 6 new or modified test files.

          +1 javac. The applied patch does not increase the total number of javac compiler warnings.

          +1 javadoc. There were no new javadoc warning messages.

          +1 eclipse:eclipse. The patch built with eclipse:eclipse.

          +1 findbugs. The patch does not introduce any new Findbugs (version 2.0.3) warnings.

          +1 release audit. The applied patch does not increase the total number of release audit warnings.

          +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-auth hadoop-hdfs-project/hadoop-hdfs-httpfs.

          +1 contrib tests. The patch passed contrib unit tests.

          Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/4409//testReport/
          Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/4409//console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - +1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12659280/HADOOP-10791.patch against trunk revision . +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 6 new or modified test files. +1 javac . The applied patch does not increase the total number of javac compiler warnings. +1 javadoc . There were no new javadoc warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 2.0.3) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-auth hadoop-hdfs-project/hadoop-hdfs-httpfs. +1 contrib tests . The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/4409//testReport/ Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/4409//console This message is automatically generated.
          Hide
          Alejandro Abdelnur added a comment -

          All new classes (except tests) should have visibility/stability annotations.

          Show
          Alejandro Abdelnur added a comment - All new classes (except tests) should have visibility/stability annotations.
          Hide
          Robert Kanter added a comment -

          Added annotations in the new patch.

          Show
          Robert Kanter added a comment - Added annotations in the new patch.
          Hide
          Hadoop QA added a comment -

          +1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12659739/HADOOP-10791.patch
          against trunk revision .

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 6 new or modified test files.

          +1 javac. The applied patch does not increase the total number of javac compiler warnings.

          +1 javadoc. There were no new javadoc warning messages.

          +1 eclipse:eclipse. The patch built with eclipse:eclipse.

          +1 findbugs. The patch does not introduce any new Findbugs (version 2.0.3) warnings.

          +1 release audit. The applied patch does not increase the total number of release audit warnings.

          +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-auth hadoop-hdfs-project/hadoop-hdfs-httpfs.

          +1 contrib tests. The patch passed contrib unit tests.

          Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/4422//testReport/
          Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/4422//console

          This message is automatically generated.

          Show
          Hadoop QA added a comment - +1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12659739/HADOOP-10791.patch against trunk revision . +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 6 new or modified test files. +1 javac . The applied patch does not increase the total number of javac compiler warnings. +1 javadoc . There were no new javadoc warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 2.0.3) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-auth hadoop-hdfs-project/hadoop-hdfs-httpfs. +1 contrib tests . The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/4422//testReport/ Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/4422//console This message is automatically generated.
          Hide
          Alejandro Abdelnur added a comment -

          +1

          Show
          Alejandro Abdelnur added a comment - +1
          Hide
          Hudson added a comment -

          FAILURE: Integrated in Hadoop-trunk-Commit #6016 (See https://builds.apache.org/job/Hadoop-trunk-Commit/6016/)
          HADOOP-10791. AuthenticationFilter should support externalizing the secret for signing and provide rotation support. (rkanter via tucu) (tucu: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1616005)

          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/dev-support
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/dev-support/findbugsExcludeFile.xml
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/pom.xml
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/RandomSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/RolloverSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/Signer.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/SignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestRandomSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestRolloverSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestSigner.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestStringSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
          • /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/test/java/org/apache/hadoop/fs/http/server/TestHttpFSServer.java
          Show
          Hudson added a comment - FAILURE: Integrated in Hadoop-trunk-Commit #6016 (See https://builds.apache.org/job/Hadoop-trunk-Commit/6016/ ) HADOOP-10791 . AuthenticationFilter should support externalizing the secret for signing and provide rotation support. (rkanter via tucu) (tucu: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1616005 ) /hadoop/common/trunk/hadoop-common-project/hadoop-auth/dev-support /hadoop/common/trunk/hadoop-common-project/hadoop-auth/dev-support/findbugsExcludeFile.xml /hadoop/common/trunk/hadoop-common-project/hadoop-auth/pom.xml /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/RandomSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/RolloverSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/Signer.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/SignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestRandomSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestRolloverSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestSigner.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestStringSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/test/java/org/apache/hadoop/fs/http/server/TestHttpFSServer.java
          Hide
          Alejandro Abdelnur added a comment -

          Thanks Robert. Committed to trunk and branch-2.

          Show
          Alejandro Abdelnur added a comment - Thanks Robert. Committed to trunk and branch-2.
          Hide
          Hudson added a comment -

          FAILURE: Integrated in Hadoop-Yarn-trunk #635 (See https://builds.apache.org/job/Hadoop-Yarn-trunk/635/)
          HADOOP-10791. AuthenticationFilter should support externalizing the secret for signing and provide rotation support. (rkanter via tucu) (tucu: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1616005)

          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/dev-support
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/dev-support/findbugsExcludeFile.xml
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/pom.xml
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/RandomSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/RolloverSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/Signer.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/SignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestRandomSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestRolloverSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestSigner.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestStringSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
          • /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/test/java/org/apache/hadoop/fs/http/server/TestHttpFSServer.java
          Show
          Hudson added a comment - FAILURE: Integrated in Hadoop-Yarn-trunk #635 (See https://builds.apache.org/job/Hadoop-Yarn-trunk/635/ ) HADOOP-10791 . AuthenticationFilter should support externalizing the secret for signing and provide rotation support. (rkanter via tucu) (tucu: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1616005 ) /hadoop/common/trunk/hadoop-common-project/hadoop-auth/dev-support /hadoop/common/trunk/hadoop-common-project/hadoop-auth/dev-support/findbugsExcludeFile.xml /hadoop/common/trunk/hadoop-common-project/hadoop-auth/pom.xml /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/RandomSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/RolloverSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/Signer.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/SignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestRandomSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestRolloverSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestSigner.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestStringSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/test/java/org/apache/hadoop/fs/http/server/TestHttpFSServer.java
          Hide
          Hudson added a comment -

          FAILURE: Integrated in Hadoop-Hdfs-trunk #1829 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/1829/)
          HADOOP-10791. AuthenticationFilter should support externalizing the secret for signing and provide rotation support. (rkanter via tucu) (tucu: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1616005)

          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/dev-support
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/dev-support/findbugsExcludeFile.xml
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/pom.xml
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/RandomSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/RolloverSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/Signer.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/SignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestRandomSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestRolloverSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestSigner.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestStringSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
          • /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/test/java/org/apache/hadoop/fs/http/server/TestHttpFSServer.java
          Show
          Hudson added a comment - FAILURE: Integrated in Hadoop-Hdfs-trunk #1829 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/1829/ ) HADOOP-10791 . AuthenticationFilter should support externalizing the secret for signing and provide rotation support. (rkanter via tucu) (tucu: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1616005 ) /hadoop/common/trunk/hadoop-common-project/hadoop-auth/dev-support /hadoop/common/trunk/hadoop-common-project/hadoop-auth/dev-support/findbugsExcludeFile.xml /hadoop/common/trunk/hadoop-common-project/hadoop-auth/pom.xml /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/RandomSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/RolloverSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/Signer.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/SignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestRandomSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestRolloverSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestSigner.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestStringSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/test/java/org/apache/hadoop/fs/http/server/TestHttpFSServer.java
          Hide
          Hudson added a comment -

          FAILURE: Integrated in Hadoop-Mapreduce-trunk #1855 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/1855/)
          HADOOP-10791. AuthenticationFilter should support externalizing the secret for signing and provide rotation support. (rkanter via tucu) (tucu: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1616005)

          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/dev-support
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/dev-support/findbugsExcludeFile.xml
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/pom.xml
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/RandomSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/RolloverSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/Signer.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/SignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestRandomSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestRolloverSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestSigner.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestStringSignerSecretProvider.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
          • /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/test/java/org/apache/hadoop/fs/http/server/TestHttpFSServer.java
          Show
          Hudson added a comment - FAILURE: Integrated in Hadoop-Mapreduce-trunk #1855 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/1855/ ) HADOOP-10791 . AuthenticationFilter should support externalizing the secret for signing and provide rotation support. (rkanter via tucu) (tucu: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1616005 ) /hadoop/common/trunk/hadoop-common-project/hadoop-auth/dev-support /hadoop/common/trunk/hadoop-common-project/hadoop-auth/dev-support/findbugsExcludeFile.xml /hadoop/common/trunk/hadoop-common-project/hadoop-auth/pom.xml /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/RandomSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/RolloverSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/Signer.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/SignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/StringSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestRandomSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestRolloverSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestSigner.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestStringSignerSecretProvider.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs-httpfs/src/test/java/org/apache/hadoop/fs/http/server/TestHttpFSServer.java
          Hide
          Hudson added a comment -

          SUCCESS: Integrated in Hadoop-trunk-Commit #6026 (See https://builds.apache.org/job/Hadoop-trunk-Commit/6026/)
          YARN-2388. Fixed TestTimelineWebServices failure due to HADOOP-10791. Contributed by Zhijie Shen. (zjshen: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1616405)

          • /hadoop/common/trunk/hadoop-yarn-project/CHANGES.txt
          • /hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/test/java/org/apache/hadoop/yarn/server/timeline/webapp/TestTimelineWebServices.java
          Show
          Hudson added a comment - SUCCESS: Integrated in Hadoop-trunk-Commit #6026 (See https://builds.apache.org/job/Hadoop-trunk-Commit/6026/ ) YARN-2388 . Fixed TestTimelineWebServices failure due to HADOOP-10791 . Contributed by Zhijie Shen. (zjshen: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1616405 ) /hadoop/common/trunk/hadoop-yarn-project/CHANGES.txt /hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/test/java/org/apache/hadoop/yarn/server/timeline/webapp/TestTimelineWebServices.java
          Hide
          Hudson added a comment -

          FAILURE: Integrated in Hadoop-Yarn-trunk #637 (See https://builds.apache.org/job/Hadoop-Yarn-trunk/637/)
          YARN-2388. Fixed TestTimelineWebServices failure due to HADOOP-10791. Contributed by Zhijie Shen. (zjshen: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1616405)

          • /hadoop/common/trunk/hadoop-yarn-project/CHANGES.txt
          • /hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/test/java/org/apache/hadoop/yarn/server/timeline/webapp/TestTimelineWebServices.java
          Show
          Hudson added a comment - FAILURE: Integrated in Hadoop-Yarn-trunk #637 (See https://builds.apache.org/job/Hadoop-Yarn-trunk/637/ ) YARN-2388 . Fixed TestTimelineWebServices failure due to HADOOP-10791 . Contributed by Zhijie Shen. (zjshen: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1616405 ) /hadoop/common/trunk/hadoop-yarn-project/CHANGES.txt /hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/test/java/org/apache/hadoop/yarn/server/timeline/webapp/TestTimelineWebServices.java
          Hide
          Hudson added a comment -

          FAILURE: Integrated in Hadoop-Hdfs-trunk #1830 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/1830/)
          YARN-2388. Fixed TestTimelineWebServices failure due to HADOOP-10791. Contributed by Zhijie Shen. (zjshen: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1616405)

          • /hadoop/common/trunk/hadoop-yarn-project/CHANGES.txt
          • /hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/test/java/org/apache/hadoop/yarn/server/timeline/webapp/TestTimelineWebServices.java
          Show
          Hudson added a comment - FAILURE: Integrated in Hadoop-Hdfs-trunk #1830 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/1830/ ) YARN-2388 . Fixed TestTimelineWebServices failure due to HADOOP-10791 . Contributed by Zhijie Shen. (zjshen: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1616405 ) /hadoop/common/trunk/hadoop-yarn-project/CHANGES.txt /hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/test/java/org/apache/hadoop/yarn/server/timeline/webapp/TestTimelineWebServices.java
          Hide
          Hudson added a comment -

          SUCCESS: Integrated in Hadoop-Mapreduce-trunk #1856 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/1856/)
          YARN-2388. Fixed TestTimelineWebServices failure due to HADOOP-10791. Contributed by Zhijie Shen. (zjshen: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1616405)

          • /hadoop/common/trunk/hadoop-yarn-project/CHANGES.txt
          • /hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/test/java/org/apache/hadoop/yarn/server/timeline/webapp/TestTimelineWebServices.java
          Show
          Hudson added a comment - SUCCESS: Integrated in Hadoop-Mapreduce-trunk #1856 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/1856/ ) YARN-2388 . Fixed TestTimelineWebServices failure due to HADOOP-10791 . Contributed by Zhijie Shen. (zjshen: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1616405 ) /hadoop/common/trunk/hadoop-yarn-project/CHANGES.txt /hadoop/common/trunk/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-applicationhistoryservice/src/test/java/org/apache/hadoop/yarn/server/timeline/webapp/TestTimelineWebServices.java

            People

            • Assignee:
              Robert Kanter
              Reporter:
              Alejandro Abdelnur
            • Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development