Hadoop HDFS
  1. Hadoop HDFS
  2. HDFS-1340

A null delegation token is appended to the url if security is disabled when browsing filesystem.

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.22.0
    • Component/s: None
    • Labels:
      None

      Description

      When filesystem is being browsed and if security is disabled a null delegation token is added to the url. Also if a user changes the url and adds any random string for delegation token, it is retained in the links on returned html page. If security is disabled no delegation token parameter is required on the url.

      1. HDFS-1340-6.patch
        5 kB
        Boris Shkolnik
      2. HDFS-1340-5.patch
        4 kB
        Boris Shkolnik
      3. HDFS-1340.y20.5.patch
        14 kB
        Boris Shkolnik
      4. HDFS-1340.y20.3.patch
        10 kB
        Boris Shkolnik
      5. HDFS-1340.y20.1.patch
        11 kB
        Jitendra Nath Pandey
      6. HDFS-1340.4.patch
        8 kB
        Jitendra Nath Pandey
      7. HDFS-1340.3.patch
        8 kB
        Jitendra Nath Pandey
      8. HDFS-1340.2.patch
        7 kB
        Jitendra Nath Pandey
      9. HDFS-1340.1.patch
        7 kB
        Jitendra Nath Pandey

        Activity

        Hide
        Hudson added a comment -

        Integrated in Hadoop-Hdfs-trunk-Commit #374 (See https://hudson.apache.org/hudson/job/Hadoop-Hdfs-trunk-Commit/374/)

        Show
        Hudson added a comment - Integrated in Hadoop-Hdfs-trunk-Commit #374 (See https://hudson.apache.org/hudson/job/Hadoop-Hdfs-trunk-Commit/374/ )
        Hide
        Boris Shkolnik added a comment -

        committed to trunk

        Show
        Boris Shkolnik added a comment - committed to trunk
        Hide
        Boris Shkolnik added a comment -

        added TestJspHelper

        Show
        Boris Shkolnik added a comment - added TestJspHelper
        Hide
        Boris Shkolnik added a comment -

        addressed comment by Suresh.

        Show
        Boris Shkolnik added a comment - addressed comment by Suresh.
        Hide
        Suresh Srinivas added a comment -

        Minor comment: In trunk version of the patch, please remove unneeded imports in JspHelper - DatanodeJspHelper and WritableUtils.

        +1 for both the patches.

        Show
        Suresh Srinivas added a comment - Minor comment: In trunk version of the patch, please remove unneeded imports in JspHelper - DatanodeJspHelper and WritableUtils. +1 for both the patches.
        Hide
        Boris Shkolnik added a comment -

        made JspHelper.SET_DELEGATION package private, and replaces all calls with JspHelper.getDelegationTokenUrlParam(t)

        Show
        Boris Shkolnik added a comment - made JspHelper.SET_DELEGATION package private, and replaces all calls with JspHelper.getDelegationTokenUrlParam(t)
        Hide
        Boris Shkolnik added a comment -

        for previous version, not for commit

        Show
        Boris Shkolnik added a comment - for previous version, not for commit
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Hdfs-trunk-Commit #370 (See https://hudson.apache.org/hudson/job/Hadoop-Hdfs-trunk-Commit/370/)

        Show
        Hudson added a comment - Integrated in Hadoop-Hdfs-trunk-Commit #370 (See https://hudson.apache.org/hudson/job/Hadoop-Hdfs-trunk-Commit/370/ )
        Hide
        Jitendra Nath Pandey added a comment -

        Patch for y20 branch.

        Show
        Jitendra Nath Pandey added a comment - Patch for y20 branch.
        Hide
        Devaraj Das added a comment -

        I just committed this. Thanks, Jitendra!

        Show
        Devaraj Das added a comment - I just committed this. Thanks, Jitendra!
        Hide
        Jitendra Nath Pandey added a comment -

        Updated the unit test addressing the comment.

        Show
        Jitendra Nath Pandey added a comment - Updated the unit test addressing the comment.
        Hide
        Devaraj Das added a comment -

        I understand that security remains enabled in the added unit test since a previous test sets it to kerberos. But it is safer to explicitly enable it in the beginning of the test you added.

        Show
        Devaraj Das added a comment - I understand that security remains enabled in the added unit test since a previous test sets it to kerberos. But it is safer to explicitly enable it in the beginning of the test you added.
        Hide
        Jitendra Nath Pandey added a comment -

        Updated unit test.

        Show
        Jitendra Nath Pandey added a comment - Updated unit test.
        Hide
        Devaraj Das added a comment -

        Can you please check both the code paths in the unit test? Looks fine otherwise

        Show
        Devaraj Das added a comment - Can you please check both the code paths in the unit test? Looks fine otherwise
        Hide
        Jitendra Nath Pandey added a comment -

        New patch..added a unit test.

        Show
        Jitendra Nath Pandey added a comment - New patch..added a unit test.
        Hide
        Jitendra Nath Pandey added a comment -

        The path was manually tested on trunk in both secure and insecure mode.

        Show
        Jitendra Nath Pandey added a comment - The path was manually tested on trunk in both secure and insecure mode.
        Hide
        Jitendra Nath Pandey added a comment -

        ant test was run manually. All tests pass except TestHDFSTrash which is unrelated.

        test-patch results:

        [exec] -1 overall.
        [exec]
        [exec] +1 @author. The patch does not contain any @author tags.
        [exec]
        [exec] -1 tests included. The patch doesn't appear to include any new or modified tests.
        [exec] Please justify why no new tests are needed for this patch.
        [exec] Also please list what manual steps were performed to verify this patch.
        [exec]
        [exec] +1 javadoc. The javadoc tool did not generate any warning messages.
        [exec]
        [exec] +1 javac. The applied patch does not increase the total number of javac compiler warnings.
        [exec]
        [exec] +1 findbugs. The patch does not introduce any new Findbugs warnings.
        [exec]
        [exec] +1 release audit. The applied patch does not increase the total number of release audit warnings.

        Show
        Jitendra Nath Pandey added a comment - ant test was run manually. All tests pass except TestHDFSTrash which is unrelated. test-patch results: [exec] -1 overall. [exec] [exec] +1 @author. The patch does not contain any @author tags. [exec] [exec] -1 tests included. The patch doesn't appear to include any new or modified tests. [exec] Please justify why no new tests are needed for this patch. [exec] Also please list what manual steps were performed to verify this patch. [exec] [exec] +1 javadoc. The javadoc tool did not generate any warning messages. [exec] [exec] +1 javac. The applied patch does not increase the total number of javac compiler warnings. [exec] [exec] +1 findbugs. The patch does not introduce any new Findbugs warnings. [exec] [exec] +1 release audit. The applied patch does not increase the total number of release audit warnings.
        Hide
        Jitendra Nath Pandey added a comment -

        The patch removes the delegation token parameter in the url if security is not enabled.

        Show
        Jitendra Nath Pandey added a comment - The patch removes the delegation token parameter in the url if security is not enabled.

          People

          • Assignee:
            Jitendra Nath Pandey
            Reporter:
            Jitendra Nath Pandey
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development