Hadoop HDFS
  1. Hadoop HDFS
  2. HDFS-1340

A null delegation token is appended to the url if security is disabled when browsing filesystem.

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.22.0
    • Component/s: None
    • Labels:
      None

      Description

      When filesystem is being browsed and if security is disabled a null delegation token is added to the url. Also if a user changes the url and adds any random string for delegation token, it is retained in the links on returned html page. If security is disabled no delegation token parameter is required on the url.

      1. HDFS-1340.1.patch
        7 kB
        Jitendra Nath Pandey
      2. HDFS-1340.2.patch
        7 kB
        Jitendra Nath Pandey
      3. HDFS-1340.3.patch
        8 kB
        Jitendra Nath Pandey
      4. HDFS-1340.4.patch
        8 kB
        Jitendra Nath Pandey
      5. HDFS-1340.y20.1.patch
        11 kB
        Jitendra Nath Pandey
      6. HDFS-1340.y20.3.patch
        10 kB
        Boris Shkolnik
      7. HDFS-1340-5.patch
        4 kB
        Boris Shkolnik
      8. HDFS-1340-6.patch
        5 kB
        Boris Shkolnik
      9. HDFS-1340.y20.5.patch
        14 kB
        Boris Shkolnik

        Activity

        Transition Time In Source Status Execution Times Last Executer Last Execution Date
        Patch Available Patch Available Open Open
        22h 44m 1 Jitendra Nath Pandey 13/Aug/10 23:39
        Open Open Patch Available Patch Available
        3h 25m 2 Jitendra Nath Pandey 13/Aug/10 23:39
        Patch Available Patch Available Resolved Resolved
        12m 34s 1 Devaraj Das 13/Aug/10 23:51
        Resolved Resolved Closed Closed
        485d 7h 27m 1 Konstantin Shvachko 12/Dec/11 06:19
        Konstantin Shvachko made changes -
        Status Resolved [ 5 ] Closed [ 6 ]
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Hdfs-trunk-Commit #374 (See https://hudson.apache.org/hudson/job/Hadoop-Hdfs-trunk-Commit/374/)

        Show
        Hudson added a comment - Integrated in Hadoop-Hdfs-trunk-Commit #374 (See https://hudson.apache.org/hudson/job/Hadoop-Hdfs-trunk-Commit/374/ )
        Hide
        Boris Shkolnik added a comment -

        committed to trunk

        Show
        Boris Shkolnik added a comment - committed to trunk
        Boris Shkolnik made changes -
        Attachment HDFS-1340.y20.5.patch [ 12453094 ]
        Hide
        Boris Shkolnik added a comment -

        added TestJspHelper

        Show
        Boris Shkolnik added a comment - added TestJspHelper
        Hide
        Boris Shkolnik added a comment -

        addressed comment by Suresh.

        Show
        Boris Shkolnik added a comment - addressed comment by Suresh.
        Boris Shkolnik made changes -
        Attachment HDFS-1340-6.patch [ 12453091 ]
        Hide
        Suresh Srinivas added a comment -

        Minor comment: In trunk version of the patch, please remove unneeded imports in JspHelper - DatanodeJspHelper and WritableUtils.

        +1 for both the patches.

        Show
        Suresh Srinivas added a comment - Minor comment: In trunk version of the patch, please remove unneeded imports in JspHelper - DatanodeJspHelper and WritableUtils. +1 for both the patches.
        Boris Shkolnik made changes -
        Attachment HDFS-1340-5.patch [ 12452981 ]
        Hide
        Boris Shkolnik added a comment -

        made JspHelper.SET_DELEGATION package private, and replaces all calls with JspHelper.getDelegationTokenUrlParam(t)

        Show
        Boris Shkolnik added a comment - made JspHelper.SET_DELEGATION package private, and replaces all calls with JspHelper.getDelegationTokenUrlParam(t)
        Boris Shkolnik made changes -
        Attachment HDFS-1340.y20.3.patch [ 12452980 ]
        Hide
        Boris Shkolnik added a comment -

        for previous version, not for commit

        Show
        Boris Shkolnik added a comment - for previous version, not for commit
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Hdfs-trunk-Commit #370 (See https://hudson.apache.org/hudson/job/Hadoop-Hdfs-trunk-Commit/370/)

        Show
        Hudson added a comment - Integrated in Hadoop-Hdfs-trunk-Commit #370 (See https://hudson.apache.org/hudson/job/Hadoop-Hdfs-trunk-Commit/370/ )
        Jitendra Nath Pandey made changes -
        Attachment HDFS-1340.y20.1.patch [ 12452072 ]
        Hide
        Jitendra Nath Pandey added a comment -

        Patch for y20 branch.

        Show
        Jitendra Nath Pandey added a comment - Patch for y20 branch.
        Devaraj Das made changes -
        Status Patch Available [ 10002 ] Resolved [ 5 ]
        Fix Version/s 0.22.0 [ 12314241 ]
        Resolution Fixed [ 1 ]
        Hide
        Devaraj Das added a comment -

        I just committed this. Thanks, Jitendra!

        Show
        Devaraj Das added a comment - I just committed this. Thanks, Jitendra!
        Jitendra Nath Pandey made changes -
        Status Open [ 1 ] Patch Available [ 10002 ]
        Jitendra Nath Pandey made changes -
        Status Patch Available [ 10002 ] Open [ 1 ]
        Jitendra Nath Pandey made changes -
        Attachment HDFS-1340.4.patch [ 12452065 ]
        Hide
        Jitendra Nath Pandey added a comment -

        Updated the unit test addressing the comment.

        Show
        Jitendra Nath Pandey added a comment - Updated the unit test addressing the comment.
        Hide
        Devaraj Das added a comment -

        I understand that security remains enabled in the added unit test since a previous test sets it to kerberos. But it is safer to explicitly enable it in the beginning of the test you added.

        Show
        Devaraj Das added a comment - I understand that security remains enabled in the added unit test since a previous test sets it to kerberos. But it is safer to explicitly enable it in the beginning of the test you added.
        Jitendra Nath Pandey made changes -
        Attachment HDFS-1340.3.patch [ 12452063 ]
        Hide
        Jitendra Nath Pandey added a comment -

        Updated unit test.

        Show
        Jitendra Nath Pandey added a comment - Updated unit test.
        Hide
        Devaraj Das added a comment -

        Can you please check both the code paths in the unit test? Looks fine otherwise

        Show
        Devaraj Das added a comment - Can you please check both the code paths in the unit test? Looks fine otherwise
        Jitendra Nath Pandey made changes -
        Attachment HDFS-1340.2.patch [ 12452060 ]
        Hide
        Jitendra Nath Pandey added a comment -

        New patch..added a unit test.

        Show
        Jitendra Nath Pandey added a comment - New patch..added a unit test.
        Hide
        Jitendra Nath Pandey added a comment -

        The path was manually tested on trunk in both secure and insecure mode.

        Show
        Jitendra Nath Pandey added a comment - The path was manually tested on trunk in both secure and insecure mode.
        Hide
        Jitendra Nath Pandey added a comment -

        ant test was run manually. All tests pass except TestHDFSTrash which is unrelated.

        test-patch results:

        [exec] -1 overall.
        [exec]
        [exec] +1 @author. The patch does not contain any @author tags.
        [exec]
        [exec] -1 tests included. The patch doesn't appear to include any new or modified tests.
        [exec] Please justify why no new tests are needed for this patch.
        [exec] Also please list what manual steps were performed to verify this patch.
        [exec]
        [exec] +1 javadoc. The javadoc tool did not generate any warning messages.
        [exec]
        [exec] +1 javac. The applied patch does not increase the total number of javac compiler warnings.
        [exec]
        [exec] +1 findbugs. The patch does not introduce any new Findbugs warnings.
        [exec]
        [exec] +1 release audit. The applied patch does not increase the total number of release audit warnings.

        Show
        Jitendra Nath Pandey added a comment - ant test was run manually. All tests pass except TestHDFSTrash which is unrelated. test-patch results: [exec] -1 overall. [exec] [exec] +1 @author. The patch does not contain any @author tags. [exec] [exec] -1 tests included. The patch doesn't appear to include any new or modified tests. [exec] Please justify why no new tests are needed for this patch. [exec] Also please list what manual steps were performed to verify this patch. [exec] [exec] +1 javadoc. The javadoc tool did not generate any warning messages. [exec] [exec] +1 javac. The applied patch does not increase the total number of javac compiler warnings. [exec] [exec] +1 findbugs. The patch does not introduce any new Findbugs warnings. [exec] [exec] +1 release audit. The applied patch does not increase the total number of release audit warnings.
        Jitendra Nath Pandey made changes -
        Status Open [ 1 ] Patch Available [ 10002 ]
        Jitendra Nath Pandey made changes -
        Attachment HDFS-1340.1.patch [ 12451971 ]
        Hide
        Jitendra Nath Pandey added a comment -

        The patch removes the delegation token parameter in the url if security is not enabled.

        Show
        Jitendra Nath Pandey added a comment - The patch removes the delegation token parameter in the url if security is not enabled.
        Jitendra Nath Pandey made changes -
        Field Original Value New Value
        Assignee Jitendra Nath Pandey [ jnp ]
        Jitendra Nath Pandey created issue -

          People

          • Assignee:
            Jitendra Nath Pandey
            Reporter:
            Jitendra Nath Pandey
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development