From a48ea795acb9b29adcba84129ee969b875d88cf4 Mon Sep 17 00:00:00 2001 From: Sunil G Date: Tue, 8 May 2018 16:55:39 +0530 Subject: [PATCH] YARN-8258 --- .../org/apache/hadoop/yarn/webapp/WebApps.java | 35 ++++++++-------------- 1 file changed, 13 insertions(+), 22 deletions(-) diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/WebApps.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/WebApps.java index 73644452140..2d9eda69675 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/WebApps.java +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/WebApps.java @@ -38,12 +38,15 @@ import org.apache.hadoop.conf.Configuration.IntegerRanges; import org.apache.hadoop.http.HttpConfig.Policy; import org.apache.hadoop.http.HttpServer2; +import org.apache.hadoop.security.SecurityUtil; import org.apache.hadoop.security.UserGroupInformation; +import org.apache.hadoop.security.authentication.server.AuthenticationFilter; import org.apache.hadoop.security.authorize.AccessControlList; import org.apache.hadoop.security.http.RestCsrfPreventionFilter; import org.apache.hadoop.security.http.XFrameOptionsFilter; import org.apache.hadoop.yarn.conf.YarnConfiguration; import org.apache.hadoop.yarn.webapp.util.WebAppUtils; +import org.eclipse.jetty.servlet.FilterHolder; import org.eclipse.jetty.webapp.WebAppContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -424,7 +427,16 @@ public WebApp start(WebApp webapp, WebAppContext ui2Context) { WebApp webApp = build(webapp); HttpServer2 httpServer = webApp.httpServer(); if (ui2Context != null) { - addFiltersForNewContext(ui2Context); + final String[] ALL_URLS = {"/*"}; + FilterHolder[] filterHolders = + httpServer.getWebAppContext().getServletHandler().getFilters(); + for (FilterHolder filterHolder : filterHolders) { + if (!"guice".equals(filterHolder.getName())) { + HttpServer2.defineFilter(ui2Context, filterHolder.getName(), + filterHolder.getClassName(), filterHolder.getInitParameters(), + ALL_URLS); + } + } httpServer.addHandlerAtFront(ui2Context); } try { @@ -437,27 +449,6 @@ public WebApp start(WebApp webapp, WebAppContext ui2Context) { return webApp; } - private void addFiltersForNewContext(WebAppContext ui2Context) { - Map params = getConfigParameters(csrfConfigPrefix); - - if (hasCSRFEnabled(params)) { - LOG.info("CSRF Protection has been enabled for the {} application. " - + "Please ensure that there is an authentication mechanism " - + "enabled (kerberos, custom, etc).", name); - String restCsrfClassName = RestCsrfPreventionFilter.class.getName(); - HttpServer2.defineFilter(ui2Context, restCsrfClassName, - restCsrfClassName, params, new String[]{"/*"}); - } - - params = getConfigParameters(xfsConfigPrefix); - - if (hasXFSEnabled()) { - String xfsClassName = XFrameOptionsFilter.class.getName(); - HttpServer2.defineFilter(ui2Context, xfsClassName, xfsClassName, params, - new String[]{"/*"}); - } - } - private String inferHostClass() { String thisClass = this.getClass().getName(); Throwable t = new Throwable(); -- 2.14.3 (Apple Git-98)