From c793e72d17be0d3256d93294115f39afaadcd93c Mon Sep 17 00:00:00 2001 From: Sunil G Date: Thu, 31 May 2018 20:46:07 +0530 Subject: [PATCH] YARN-8258 --- .../org/apache/hadoop/yarn/webapp/WebApps.java | 61 ++++++++++++++++------ 1 file changed, 45 insertions(+), 16 deletions(-) diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/WebApps.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/WebApps.java index 73644452140..533859fb39d 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/WebApps.java +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/WebApps.java @@ -25,6 +25,7 @@ import java.net.URI; import java.net.URL; import java.util.ArrayList; +import java.util.Arrays; import java.util.HashMap; import java.util.HashSet; import java.util.List; @@ -44,6 +45,8 @@ import org.apache.hadoop.security.http.XFrameOptionsFilter; import org.apache.hadoop.yarn.conf.YarnConfiguration; import org.apache.hadoop.yarn.webapp.util.WebAppUtils; +import org.eclipse.jetty.servlet.FilterHolder; +import org.eclipse.jetty.servlet.FilterMapping; import org.eclipse.jetty.webapp.WebAppContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -424,7 +427,7 @@ public WebApp start(WebApp webapp, WebAppContext ui2Context) { WebApp webApp = build(webapp); HttpServer2 httpServer = webApp.httpServer(); if (ui2Context != null) { - addFiltersForNewContext(ui2Context); + addFiltersForUI2Context(ui2Context, httpServer); httpServer.addHandlerAtFront(ui2Context); } try { @@ -437,24 +440,50 @@ public WebApp start(WebApp webapp, WebAppContext ui2Context) { return webApp; } - private void addFiltersForNewContext(WebAppContext ui2Context) { - Map params = getConfigParameters(csrfConfigPrefix); - - if (hasCSRFEnabled(params)) { - LOG.info("CSRF Protection has been enabled for the {} application. " - + "Please ensure that there is an authentication mechanism " - + "enabled (kerberos, custom, etc).", name); - String restCsrfClassName = RestCsrfPreventionFilter.class.getName(); - HttpServer2.defineFilter(ui2Context, restCsrfClassName, - restCsrfClassName, params, new String[]{"/*"}); + private void addFiltersForUI2Context(WebAppContext ui2Context, + HttpServer2 httpServer) { + // Get filters and filtermappings from default context's servlet. + FilterHolder[] filterHolders = httpServer.getWebAppContext() + .getServletHandler().getFilters(); + FilterMapping[] filterMappingsArray = httpServer.getWebAppContext() + .getServletHandler().getFilterMappings(); + + // To define a filter for UI2 context, URL path also needed which is + // available only FilterMapping. Hence convert this to a map for easy + // access. + Map filterMappings = new HashMap<>(); + for (FilterMapping filterMapping : filterMappingsArray) { + filterMappings.put(filterMapping.getFilterName(), filterMapping); } - params = getConfigParameters(xfsConfigPrefix); + // Loop through all filterHolders and add one by one to UI2. + LOG.info("Add filters from default webapp context to UI2 context."); + for (FilterHolder filterHolder : filterHolders) { + // Skip guice filter for UI2. + if ("guice".equals(filterHolder.getName())) { + continue; + } + // Get the path spec from filtermapping for same filter name. + String[] pathSpecs = filterMappings.get(filterHolder.getName()) + .getPathSpecs(); + + // In case of Auth filter, also add "/*" so that all URLs under ui2 + // will be applicable for custom auth handler's like JWT (sso). + if ("authentication".equals(filterHolder.getName())) { + ArrayList paths = new ArrayList<>(); + paths.addAll(Arrays.asList(pathSpecs)); + paths.add("/*"); + HttpServer2.defineFilter(ui2Context, filterHolder.getName(), + filterHolder.getClassName(), filterHolder.getInitParameters(), + paths.toArray(new String[paths.size()])); + } else { + HttpServer2.defineFilter(ui2Context, filterHolder.getName(), + filterHolder.getClassName(), filterHolder.getInitParameters(), + pathSpecs); + } - if (hasXFSEnabled()) { - String xfsClassName = XFrameOptionsFilter.class.getName(); - HttpServer2.defineFilter(ui2Context, xfsClassName, xfsClassName, params, - new String[]{"/*"}); + LOG.info("UI2 context filter Name:" + filterHolder.getName() + + ", className=" + filterHolder.getClassName()); } } -- 2.14.3 (Apple Git-98)