sqoop-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jar...@apache.org
Subject sqoop git commit: SQOOP-2439: Sqoop2: NullPointerException when calling job status notification URL
Date Wed, 26 Aug 2015 23:33:20 GMT
Repository: sqoop
Updated Branches:
  refs/heads/sqoop2 90eb27474 -> 37fec0abd


SQOOP-2439: Sqoop2: NullPointerException when calling job status notification URL

(Dian Fu via Jarek Jarcec Cecho)


Project: http://git-wip-us.apache.org/repos/asf/sqoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/sqoop/commit/37fec0ab
Tree: http://git-wip-us.apache.org/repos/asf/sqoop/tree/37fec0ab
Diff: http://git-wip-us.apache.org/repos/asf/sqoop/diff/37fec0ab

Branch: refs/heads/sqoop2
Commit: 37fec0abd64d3900c14c9b23dd355bd68f6cb5f5
Parents: 90eb274
Author: Jarek Jarcec Cecho <jarcec@apache.org>
Authored: Wed Aug 26 16:32:52 2015 -0700
Committer: Jarek Jarcec Cecho <jarcec@apache.org>
Committed: Wed Aug 26 16:32:52 2015 -0700

----------------------------------------------------------------------
 .../org/apache/sqoop/security/SecurityConstants.java  |  9 +++++++++
 .../java/org/apache/sqoop/security/SecurityError.java |  5 ++++-
 dist/src/main/server/conf/sqoop.properties            |  3 +++
 .../sqoop/handler/AuthorizationRequestHandler.java    | 11 +++++++++++
 .../java/org/apache/sqoop/server/RequestContext.java  | 14 ++++++++++++--
 5 files changed, 39 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/sqoop/blob/37fec0ab/core/src/main/java/org/apache/sqoop/security/SecurityConstants.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/sqoop/security/SecurityConstants.java b/core/src/main/java/org/apache/sqoop/security/SecurityConstants.java
index fd54862..6f32e04 100644
--- a/core/src/main/java/org/apache/sqoop/security/SecurityConstants.java
+++ b/core/src/main/java/org/apache/sqoop/security/SecurityConstants.java
@@ -67,6 +67,15 @@ public final class SecurityConstants {
           PREFIX_AUTHENTICATION_CONFIG + "kerberos.";
 
   /**
+   * The config specifies the default user.
+   */
+  public static final String AUTHENTICATION_DEFAULT_USER =
+      PREFIX_AUTHENTICATION_CONFIG + "default.user";
+
+  public static final String AUTHENTICATION_DEFAULT_USER_DEFAULT =
+      "sqoop.anonymous.user";
+
+  /**
    * The config specifies the kerberos principal.
    * <tt>org.apache.sqoop.security.authentication.kerberos.principal</tt>.
    */

http://git-wip-us.apache.org/repos/asf/sqoop/blob/37fec0ab/core/src/main/java/org/apache/sqoop/security/SecurityError.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/sqoop/security/SecurityError.java b/core/src/main/java/org/apache/sqoop/security/SecurityError.java
index 9f85b9e..988e425 100644
--- a/core/src/main/java/org/apache/sqoop/security/SecurityError.java
+++ b/core/src/main/java/org/apache/sqoop/security/SecurityError.java
@@ -64,7 +64,10 @@ public enum SecurityError implements ErrorCode {
   AUTH_0013("Unable to get principal from http request"),
 
   /** Authorization Exception, used by authorization implementation, etc. Sentry. */
-  AUTH_0014("Authorization exception");
+  AUTH_0014("Authorization exception"),
+
+  /** Don't support to grant/remoke privileges for default user. */
+  AUTH_0015("Cannot grant/revoke privileges for default user");
 
   private final String message;
 

http://git-wip-us.apache.org/repos/asf/sqoop/blob/37fec0ab/dist/src/main/server/conf/sqoop.properties
----------------------------------------------------------------------
diff --git a/dist/src/main/server/conf/sqoop.properties b/dist/src/main/server/conf/sqoop.properties
index ba6e09f..fe8bcce 100755
--- a/dist/src/main/server/conf/sqoop.properties
+++ b/dist/src/main/server/conf/sqoop.properties
@@ -158,6 +158,9 @@ org.apache.sqoop.execution.engine=org.apache.sqoop.execution.mapreduce.Mapreduce
 #org.apache.sqoop.security.authentication.proxyuser.#USER#.groups=*
 #org.apache.sqoop.security.authentication.proxyuser.#USER#.hosts=*
 
+# Default user, default value is "sqoop.anonymous.user"
+#org.apache.sqoop.security.authentication.default.user=
+
 #
 # Authorization configuration
 #

http://git-wip-us.apache.org/repos/asf/sqoop/blob/37fec0ab/server/src/main/java/org/apache/sqoop/handler/AuthorizationRequestHandler.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/sqoop/handler/AuthorizationRequestHandler.java
b/server/src/main/java/org/apache/sqoop/handler/AuthorizationRequestHandler.java
index 43f0417..1ed63e4 100644
--- a/server/src/main/java/org/apache/sqoop/handler/AuthorizationRequestHandler.java
+++ b/server/src/main/java/org/apache/sqoop/handler/AuthorizationRequestHandler.java
@@ -20,6 +20,7 @@ package org.apache.sqoop.handler;
 import org.apache.log4j.Logger;
 import org.apache.sqoop.audit.AuditLoggerManager;
 import org.apache.sqoop.common.SqoopException;
+import org.apache.sqoop.core.SqoopConfiguration;
 import org.apache.sqoop.error.code.CommonRepositoryError;
 import org.apache.sqoop.repository.Repository;
 import org.apache.sqoop.repository.RepositoryManager;
@@ -31,6 +32,7 @@ import org.apache.sqoop.model.MResource;
 import org.apache.sqoop.model.MRole;
 import org.apache.sqoop.security.AuthorizationHandler;
 import org.apache.sqoop.security.AuthorizationManager;
+import org.apache.sqoop.security.SecurityConstants;
 import org.apache.sqoop.security.SecurityError;
 import org.apache.sqoop.server.RequestContext;
 import org.apache.sqoop.server.RequestHandler;
@@ -308,6 +310,15 @@ public class AuthorizationRequestHandler implements RequestHandler {
     // Get privilege object
     List<MPrivilege> privileges = privilegesBean == null ? null : privilegesBean.getPrivileges();
 
+    String defaultUser = SqoopConfiguration.getInstance().getContext().getString(
+        SecurityConstants.AUTHENTICATION_DEFAULT_USER,
+        SecurityConstants.AUTHENTICATION_DEFAULT_USER_DEFAULT);
+    for (MPrincipal principal : principals) {
+      if (defaultUser.equals(principal.getName())) {
+        throw new SqoopException(SecurityError.AUTH_0015);
+      }
+    }
+
     if (privileges != null) {
       for (MPrivilege privilege : privileges) {
         checkResourceExists(privilege.getResource());

http://git-wip-us.apache.org/repos/asf/sqoop/blob/37fec0ab/server/src/main/java/org/apache/sqoop/server/RequestContext.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/sqoop/server/RequestContext.java b/server/src/main/java/org/apache/sqoop/server/RequestContext.java
index 492440f..f8401aa 100644
--- a/server/src/main/java/org/apache/sqoop/server/RequestContext.java
+++ b/server/src/main/java/org/apache/sqoop/server/RequestContext.java
@@ -20,7 +20,9 @@ package org.apache.sqoop.server;
 import org.apache.hadoop.security.authentication.client.PseudoAuthenticator;
 import org.apache.hadoop.security.token.delegation.web.HttpUserGroupInformation;
 import org.apache.sqoop.common.SqoopException;
+import org.apache.sqoop.core.SqoopConfiguration;
 import org.apache.sqoop.security.AuthenticationManager;
+import org.apache.sqoop.security.SecurityConstants;
 import org.apache.sqoop.server.common.ServerError;
 
 import javax.servlet.http.HttpServletRequest;
@@ -121,10 +123,18 @@ public class RequestContext {
    * @return Name of user sending the request
    */
   public String getUserName() {
+    String userName;
     if (AuthenticationManager.getInstance().getAuthenticationHandler().isSecurityEnabled())
{
-      return HttpUserGroupInformation.get().getShortUserName();
+      userName = HttpUserGroupInformation.get().getShortUserName();
     } else {
-      return request.getParameter(PseudoAuthenticator.USER_NAME);
+      userName = request.getParameter(PseudoAuthenticator.USER_NAME);
     }
+
+    if (userName == null || userName.trim().isEmpty()) {
+      userName = SqoopConfiguration.getInstance().getContext().getString(
+          SecurityConstants.AUTHENTICATION_DEFAULT_USER,
+          SecurityConstants.AUTHENTICATION_DEFAULT_USER_DEFAULT);
+    }
+    return userName;
   }
 }


Mime
View raw message