Search in sources :

Example 61 with HttpServletRequest

use of javax.servlet.http.HttpServletRequest in project hadoop by apache.

the class TestHsWebServicesAcls method testGetJobTaskAttemptIdCountersAcls.

@Test
public void testGetJobTaskAttemptIdCountersAcls() {
    HttpServletRequest hsr = mock(HttpServletRequest.class);
    when(hsr.getRemoteUser()).thenReturn(ENEMY_USER);
    try {
        hsWebServices.getJobTaskAttemptIdCounters(hsr, this.jobIdStr, this.taskIdStr, this.taskAttemptIdStr);
        fail("enemy can access job");
    } catch (WebApplicationException e) {
        assertEquals(Status.UNAUTHORIZED, Status.fromStatusCode(e.getResponse().getStatus()));
    }
    when(hsr.getRemoteUser()).thenReturn(FRIENDLY_USER);
    hsWebServices.getJobTaskAttemptIdCounters(hsr, this.jobIdStr, this.taskIdStr, this.taskAttemptIdStr);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) WebApplicationException(javax.ws.rs.WebApplicationException) Test(org.junit.Test)

Example 62 with HttpServletRequest

use of javax.servlet.http.HttpServletRequest in project hadoop by apache.

the class RMAuthenticationFilter method doFilter.

/**
   * {@inheritDoc}
   */
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
    HttpServletRequest req = (HttpServletRequest) request;
    String newHeader = req.getHeader(DelegationTokenAuthenticator.DELEGATION_TOKEN_HEADER);
    if (newHeader == null || newHeader.isEmpty()) {
        // For backward compatibility, allow use of the old header field
        // only when the new header doesn't exist
        final String oldHeader = req.getHeader(OLD_HEADER);
        if (oldHeader != null && !oldHeader.isEmpty()) {
            request = new HttpServletRequestWrapper(req) {

                @Override
                public String getHeader(String name) {
                    if (name.equals(DelegationTokenAuthenticator.DELEGATION_TOKEN_HEADER)) {
                        return oldHeader;
                    }
                    return super.getHeader(name);
                }
            };
        }
    }
    super.doFilter(request, response, filterChain);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpServletRequestWrapper(javax.servlet.http.HttpServletRequestWrapper)

Example 63 with HttpServletRequest

use of javax.servlet.http.HttpServletRequest in project hadoop by apache.

the class TestAmFilter method testFilter.

/**
   * Test AmIpFilter
   */
@Test(timeout = 10000)
@SuppressWarnings("deprecation")
public void testFilter() throws Exception {
    Map<String, String> params = new HashMap<String, String>();
    params.put(AmIpFilter.PROXY_HOST, proxyHost);
    params.put(AmIpFilter.PROXY_URI_BASE, proxyUri);
    FilterConfig config = new DummyFilterConfig(params);
    // dummy filter
    FilterChain chain = new FilterChain() {

        @Override
        public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException {
            doFilterRequest = servletRequest.getClass().getName();
            if (servletRequest instanceof AmIpServletRequestWrapper) {
                servletWrapper = (AmIpServletRequestWrapper) servletRequest;
            }
        }
    };
    AmIpFilter testFilter = new AmIpFilter();
    testFilter.init(config);
    HttpServletResponseForTest response = new HttpServletResponseForTest();
    // Test request should implements HttpServletRequest
    ServletRequest failRequest = Mockito.mock(ServletRequest.class);
    try {
        testFilter.doFilter(failRequest, response, chain);
        fail();
    } catch (ServletException e) {
        assertEquals(ProxyUtils.E_HTTP_HTTPS_ONLY, e.getMessage());
    }
    // request with HttpServletRequest
    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    Mockito.when(request.getRemoteAddr()).thenReturn("nowhere");
    Mockito.when(request.getRequestURI()).thenReturn("/app/application_00_0");
    // address "redirect" is not in host list for non-proxy connection
    testFilter.doFilter(request, response, chain);
    assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, response.status);
    String redirect = response.getHeader(ProxyUtils.LOCATION);
    assertEquals("http://bogus/app/application_00_0", redirect);
    // address "redirect" is not in host list for proxy connection
    Mockito.when(request.getRequestURI()).thenReturn("/proxy/application_00_0");
    testFilter.doFilter(request, response, chain);
    assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, response.status);
    redirect = response.getHeader(ProxyUtils.LOCATION);
    assertEquals("http://bogus/proxy/redirect/application_00_0", redirect);
    // "127.0.0.1" contains in host list. Without cookie
    Mockito.when(request.getRemoteAddr()).thenReturn("127.0.0.1");
    testFilter.doFilter(request, response, chain);
    assertTrue(doFilterRequest.contains("javax.servlet.http.HttpServletRequest"));
    // cookie added
    Cookie[] cookies = new Cookie[] { new Cookie(WebAppProxyServlet.PROXY_USER_COOKIE_NAME, "user") };
    Mockito.when(request.getCookies()).thenReturn(cookies);
    testFilter.doFilter(request, response, chain);
    assertEquals("org.apache.hadoop.yarn.server.webproxy.amfilter.AmIpServletRequestWrapper", doFilterRequest);
    // request contains principal from cookie
    assertEquals("user", servletWrapper.getUserPrincipal().getName());
    assertEquals("user", servletWrapper.getRemoteUser());
    assertFalse(servletWrapper.isUserInRole(""));
}
Also used : Cookie(javax.servlet.http.Cookie) HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpServletResponse(javax.servlet.http.HttpServletResponse) HttpServletRequest(javax.servlet.http.HttpServletRequest) Test(org.junit.Test)

Example 64 with HttpServletRequest

use of javax.servlet.http.HttpServletRequest in project hbase by apache.

the class RestCsrfPreventionFilter method doFilter.

@Override
public void doFilter(ServletRequest request, ServletResponse response, final FilterChain chain) throws IOException, ServletException {
    final HttpServletRequest httpRequest = (HttpServletRequest) request;
    final HttpServletResponse httpResponse = (HttpServletResponse) response;
    handleHttpInteraction(new ServletFilterHttpInteraction(httpRequest, httpResponse, chain));
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpServletResponse(javax.servlet.http.HttpServletResponse)

Example 65 with HttpServletRequest

use of javax.servlet.http.HttpServletRequest in project hadoop by apache.

the class TestRMWebServices method testAppsRace.

// Test the scenario where the RM removes an app just as we try to
// look at it in the apps list
@Test
public void testAppsRace() throws Exception {
    // mock up an RM that returns app reports for apps that don't exist
    // in the RMApps list
    ApplicationId appId = ApplicationId.newInstance(1, 1);
    ApplicationReport mockReport = mock(ApplicationReport.class);
    when(mockReport.getApplicationId()).thenReturn(appId);
    GetApplicationsResponse mockAppsResponse = mock(GetApplicationsResponse.class);
    when(mockAppsResponse.getApplicationList()).thenReturn(Arrays.asList(new ApplicationReport[] { mockReport }));
    ClientRMService mockClientSvc = mock(ClientRMService.class);
    when(mockClientSvc.getApplications(isA(GetApplicationsRequest.class), anyBoolean())).thenReturn(mockAppsResponse);
    ResourceManager mockRM = mock(ResourceManager.class);
    RMContextImpl rmContext = new RMContextImpl(null, null, null, null, null, null, null, null, null, null);
    when(mockRM.getRMContext()).thenReturn(rmContext);
    when(mockRM.getClientRMService()).thenReturn(mockClientSvc);
    rmContext.setNodeLabelManager(mock(RMNodeLabelsManager.class));
    RMWebServices webSvc = new RMWebServices(mockRM, new Configuration(), mock(HttpServletResponse.class));
    final Set<String> emptySet = Collections.unmodifiableSet(Collections.<String>emptySet());
    // verify we don't get any apps when querying
    HttpServletRequest mockHsr = mock(HttpServletRequest.class);
    AppsInfo appsInfo = webSvc.getApps(mockHsr, null, emptySet, null, null, null, null, null, null, null, null, emptySet, emptySet);
    assertTrue(appsInfo.getApps().isEmpty());
    // verify we don't get an NPE when specifying a final status query
    appsInfo = webSvc.getApps(mockHsr, null, emptySet, "FAILED", null, null, null, null, null, null, null, emptySet, emptySet);
    assertTrue(appsInfo.getApps().isEmpty());
}
Also used : Configuration(org.apache.hadoop.conf.Configuration) YarnConfiguration(org.apache.hadoop.yarn.conf.YarnConfiguration) HttpServletResponse(javax.servlet.http.HttpServletResponse) ResourceManager(org.apache.hadoop.yarn.server.resourcemanager.ResourceManager) GetApplicationsRequest(org.apache.hadoop.yarn.api.protocolrecords.GetApplicationsRequest) ClientRMService(org.apache.hadoop.yarn.server.resourcemanager.ClientRMService) ApplicationReport(org.apache.hadoop.yarn.api.records.ApplicationReport) HttpServletRequest(javax.servlet.http.HttpServletRequest) GetApplicationsResponse(org.apache.hadoop.yarn.api.protocolrecords.GetApplicationsResponse) ApplicationId(org.apache.hadoop.yarn.api.records.ApplicationId) AppsInfo(org.apache.hadoop.yarn.server.resourcemanager.webapp.dao.AppsInfo) RMContextImpl(org.apache.hadoop.yarn.server.resourcemanager.RMContextImpl) RMNodeLabelsManager(org.apache.hadoop.yarn.server.resourcemanager.nodelabels.RMNodeLabelsManager) Test(org.junit.Test)

Aggregations

HttpServletRequest (javax.servlet.http.HttpServletRequest)2488 HttpServletResponse (javax.servlet.http.HttpServletResponse)1308 Test (org.junit.Test)987 IOException (java.io.IOException)595 ServletException (javax.servlet.ServletException)498 AbstractHandler (org.eclipse.jetty.server.handler.AbstractHandler)223 FilterChain (javax.servlet.FilterChain)200 ContentResponse (org.eclipse.jetty.client.api.ContentResponse)196 Test (org.testng.annotations.Test)168 Request (org.eclipse.jetty.server.Request)164 CountDownLatch (java.util.concurrent.CountDownLatch)160 HttpServlet (javax.servlet.http.HttpServlet)156 HttpSession (javax.servlet.http.HttpSession)150 HashMap (java.util.HashMap)130 PrintWriter (java.io.PrintWriter)121 Map (java.util.Map)100 InterruptedIOException (java.io.InterruptedIOException)97 ServletRequest (javax.servlet.ServletRequest)95 ServletContext (javax.servlet.ServletContext)91 ServletOutputStream (javax.servlet.ServletOutputStream)90