001 /** 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 */ 018 package org.apache.hadoop.fs.http.server; 019 020 import org.apache.hadoop.conf.Configuration; 021 import org.apache.hadoop.security.authentication.server.AuthenticationFilter; 022 023 import javax.servlet.FilterConfig; 024 import java.io.FileReader; 025 import java.io.IOException; 026 import java.io.Reader; 027 import java.util.Map; 028 import java.util.Properties; 029 030 /** 031 * Subclass of hadoop-auth <code>AuthenticationFilter</code> that obtains its configuration 032 * from HttpFSServer's server configuration. 033 */ 034 public class AuthFilter extends AuthenticationFilter { 035 private static final String CONF_PREFIX = "httpfs.authentication."; 036 037 private static final String SIGNATURE_SECRET_FILE = SIGNATURE_SECRET + ".file"; 038 039 /** 040 * Returns the hadoop-auth configuration from HttpFSServer's configuration. 041 * <p/> 042 * It returns all HttpFSServer's configuration properties prefixed with 043 * <code>httpfs.authentication</code>. The <code>httpfs.authentication</code> 044 * prefix is removed from the returned property names. 045 * 046 * @param configPrefix parameter not used. 047 * @param filterConfig parameter not used. 048 * 049 * @return hadoop-auth configuration read from HttpFSServer's configuration. 050 */ 051 @Override 052 protected Properties getConfiguration(String configPrefix, FilterConfig filterConfig) { 053 Properties props = new Properties(); 054 Configuration conf = HttpFSServerWebApp.get().getConfig(); 055 056 props.setProperty(AuthenticationFilter.COOKIE_PATH, "/"); 057 for (Map.Entry<String, String> entry : conf) { 058 String name = entry.getKey(); 059 if (name.startsWith(CONF_PREFIX)) { 060 String value = conf.get(name); 061 name = name.substring(CONF_PREFIX.length()); 062 props.setProperty(name, value); 063 } 064 } 065 066 String signatureSecretFile = props.getProperty(SIGNATURE_SECRET_FILE, null); 067 if (signatureSecretFile == null) { 068 throw new RuntimeException("Undefined property: " + SIGNATURE_SECRET_FILE); 069 } 070 071 try { 072 StringBuilder secret = new StringBuilder(); 073 Reader reader = new FileReader(signatureSecretFile); 074 int c = reader.read(); 075 while (c > -1) { 076 secret.append((char)c); 077 c = reader.read(); 078 } 079 reader.close(); 080 props.setProperty(AuthenticationFilter.SIGNATURE_SECRET, secret.toString()); 081 } catch (IOException ex) { 082 throw new RuntimeException("Could not read HttpFS signature secret file: " + signatureSecretFile); 083 } 084 return props; 085 } 086 087 088 }