protected boolean isInstrumentationAccessAllowed(HttpServletRequest request, HttpServletResponse response) throws IOException { return HttpServer2.isInstrumentationAccessAllowed(getServletContext(), request, response); }
@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if (!HttpServer2.isInstrumentationAccessAllowed(getServletContext(), request, response)) { return; } response.setContentType("text/plain; charset=UTF-8"); try (PrintStream out = new PrintStream( response.getOutputStream(), false, "UTF-8")) { ReflectionUtils.printThreadInfo(out, ""); } ReflectionUtils.logThreadInfo(LOG, "jsp requested", 1); } }
@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if (!HttpServer2.isInstrumentationAccessAllowed(getServletContext(), request, response)) { return; } String format = parseAcceptHeader(request); if (FORMAT_XML.equals(format)) { response.setContentType("text/xml; charset=utf-8"); } else if (FORMAT_JSON.equals(format)) { response.setContentType("application/json; charset=utf-8"); } String name = request.getParameter("name"); Writer out = response.getWriter(); try { writeResponse(getConfFromContext(), out, format, name); } catch (BadFormatException bfe) { response.sendError(HttpServletResponse.SC_BAD_REQUEST, bfe.getMessage()); } catch (IllegalArgumentException iae) { response.sendError(HttpServletResponse.SC_NOT_FOUND, iae.getMessage()); } out.close(); }
protected boolean isInstrumentationAccessAllowed(HttpServletRequest request, HttpServletResponse response) throws IOException { return HttpServer2.isInstrumentationAccessAllowed(getServletContext(), request, response); }
protected boolean isInstrumentationAccessAllowed(HttpServletRequest request, HttpServletResponse response) throws IOException { return HttpServer2.isInstrumentationAccessAllowed(getServletContext(), request, response); }
protected boolean isInstrumentationAccessAllowed(HttpServletRequest request, HttpServletResponse response) throws IOException { return HttpServer2.isInstrumentationAccessAllowed(getServletContext(), request, response); }
protected boolean isInstrumentationAccessAllowed(HttpServletRequest request, HttpServletResponse response) throws IOException { return HttpServer2.isInstrumentationAccessAllowed(getServletContext(), request, response); }
@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if (!HttpServer2.isInstrumentationAccessAllowed(getServletContext(), request, response)) { return; } response.setContentType("text/plain; charset=UTF-8"); try (PrintStream out = new PrintStream( response.getOutputStream(), false, "UTF-8")) { ReflectionUtils.printThreadInfo(out, ""); } ReflectionUtils.logThreadInfo(LOG, "jsp requested", 1); } }
@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if (!HttpServer2.isInstrumentationAccessAllowed(getServletContext(), request, response)) { return; } response.setContentType("text/plain; charset=UTF-8"); try (PrintStream out = new PrintStream( response.getOutputStream(), false, "UTF-8")) { ReflectionUtils.printThreadInfo(out, ""); } ReflectionUtils.logThreadInfo(LOG, "jsp requested", 1); } }
@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if (!HttpServer2.isInstrumentationAccessAllowed(getServletContext(), request, response)) { return; } response.setContentType("text/plain; charset=UTF-8"); try (PrintStream out = new PrintStream( response.getOutputStream(), false, "UTF-8")) { ReflectionUtils.printThreadInfo(out, ""); } ReflectionUtils.logThreadInfo(LOG, "jsp requested", 1); } }
@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if (!HttpServer2.isInstrumentationAccessAllowed(getServletContext(), request, response)) { return; } String format = request.getParameter(FORMAT_PARAM); if (null == format) { format = FORMAT_XML; } if (FORMAT_XML.equals(format)) { response.setContentType("text/xml; charset=utf-8"); } else if (FORMAT_JSON.equals(format)) { response.setContentType("application/json; charset=utf-8"); } Writer out = response.getWriter(); try { writeResponse(getConfFromContext(), out, format); } catch (BadFormatException bfe) { response.sendError(HttpServletResponse.SC_BAD_REQUEST, bfe.getMessage()); } out.close(); }
@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if (!HttpServer2.isInstrumentationAccessAllowed(getServletContext(), request, response)) { return; } String format = request.getParameter(FORMAT_PARAM); if (null == format) { format = FORMAT_XML; } if (FORMAT_XML.equals(format)) { response.setContentType("text/xml; charset=utf-8"); } else if (FORMAT_JSON.equals(format)) { response.setContentType("application/json; charset=utf-8"); } Writer out = response.getWriter(); try { writeResponse(getConfFromContext(), out, format); } catch (BadFormatException bfe) { response.sendError(HttpServletResponse.SC_BAD_REQUEST, bfe.getMessage()); } out.close(); }
@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if (!HttpServer2.isInstrumentationAccessAllowed(getServletContext(), request, response)) { return; } String format = request.getParameter(FORMAT_PARAM); if (null == format) { format = FORMAT_XML; } if (FORMAT_XML.equals(format)) { response.setContentType("text/xml; charset=utf-8"); } else if (FORMAT_JSON.equals(format)) { response.setContentType("application/json; charset=utf-8"); } Writer out = response.getWriter(); try { writeResponse(getConfFromContext(), out, format); } catch (BadFormatException bfe) { response.sendError(HttpServletResponse.SC_BAD_REQUEST, bfe.getMessage()); } out.close(); }
@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // If user is a static user and auth Type is null, that means // there is a non-security environment and no need authorization, // otherwise, do the authorization. final ServletContext servletContext = getServletContext(); if (!HttpServer2.isStaticUserAndNoneAuthType(servletContext, request) && !HttpServer2.isInstrumentationAccessAllowed(servletContext, request, response)) { return; } String format = request.getParameter(FORMAT_PARAM); if (null == format) { format = FORMAT_XML; } if (FORMAT_XML.equals(format)) { response.setContentType("text/xml; charset=utf-8"); } else if (FORMAT_JSON.equals(format)) { response.setContentType("application/json; charset=utf-8"); } Writer out = response.getWriter(); try { writeResponse(getConfFromContext(), out, format); } catch (BadFormatException bfe) { response.sendError(HttpServletResponse.SC_BAD_REQUEST, bfe.getMessage()); } out.close(); }
@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // If user is a static user and auth Type is null, that means // there is a non-security environment and no need authorization, // otherwise, do the authorization. final ServletContext servletContext = getServletContext(); if (!HttpServer2.isStaticUserAndNoneAuthType(servletContext, request) && !HttpServer2.isInstrumentationAccessAllowed(servletContext, request, response)) { return; } response.setContentType("text/plain; charset=UTF-8"); try (PrintStream out = new PrintStream( response.getOutputStream(), false, "UTF-8")) { ReflectionUtils.printThreadInfo(out, ""); } ReflectionUtils.logThreadInfo(LOG, "jsp requested", 1); } }
@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if (!HttpServer2.isInstrumentationAccessAllowed(getServletContext(), request, response)) { return; } String format = request.getParameter("format"); Collection<MetricsContext> allContexts = ContextFactory.getFactory().getAllContexts(); if ("json".equals(format)) { response.setContentType("application/json; charset=utf-8"); PrintWriter out = response.getWriter(); try { // Uses Jetty's built-in JSON support to convert the map into JSON. out.print(new JSON().toJSON(makeMap(allContexts))); } finally { out.close(); } } else { PrintWriter out = response.getWriter(); try { printMap(out, makeMap(allContexts)); } finally { out.close(); } } }
@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if (!HttpServer2.isInstrumentationAccessAllowed(getServletContext(), request, response)) { return; } String format = request.getParameter("format"); Collection<MetricsContext> allContexts = ContextFactory.getFactory().getAllContexts(); if ("json".equals(format)) { response.setContentType("application/json; charset=utf-8"); PrintWriter out = response.getWriter(); try { // Uses Jetty's built-in JSON support to convert the map into JSON. out.print(new JSON().toJSON(makeMap(allContexts))); } finally { out.close(); } } else { PrintWriter out = response.getWriter(); try { printMap(out, makeMap(allContexts)); } finally { out.close(); } } }
!HttpServer2.isInstrumentationAccessAllowed(servletContext, request, response)) { return;
@Test public void testRequiresAuthorizationAccess() throws Exception { Configuration conf = new Configuration(); ServletContext context = Mockito.mock(ServletContext.class); Mockito.when(context.getAttribute(HttpServer2.CONF_CONTEXT_ATTRIBUTE)).thenReturn(conf); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); HttpServletResponse response = Mockito.mock(HttpServletResponse.class); //requires admin access to instrumentation, FALSE by default Assert.assertTrue(HttpServer2.isInstrumentationAccessAllowed(context, request, response)); //requires admin access to instrumentation, TRUE conf.setBoolean(CommonConfigurationKeys.HADOOP_SECURITY_INSTRUMENTATION_REQUIRES_ADMIN, true); conf.setBoolean(CommonConfigurationKeys.HADOOP_SECURITY_AUTHORIZATION, true); AccessControlList acls = Mockito.mock(AccessControlList.class); Mockito.when(acls.isUserAllowed(Mockito.<UserGroupInformation>any())).thenReturn(false); Mockito.when(context.getAttribute(HttpServer2.ADMINS_ACL)).thenReturn(acls); Assert.assertFalse(HttpServer2.isInstrumentationAccessAllowed(context, request, response)); }
@Test public void testRequiresAuthorizationAccess() throws Exception { Configuration conf = new Configuration(); ServletContext context = Mockito.mock(ServletContext.class); Mockito.when(context.getAttribute(HttpServer2.CONF_CONTEXT_ATTRIBUTE)).thenReturn(conf); HttpServletRequest request = Mockito.mock(HttpServletRequest.class); HttpServletResponse response = Mockito.mock(HttpServletResponse.class); //requires admin access to instrumentation, FALSE by default Assert.assertTrue(HttpServer2.isInstrumentationAccessAllowed(context, request, response)); //requires admin access to instrumentation, TRUE conf.setBoolean(CommonConfigurationKeys.HADOOP_SECURITY_INSTRUMENTATION_REQUIRES_ADMIN, true); conf.setBoolean(CommonConfigurationKeys.HADOOP_SECURITY_AUTHORIZATION, true); AccessControlList acls = Mockito.mock(AccessControlList.class); Mockito.when(acls.isUserAllowed(Mockito.<UserGroupInformation>any())).thenReturn(false); Mockito.when(context.getAttribute(HttpServer2.ADMINS_ACL)).thenReturn(acls); Assert.assertFalse(HttpServer2.isInstrumentationAccessAllowed(context, request, response)); }