Google Git
Sign in
apache / hbase-site / 0082cda45f48d1755543336c908ec6d80d4ec0a9 / . / devapidocs / src-html / org / apache / hadoop / hbase / http / HttpServer.StackServlet.html
blob: 53c47066e197554a7f44fff3a2388879866e96b7 [file] [log] [blame]
<!DOCTYPE HTML>
<html lang="en">
<head>
<!-- Generated by javadoc (17) -->
<title>Source code</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="source: package: org.apache.hadoop.hbase.http, class: HttpServer, class: StackServlet">
<meta name="generator" content="javadoc/SourceToHTMLConverter">
<link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style">
</head>
<body class="source-page">
<main role="main">
<div class="source-container">
<pre><span class="source-line-no">001</span><span id="line-1">/*</span>
<span class="source-line-no">002</span><span id="line-2"> * Licensed to the Apache Software Foundation (ASF) under one</span>
<span class="source-line-no">003</span><span id="line-3"> * or more contributor license agreements. See the NOTICE file</span>
<span class="source-line-no">004</span><span id="line-4"> * distributed with this work for additional information</span>
<span class="source-line-no">005</span><span id="line-5"> * regarding copyright ownership. The ASF licenses this file</span>
<span class="source-line-no">006</span><span id="line-6"> * to you under the Apache License, Version 2.0 (the</span>
<span class="source-line-no">007</span><span id="line-7"> * "License"); you may not use this file except in compliance</span>
<span class="source-line-no">008</span><span id="line-8"> * with the License. You may obtain a copy of the License at</span>
<span class="source-line-no">009</span><span id="line-9"> *</span>
<span class="source-line-no">010</span><span id="line-10"> * http://www.apache.org/licenses/LICENSE-2.0</span>
<span class="source-line-no">011</span><span id="line-11"> *</span>
<span class="source-line-no">012</span><span id="line-12"> * Unless required by applicable law or agreed to in writing, software</span>
<span class="source-line-no">013</span><span id="line-13"> * distributed under the License is distributed on an "AS IS" BASIS,</span>
<span class="source-line-no">014</span><span id="line-14"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span>
<span class="source-line-no">015</span><span id="line-15"> * See the License for the specific language governing permissions and</span>
<span class="source-line-no">016</span><span id="line-16"> * limitations under the License.</span>
<span class="source-line-no">017</span><span id="line-17"> */</span>
<span class="source-line-no">018</span><span id="line-18">package org.apache.hadoop.hbase.http;</span>
<span class="source-line-no">019</span><span id="line-19"></span>
<span class="source-line-no">020</span><span id="line-20">import java.io.FileNotFoundException;</span>
<span class="source-line-no">021</span><span id="line-21">import java.io.IOException;</span>
<span class="source-line-no">022</span><span id="line-22">import java.io.InterruptedIOException;</span>
<span class="source-line-no">023</span><span id="line-23">import java.io.PrintStream;</span>
<span class="source-line-no">024</span><span id="line-24">import java.net.BindException;</span>
<span class="source-line-no">025</span><span id="line-25">import java.net.InetSocketAddress;</span>
<span class="source-line-no">026</span><span id="line-26">import java.net.URI;</span>
<span class="source-line-no">027</span><span id="line-27">import java.net.URISyntaxException;</span>
<span class="source-line-no">028</span><span id="line-28">import java.net.URL;</span>
<span class="source-line-no">029</span><span id="line-29">import java.nio.file.Files;</span>
<span class="source-line-no">030</span><span id="line-30">import java.nio.file.Path;</span>
<span class="source-line-no">031</span><span id="line-31">import java.nio.file.Paths;</span>
<span class="source-line-no">032</span><span id="line-32">import java.util.ArrayList;</span>
<span class="source-line-no">033</span><span id="line-33">import java.util.Collections;</span>
<span class="source-line-no">034</span><span id="line-34">import java.util.Enumeration;</span>
<span class="source-line-no">035</span><span id="line-35">import java.util.HashMap;</span>
<span class="source-line-no">036</span><span id="line-36">import java.util.List;</span>
<span class="source-line-no">037</span><span id="line-37">import java.util.Map;</span>
<span class="source-line-no">038</span><span id="line-38">import java.util.stream.Collectors;</span>
<span class="source-line-no">039</span><span id="line-39">import javax.servlet.Filter;</span>
<span class="source-line-no">040</span><span id="line-40">import javax.servlet.FilterChain;</span>
<span class="source-line-no">041</span><span id="line-41">import javax.servlet.FilterConfig;</span>
<span class="source-line-no">042</span><span id="line-42">import javax.servlet.Servlet;</span>
<span class="source-line-no">043</span><span id="line-43">import javax.servlet.ServletContext;</span>
<span class="source-line-no">044</span><span id="line-44">import javax.servlet.ServletException;</span>
<span class="source-line-no">045</span><span id="line-45">import javax.servlet.ServletRequest;</span>
<span class="source-line-no">046</span><span id="line-46">import javax.servlet.ServletResponse;</span>
<span class="source-line-no">047</span><span id="line-47">import javax.servlet.http.HttpServlet;</span>
<span class="source-line-no">048</span><span id="line-48">import javax.servlet.http.HttpServletRequest;</span>
<span class="source-line-no">049</span><span id="line-49">import javax.servlet.http.HttpServletRequestWrapper;</span>
<span class="source-line-no">050</span><span id="line-50">import javax.servlet.http.HttpServletResponse;</span>
<span class="source-line-no">051</span><span id="line-51">import org.apache.hadoop.HadoopIllegalArgumentException;</span>
<span class="source-line-no">052</span><span id="line-52">import org.apache.hadoop.conf.Configuration;</span>
<span class="source-line-no">053</span><span id="line-53">import org.apache.hadoop.fs.CommonConfigurationKeys;</span>
<span class="source-line-no">054</span><span id="line-54">import org.apache.hadoop.hbase.HBaseInterfaceAudience;</span>
<span class="source-line-no">055</span><span id="line-55">import org.apache.hadoop.hbase.http.conf.ConfServlet;</span>
<span class="source-line-no">056</span><span id="line-56">import org.apache.hadoop.hbase.http.log.LogLevel;</span>
<span class="source-line-no">057</span><span id="line-57">import org.apache.hadoop.hbase.util.ReflectionUtils;</span>
<span class="source-line-no">058</span><span id="line-58">import org.apache.hadoop.hbase.util.Threads;</span>
<span class="source-line-no">059</span><span id="line-59">import org.apache.hadoop.security.AuthenticationFilterInitializer;</span>
<span class="source-line-no">060</span><span id="line-60">import org.apache.hadoop.security.SecurityUtil;</span>
<span class="source-line-no">061</span><span id="line-61">import org.apache.hadoop.security.UserGroupInformation;</span>
<span class="source-line-no">062</span><span id="line-62">import org.apache.hadoop.security.authentication.server.AuthenticationFilter;</span>
<span class="source-line-no">063</span><span id="line-63">import org.apache.hadoop.security.authorize.AccessControlList;</span>
<span class="source-line-no">064</span><span id="line-64">import org.apache.hadoop.security.authorize.ProxyUsers;</span>
<span class="source-line-no">065</span><span id="line-65">import org.apache.hadoop.util.Shell;</span>
<span class="source-line-no">066</span><span id="line-66">import org.apache.hadoop.util.StringUtils;</span>
<span class="source-line-no">067</span><span id="line-67">import org.apache.yetus.audience.InterfaceAudience;</span>
<span class="source-line-no">068</span><span id="line-68">import org.apache.yetus.audience.InterfaceStability;</span>
<span class="source-line-no">069</span><span id="line-69">import org.slf4j.Logger;</span>
<span class="source-line-no">070</span><span id="line-70">import org.slf4j.LoggerFactory;</span>
<span class="source-line-no">071</span><span id="line-71"></span>
<span class="source-line-no">072</span><span id="line-72">import org.apache.hbase.thirdparty.com.google.common.base.Preconditions;</span>
<span class="source-line-no">073</span><span id="line-73">import org.apache.hbase.thirdparty.com.google.common.collect.ImmutableMap;</span>
<span class="source-line-no">074</span><span id="line-74">import org.apache.hbase.thirdparty.com.google.common.collect.Lists;</span>
<span class="source-line-no">075</span><span id="line-75">import org.apache.hbase.thirdparty.org.eclipse.jetty.http.HttpVersion;</span>
<span class="source-line-no">076</span><span id="line-76">import org.apache.hbase.thirdparty.org.eclipse.jetty.server.Handler;</span>
<span class="source-line-no">077</span><span id="line-77">import org.apache.hbase.thirdparty.org.eclipse.jetty.server.HttpConfiguration;</span>
<span class="source-line-no">078</span><span id="line-78">import org.apache.hbase.thirdparty.org.eclipse.jetty.server.HttpConnectionFactory;</span>
<span class="source-line-no">079</span><span id="line-79">import org.apache.hbase.thirdparty.org.eclipse.jetty.server.RequestLog;</span>
<span class="source-line-no">080</span><span id="line-80">import org.apache.hbase.thirdparty.org.eclipse.jetty.server.SecureRequestCustomizer;</span>
<span class="source-line-no">081</span><span id="line-81">import org.apache.hbase.thirdparty.org.eclipse.jetty.server.Server;</span>
<span class="source-line-no">082</span><span id="line-82">import org.apache.hbase.thirdparty.org.eclipse.jetty.server.ServerConnector;</span>
<span class="source-line-no">083</span><span id="line-83">import org.apache.hbase.thirdparty.org.eclipse.jetty.server.SslConnectionFactory;</span>
<span class="source-line-no">084</span><span id="line-84">import org.apache.hbase.thirdparty.org.eclipse.jetty.server.SymlinkAllowedResourceAliasChecker;</span>
<span class="source-line-no">085</span><span id="line-85">import org.apache.hbase.thirdparty.org.eclipse.jetty.server.handler.ContextHandlerCollection;</span>
<span class="source-line-no">086</span><span id="line-86">import org.apache.hbase.thirdparty.org.eclipse.jetty.server.handler.ErrorHandler;</span>
<span class="source-line-no">087</span><span id="line-87">import org.apache.hbase.thirdparty.org.eclipse.jetty.server.handler.HandlerCollection;</span>
<span class="source-line-no">088</span><span id="line-88">import org.apache.hbase.thirdparty.org.eclipse.jetty.server.handler.RequestLogHandler;</span>
<span class="source-line-no">089</span><span id="line-89">import org.apache.hbase.thirdparty.org.eclipse.jetty.server.handler.gzip.GzipHandler;</span>
<span class="source-line-no">090</span><span id="line-90">import org.apache.hbase.thirdparty.org.eclipse.jetty.servlet.DefaultServlet;</span>
<span class="source-line-no">091</span><span id="line-91">import org.apache.hbase.thirdparty.org.eclipse.jetty.servlet.FilterHolder;</span>
<span class="source-line-no">092</span><span id="line-92">import org.apache.hbase.thirdparty.org.eclipse.jetty.servlet.FilterMapping;</span>
<span class="source-line-no">093</span><span id="line-93">import org.apache.hbase.thirdparty.org.eclipse.jetty.servlet.ServletContextHandler;</span>
<span class="source-line-no">094</span><span id="line-94">import org.apache.hbase.thirdparty.org.eclipse.jetty.servlet.ServletHolder;</span>
<span class="source-line-no">095</span><span id="line-95">import org.apache.hbase.thirdparty.org.eclipse.jetty.util.MultiException;</span>
<span class="source-line-no">096</span><span id="line-96">import org.apache.hbase.thirdparty.org.eclipse.jetty.util.ssl.SslContextFactory;</span>
<span class="source-line-no">097</span><span id="line-97">import org.apache.hbase.thirdparty.org.eclipse.jetty.util.thread.QueuedThreadPool;</span>
<span class="source-line-no">098</span><span id="line-98">import org.apache.hbase.thirdparty.org.eclipse.jetty.webapp.WebAppContext;</span>
<span class="source-line-no">099</span><span id="line-99">import org.apache.hbase.thirdparty.org.glassfish.jersey.server.ResourceConfig;</span>
<span class="source-line-no">100</span><span id="line-100">import org.apache.hbase.thirdparty.org.glassfish.jersey.servlet.ServletContainer;</span>
<span class="source-line-no">101</span><span id="line-101"></span>
<span class="source-line-no">102</span><span id="line-102">/**</span>
<span class="source-line-no">103</span><span id="line-103"> * Create a Jetty embedded server to answer http requests. The primary goal is to serve up status</span>
<span class="source-line-no">104</span><span id="line-104"> * information for the server. There are three contexts: "/logs/" -&amp;gt; points to the log directory</span>
<span class="source-line-no">105</span><span id="line-105"> * "/static/" -&amp;gt; points to common static files (src/webapps/static) "/" -&amp;gt; the jsp server code</span>
<span class="source-line-no">106</span><span id="line-106"> * from (src/webapps/&amp;lt;name&amp;gt;)</span>
<span class="source-line-no">107</span><span id="line-107"> */</span>
<span class="source-line-no">108</span><span id="line-108">@InterfaceAudience.Private</span>
<span class="source-line-no">109</span><span id="line-109">@InterfaceStability.Evolving</span>
<span class="source-line-no">110</span><span id="line-110">public class HttpServer implements FilterContainer {</span>
<span class="source-line-no">111</span><span id="line-111"> private static final Logger LOG = LoggerFactory.getLogger(HttpServer.class);</span>
<span class="source-line-no">112</span><span id="line-112"> private static final String EMPTY_STRING = "";</span>
<span class="source-line-no">113</span><span id="line-113"></span>
<span class="source-line-no">114</span><span id="line-114"> // Jetty's max header size is Character.MAX_VALUE - 1, See ArrayTernaryTrie for more details</span>
<span class="source-line-no">115</span><span id="line-115"> // And in newer jetty version, they add a check when creating a server so we must follow this</span>
<span class="source-line-no">116</span><span id="line-116"> // limitation otherwise the UTs will fail</span>
<span class="source-line-no">117</span><span id="line-117"> private static final int DEFAULT_MAX_HEADER_SIZE = Character.MAX_VALUE - 1;</span>
<span class="source-line-no">118</span><span id="line-118"></span>
<span class="source-line-no">119</span><span id="line-119"> // Add configuration for jetty idle timeout</span>
<span class="source-line-no">120</span><span id="line-120"> private static final String HTTP_JETTY_IDLE_TIMEOUT = "hbase.ui.connection.idleTimeout";</span>
<span class="source-line-no">121</span><span id="line-121"> // Default jetty idle timeout</span>
<span class="source-line-no">122</span><span id="line-122"> private static final long DEFAULT_HTTP_JETTY_IDLE_TIMEOUT = 30000;</span>
<span class="source-line-no">123</span><span id="line-123"></span>
<span class="source-line-no">124</span><span id="line-124"> static final String FILTER_INITIALIZERS_PROPERTY = "hbase.http.filter.initializers";</span>
<span class="source-line-no">125</span><span id="line-125"> static final String HTTP_MAX_THREADS = "hbase.http.max.threads";</span>
<span class="source-line-no">126</span><span id="line-126"></span>
<span class="source-line-no">127</span><span id="line-127"> public static final String HTTP_UI_AUTHENTICATION = "hbase.security.authentication.ui";</span>
<span class="source-line-no">128</span><span id="line-128"> static final String HTTP_AUTHENTICATION_PREFIX = "hbase.security.authentication.";</span>
<span class="source-line-no">129</span><span id="line-129"> static final String HTTP_SPNEGO_AUTHENTICATION_PREFIX = HTTP_AUTHENTICATION_PREFIX + "spnego.";</span>
<span class="source-line-no">130</span><span id="line-130"> static final String HTTP_SPNEGO_AUTHENTICATION_PRINCIPAL_SUFFIX = "kerberos.principal";</span>
<span class="source-line-no">131</span><span id="line-131"> public static final String HTTP_SPNEGO_AUTHENTICATION_PRINCIPAL_KEY =</span>
<span class="source-line-no">132</span><span id="line-132"> HTTP_SPNEGO_AUTHENTICATION_PREFIX + HTTP_SPNEGO_AUTHENTICATION_PRINCIPAL_SUFFIX;</span>
<span class="source-line-no">133</span><span id="line-133"> static final String HTTP_SPNEGO_AUTHENTICATION_KEYTAB_SUFFIX = "kerberos.keytab";</span>
<span class="source-line-no">134</span><span id="line-134"> public static final String HTTP_SPNEGO_AUTHENTICATION_KEYTAB_KEY =</span>
<span class="source-line-no">135</span><span id="line-135"> HTTP_SPNEGO_AUTHENTICATION_PREFIX + HTTP_SPNEGO_AUTHENTICATION_KEYTAB_SUFFIX;</span>
<span class="source-line-no">136</span><span id="line-136"> static final String HTTP_SPNEGO_AUTHENTICATION_KRB_NAME_SUFFIX = "kerberos.name.rules";</span>
<span class="source-line-no">137</span><span id="line-137"> public static final String HTTP_SPNEGO_AUTHENTICATION_KRB_NAME_KEY =</span>
<span class="source-line-no">138</span><span id="line-138"> HTTP_SPNEGO_AUTHENTICATION_PREFIX + HTTP_SPNEGO_AUTHENTICATION_KRB_NAME_SUFFIX;</span>
<span class="source-line-no">139</span><span id="line-139"> static final String HTTP_SPNEGO_AUTHENTICATION_PROXYUSER_ENABLE_SUFFIX =</span>
<span class="source-line-no">140</span><span id="line-140"> "kerberos.proxyuser.enable";</span>
<span class="source-line-no">141</span><span id="line-141"> public static final String HTTP_SPNEGO_AUTHENTICATION_PROXYUSER_ENABLE_KEY =</span>
<span class="source-line-no">142</span><span id="line-142"> HTTP_SPNEGO_AUTHENTICATION_PREFIX + HTTP_SPNEGO_AUTHENTICATION_PROXYUSER_ENABLE_SUFFIX;</span>
<span class="source-line-no">143</span><span id="line-143"> public static final boolean HTTP_SPNEGO_AUTHENTICATION_PROXYUSER_ENABLE_DEFAULT = false;</span>
<span class="source-line-no">144</span><span id="line-144"> static final String HTTP_AUTHENTICATION_SIGNATURE_SECRET_FILE_SUFFIX = "signature.secret.file";</span>
<span class="source-line-no">145</span><span id="line-145"> public static final String HTTP_AUTHENTICATION_SIGNATURE_SECRET_FILE_KEY =</span>
<span class="source-line-no">146</span><span id="line-146"> HTTP_AUTHENTICATION_PREFIX + HTTP_AUTHENTICATION_SIGNATURE_SECRET_FILE_SUFFIX;</span>
<span class="source-line-no">147</span><span id="line-147"> public static final String HTTP_SPNEGO_AUTHENTICATION_ADMIN_USERS_KEY =</span>
<span class="source-line-no">148</span><span id="line-148"> HTTP_SPNEGO_AUTHENTICATION_PREFIX + "admin.users";</span>
<span class="source-line-no">149</span><span id="line-149"> public static final String HTTP_SPNEGO_AUTHENTICATION_ADMIN_GROUPS_KEY =</span>
<span class="source-line-no">150</span><span id="line-150"> HTTP_SPNEGO_AUTHENTICATION_PREFIX + "admin.groups";</span>
<span class="source-line-no">151</span><span id="line-151"> public static final String HTTP_PRIVILEGED_CONF_KEY =</span>
<span class="source-line-no">152</span><span id="line-152"> "hbase.security.authentication.ui.config.protected";</span>
<span class="source-line-no">153</span><span id="line-153"> public static final String HTTP_UI_NO_CACHE_ENABLE_KEY = "hbase.http.filter.no-store.enable";</span>
<span class="source-line-no">154</span><span id="line-154"> public static final boolean HTTP_PRIVILEGED_CONF_DEFAULT = false;</span>
<span class="source-line-no">155</span><span id="line-155"></span>
<span class="source-line-no">156</span><span id="line-156"> // The ServletContext attribute where the daemon Configuration</span>
<span class="source-line-no">157</span><span id="line-157"> // gets stored.</span>
<span class="source-line-no">158</span><span id="line-158"> public static final String CONF_CONTEXT_ATTRIBUTE = "hbase.conf";</span>
<span class="source-line-no">159</span><span id="line-159"> public static final String ADMINS_ACL = "admins.acl";</span>
<span class="source-line-no">160</span><span id="line-160"> public static final String BIND_ADDRESS = "bind.address";</span>
<span class="source-line-no">161</span><span id="line-161"> public static final String SPNEGO_FILTER = "SpnegoFilter";</span>
<span class="source-line-no">162</span><span id="line-162"> public static final String SPNEGO_PROXYUSER_FILTER = "SpnegoProxyUserFilter";</span>
<span class="source-line-no">163</span><span id="line-163"> public static final String NO_CACHE_FILTER = "NoCacheFilter";</span>
<span class="source-line-no">164</span><span id="line-164"> public static final String APP_DIR = "webapps";</span>
<span class="source-line-no">165</span><span id="line-165"> public static final String HTTP_UI_SHOW_STACKTRACE_KEY = "hbase.ui.show-stack-traces";</span>
<span class="source-line-no">166</span><span id="line-166"></span>
<span class="source-line-no">167</span><span id="line-167"> public static final String METRIC_SERVLETS_CONF_KEY = "hbase.http.metrics.servlets";</span>
<span class="source-line-no">168</span><span id="line-168"> public static final String[] METRICS_SERVLETS_DEFAULT = { "jmx", "metrics", "prometheus" };</span>
<span class="source-line-no">169</span><span id="line-169"> private static final ImmutableMap&lt;String,</span>
<span class="source-line-no">170</span><span id="line-170"> ServletConfig&gt; METRIC_SERVLETS = new ImmutableMap.Builder&lt;String, ServletConfig&gt;()</span>
<span class="source-line-no">171</span><span id="line-171"> .put("jmx",</span>
<span class="source-line-no">172</span><span id="line-172"> new ServletConfig("jmx", "/jmx", "org.apache.hadoop.hbase.http.jmx.JMXJsonServlet"))</span>
<span class="source-line-no">173</span><span id="line-173"> .put("metrics",</span>
<span class="source-line-no">174</span><span id="line-174"> // MetricsServlet is deprecated in hadoop 2.8 and removed in 3.0. We shouldn't expect it,</span>
<span class="source-line-no">175</span><span id="line-175"> // so pass false so that we don't create a noisy warn during instantiation.</span>
<span class="source-line-no">176</span><span id="line-176"> new ServletConfig("metrics", "/metrics", "org.apache.hadoop.metrics.MetricsServlet", false))</span>
<span class="source-line-no">177</span><span id="line-177"> .put("prometheus", new ServletConfig("prometheus", "/prometheus",</span>
<span class="source-line-no">178</span><span id="line-178"> "org.apache.hadoop.hbase.http.prometheus.PrometheusHadoopServlet"))</span>
<span class="source-line-no">179</span><span id="line-179"> .build();</span>
<span class="source-line-no">180</span><span id="line-180"></span>
<span class="source-line-no">181</span><span id="line-181"> private final AccessControlList adminsAcl;</span>
<span class="source-line-no">182</span><span id="line-182"></span>
<span class="source-line-no">183</span><span id="line-183"> protected final Server webServer;</span>
<span class="source-line-no">184</span><span id="line-184"> protected String appDir;</span>
<span class="source-line-no">185</span><span id="line-185"> protected String logDir;</span>
<span class="source-line-no">186</span><span id="line-186"></span>
<span class="source-line-no">187</span><span id="line-187"> private static final class ListenerInfo {</span>
<span class="source-line-no">188</span><span id="line-188"> /**</span>
<span class="source-line-no">189</span><span id="line-189"> * Boolean flag to determine whether the HTTP server should clean up the listener in stop().</span>
<span class="source-line-no">190</span><span id="line-190"> */</span>
<span class="source-line-no">191</span><span id="line-191"> private final boolean isManaged;</span>
<span class="source-line-no">192</span><span id="line-192"> private final ServerConnector listener;</span>
<span class="source-line-no">193</span><span id="line-193"></span>
<span class="source-line-no">194</span><span id="line-194"> private ListenerInfo(boolean isManaged, ServerConnector listener) {</span>
<span class="source-line-no">195</span><span id="line-195"> this.isManaged = isManaged;</span>
<span class="source-line-no">196</span><span id="line-196"> this.listener = listener;</span>
<span class="source-line-no">197</span><span id="line-197"> }</span>
<span class="source-line-no">198</span><span id="line-198"> }</span>
<span class="source-line-no">199</span><span id="line-199"></span>
<span class="source-line-no">200</span><span id="line-200"> private final List&lt;ListenerInfo&gt; listeners = Lists.newArrayList();</span>
<span class="source-line-no">201</span><span id="line-201"></span>
<span class="source-line-no">202</span><span id="line-202"> public List&lt;ServerConnector&gt; getServerConnectors() {</span>
<span class="source-line-no">203</span><span id="line-203"> return listeners.stream().map(info -&gt; info.listener).collect(Collectors.toList());</span>
<span class="source-line-no">204</span><span id="line-204"> }</span>
<span class="source-line-no">205</span><span id="line-205"></span>
<span class="source-line-no">206</span><span id="line-206"> protected final WebAppContext webAppContext;</span>
<span class="source-line-no">207</span><span id="line-207"> protected final boolean findPort;</span>
<span class="source-line-no">208</span><span id="line-208"> protected final Map&lt;ServletContextHandler, Boolean&gt; defaultContexts = new HashMap&lt;&gt;();</span>
<span class="source-line-no">209</span><span id="line-209"> protected final List&lt;String&gt; filterNames = new ArrayList&lt;&gt;();</span>
<span class="source-line-no">210</span><span id="line-210"> protected final boolean authenticationEnabled;</span>
<span class="source-line-no">211</span><span id="line-211"> static final String STATE_DESCRIPTION_ALIVE = " - alive";</span>
<span class="source-line-no">212</span><span id="line-212"> static final String STATE_DESCRIPTION_NOT_LIVE = " - not live";</span>
<span class="source-line-no">213</span><span id="line-213"></span>
<span class="source-line-no">214</span><span id="line-214"> /**</span>
<span class="source-line-no">215</span><span id="line-215"> * Class to construct instances of HTTP server with specific options.</span>
<span class="source-line-no">216</span><span id="line-216"> */</span>
<span class="source-line-no">217</span><span id="line-217"> public static class Builder {</span>
<span class="source-line-no">218</span><span id="line-218"> private ArrayList&lt;URI&gt; endpoints = Lists.newArrayList();</span>
<span class="source-line-no">219</span><span id="line-219"> private Configuration conf;</span>
<span class="source-line-no">220</span><span id="line-220"> private String[] pathSpecs;</span>
<span class="source-line-no">221</span><span id="line-221"> private AccessControlList adminsAcl;</span>
<span class="source-line-no">222</span><span id="line-222"> private boolean securityEnabled = false;</span>
<span class="source-line-no">223</span><span id="line-223"> private String usernameConfKey;</span>
<span class="source-line-no">224</span><span id="line-224"> private String keytabConfKey;</span>
<span class="source-line-no">225</span><span id="line-225"> private boolean needsClientAuth;</span>
<span class="source-line-no">226</span><span id="line-226"> private String excludeCiphers;</span>
<span class="source-line-no">227</span><span id="line-227"></span>
<span class="source-line-no">228</span><span id="line-228"> private String hostName;</span>
<span class="source-line-no">229</span><span id="line-229"> private String appDir = APP_DIR;</span>
<span class="source-line-no">230</span><span id="line-230"> private String logDir;</span>
<span class="source-line-no">231</span><span id="line-231"> private boolean findPort;</span>
<span class="source-line-no">232</span><span id="line-232"></span>
<span class="source-line-no">233</span><span id="line-233"> private String trustStore;</span>
<span class="source-line-no">234</span><span id="line-234"> private String trustStorePassword;</span>
<span class="source-line-no">235</span><span id="line-235"> private String trustStoreType;</span>
<span class="source-line-no">236</span><span id="line-236"></span>
<span class="source-line-no">237</span><span id="line-237"> private String keyStore;</span>
<span class="source-line-no">238</span><span id="line-238"> private String keyStorePassword;</span>
<span class="source-line-no">239</span><span id="line-239"> private String keyStoreType;</span>
<span class="source-line-no">240</span><span id="line-240"></span>
<span class="source-line-no">241</span><span id="line-241"> // The -keypass option in keytool</span>
<span class="source-line-no">242</span><span id="line-242"> private String keyPassword;</span>
<span class="source-line-no">243</span><span id="line-243"></span>
<span class="source-line-no">244</span><span id="line-244"> private String kerberosNameRulesKey;</span>
<span class="source-line-no">245</span><span id="line-245"> private String signatureSecretFileKey;</span>
<span class="source-line-no">246</span><span id="line-246"></span>
<span class="source-line-no">247</span><span id="line-247"> /**</span>
<span class="source-line-no">248</span><span id="line-248"> * @see #setAppDir(String)</span>
<span class="source-line-no">249</span><span id="line-249"> * @deprecated Since 0.99.0. Use builder pattern via {@link #setAppDir(String)} instead.</span>
<span class="source-line-no">250</span><span id="line-250"> */</span>
<span class="source-line-no">251</span><span id="line-251"> @Deprecated</span>
<span class="source-line-no">252</span><span id="line-252"> private String name;</span>
<span class="source-line-no">253</span><span id="line-253"> /**</span>
<span class="source-line-no">254</span><span id="line-254"> * @see #addEndpoint(URI)</span>
<span class="source-line-no">255</span><span id="line-255"> * @deprecated Since 0.99.0. Use builder pattern via {@link #addEndpoint(URI)} instead.</span>
<span class="source-line-no">256</span><span id="line-256"> */</span>
<span class="source-line-no">257</span><span id="line-257"> @Deprecated</span>
<span class="source-line-no">258</span><span id="line-258"> private String bindAddress;</span>
<span class="source-line-no">259</span><span id="line-259"> /**</span>
<span class="source-line-no">260</span><span id="line-260"> * @see #addEndpoint(URI)</span>
<span class="source-line-no">261</span><span id="line-261"> * @deprecated Since 0.99.0. Use builder pattern via {@link #addEndpoint(URI)} instead.</span>
<span class="source-line-no">262</span><span id="line-262"> */</span>
<span class="source-line-no">263</span><span id="line-263"> @Deprecated</span>
<span class="source-line-no">264</span><span id="line-264"> private int port = -1;</span>
<span class="source-line-no">265</span><span id="line-265"></span>
<span class="source-line-no">266</span><span id="line-266"> /**</span>
<span class="source-line-no">267</span><span id="line-267"> * Add an endpoint that the HTTP server should listen to. the endpoint of that the HTTP server</span>
<span class="source-line-no">268</span><span id="line-268"> * should listen to. The scheme specifies the protocol (i.e. HTTP / HTTPS), the host specifies</span>
<span class="source-line-no">269</span><span id="line-269"> * the binding address, and the port specifies the listening port. Unspecified or zero port</span>
<span class="source-line-no">270</span><span id="line-270"> * means that the server can listen to any port.</span>
<span class="source-line-no">271</span><span id="line-271"> */</span>
<span class="source-line-no">272</span><span id="line-272"> public Builder addEndpoint(URI endpoint) {</span>
<span class="source-line-no">273</span><span id="line-273"> endpoints.add(endpoint);</span>
<span class="source-line-no">274</span><span id="line-274"> return this;</span>
<span class="source-line-no">275</span><span id="line-275"> }</span>
<span class="source-line-no">276</span><span id="line-276"></span>
<span class="source-line-no">277</span><span id="line-277"> /**</span>
<span class="source-line-no">278</span><span id="line-278"> * Set the hostname of the http server. The host name is used to resolve the _HOST field in</span>
<span class="source-line-no">279</span><span id="line-279"> * Kerberos principals. The hostname of the first listener will be used if the name is</span>
<span class="source-line-no">280</span><span id="line-280"> * unspecified.</span>
<span class="source-line-no">281</span><span id="line-281"> */</span>
<span class="source-line-no">282</span><span id="line-282"> public Builder hostName(String hostName) {</span>
<span class="source-line-no">283</span><span id="line-283"> this.hostName = hostName;</span>
<span class="source-line-no">284</span><span id="line-284"> return this;</span>
<span class="source-line-no">285</span><span id="line-285"> }</span>
<span class="source-line-no">286</span><span id="line-286"></span>
<span class="source-line-no">287</span><span id="line-287"> public Builder trustStore(String location, String password, String type) {</span>
<span class="source-line-no">288</span><span id="line-288"> this.trustStore = location;</span>
<span class="source-line-no">289</span><span id="line-289"> this.trustStorePassword = password;</span>
<span class="source-line-no">290</span><span id="line-290"> this.trustStoreType = type;</span>
<span class="source-line-no">291</span><span id="line-291"> return this;</span>
<span class="source-line-no">292</span><span id="line-292"> }</span>
<span class="source-line-no">293</span><span id="line-293"></span>
<span class="source-line-no">294</span><span id="line-294"> public Builder keyStore(String location, String password, String type) {</span>
<span class="source-line-no">295</span><span id="line-295"> this.keyStore = location;</span>
<span class="source-line-no">296</span><span id="line-296"> this.keyStorePassword = password;</span>
<span class="source-line-no">297</span><span id="line-297"> this.keyStoreType = type;</span>
<span class="source-line-no">298</span><span id="line-298"> return this;</span>
<span class="source-line-no">299</span><span id="line-299"> }</span>
<span class="source-line-no">300</span><span id="line-300"></span>
<span class="source-line-no">301</span><span id="line-301"> public Builder keyPassword(String password) {</span>
<span class="source-line-no">302</span><span id="line-302"> this.keyPassword = password;</span>
<span class="source-line-no">303</span><span id="line-303"> return this;</span>
<span class="source-line-no">304</span><span id="line-304"> }</span>
<span class="source-line-no">305</span><span id="line-305"></span>
<span class="source-line-no">306</span><span id="line-306"> /**</span>
<span class="source-line-no">307</span><span id="line-307"> * Specify whether the server should authorize the client in SSL connections.</span>
<span class="source-line-no">308</span><span id="line-308"> */</span>
<span class="source-line-no">309</span><span id="line-309"> public Builder needsClientAuth(boolean value) {</span>
<span class="source-line-no">310</span><span id="line-310"> this.needsClientAuth = value;</span>
<span class="source-line-no">311</span><span id="line-311"> return this;</span>
<span class="source-line-no">312</span><span id="line-312"> }</span>
<span class="source-line-no">313</span><span id="line-313"></span>
<span class="source-line-no">314</span><span id="line-314"> /**</span>
<span class="source-line-no">315</span><span id="line-315"> * @see #setAppDir(String)</span>
<span class="source-line-no">316</span><span id="line-316"> * @deprecated Since 0.99.0. Use {@link #setAppDir(String)} instead.</span>
<span class="source-line-no">317</span><span id="line-317"> */</span>
<span class="source-line-no">318</span><span id="line-318"> @Deprecated</span>
<span class="source-line-no">319</span><span id="line-319"> public Builder setName(String name) {</span>
<span class="source-line-no">320</span><span id="line-320"> this.name = name;</span>
<span class="source-line-no">321</span><span id="line-321"> return this;</span>
<span class="source-line-no">322</span><span id="line-322"> }</span>
<span class="source-line-no">323</span><span id="line-323"></span>
<span class="source-line-no">324</span><span id="line-324"> /**</span>
<span class="source-line-no">325</span><span id="line-325"> * @see #addEndpoint(URI)</span>
<span class="source-line-no">326</span><span id="line-326"> * @deprecated Since 0.99.0. Use {@link #addEndpoint(URI)} instead.</span>
<span class="source-line-no">327</span><span id="line-327"> */</span>
<span class="source-line-no">328</span><span id="line-328"> @Deprecated</span>
<span class="source-line-no">329</span><span id="line-329"> public Builder setBindAddress(String bindAddress) {</span>
<span class="source-line-no">330</span><span id="line-330"> this.bindAddress = bindAddress;</span>
<span class="source-line-no">331</span><span id="line-331"> return this;</span>
<span class="source-line-no">332</span><span id="line-332"> }</span>
<span class="source-line-no">333</span><span id="line-333"></span>
<span class="source-line-no">334</span><span id="line-334"> /**</span>
<span class="source-line-no">335</span><span id="line-335"> * @see #addEndpoint(URI)</span>
<span class="source-line-no">336</span><span id="line-336"> * @deprecated Since 0.99.0. Use {@link #addEndpoint(URI)} instead.</span>
<span class="source-line-no">337</span><span id="line-337"> */</span>
<span class="source-line-no">338</span><span id="line-338"> @Deprecated</span>
<span class="source-line-no">339</span><span id="line-339"> public Builder setPort(int port) {</span>
<span class="source-line-no">340</span><span id="line-340"> this.port = port;</span>
<span class="source-line-no">341</span><span id="line-341"> return this;</span>
<span class="source-line-no">342</span><span id="line-342"> }</span>
<span class="source-line-no">343</span><span id="line-343"></span>
<span class="source-line-no">344</span><span id="line-344"> public Builder setFindPort(boolean findPort) {</span>
<span class="source-line-no">345</span><span id="line-345"> this.findPort = findPort;</span>
<span class="source-line-no">346</span><span id="line-346"> return this;</span>
<span class="source-line-no">347</span><span id="line-347"> }</span>
<span class="source-line-no">348</span><span id="line-348"></span>
<span class="source-line-no">349</span><span id="line-349"> public Builder setConf(Configuration conf) {</span>
<span class="source-line-no">350</span><span id="line-350"> this.conf = conf;</span>
<span class="source-line-no">351</span><span id="line-351"> return this;</span>
<span class="source-line-no">352</span><span id="line-352"> }</span>
<span class="source-line-no">353</span><span id="line-353"></span>
<span class="source-line-no">354</span><span id="line-354"> public Builder setPathSpec(String[] pathSpec) {</span>
<span class="source-line-no">355</span><span id="line-355"> this.pathSpecs = pathSpec;</span>
<span class="source-line-no">356</span><span id="line-356"> return this;</span>
<span class="source-line-no">357</span><span id="line-357"> }</span>
<span class="source-line-no">358</span><span id="line-358"></span>
<span class="source-line-no">359</span><span id="line-359"> public Builder setACL(AccessControlList acl) {</span>
<span class="source-line-no">360</span><span id="line-360"> this.adminsAcl = acl;</span>
<span class="source-line-no">361</span><span id="line-361"> return this;</span>
<span class="source-line-no">362</span><span id="line-362"> }</span>
<span class="source-line-no">363</span><span id="line-363"></span>
<span class="source-line-no">364</span><span id="line-364"> public Builder setSecurityEnabled(boolean securityEnabled) {</span>
<span class="source-line-no">365</span><span id="line-365"> this.securityEnabled = securityEnabled;</span>
<span class="source-line-no">366</span><span id="line-366"> return this;</span>
<span class="source-line-no">367</span><span id="line-367"> }</span>
<span class="source-line-no">368</span><span id="line-368"></span>
<span class="source-line-no">369</span><span id="line-369"> public Builder setUsernameConfKey(String usernameConfKey) {</span>
<span class="source-line-no">370</span><span id="line-370"> this.usernameConfKey = usernameConfKey;</span>
<span class="source-line-no">371</span><span id="line-371"> return this;</span>
<span class="source-line-no">372</span><span id="line-372"> }</span>
<span class="source-line-no">373</span><span id="line-373"></span>
<span class="source-line-no">374</span><span id="line-374"> public Builder setKeytabConfKey(String keytabConfKey) {</span>
<span class="source-line-no">375</span><span id="line-375"> this.keytabConfKey = keytabConfKey;</span>
<span class="source-line-no">376</span><span id="line-376"> return this;</span>
<span class="source-line-no">377</span><span id="line-377"> }</span>
<span class="source-line-no">378</span><span id="line-378"></span>
<span class="source-line-no">379</span><span id="line-379"> public Builder setKerberosNameRulesKey(String kerberosNameRulesKey) {</span>
<span class="source-line-no">380</span><span id="line-380"> this.kerberosNameRulesKey = kerberosNameRulesKey;</span>
<span class="source-line-no">381</span><span id="line-381"> return this;</span>
<span class="source-line-no">382</span><span id="line-382"> }</span>
<span class="source-line-no">383</span><span id="line-383"></span>
<span class="source-line-no">384</span><span id="line-384"> public Builder setSignatureSecretFileKey(String signatureSecretFileKey) {</span>
<span class="source-line-no">385</span><span id="line-385"> this.signatureSecretFileKey = signatureSecretFileKey;</span>
<span class="source-line-no">386</span><span id="line-386"> return this;</span>
<span class="source-line-no">387</span><span id="line-387"> }</span>
<span class="source-line-no">388</span><span id="line-388"></span>
<span class="source-line-no">389</span><span id="line-389"> public Builder setAppDir(String appDir) {</span>
<span class="source-line-no">390</span><span id="line-390"> this.appDir = appDir;</span>
<span class="source-line-no">391</span><span id="line-391"> return this;</span>
<span class="source-line-no">392</span><span id="line-392"> }</span>
<span class="source-line-no">393</span><span id="line-393"></span>
<span class="source-line-no">394</span><span id="line-394"> public Builder setLogDir(String logDir) {</span>
<span class="source-line-no">395</span><span id="line-395"> this.logDir = logDir;</span>
<span class="source-line-no">396</span><span id="line-396"> return this;</span>
<span class="source-line-no">397</span><span id="line-397"> }</span>
<span class="source-line-no">398</span><span id="line-398"></span>
<span class="source-line-no">399</span><span id="line-399"> public void excludeCiphers(String excludeCiphers) {</span>
<span class="source-line-no">400</span><span id="line-400"> this.excludeCiphers = excludeCiphers;</span>
<span class="source-line-no">401</span><span id="line-401"> }</span>
<span class="source-line-no">402</span><span id="line-402"></span>
<span class="source-line-no">403</span><span id="line-403"> public HttpServer build() throws IOException {</span>
<span class="source-line-no">404</span><span id="line-404"></span>
<span class="source-line-no">405</span><span id="line-405"> // Do we still need to assert this non null name if it is deprecated?</span>
<span class="source-line-no">406</span><span id="line-406"> if (this.name == null) {</span>
<span class="source-line-no">407</span><span id="line-407"> throw new HadoopIllegalArgumentException("name is not set");</span>
<span class="source-line-no">408</span><span id="line-408"> }</span>
<span class="source-line-no">409</span><span id="line-409"></span>
<span class="source-line-no">410</span><span id="line-410"> // Make the behavior compatible with deprecated interfaces</span>
<span class="source-line-no">411</span><span id="line-411"> if (bindAddress != null &amp;&amp; port != -1) {</span>
<span class="source-line-no">412</span><span id="line-412"> try {</span>
<span class="source-line-no">413</span><span id="line-413"> endpoints.add(0, new URI("http", "", bindAddress, port, "", "", ""));</span>
<span class="source-line-no">414</span><span id="line-414"> } catch (URISyntaxException e) {</span>
<span class="source-line-no">415</span><span id="line-415"> throw new HadoopIllegalArgumentException("Invalid endpoint: " + e);</span>
<span class="source-line-no">416</span><span id="line-416"> }</span>
<span class="source-line-no">417</span><span id="line-417"> }</span>
<span class="source-line-no">418</span><span id="line-418"></span>
<span class="source-line-no">419</span><span id="line-419"> if (endpoints.isEmpty()) {</span>
<span class="source-line-no">420</span><span id="line-420"> throw new HadoopIllegalArgumentException("No endpoints specified");</span>
<span class="source-line-no">421</span><span id="line-421"> }</span>
<span class="source-line-no">422</span><span id="line-422"></span>
<span class="source-line-no">423</span><span id="line-423"> if (hostName == null) {</span>
<span class="source-line-no">424</span><span id="line-424"> hostName = endpoints.get(0).getHost();</span>
<span class="source-line-no">425</span><span id="line-425"> }</span>
<span class="source-line-no">426</span><span id="line-426"></span>
<span class="source-line-no">427</span><span id="line-427"> if (this.conf == null) {</span>
<span class="source-line-no">428</span><span id="line-428"> conf = new Configuration();</span>
<span class="source-line-no">429</span><span id="line-429"> }</span>
<span class="source-line-no">430</span><span id="line-430"></span>
<span class="source-line-no">431</span><span id="line-431"> HttpServer server = new HttpServer(this);</span>
<span class="source-line-no">432</span><span id="line-432"></span>
<span class="source-line-no">433</span><span id="line-433"> for (URI ep : endpoints) {</span>
<span class="source-line-no">434</span><span id="line-434"> ServerConnector listener = null;</span>
<span class="source-line-no">435</span><span id="line-435"> String scheme = ep.getScheme();</span>
<span class="source-line-no">436</span><span id="line-436"> HttpConfiguration httpConfig = new HttpConfiguration();</span>
<span class="source-line-no">437</span><span id="line-437"> httpConfig.setSecureScheme("https");</span>
<span class="source-line-no">438</span><span id="line-438"> httpConfig.setHeaderCacheSize(DEFAULT_MAX_HEADER_SIZE);</span>
<span class="source-line-no">439</span><span id="line-439"> httpConfig.setResponseHeaderSize(DEFAULT_MAX_HEADER_SIZE);</span>
<span class="source-line-no">440</span><span id="line-440"> httpConfig.setRequestHeaderSize(DEFAULT_MAX_HEADER_SIZE);</span>
<span class="source-line-no">441</span><span id="line-441"> httpConfig.setSendServerVersion(false);</span>
<span class="source-line-no">442</span><span id="line-442"></span>
<span class="source-line-no">443</span><span id="line-443"> if ("http".equals(scheme)) {</span>
<span class="source-line-no">444</span><span id="line-444"> listener = new ServerConnector(server.webServer, new HttpConnectionFactory(httpConfig));</span>
<span class="source-line-no">445</span><span id="line-445"> } else if ("https".equals(scheme)) {</span>
<span class="source-line-no">446</span><span id="line-446"> HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);</span>
<span class="source-line-no">447</span><span id="line-447"> httpsConfig.addCustomizer(new SecureRequestCustomizer());</span>
<span class="source-line-no">448</span><span id="line-448"> SslContextFactory.Server sslCtxFactory = new SslContextFactory.Server();</span>
<span class="source-line-no">449</span><span id="line-449"> sslCtxFactory.setNeedClientAuth(needsClientAuth);</span>
<span class="source-line-no">450</span><span id="line-450"> sslCtxFactory.setKeyManagerPassword(keyPassword);</span>
<span class="source-line-no">451</span><span id="line-451"></span>
<span class="source-line-no">452</span><span id="line-452"> if (keyStore != null) {</span>
<span class="source-line-no">453</span><span id="line-453"> sslCtxFactory.setKeyStorePath(keyStore);</span>
<span class="source-line-no">454</span><span id="line-454"> sslCtxFactory.setKeyStoreType(keyStoreType);</span>
<span class="source-line-no">455</span><span id="line-455"> sslCtxFactory.setKeyStorePassword(keyStorePassword);</span>
<span class="source-line-no">456</span><span id="line-456"> }</span>
<span class="source-line-no">457</span><span id="line-457"></span>
<span class="source-line-no">458</span><span id="line-458"> if (trustStore != null) {</span>
<span class="source-line-no">459</span><span id="line-459"> sslCtxFactory.setTrustStorePath(trustStore);</span>
<span class="source-line-no">460</span><span id="line-460"> sslCtxFactory.setTrustStoreType(trustStoreType);</span>
<span class="source-line-no">461</span><span id="line-461"> sslCtxFactory.setTrustStorePassword(trustStorePassword);</span>
<span class="source-line-no">462</span><span id="line-462"> }</span>
<span class="source-line-no">463</span><span id="line-463"></span>
<span class="source-line-no">464</span><span id="line-464"> if (excludeCiphers != null &amp;&amp; !excludeCiphers.trim().isEmpty()) {</span>
<span class="source-line-no">465</span><span id="line-465"> sslCtxFactory.setExcludeCipherSuites(StringUtils.getTrimmedStrings(excludeCiphers));</span>
<span class="source-line-no">466</span><span id="line-466"> LOG.debug("Excluded SSL Cipher List:" + excludeCiphers);</span>
<span class="source-line-no">467</span><span id="line-467"> }</span>
<span class="source-line-no">468</span><span id="line-468"></span>
<span class="source-line-no">469</span><span id="line-469"> listener = new ServerConnector(server.webServer,</span>
<span class="source-line-no">470</span><span id="line-470"> new SslConnectionFactory(sslCtxFactory, HttpVersion.HTTP_1_1.toString()),</span>
<span class="source-line-no">471</span><span id="line-471"> new HttpConnectionFactory(httpsConfig));</span>
<span class="source-line-no">472</span><span id="line-472"> } else {</span>
<span class="source-line-no">473</span><span id="line-473"> throw new HadoopIllegalArgumentException("unknown scheme for endpoint:" + ep);</span>
<span class="source-line-no">474</span><span id="line-474"> }</span>
<span class="source-line-no">475</span><span id="line-475"></span>
<span class="source-line-no">476</span><span id="line-476"> // default settings for connector</span>
<span class="source-line-no">477</span><span id="line-477"> listener.setAcceptQueueSize(128);</span>
<span class="source-line-no">478</span><span id="line-478"> // config idle timeout for jetty</span>
<span class="source-line-no">479</span><span id="line-479"> listener</span>
<span class="source-line-no">480</span><span id="line-480"> .setIdleTimeout(conf.getLong(HTTP_JETTY_IDLE_TIMEOUT, DEFAULT_HTTP_JETTY_IDLE_TIMEOUT));</span>
<span class="source-line-no">481</span><span id="line-481"> if (Shell.WINDOWS) {</span>
<span class="source-line-no">482</span><span id="line-482"> // result of setting the SO_REUSEADDR flag is different on Windows</span>
<span class="source-line-no">483</span><span id="line-483"> // http://msdn.microsoft.com/en-us/library/ms740621(v=vs.85).aspx</span>
<span class="source-line-no">484</span><span id="line-484"> // without this 2 NN's can start on the same machine and listen on</span>
<span class="source-line-no">485</span><span id="line-485"> // the same port with indeterminate routing of incoming requests to them</span>
<span class="source-line-no">486</span><span id="line-486"> listener.setReuseAddress(false);</span>
<span class="source-line-no">487</span><span id="line-487"> }</span>
<span class="source-line-no">488</span><span id="line-488"></span>
<span class="source-line-no">489</span><span id="line-489"> listener.setHost(ep.getHost());</span>
<span class="source-line-no">490</span><span id="line-490"> listener.setPort(ep.getPort() == -1 ? 0 : ep.getPort());</span>
<span class="source-line-no">491</span><span id="line-491"> server.addManagedListener(listener);</span>
<span class="source-line-no">492</span><span id="line-492"> }</span>
<span class="source-line-no">493</span><span id="line-493"></span>
<span class="source-line-no">494</span><span id="line-494"> server.loadListeners();</span>
<span class="source-line-no">495</span><span id="line-495"> return server;</span>
<span class="source-line-no">496</span><span id="line-496"></span>
<span class="source-line-no">497</span><span id="line-497"> }</span>
<span class="source-line-no">498</span><span id="line-498"></span>
<span class="source-line-no">499</span><span id="line-499"> }</span>
<span class="source-line-no">500</span><span id="line-500"></span>
<span class="source-line-no">501</span><span id="line-501"> /**</span>
<span class="source-line-no">502</span><span id="line-502"> * @see #HttpServer(String, String, int, boolean, Configuration)</span>
<span class="source-line-no">503</span><span id="line-503"> * @deprecated Since 0.99.0</span>
<span class="source-line-no">504</span><span id="line-504"> */</span>
<span class="source-line-no">505</span><span id="line-505"> @Deprecated</span>
<span class="source-line-no">506</span><span id="line-506"> public HttpServer(String name, String bindAddress, int port, boolean findPort)</span>
<span class="source-line-no">507</span><span id="line-507"> throws IOException {</span>
<span class="source-line-no">508</span><span id="line-508"> this(name, bindAddress, port, findPort, new Configuration());</span>
<span class="source-line-no">509</span><span id="line-509"> }</span>
<span class="source-line-no">510</span><span id="line-510"></span>
<span class="source-line-no">511</span><span id="line-511"> /**</span>
<span class="source-line-no">512</span><span id="line-512"> * Create a status server on the given port. Allows you to specify the path specifications that</span>
<span class="source-line-no">513</span><span id="line-513"> * this server will be serving so that they will be added to the filters properly.</span>
<span class="source-line-no">514</span><span id="line-514"> * @param name The name of the server</span>
<span class="source-line-no">515</span><span id="line-515"> * @param bindAddress The address for this server</span>
<span class="source-line-no">516</span><span id="line-516"> * @param port The port to use on the server</span>
<span class="source-line-no">517</span><span id="line-517"> * @param findPort whether the server should start at the given port and increment by 1 until</span>
<span class="source-line-no">518</span><span id="line-518"> * it finds a free port.</span>
<span class="source-line-no">519</span><span id="line-519"> * @param conf Configuration</span>
<span class="source-line-no">520</span><span id="line-520"> * @param pathSpecs Path specifications that this httpserver will be serving. These will be</span>
<span class="source-line-no">521</span><span id="line-521"> * added to any filters.</span>
<span class="source-line-no">522</span><span id="line-522"> * @deprecated Since 0.99.0</span>
<span class="source-line-no">523</span><span id="line-523"> */</span>
<span class="source-line-no">524</span><span id="line-524"> @Deprecated</span>
<span class="source-line-no">525</span><span id="line-525"> public HttpServer(String name, String bindAddress, int port, boolean findPort, Configuration conf,</span>
<span class="source-line-no">526</span><span id="line-526"> String[] pathSpecs) throws IOException {</span>
<span class="source-line-no">527</span><span id="line-527"> this(name, bindAddress, port, findPort, conf, null, pathSpecs);</span>
<span class="source-line-no">528</span><span id="line-528"> }</span>
<span class="source-line-no">529</span><span id="line-529"></span>
<span class="source-line-no">530</span><span id="line-530"> /**</span>
<span class="source-line-no">531</span><span id="line-531"> * Create a status server on the given port. The jsp scripts are taken from</span>
<span class="source-line-no">532</span><span id="line-532"> * src/webapps/&amp;lt;name&amp;gt;.</span>
<span class="source-line-no">533</span><span id="line-533"> * @param name The name of the server</span>
<span class="source-line-no">534</span><span id="line-534"> * @param port The port to use on the server</span>
<span class="source-line-no">535</span><span id="line-535"> * @param findPort whether the server should start at the given port and increment by 1 until it</span>
<span class="source-line-no">536</span><span id="line-536"> * finds a free port.</span>
<span class="source-line-no">537</span><span id="line-537"> * @param conf Configuration</span>
<span class="source-line-no">538</span><span id="line-538"> * @deprecated Since 0.99.0</span>
<span class="source-line-no">539</span><span id="line-539"> */</span>
<span class="source-line-no">540</span><span id="line-540"> @Deprecated</span>
<span class="source-line-no">541</span><span id="line-541"> public HttpServer(String name, String bindAddress, int port, boolean findPort, Configuration conf)</span>
<span class="source-line-no">542</span><span id="line-542"> throws IOException {</span>
<span class="source-line-no">543</span><span id="line-543"> this(name, bindAddress, port, findPort, conf, null, null);</span>
<span class="source-line-no">544</span><span id="line-544"> }</span>
<span class="source-line-no">545</span><span id="line-545"></span>
<span class="source-line-no">546</span><span id="line-546"> /**</span>
<span class="source-line-no">547</span><span id="line-547"> * Creates a status server on the given port. The JSP scripts are taken from</span>
<span class="source-line-no">548</span><span id="line-548"> * src/webapp&amp;lt;name&amp;gt;.</span>
<span class="source-line-no">549</span><span id="line-549"> * @param name the name of the server</span>
<span class="source-line-no">550</span><span id="line-550"> * @param bindAddress the address for this server</span>
<span class="source-line-no">551</span><span id="line-551"> * @param port the port to use on the server</span>
<span class="source-line-no">552</span><span id="line-552"> * @param findPort whether the server should start at the given port and increment by 1 until</span>
<span class="source-line-no">553</span><span id="line-553"> * it finds a free port</span>
<span class="source-line-no">554</span><span id="line-554"> * @param conf the configuration to use</span>
<span class="source-line-no">555</span><span id="line-555"> * @param adminsAcl {@link AccessControlList} of the admins</span>
<span class="source-line-no">556</span><span id="line-556"> * @throws IOException when creating the server fails</span>
<span class="source-line-no">557</span><span id="line-557"> * @deprecated Since 0.99.0</span>
<span class="source-line-no">558</span><span id="line-558"> */</span>
<span class="source-line-no">559</span><span id="line-559"> @Deprecated</span>
<span class="source-line-no">560</span><span id="line-560"> public HttpServer(String name, String bindAddress, int port, boolean findPort, Configuration conf,</span>
<span class="source-line-no">561</span><span id="line-561"> AccessControlList adminsAcl) throws IOException {</span>
<span class="source-line-no">562</span><span id="line-562"> this(name, bindAddress, port, findPort, conf, adminsAcl, null);</span>
<span class="source-line-no">563</span><span id="line-563"> }</span>
<span class="source-line-no">564</span><span id="line-564"></span>
<span class="source-line-no">565</span><span id="line-565"> /**</span>
<span class="source-line-no">566</span><span id="line-566"> * Create a status server on the given port. The jsp scripts are taken from</span>
<span class="source-line-no">567</span><span id="line-567"> * src/webapps/&amp;lt;name&amp;gt;.</span>
<span class="source-line-no">568</span><span id="line-568"> * @param name The name of the server</span>
<span class="source-line-no">569</span><span id="line-569"> * @param bindAddress The address for this server</span>
<span class="source-line-no">570</span><span id="line-570"> * @param port The port to use on the server</span>
<span class="source-line-no">571</span><span id="line-571"> * @param findPort whether the server should start at the given port and increment by 1 until</span>
<span class="source-line-no">572</span><span id="line-572"> * it finds a free port.</span>
<span class="source-line-no">573</span><span id="line-573"> * @param conf Configuration</span>
<span class="source-line-no">574</span><span id="line-574"> * @param adminsAcl {@link AccessControlList} of the admins</span>
<span class="source-line-no">575</span><span id="line-575"> * @param pathSpecs Path specifications that this httpserver will be serving. These will be</span>
<span class="source-line-no">576</span><span id="line-576"> * added to any filters.</span>
<span class="source-line-no">577</span><span id="line-577"> * @deprecated Since 0.99.0</span>
<span class="source-line-no">578</span><span id="line-578"> */</span>
<span class="source-line-no">579</span><span id="line-579"> @Deprecated</span>
<span class="source-line-no">580</span><span id="line-580"> public HttpServer(String name, String bindAddress, int port, boolean findPort, Configuration conf,</span>
<span class="source-line-no">581</span><span id="line-581"> AccessControlList adminsAcl, String[] pathSpecs) throws IOException {</span>
<span class="source-line-no">582</span><span id="line-582"> this(new Builder().setName(name).addEndpoint(URI.create("http://" + bindAddress + ":" + port))</span>
<span class="source-line-no">583</span><span id="line-583"> .setFindPort(findPort).setConf(conf).setACL(adminsAcl).setPathSpec(pathSpecs));</span>
<span class="source-line-no">584</span><span id="line-584"> }</span>
<span class="source-line-no">585</span><span id="line-585"></span>
<span class="source-line-no">586</span><span id="line-586"> private HttpServer(final Builder b) throws IOException {</span>
<span class="source-line-no">587</span><span id="line-587"> this.appDir = b.appDir;</span>
<span class="source-line-no">588</span><span id="line-588"> this.logDir = b.logDir;</span>
<span class="source-line-no">589</span><span id="line-589"> final String appDir = getWebAppsPath(b.name);</span>
<span class="source-line-no">590</span><span id="line-590"></span>
<span class="source-line-no">591</span><span id="line-591"> int maxThreads = b.conf.getInt(HTTP_MAX_THREADS, 16);</span>
<span class="source-line-no">592</span><span id="line-592"> // If HTTP_MAX_THREADS is less than or equal to 0, QueueThreadPool() will use the</span>
<span class="source-line-no">593</span><span id="line-593"> // default value (currently 200).</span>
<span class="source-line-no">594</span><span id="line-594"> QueuedThreadPool threadPool =</span>
<span class="source-line-no">595</span><span id="line-595"> maxThreads &lt;= 0 ? new QueuedThreadPool() : new QueuedThreadPool(maxThreads);</span>
<span class="source-line-no">596</span><span id="line-596"> threadPool.setDaemon(true);</span>
<span class="source-line-no">597</span><span id="line-597"> this.webServer = new Server(threadPool);</span>
<span class="source-line-no">598</span><span id="line-598"></span>
<span class="source-line-no">599</span><span id="line-599"> this.adminsAcl = b.adminsAcl;</span>
<span class="source-line-no">600</span><span id="line-600"> this.webAppContext = createWebAppContext(b.name, b.conf, adminsAcl, appDir);</span>
<span class="source-line-no">601</span><span id="line-601"> this.findPort = b.findPort;</span>
<span class="source-line-no">602</span><span id="line-602"> this.authenticationEnabled = b.securityEnabled;</span>
<span class="source-line-no">603</span><span id="line-603"> initializeWebServer(b.name, b.hostName, b.conf, b.pathSpecs, b);</span>
<span class="source-line-no">604</span><span id="line-604"> this.webServer.setHandler(buildGzipHandler(this.webServer.getHandler()));</span>
<span class="source-line-no">605</span><span id="line-605"> }</span>
<span class="source-line-no">606</span><span id="line-606"></span>
<span class="source-line-no">607</span><span id="line-607"> private void initializeWebServer(String name, String hostName, Configuration conf,</span>
<span class="source-line-no">608</span><span id="line-608"> String[] pathSpecs, HttpServer.Builder b) throws FileNotFoundException, IOException {</span>
<span class="source-line-no">609</span><span id="line-609"></span>
<span class="source-line-no">610</span><span id="line-610"> Preconditions.checkNotNull(webAppContext);</span>
<span class="source-line-no">611</span><span id="line-611"></span>
<span class="source-line-no">612</span><span id="line-612"> HandlerCollection handlerCollection = new HandlerCollection();</span>
<span class="source-line-no">613</span><span id="line-613"></span>
<span class="source-line-no">614</span><span id="line-614"> ContextHandlerCollection contexts = new ContextHandlerCollection();</span>
<span class="source-line-no">615</span><span id="line-615"> RequestLog requestLog = HttpRequestLog.getRequestLog(name);</span>
<span class="source-line-no">616</span><span id="line-616"></span>
<span class="source-line-no">617</span><span id="line-617"> if (requestLog != null) {</span>
<span class="source-line-no">618</span><span id="line-618"> RequestLogHandler requestLogHandler = new RequestLogHandler();</span>
<span class="source-line-no">619</span><span id="line-619"> requestLogHandler.setRequestLog(requestLog);</span>
<span class="source-line-no">620</span><span id="line-620"> handlerCollection.addHandler(requestLogHandler);</span>
<span class="source-line-no">621</span><span id="line-621"> }</span>
<span class="source-line-no">622</span><span id="line-622"></span>
<span class="source-line-no">623</span><span id="line-623"> final String appDir = getWebAppsPath(name);</span>
<span class="source-line-no">624</span><span id="line-624"></span>
<span class="source-line-no">625</span><span id="line-625"> handlerCollection.addHandler(contexts);</span>
<span class="source-line-no">626</span><span id="line-626"> handlerCollection.addHandler(webAppContext);</span>
<span class="source-line-no">627</span><span id="line-627"></span>
<span class="source-line-no">628</span><span id="line-628"> webServer.setHandler(handlerCollection);</span>
<span class="source-line-no">629</span><span id="line-629"></span>
<span class="source-line-no">630</span><span id="line-630"> webAppContext.setAttribute(ADMINS_ACL, adminsAcl);</span>
<span class="source-line-no">631</span><span id="line-631"></span>
<span class="source-line-no">632</span><span id="line-632"> // Default apps need to be set first, so that all filters are applied to them.</span>
<span class="source-line-no">633</span><span id="line-633"> // Because they're added to defaultContexts, we need them there before we start</span>
<span class="source-line-no">634</span><span id="line-634"> // adding filters</span>
<span class="source-line-no">635</span><span id="line-635"> addDefaultApps(contexts, appDir, conf);</span>
<span class="source-line-no">636</span><span id="line-636"></span>
<span class="source-line-no">637</span><span id="line-637"> addGlobalFilter("safety", QuotingInputFilter.class.getName(), null);</span>
<span class="source-line-no">638</span><span id="line-638"></span>
<span class="source-line-no">639</span><span id="line-639"> addGlobalFilter("clickjackingprevention", ClickjackingPreventionFilter.class.getName(),</span>
<span class="source-line-no">640</span><span id="line-640"> ClickjackingPreventionFilter.getDefaultParameters(conf));</span>
<span class="source-line-no">641</span><span id="line-641"></span>
<span class="source-line-no">642</span><span id="line-642"> HttpConfig httpConfig = new HttpConfig(conf);</span>
<span class="source-line-no">643</span><span id="line-643"></span>
<span class="source-line-no">644</span><span id="line-644"> addGlobalFilter("securityheaders", SecurityHeadersFilter.class.getName(),</span>
<span class="source-line-no">645</span><span id="line-645"> SecurityHeadersFilter.getDefaultParameters(conf, httpConfig.isSecure()));</span>
<span class="source-line-no">646</span><span id="line-646"></span>
<span class="source-line-no">647</span><span id="line-647"> // But security needs to be enabled prior to adding the other servlets</span>
<span class="source-line-no">648</span><span id="line-648"> if (authenticationEnabled) {</span>
<span class="source-line-no">649</span><span id="line-649"> initSpnego(conf, hostName, b.usernameConfKey, b.keytabConfKey, b.kerberosNameRulesKey,</span>
<span class="source-line-no">650</span><span id="line-650"> b.signatureSecretFileKey);</span>
<span class="source-line-no">651</span><span id="line-651"> }</span>
<span class="source-line-no">652</span><span id="line-652"></span>
<span class="source-line-no">653</span><span id="line-653"> final FilterInitializer[] initializers = getFilterInitializers(conf);</span>
<span class="source-line-no">654</span><span id="line-654"> if (initializers != null) {</span>
<span class="source-line-no">655</span><span id="line-655"> conf = new Configuration(conf);</span>
<span class="source-line-no">656</span><span id="line-656"> conf.set(BIND_ADDRESS, hostName);</span>
<span class="source-line-no">657</span><span id="line-657"> for (FilterInitializer c : initializers) {</span>
<span class="source-line-no">658</span><span id="line-658"> c.initFilter(this, conf);</span>
<span class="source-line-no">659</span><span id="line-659"> }</span>
<span class="source-line-no">660</span><span id="line-660"> }</span>
<span class="source-line-no">661</span><span id="line-661"></span>
<span class="source-line-no">662</span><span id="line-662"> addDefaultServlets(contexts, conf);</span>
<span class="source-line-no">663</span><span id="line-663"></span>
<span class="source-line-no">664</span><span id="line-664"> if (pathSpecs != null) {</span>
<span class="source-line-no">665</span><span id="line-665"> for (String path : pathSpecs) {</span>
<span class="source-line-no">666</span><span id="line-666"> LOG.info("adding path spec: " + path);</span>
<span class="source-line-no">667</span><span id="line-667"> addFilterPathMapping(path, webAppContext);</span>
<span class="source-line-no">668</span><span id="line-668"> }</span>
<span class="source-line-no">669</span><span id="line-669"> }</span>
<span class="source-line-no">670</span><span id="line-670"> // Check if disable stack trace property is configured</span>
<span class="source-line-no">671</span><span id="line-671"> if (!conf.getBoolean(HTTP_UI_SHOW_STACKTRACE_KEY, true)) {</span>
<span class="source-line-no">672</span><span id="line-672"> // Disable stack traces for server errors in UI</span>
<span class="source-line-no">673</span><span id="line-673"> webServer.setErrorHandler(new ErrorHandler());</span>
<span class="source-line-no">674</span><span id="line-674"> webServer.getErrorHandler().setShowStacks(false);</span>
<span class="source-line-no">675</span><span id="line-675"> // Disable stack traces for web app errors in UI</span>
<span class="source-line-no">676</span><span id="line-676"> webAppContext.getErrorHandler().setShowStacks(false);</span>
<span class="source-line-no">677</span><span id="line-677"> }</span>
<span class="source-line-no">678</span><span id="line-678"> }</span>
<span class="source-line-no">679</span><span id="line-679"></span>
<span class="source-line-no">680</span><span id="line-680"> private void addManagedListener(ServerConnector connector) {</span>
<span class="source-line-no">681</span><span id="line-681"> listeners.add(new ListenerInfo(true, connector));</span>
<span class="source-line-no">682</span><span id="line-682"> }</span>
<span class="source-line-no">683</span><span id="line-683"></span>
<span class="source-line-no">684</span><span id="line-684"> private static WebAppContext createWebAppContext(String name, Configuration conf,</span>
<span class="source-line-no">685</span><span id="line-685"> AccessControlList adminsAcl, final String appDir) {</span>
<span class="source-line-no">686</span><span id="line-686"> WebAppContext ctx = new WebAppContext();</span>
<span class="source-line-no">687</span><span id="line-687"> ctx.setDisplayName(name);</span>
<span class="source-line-no">688</span><span id="line-688"> ctx.setContextPath("/");</span>
<span class="source-line-no">689</span><span id="line-689"> ctx.setWar(appDir + "/" + name);</span>
<span class="source-line-no">690</span><span id="line-690"> ctx.getServletContext().setAttribute(CONF_CONTEXT_ATTRIBUTE, conf);</span>
<span class="source-line-no">691</span><span id="line-691"> // for org.apache.hadoop.metrics.MetricsServlet</span>
<span class="source-line-no">692</span><span id="line-692"> ctx.getServletContext().setAttribute(org.apache.hadoop.http.HttpServer2.CONF_CONTEXT_ATTRIBUTE,</span>
<span class="source-line-no">693</span><span id="line-693"> conf);</span>
<span class="source-line-no">694</span><span id="line-694"> ctx.getServletContext().setAttribute(ADMINS_ACL, adminsAcl);</span>
<span class="source-line-no">695</span><span id="line-695"> addNoCacheFilter(ctx, conf);</span>
<span class="source-line-no">696</span><span id="line-696"> return ctx;</span>
<span class="source-line-no">697</span><span id="line-697"> }</span>
<span class="source-line-no">698</span><span id="line-698"></span>
<span class="source-line-no">699</span><span id="line-699"> /**</span>
<span class="source-line-no">700</span><span id="line-700"> * Construct and configure an instance of {@link GzipHandler}. With complex</span>
<span class="source-line-no">701</span><span id="line-701"> * multi-{@link WebAppContext} configurations, it's easiest to apply this handler directly to the</span>
<span class="source-line-no">702</span><span id="line-702"> * instance of {@link Server} near the end of its configuration, something like</span>
<span class="source-line-no">703</span><span id="line-703"> *</span>
<span class="source-line-no">704</span><span id="line-704"> * &lt;pre&gt;</span>
<span class="source-line-no">705</span><span id="line-705"> * Server server = new Server();</span>
<span class="source-line-no">706</span><span id="line-706"> * // ...</span>
<span class="source-line-no">707</span><span id="line-707"> * server.setHandler(buildGzipHandler(server.getHandler()));</span>
<span class="source-line-no">708</span><span id="line-708"> * server.start();</span>
<span class="source-line-no">709</span><span id="line-709"> * &lt;/pre&gt;</span>
<span class="source-line-no">710</span><span id="line-710"> */</span>
<span class="source-line-no">711</span><span id="line-711"> public static GzipHandler buildGzipHandler(final Handler wrapped) {</span>
<span class="source-line-no">712</span><span id="line-712"> final GzipHandler gzipHandler = new GzipHandler();</span>
<span class="source-line-no">713</span><span id="line-713"> gzipHandler.setHandler(wrapped);</span>
<span class="source-line-no">714</span><span id="line-714"> return gzipHandler;</span>
<span class="source-line-no">715</span><span id="line-715"> }</span>
<span class="source-line-no">716</span><span id="line-716"></span>
<span class="source-line-no">717</span><span id="line-717"> private static void addNoCacheFilter(ServletContextHandler ctxt, Configuration conf) {</span>
<span class="source-line-no">718</span><span id="line-718"> if (conf.getBoolean(HTTP_UI_NO_CACHE_ENABLE_KEY, false)) {</span>
<span class="source-line-no">719</span><span id="line-719"> Map&lt;String, String&gt; filterConfig =</span>
<span class="source-line-no">720</span><span id="line-720"> AuthenticationFilterInitializer.getFilterConfigMap(conf, "hbase.http.filter.");</span>
<span class="source-line-no">721</span><span id="line-721"> defineFilter(ctxt, NO_CACHE_FILTER, NoCacheFilter.class.getName(), filterConfig,</span>
<span class="source-line-no">722</span><span id="line-722"> new String[] { "/*" });</span>
<span class="source-line-no">723</span><span id="line-723"> } else {</span>
<span class="source-line-no">724</span><span id="line-724"> defineFilter(ctxt, NO_CACHE_FILTER, NoCacheFilter.class.getName(),</span>
<span class="source-line-no">725</span><span id="line-725"> Collections.&lt;String, String&gt; emptyMap(), new String[] { "/*" });</span>
<span class="source-line-no">726</span><span id="line-726"> }</span>
<span class="source-line-no">727</span><span id="line-727"> }</span>
<span class="source-line-no">728</span><span id="line-728"></span>
<span class="source-line-no">729</span><span id="line-729"> /** Get an array of FilterConfiguration specified in the conf */</span>
<span class="source-line-no">730</span><span id="line-730"> private static FilterInitializer[] getFilterInitializers(Configuration conf) {</span>
<span class="source-line-no">731</span><span id="line-731"> if (conf == null) {</span>
<span class="source-line-no">732</span><span id="line-732"> return null;</span>
<span class="source-line-no">733</span><span id="line-733"> }</span>
<span class="source-line-no">734</span><span id="line-734"></span>
<span class="source-line-no">735</span><span id="line-735"> Class&lt;?&gt;[] classes = conf.getClasses(FILTER_INITIALIZERS_PROPERTY);</span>
<span class="source-line-no">736</span><span id="line-736"> if (classes == null) {</span>
<span class="source-line-no">737</span><span id="line-737"> return null;</span>
<span class="source-line-no">738</span><span id="line-738"> }</span>
<span class="source-line-no">739</span><span id="line-739"></span>
<span class="source-line-no">740</span><span id="line-740"> FilterInitializer[] initializers = new FilterInitializer[classes.length];</span>
<span class="source-line-no">741</span><span id="line-741"> for (int i = 0; i &lt; classes.length; i++) {</span>
<span class="source-line-no">742</span><span id="line-742"> initializers[i] = (FilterInitializer) ReflectionUtils.newInstance(classes[i]);</span>
<span class="source-line-no">743</span><span id="line-743"> }</span>
<span class="source-line-no">744</span><span id="line-744"> return initializers;</span>
<span class="source-line-no">745</span><span id="line-745"> }</span>
<span class="source-line-no">746</span><span id="line-746"></span>
<span class="source-line-no">747</span><span id="line-747"> /**</span>
<span class="source-line-no">748</span><span id="line-748"> * Add default apps.</span>
<span class="source-line-no">749</span><span id="line-749"> * @param appDir The application directory</span>
<span class="source-line-no">750</span><span id="line-750"> */</span>
<span class="source-line-no">751</span><span id="line-751"> protected void addDefaultApps(ContextHandlerCollection parent, final String appDir,</span>
<span class="source-line-no">752</span><span id="line-752"> Configuration conf) {</span>
<span class="source-line-no">753</span><span id="line-753"> // set up the context for "/logs/" if "hadoop.log.dir" property is defined.</span>
<span class="source-line-no">754</span><span id="line-754"> String logDir = this.logDir;</span>
<span class="source-line-no">755</span><span id="line-755"> if (logDir == null) {</span>
<span class="source-line-no">756</span><span id="line-756"> logDir = System.getProperty("hadoop.log.dir");</span>
<span class="source-line-no">757</span><span id="line-757"> }</span>
<span class="source-line-no">758</span><span id="line-758"> if (logDir != null) {</span>
<span class="source-line-no">759</span><span id="line-759"> ServletContextHandler logContext = new ServletContextHandler(parent, "/logs");</span>
<span class="source-line-no">760</span><span id="line-760"> logContext.addServlet(AdminAuthorizedServlet.class, "/*");</span>
<span class="source-line-no">761</span><span id="line-761"> logContext.setResourceBase(logDir);</span>
<span class="source-line-no">762</span><span id="line-762"> logContext.setDisplayName("logs");</span>
<span class="source-line-no">763</span><span id="line-763"> configureAliasChecks(logContext,</span>
<span class="source-line-no">764</span><span id="line-764"> conf.getBoolean(ServerConfigurationKeys.HBASE_JETTY_LOGS_SERVE_ALIASES,</span>
<span class="source-line-no">765</span><span id="line-765"> ServerConfigurationKeys.DEFAULT_HBASE_JETTY_LOGS_SERVE_ALIASES));</span>
<span class="source-line-no">766</span><span id="line-766"> setContextAttributes(logContext, conf);</span>
<span class="source-line-no">767</span><span id="line-767"> addNoCacheFilter(logContext, conf);</span>
<span class="source-line-no">768</span><span id="line-768"> defaultContexts.put(logContext, true);</span>
<span class="source-line-no">769</span><span id="line-769"> }</span>
<span class="source-line-no">770</span><span id="line-770"> // set up the context for "/static/*"</span>
<span class="source-line-no">771</span><span id="line-771"> ServletContextHandler staticContext = new ServletContextHandler(parent, "/static");</span>
<span class="source-line-no">772</span><span id="line-772"> staticContext.setResourceBase(appDir + "/static");</span>
<span class="source-line-no">773</span><span id="line-773"> staticContext.addServlet(DefaultServlet.class, "/*");</span>
<span class="source-line-no">774</span><span id="line-774"> staticContext.setDisplayName("static");</span>
<span class="source-line-no">775</span><span id="line-775"> setContextAttributes(staticContext, conf);</span>
<span class="source-line-no">776</span><span id="line-776"> defaultContexts.put(staticContext, true);</span>
<span class="source-line-no">777</span><span id="line-777"> }</span>
<span class="source-line-no">778</span><span id="line-778"></span>
<span class="source-line-no">779</span><span id="line-779"> /**</span>
<span class="source-line-no">780</span><span id="line-780"> * This method configures the alias checks for the given ServletContextHandler based on the</span>
<span class="source-line-no">781</span><span id="line-781"> * provided value of shouldServeAlias.&lt;br&gt;</span>
<span class="source-line-no">782</span><span id="line-782"> * If shouldServeAlias is set to true, it checks if SymlinkAllowedResourceAliasChecker is already</span>
<span class="source-line-no">783</span><span id="line-783"> * a part of the alias check list. If it is already a part of the list, no changes are made, else,</span>
<span class="source-line-no">784</span><span id="line-784"> * it adds it to the list.&lt;br&gt;</span>
<span class="source-line-no">785</span><span id="line-785"> * If shouldServeAlias is set to false, it clears all alias checks from the</span>
<span class="source-line-no">786</span><span id="line-786"> * ServletContextHandler.&lt;br&gt;</span>
<span class="source-line-no">787</span><span id="line-787"> * .</span>
<span class="source-line-no">788</span><span id="line-788"> * @param context The ServletContextHandler whose alias checks are to be configured</span>
<span class="source-line-no">789</span><span id="line-789"> * @param shouldServeAlias Whether aliases should be allowed or not</span>
<span class="source-line-no">790</span><span id="line-790"> */</span>
<span class="source-line-no">791</span><span id="line-791"> private void configureAliasChecks(ServletContextHandler context, boolean shouldServeAlias) {</span>
<span class="source-line-no">792</span><span id="line-792"> if (shouldServeAlias) {</span>
<span class="source-line-no">793</span><span id="line-793"> Class aliasCheckerClass = SymlinkAllowedResourceAliasChecker.class;</span>
<span class="source-line-no">794</span><span id="line-794"> // check if SymlinkAllowedResourceAliasChecker is already part of alias check list</span>
<span class="source-line-no">795</span><span id="line-795"> // NOTE: we are doing this because this is already present in the context (by default)</span>
<span class="source-line-no">796</span><span id="line-796"> if (context.getAliasChecks().stream().anyMatch(aliasCheckerClass::isInstance)) {</span>
<span class="source-line-no">797</span><span id="line-797"> LOG.debug("{} is already part of alias check list", aliasCheckerClass.getName());</span>
<span class="source-line-no">798</span><span id="line-798"> } else {</span>
<span class="source-line-no">799</span><span id="line-799"> context.addAliasCheck(new SymlinkAllowedResourceAliasChecker(context));</span>
<span class="source-line-no">800</span><span id="line-800"> LOG.debug("{} added to the alias check list", aliasCheckerClass.getName());</span>
<span class="source-line-no">801</span><span id="line-801"> }</span>
<span class="source-line-no">802</span><span id="line-802"> LOG.info("Serving aliases allowed for /logs context");</span>
<span class="source-line-no">803</span><span id="line-803"> } else {</span>
<span class="source-line-no">804</span><span id="line-804"> // if aliasing is disabled, then we should clear the alias check list</span>
<span class="source-line-no">805</span><span id="line-805"> context.clearAliasChecks();</span>
<span class="source-line-no">806</span><span id="line-806"> LOG.info("Serving aliases disabled for /logs context");</span>
<span class="source-line-no">807</span><span id="line-807"> }</span>
<span class="source-line-no">808</span><span id="line-808"> }</span>
<span class="source-line-no">809</span><span id="line-809"></span>
<span class="source-line-no">810</span><span id="line-810"> private void setContextAttributes(ServletContextHandler context, Configuration conf) {</span>
<span class="source-line-no">811</span><span id="line-811"> context.getServletContext().setAttribute(CONF_CONTEXT_ATTRIBUTE, conf);</span>
<span class="source-line-no">812</span><span id="line-812"> context.getServletContext().setAttribute(ADMINS_ACL, adminsAcl);</span>
<span class="source-line-no">813</span><span id="line-813"> }</span>
<span class="source-line-no">814</span><span id="line-814"></span>
<span class="source-line-no">815</span><span id="line-815"> /**</span>
<span class="source-line-no">816</span><span id="line-816"> * Add default servlets.</span>
<span class="source-line-no">817</span><span id="line-817"> */</span>
<span class="source-line-no">818</span><span id="line-818"> protected void addDefaultServlets(ContextHandlerCollection contexts, Configuration conf)</span>
<span class="source-line-no">819</span><span id="line-819"> throws IOException {</span>
<span class="source-line-no">820</span><span id="line-820"> // set up default servlets</span>
<span class="source-line-no">821</span><span id="line-821"> addPrivilegedServlet("stacks", "/stacks", StackServlet.class);</span>
<span class="source-line-no">822</span><span id="line-822"> addPrivilegedServlet("logLevel", "/logLevel", LogLevel.Servlet.class);</span>
<span class="source-line-no">823</span><span id="line-823"></span>
<span class="source-line-no">824</span><span id="line-824"> // While we don't expect users to have sensitive information in their configuration, they</span>
<span class="source-line-no">825</span><span id="line-825"> // might. Give them an option to not expose the service configuration to all users.</span>
<span class="source-line-no">826</span><span id="line-826"> if (conf.getBoolean(HTTP_PRIVILEGED_CONF_KEY, HTTP_PRIVILEGED_CONF_DEFAULT)) {</span>
<span class="source-line-no">827</span><span id="line-827"> addPrivilegedServlet("conf", "/conf", ConfServlet.class);</span>
<span class="source-line-no">828</span><span id="line-828"> } else {</span>
<span class="source-line-no">829</span><span id="line-829"> addUnprivilegedServlet("conf", "/conf", ConfServlet.class);</span>
<span class="source-line-no">830</span><span id="line-830"> }</span>
<span class="source-line-no">831</span><span id="line-831"> final String asyncProfilerHome = ProfileServlet.getAsyncProfilerHome();</span>
<span class="source-line-no">832</span><span id="line-832"> if (asyncProfilerHome != null &amp;&amp; !asyncProfilerHome.trim().isEmpty()) {</span>
<span class="source-line-no">833</span><span id="line-833"> addPrivilegedServlet("prof", "/prof", ProfileServlet.class);</span>
<span class="source-line-no">834</span><span id="line-834"> Path tmpDir = Paths.get(ProfileServlet.OUTPUT_DIR);</span>
<span class="source-line-no">835</span><span id="line-835"> if (Files.notExists(tmpDir)) {</span>
<span class="source-line-no">836</span><span id="line-836"> Files.createDirectories(tmpDir);</span>
<span class="source-line-no">837</span><span id="line-837"> }</span>
<span class="source-line-no">838</span><span id="line-838"> ServletContextHandler genCtx = new ServletContextHandler(contexts, "/prof-output-hbase");</span>
<span class="source-line-no">839</span><span id="line-839"> genCtx.addServlet(ProfileOutputServlet.class, "/*");</span>
<span class="source-line-no">840</span><span id="line-840"> genCtx.setResourceBase(tmpDir.toAbsolutePath().toString());</span>
<span class="source-line-no">841</span><span id="line-841"> genCtx.setDisplayName("prof-output-hbase");</span>
<span class="source-line-no">842</span><span id="line-842"> } else {</span>
<span class="source-line-no">843</span><span id="line-843"> addUnprivilegedServlet("prof", "/prof", ProfileServlet.DisabledServlet.class);</span>
<span class="source-line-no">844</span><span id="line-844"> LOG.info("ASYNC_PROFILER_HOME environment variable and async.profiler.home system property "</span>
<span class="source-line-no">845</span><span id="line-845"> + "not specified. Disabling /prof endpoint.");</span>
<span class="source-line-no">846</span><span id="line-846"> }</span>
<span class="source-line-no">847</span><span id="line-847"></span>
<span class="source-line-no">848</span><span id="line-848"> /* register metrics servlets */</span>
<span class="source-line-no">849</span><span id="line-849"> String[] enabledServlets = conf.getStrings(METRIC_SERVLETS_CONF_KEY, METRICS_SERVLETS_DEFAULT);</span>
<span class="source-line-no">850</span><span id="line-850"> for (String enabledServlet : enabledServlets) {</span>
<span class="source-line-no">851</span><span id="line-851"> ServletConfig servletConfig = METRIC_SERVLETS.get(enabledServlet);</span>
<span class="source-line-no">852</span><span id="line-852"> if (servletConfig != null) {</span>
<span class="source-line-no">853</span><span id="line-853"> try {</span>
<span class="source-line-no">854</span><span id="line-854"> Class&lt;?&gt; clz = Class.forName(servletConfig.getClazz());</span>
<span class="source-line-no">855</span><span id="line-855"> addPrivilegedServlet(servletConfig.getName(), servletConfig.getPathSpec(),</span>
<span class="source-line-no">856</span><span id="line-856"> clz.asSubclass(HttpServlet.class));</span>
<span class="source-line-no">857</span><span id="line-857"> } catch (Exception e) {</span>
<span class="source-line-no">858</span><span id="line-858"> if (servletConfig.isExpected()) {</span>
<span class="source-line-no">859</span><span id="line-859"> // metrics are not critical to read/write, so an exception here shouldn't be fatal</span>
<span class="source-line-no">860</span><span id="line-860"> // if the class was expected we should warn though</span>
<span class="source-line-no">861</span><span id="line-861"> LOG.warn("Couldn't register the servlet " + enabledServlet, e);</span>
<span class="source-line-no">862</span><span id="line-862"> }</span>
<span class="source-line-no">863</span><span id="line-863"> }</span>
<span class="source-line-no">864</span><span id="line-864"> }</span>
<span class="source-line-no">865</span><span id="line-865"> }</span>
<span class="source-line-no">866</span><span id="line-866"> }</span>
<span class="source-line-no">867</span><span id="line-867"></span>
<span class="source-line-no">868</span><span id="line-868"> /**</span>
<span class="source-line-no">869</span><span id="line-869"> * Set a value in the webapp context. These values are available to the jsp pages as</span>
<span class="source-line-no">870</span><span id="line-870"> * "application.getAttribute(name)".</span>
<span class="source-line-no">871</span><span id="line-871"> * @param name The name of the attribute</span>
<span class="source-line-no">872</span><span id="line-872"> * @param value The value of the attribute</span>
<span class="source-line-no">873</span><span id="line-873"> */</span>
<span class="source-line-no">874</span><span id="line-874"> public void setAttribute(String name, Object value) {</span>
<span class="source-line-no">875</span><span id="line-875"> webAppContext.setAttribute(name, value);</span>
<span class="source-line-no">876</span><span id="line-876"> }</span>
<span class="source-line-no">877</span><span id="line-877"></span>
<span class="source-line-no">878</span><span id="line-878"> /**</span>
<span class="source-line-no">879</span><span id="line-879"> * Add a Jersey resource package.</span>
<span class="source-line-no">880</span><span id="line-880"> * @param packageName The Java package name containing the Jersey resource.</span>
<span class="source-line-no">881</span><span id="line-881"> * @param pathSpec The path spec for the servlet</span>
<span class="source-line-no">882</span><span id="line-882"> */</span>
<span class="source-line-no">883</span><span id="line-883"> public void addJerseyResourcePackage(final String packageName, final String pathSpec) {</span>
<span class="source-line-no">884</span><span id="line-884"> LOG.info("addJerseyResourcePackage: packageName=" + packageName + ", pathSpec=" + pathSpec);</span>
<span class="source-line-no">885</span><span id="line-885"></span>
<span class="source-line-no">886</span><span id="line-886"> ResourceConfig application = new ResourceConfig().packages(packageName);</span>
<span class="source-line-no">887</span><span id="line-887"> final ServletHolder sh = new ServletHolder(new ServletContainer(application));</span>
<span class="source-line-no">888</span><span id="line-888"> webAppContext.addServlet(sh, pathSpec);</span>
<span class="source-line-no">889</span><span id="line-889"> }</span>
<span class="source-line-no">890</span><span id="line-890"></span>
<span class="source-line-no">891</span><span id="line-891"> /**</span>
<span class="source-line-no">892</span><span id="line-892"> * Adds a servlet in the server that any user can access. This method differs from</span>
<span class="source-line-no">893</span><span id="line-893"> * {@link #addPrivilegedServlet(String, String, Class)} in that any authenticated user can</span>
<span class="source-line-no">894</span><span id="line-894"> * interact with the servlet added by this method.</span>
<span class="source-line-no">895</span><span id="line-895"> * @param name The name of the servlet (can be passed as null)</span>
<span class="source-line-no">896</span><span id="line-896"> * @param pathSpec The path spec for the servlet</span>
<span class="source-line-no">897</span><span id="line-897"> * @param clazz The servlet class</span>
<span class="source-line-no">898</span><span id="line-898"> */</span>
<span class="source-line-no">899</span><span id="line-899"> public void addUnprivilegedServlet(String name, String pathSpec,</span>
<span class="source-line-no">900</span><span id="line-900"> Class&lt;? extends HttpServlet&gt; clazz) {</span>
<span class="source-line-no">901</span><span id="line-901"> addServletWithAuth(name, pathSpec, clazz, false);</span>
<span class="source-line-no">902</span><span id="line-902"> }</span>
<span class="source-line-no">903</span><span id="line-903"></span>
<span class="source-line-no">904</span><span id="line-904"> /**</span>
<span class="source-line-no">905</span><span id="line-905"> * Adds a servlet in the server that any user can access. This method differs from</span>
<span class="source-line-no">906</span><span id="line-906"> * {@link #addPrivilegedServlet(String, ServletHolder)} in that any authenticated user can</span>
<span class="source-line-no">907</span><span id="line-907"> * interact with the servlet added by this method.</span>
<span class="source-line-no">908</span><span id="line-908"> * @param pathSpec The path spec for the servlet</span>
<span class="source-line-no">909</span><span id="line-909"> * @param holder The servlet holder</span>
<span class="source-line-no">910</span><span id="line-910"> */</span>
<span class="source-line-no">911</span><span id="line-911"> public void addUnprivilegedServlet(String pathSpec, ServletHolder holder) {</span>
<span class="source-line-no">912</span><span id="line-912"> addServletWithAuth(pathSpec, holder, false);</span>
<span class="source-line-no">913</span><span id="line-913"> }</span>
<span class="source-line-no">914</span><span id="line-914"></span>
<span class="source-line-no">915</span><span id="line-915"> /**</span>
<span class="source-line-no">916</span><span id="line-916"> * Adds a servlet in the server that only administrators can access. This method differs from</span>
<span class="source-line-no">917</span><span id="line-917"> * {@link #addUnprivilegedServlet(String, String, Class)} in that only those authenticated user</span>
<span class="source-line-no">918</span><span id="line-918"> * who are identified as administrators can interact with the servlet added by this method.</span>
<span class="source-line-no">919</span><span id="line-919"> */</span>
<span class="source-line-no">920</span><span id="line-920"> public void addPrivilegedServlet(String name, String pathSpec,</span>
<span class="source-line-no">921</span><span id="line-921"> Class&lt;? extends HttpServlet&gt; clazz) {</span>
<span class="source-line-no">922</span><span id="line-922"> addServletWithAuth(name, pathSpec, clazz, true);</span>
<span class="source-line-no">923</span><span id="line-923"> }</span>
<span class="source-line-no">924</span><span id="line-924"></span>
<span class="source-line-no">925</span><span id="line-925"> /**</span>
<span class="source-line-no">926</span><span id="line-926"> * Adds a servlet in the server that only administrators can access. This method differs from</span>
<span class="source-line-no">927</span><span id="line-927"> * {@link #addUnprivilegedServlet(String, ServletHolder)} in that only those authenticated user</span>
<span class="source-line-no">928</span><span id="line-928"> * who are identified as administrators can interact with the servlet added by this method.</span>
<span class="source-line-no">929</span><span id="line-929"> */</span>
<span class="source-line-no">930</span><span id="line-930"> public void addPrivilegedServlet(String pathSpec, ServletHolder holder) {</span>
<span class="source-line-no">931</span><span id="line-931"> addServletWithAuth(pathSpec, holder, true);</span>
<span class="source-line-no">932</span><span id="line-932"> }</span>
<span class="source-line-no">933</span><span id="line-933"></span>
<span class="source-line-no">934</span><span id="line-934"> /**</span>
<span class="source-line-no">935</span><span id="line-935"> * Internal method to add a servlet to the HTTP server. Developers should not call this method</span>
<span class="source-line-no">936</span><span id="line-936"> * directly, but invoke it via {@link #addUnprivilegedServlet(String, String, Class)} or</span>
<span class="source-line-no">937</span><span id="line-937"> * {@link #addPrivilegedServlet(String, String, Class)}.</span>
<span class="source-line-no">938</span><span id="line-938"> */</span>
<span class="source-line-no">939</span><span id="line-939"> void addServletWithAuth(String name, String pathSpec, Class&lt;? extends HttpServlet&gt; clazz,</span>
<span class="source-line-no">940</span><span id="line-940"> boolean requireAuthz) {</span>
<span class="source-line-no">941</span><span id="line-941"> addInternalServlet(name, pathSpec, clazz, requireAuthz);</span>
<span class="source-line-no">942</span><span id="line-942"> addFilterPathMapping(pathSpec, webAppContext);</span>
<span class="source-line-no">943</span><span id="line-943"> }</span>
<span class="source-line-no">944</span><span id="line-944"></span>
<span class="source-line-no">945</span><span id="line-945"> /**</span>
<span class="source-line-no">946</span><span id="line-946"> * Internal method to add a servlet to the HTTP server. Developers should not call this method</span>
<span class="source-line-no">947</span><span id="line-947"> * directly, but invoke it via {@link #addUnprivilegedServlet(String, ServletHolder)} or</span>
<span class="source-line-no">948</span><span id="line-948"> * {@link #addPrivilegedServlet(String, ServletHolder)}.</span>
<span class="source-line-no">949</span><span id="line-949"> */</span>
<span class="source-line-no">950</span><span id="line-950"> void addServletWithAuth(String pathSpec, ServletHolder holder, boolean requireAuthz) {</span>
<span class="source-line-no">951</span><span id="line-951"> addInternalServlet(pathSpec, holder, requireAuthz);</span>
<span class="source-line-no">952</span><span id="line-952"> addFilterPathMapping(pathSpec, webAppContext);</span>
<span class="source-line-no">953</span><span id="line-953"> }</span>
<span class="source-line-no">954</span><span id="line-954"></span>
<span class="source-line-no">955</span><span id="line-955"> /**</span>
<span class="source-line-no">956</span><span id="line-956"> * Add an internal servlet in the server, specifying whether or not to protect with Kerberos</span>
<span class="source-line-no">957</span><span id="line-957"> * authentication. Note: This method is to be used for adding servlets that facilitate internal</span>
<span class="source-line-no">958</span><span id="line-958"> * communication and not for user facing functionality. For servlets added using this method,</span>
<span class="source-line-no">959</span><span id="line-959"> * filters (except internal Kerberos filters) are not enabled.</span>
<span class="source-line-no">960</span><span id="line-960"> * @param name The name of the {@link Servlet} (can be passed as null)</span>
<span class="source-line-no">961</span><span id="line-961"> * @param pathSpec The path spec for the {@link Servlet}</span>
<span class="source-line-no">962</span><span id="line-962"> * @param clazz The {@link Servlet} class</span>
<span class="source-line-no">963</span><span id="line-963"> * @param requireAuthz Require Kerberos authenticate to access servlet</span>
<span class="source-line-no">964</span><span id="line-964"> */</span>
<span class="source-line-no">965</span><span id="line-965"> void addInternalServlet(String name, String pathSpec, Class&lt;? extends HttpServlet&gt; clazz,</span>
<span class="source-line-no">966</span><span id="line-966"> boolean requireAuthz) {</span>
<span class="source-line-no">967</span><span id="line-967"> ServletHolder holder = new ServletHolder(clazz);</span>
<span class="source-line-no">968</span><span id="line-968"> if (name != null) {</span>
<span class="source-line-no">969</span><span id="line-969"> holder.setName(name);</span>
<span class="source-line-no">970</span><span id="line-970"> }</span>
<span class="source-line-no">971</span><span id="line-971"> addInternalServlet(pathSpec, holder, requireAuthz);</span>
<span class="source-line-no">972</span><span id="line-972"> }</span>
<span class="source-line-no">973</span><span id="line-973"></span>
<span class="source-line-no">974</span><span id="line-974"> /**</span>
<span class="source-line-no">975</span><span id="line-975"> * Add an internal servlet in the server, specifying whether or not to protect with Kerberos</span>
<span class="source-line-no">976</span><span id="line-976"> * authentication. Note: This method is to be used for adding servlets that facilitate internal</span>
<span class="source-line-no">977</span><span id="line-977"> * communication and not for user facing functionality. For servlets added using this method,</span>
<span class="source-line-no">978</span><span id="line-978"> * filters (except internal Kerberos filters) are not enabled.</span>
<span class="source-line-no">979</span><span id="line-979"> * @param pathSpec The path spec for the {@link Servlet}</span>
<span class="source-line-no">980</span><span id="line-980"> * @param holder The object providing the {@link Servlet} instance</span>
<span class="source-line-no">981</span><span id="line-981"> * @param requireAuthz Require Kerberos authenticate to access servlet</span>
<span class="source-line-no">982</span><span id="line-982"> */</span>
<span class="source-line-no">983</span><span id="line-983"> void addInternalServlet(String pathSpec, ServletHolder holder, boolean requireAuthz) {</span>
<span class="source-line-no">984</span><span id="line-984"> if (authenticationEnabled &amp;&amp; requireAuthz) {</span>
<span class="source-line-no">985</span><span id="line-985"> FilterHolder filter = new FilterHolder(AdminAuthorizedFilter.class);</span>
<span class="source-line-no">986</span><span id="line-986"> filter.setName(AdminAuthorizedFilter.class.getSimpleName());</span>
<span class="source-line-no">987</span><span id="line-987"> FilterMapping fmap = new FilterMapping();</span>
<span class="source-line-no">988</span><span id="line-988"> fmap.setPathSpec(pathSpec);</span>
<span class="source-line-no">989</span><span id="line-989"> fmap.setDispatches(FilterMapping.ALL);</span>
<span class="source-line-no">990</span><span id="line-990"> fmap.setFilterName(AdminAuthorizedFilter.class.getSimpleName());</span>
<span class="source-line-no">991</span><span id="line-991"> webAppContext.getServletHandler().addFilter(filter, fmap);</span>
<span class="source-line-no">992</span><span id="line-992"> }</span>
<span class="source-line-no">993</span><span id="line-993"> webAppContext.getSessionHandler().getSessionCookieConfig().setHttpOnly(true);</span>
<span class="source-line-no">994</span><span id="line-994"> webAppContext.getSessionHandler().getSessionCookieConfig().setSecure(true);</span>
<span class="source-line-no">995</span><span id="line-995"> webAppContext.addServlet(holder, pathSpec);</span>
<span class="source-line-no">996</span><span id="line-996"> }</span>
<span class="source-line-no">997</span><span id="line-997"></span>
<span class="source-line-no">998</span><span id="line-998"> @Override</span>
<span class="source-line-no">999</span><span id="line-999"> public void addFilter(String name, String classname, Map&lt;String, String&gt; parameters) {</span>
<span class="source-line-no">1000</span><span id="line-1000"> final String[] USER_FACING_URLS = { "*.html", "*.jsp" };</span>
<span class="source-line-no">1001</span><span id="line-1001"> defineFilter(webAppContext, name, classname, parameters, USER_FACING_URLS);</span>
<span class="source-line-no">1002</span><span id="line-1002"> LOG.info("Added filter " + name + " (class=" + classname + ") to context "</span>
<span class="source-line-no">1003</span><span id="line-1003"> + webAppContext.getDisplayName());</span>
<span class="source-line-no">1004</span><span id="line-1004"> final String[] ALL_URLS = { "/*" };</span>
<span class="source-line-no">1005</span><span id="line-1005"> for (Map.Entry&lt;ServletContextHandler, Boolean&gt; e : defaultContexts.entrySet()) {</span>
<span class="source-line-no">1006</span><span id="line-1006"> if (e.getValue()) {</span>
<span class="source-line-no">1007</span><span id="line-1007"> ServletContextHandler handler = e.getKey();</span>
<span class="source-line-no">1008</span><span id="line-1008"> defineFilter(handler, name, classname, parameters, ALL_URLS);</span>
<span class="source-line-no">1009</span><span id="line-1009"> LOG.info("Added filter " + name + " (class=" + classname + ") to context "</span>
<span class="source-line-no">1010</span><span id="line-1010"> + handler.getDisplayName());</span>
<span class="source-line-no">1011</span><span id="line-1011"> }</span>
<span class="source-line-no">1012</span><span id="line-1012"> }</span>
<span class="source-line-no">1013</span><span id="line-1013"> filterNames.add(name);</span>
<span class="source-line-no">1014</span><span id="line-1014"> }</span>
<span class="source-line-no">1015</span><span id="line-1015"></span>
<span class="source-line-no">1016</span><span id="line-1016"> @Override</span>
<span class="source-line-no">1017</span><span id="line-1017"> public void addGlobalFilter(String name, String classname, Map&lt;String, String&gt; parameters) {</span>
<span class="source-line-no">1018</span><span id="line-1018"> final String[] ALL_URLS = { "/*" };</span>
<span class="source-line-no">1019</span><span id="line-1019"> defineFilter(webAppContext, name, classname, parameters, ALL_URLS);</span>
<span class="source-line-no">1020</span><span id="line-1020"> for (ServletContextHandler ctx : defaultContexts.keySet()) {</span>
<span class="source-line-no">1021</span><span id="line-1021"> defineFilter(ctx, name, classname, parameters, ALL_URLS);</span>
<span class="source-line-no">1022</span><span id="line-1022"> }</span>
<span class="source-line-no">1023</span><span id="line-1023"> LOG.info("Added global filter '" + name + "' (class=" + classname + ")");</span>
<span class="source-line-no">1024</span><span id="line-1024"> }</span>
<span class="source-line-no">1025</span><span id="line-1025"></span>
<span class="source-line-no">1026</span><span id="line-1026"> /**</span>
<span class="source-line-no">1027</span><span id="line-1027"> * Define a filter for a context and set up default url mappings.</span>
<span class="source-line-no">1028</span><span id="line-1028"> */</span>
<span class="source-line-no">1029</span><span id="line-1029"> public static void defineFilter(ServletContextHandler handler, String name, String classname,</span>
<span class="source-line-no">1030</span><span id="line-1030"> Map&lt;String, String&gt; parameters, String[] urls) {</span>
<span class="source-line-no">1031</span><span id="line-1031"> FilterHolder holder = new FilterHolder();</span>
<span class="source-line-no">1032</span><span id="line-1032"> holder.setName(name);</span>
<span class="source-line-no">1033</span><span id="line-1033"> holder.setClassName(classname);</span>
<span class="source-line-no">1034</span><span id="line-1034"> if (parameters != null) {</span>
<span class="source-line-no">1035</span><span id="line-1035"> holder.setInitParameters(parameters);</span>
<span class="source-line-no">1036</span><span id="line-1036"> }</span>
<span class="source-line-no">1037</span><span id="line-1037"> FilterMapping fmap = new FilterMapping();</span>
<span class="source-line-no">1038</span><span id="line-1038"> fmap.setPathSpecs(urls);</span>
<span class="source-line-no">1039</span><span id="line-1039"> fmap.setDispatches(FilterMapping.ALL);</span>
<span class="source-line-no">1040</span><span id="line-1040"> fmap.setFilterName(name);</span>
<span class="source-line-no">1041</span><span id="line-1041"> handler.getServletHandler().addFilter(holder, fmap);</span>
<span class="source-line-no">1042</span><span id="line-1042"> }</span>
<span class="source-line-no">1043</span><span id="line-1043"></span>
<span class="source-line-no">1044</span><span id="line-1044"> /**</span>
<span class="source-line-no">1045</span><span id="line-1045"> * Add the path spec to the filter path mapping.</span>
<span class="source-line-no">1046</span><span id="line-1046"> * @param pathSpec The path spec</span>
<span class="source-line-no">1047</span><span id="line-1047"> * @param webAppCtx The WebApplicationContext to add to</span>
<span class="source-line-no">1048</span><span id="line-1048"> */</span>
<span class="source-line-no">1049</span><span id="line-1049"> protected void addFilterPathMapping(String pathSpec, WebAppContext webAppCtx) {</span>
<span class="source-line-no">1050</span><span id="line-1050"> for (String name : filterNames) {</span>
<span class="source-line-no">1051</span><span id="line-1051"> FilterMapping fmap = new FilterMapping();</span>
<span class="source-line-no">1052</span><span id="line-1052"> fmap.setPathSpec(pathSpec);</span>
<span class="source-line-no">1053</span><span id="line-1053"> fmap.setFilterName(name);</span>
<span class="source-line-no">1054</span><span id="line-1054"> fmap.setDispatches(FilterMapping.ALL);</span>
<span class="source-line-no">1055</span><span id="line-1055"> webAppCtx.getServletHandler().addFilterMapping(fmap);</span>
<span class="source-line-no">1056</span><span id="line-1056"> }</span>
<span class="source-line-no">1057</span><span id="line-1057"> }</span>
<span class="source-line-no">1058</span><span id="line-1058"></span>
<span class="source-line-no">1059</span><span id="line-1059"> /**</span>
<span class="source-line-no">1060</span><span id="line-1060"> * Get the value in the webapp context.</span>
<span class="source-line-no">1061</span><span id="line-1061"> * @param name The name of the attribute</span>
<span class="source-line-no">1062</span><span id="line-1062"> * @return The value of the attribute</span>
<span class="source-line-no">1063</span><span id="line-1063"> */</span>
<span class="source-line-no">1064</span><span id="line-1064"> public Object getAttribute(String name) {</span>
<span class="source-line-no">1065</span><span id="line-1065"> return webAppContext.getAttribute(name);</span>
<span class="source-line-no">1066</span><span id="line-1066"> }</span>
<span class="source-line-no">1067</span><span id="line-1067"></span>
<span class="source-line-no">1068</span><span id="line-1068"> public WebAppContext getWebAppContext() {</span>
<span class="source-line-no">1069</span><span id="line-1069"> return this.webAppContext;</span>
<span class="source-line-no">1070</span><span id="line-1070"> }</span>
<span class="source-line-no">1071</span><span id="line-1071"></span>
<span class="source-line-no">1072</span><span id="line-1072"> public String getWebAppsPath(String appName) throws FileNotFoundException {</span>
<span class="source-line-no">1073</span><span id="line-1073"> return getWebAppsPath(this.appDir, appName);</span>
<span class="source-line-no">1074</span><span id="line-1074"> }</span>
<span class="source-line-no">1075</span><span id="line-1075"></span>
<span class="source-line-no">1076</span><span id="line-1076"> /**</span>
<span class="source-line-no">1077</span><span id="line-1077"> * Get the pathname to the webapps files.</span>
<span class="source-line-no">1078</span><span id="line-1078"> * @param appName eg "secondary" or "datanode"</span>
<span class="source-line-no">1079</span><span id="line-1079"> * @return the pathname as a URL</span>
<span class="source-line-no">1080</span><span id="line-1080"> * @throws FileNotFoundException if 'webapps' directory cannot be found on CLASSPATH.</span>
<span class="source-line-no">1081</span><span id="line-1081"> */</span>
<span class="source-line-no">1082</span><span id="line-1082"> protected String getWebAppsPath(String webapps, String appName) throws FileNotFoundException {</span>
<span class="source-line-no">1083</span><span id="line-1083"> URL url = getClass().getClassLoader().getResource(webapps + "/" + appName);</span>
<span class="source-line-no">1084</span><span id="line-1084"></span>
<span class="source-line-no">1085</span><span id="line-1085"> if (url == null) {</span>
<span class="source-line-no">1086</span><span id="line-1086"> throw new FileNotFoundException(webapps + "/" + appName + " not found in CLASSPATH");</span>
<span class="source-line-no">1087</span><span id="line-1087"> }</span>
<span class="source-line-no">1088</span><span id="line-1088"></span>
<span class="source-line-no">1089</span><span id="line-1089"> String urlString = url.toString();</span>
<span class="source-line-no">1090</span><span id="line-1090"> return urlString.substring(0, urlString.lastIndexOf('/'));</span>
<span class="source-line-no">1091</span><span id="line-1091"> }</span>
<span class="source-line-no">1092</span><span id="line-1092"></span>
<span class="source-line-no">1093</span><span id="line-1093"> /**</span>
<span class="source-line-no">1094</span><span id="line-1094"> * Get the port that the server is on</span>
<span class="source-line-no">1095</span><span id="line-1095"> * @return the port</span>
<span class="source-line-no">1096</span><span id="line-1096"> * @deprecated Since 0.99.0</span>
<span class="source-line-no">1097</span><span id="line-1097"> */</span>
<span class="source-line-no">1098</span><span id="line-1098"> @Deprecated</span>
<span class="source-line-no">1099</span><span id="line-1099"> public int getPort() {</span>
<span class="source-line-no">1100</span><span id="line-1100"> return ((ServerConnector) webServer.getConnectors()[0]).getLocalPort();</span>
<span class="source-line-no">1101</span><span id="line-1101"> }</span>
<span class="source-line-no">1102</span><span id="line-1102"></span>
<span class="source-line-no">1103</span><span id="line-1103"> /**</span>
<span class="source-line-no">1104</span><span id="line-1104"> * Get the address that corresponds to a particular connector.</span>
<span class="source-line-no">1105</span><span id="line-1105"> * @return the corresponding address for the connector, or null if there's no such connector or</span>
<span class="source-line-no">1106</span><span id="line-1106"> * the connector is not bounded.</span>
<span class="source-line-no">1107</span><span id="line-1107"> */</span>
<span class="source-line-no">1108</span><span id="line-1108"> public InetSocketAddress getConnectorAddress(int index) {</span>
<span class="source-line-no">1109</span><span id="line-1109"> Preconditions.checkArgument(index &gt;= 0);</span>
<span class="source-line-no">1110</span><span id="line-1110"></span>
<span class="source-line-no">1111</span><span id="line-1111"> if (index &gt; webServer.getConnectors().length) {</span>
<span class="source-line-no">1112</span><span id="line-1112"> return null;</span>
<span class="source-line-no">1113</span><span id="line-1113"> }</span>
<span class="source-line-no">1114</span><span id="line-1114"></span>
<span class="source-line-no">1115</span><span id="line-1115"> ServerConnector c = (ServerConnector) webServer.getConnectors()[index];</span>
<span class="source-line-no">1116</span><span id="line-1116"> if (c.getLocalPort() == -1 || c.getLocalPort() == -2) {</span>
<span class="source-line-no">1117</span><span id="line-1117"> // -1 if the connector has not been opened</span>
<span class="source-line-no">1118</span><span id="line-1118"> // -2 if it has been closed</span>
<span class="source-line-no">1119</span><span id="line-1119"> return null;</span>
<span class="source-line-no">1120</span><span id="line-1120"> }</span>
<span class="source-line-no">1121</span><span id="line-1121"></span>
<span class="source-line-no">1122</span><span id="line-1122"> return new InetSocketAddress(c.getHost(), c.getLocalPort());</span>
<span class="source-line-no">1123</span><span id="line-1123"> }</span>
<span class="source-line-no">1124</span><span id="line-1124"></span>
<span class="source-line-no">1125</span><span id="line-1125"> /**</span>
<span class="source-line-no">1126</span><span id="line-1126"> * Set the min, max number of worker threads (simultaneous connections).</span>
<span class="source-line-no">1127</span><span id="line-1127"> */</span>
<span class="source-line-no">1128</span><span id="line-1128"> public void setThreads(int min, int max) {</span>
<span class="source-line-no">1129</span><span id="line-1129"> QueuedThreadPool pool = (QueuedThreadPool) webServer.getThreadPool();</span>
<span class="source-line-no">1130</span><span id="line-1130"> pool.setMinThreads(min);</span>
<span class="source-line-no">1131</span><span id="line-1131"> pool.setMaxThreads(max);</span>
<span class="source-line-no">1132</span><span id="line-1132"> }</span>
<span class="source-line-no">1133</span><span id="line-1133"></span>
<span class="source-line-no">1134</span><span id="line-1134"> private void initSpnego(Configuration conf, String hostName, String usernameConfKey,</span>
<span class="source-line-no">1135</span><span id="line-1135"> String keytabConfKey, String kerberosNameRuleKey, String signatureSecretKeyFileKey)</span>
<span class="source-line-no">1136</span><span id="line-1136"> throws IOException {</span>
<span class="source-line-no">1137</span><span id="line-1137"> Map&lt;String, String&gt; params = new HashMap&lt;&gt;();</span>
<span class="source-line-no">1138</span><span id="line-1138"> String principalInConf = getOrEmptyString(conf, usernameConfKey);</span>
<span class="source-line-no">1139</span><span id="line-1139"> if (!principalInConf.isEmpty()) {</span>
<span class="source-line-no">1140</span><span id="line-1140"> params.put(HTTP_SPNEGO_AUTHENTICATION_PRINCIPAL_SUFFIX,</span>
<span class="source-line-no">1141</span><span id="line-1141"> SecurityUtil.getServerPrincipal(principalInConf, hostName));</span>
<span class="source-line-no">1142</span><span id="line-1142"> }</span>
<span class="source-line-no">1143</span><span id="line-1143"> String httpKeytab = getOrEmptyString(conf, keytabConfKey);</span>
<span class="source-line-no">1144</span><span id="line-1144"> if (!httpKeytab.isEmpty()) {</span>
<span class="source-line-no">1145</span><span id="line-1145"> params.put(HTTP_SPNEGO_AUTHENTICATION_KEYTAB_SUFFIX, httpKeytab);</span>
<span class="source-line-no">1146</span><span id="line-1146"> }</span>
<span class="source-line-no">1147</span><span id="line-1147"> String kerberosNameRule = getOrEmptyString(conf, kerberosNameRuleKey);</span>
<span class="source-line-no">1148</span><span id="line-1148"> if (!kerberosNameRule.isEmpty()) {</span>
<span class="source-line-no">1149</span><span id="line-1149"> params.put(HTTP_SPNEGO_AUTHENTICATION_KRB_NAME_SUFFIX, kerberosNameRule);</span>
<span class="source-line-no">1150</span><span id="line-1150"> }</span>
<span class="source-line-no">1151</span><span id="line-1151"> String signatureSecretKeyFile = getOrEmptyString(conf, signatureSecretKeyFileKey);</span>
<span class="source-line-no">1152</span><span id="line-1152"> if (!signatureSecretKeyFile.isEmpty()) {</span>
<span class="source-line-no">1153</span><span id="line-1153"> params.put(HTTP_AUTHENTICATION_SIGNATURE_SECRET_FILE_SUFFIX, signatureSecretKeyFile);</span>
<span class="source-line-no">1154</span><span id="line-1154"> }</span>
<span class="source-line-no">1155</span><span id="line-1155"> params.put(AuthenticationFilter.AUTH_TYPE, "kerberos");</span>
<span class="source-line-no">1156</span><span id="line-1156"></span>
<span class="source-line-no">1157</span><span id="line-1157"> // Verify that the required options were provided</span>
<span class="source-line-no">1158</span><span id="line-1158"> if (</span>
<span class="source-line-no">1159</span><span id="line-1159"> isMissing(params.get(HTTP_SPNEGO_AUTHENTICATION_PRINCIPAL_SUFFIX))</span>
<span class="source-line-no">1160</span><span id="line-1160"> || isMissing(params.get(HTTP_SPNEGO_AUTHENTICATION_KEYTAB_SUFFIX))</span>
<span class="source-line-no">1161</span><span id="line-1161"> ) {</span>
<span class="source-line-no">1162</span><span id="line-1162"> throw new IllegalArgumentException(</span>
<span class="source-line-no">1163</span><span id="line-1163"> usernameConfKey + " and " + keytabConfKey + " are both required in the configuration "</span>
<span class="source-line-no">1164</span><span id="line-1164"> + "to enable SPNEGO/Kerberos authentication for the Web UI");</span>
<span class="source-line-no">1165</span><span id="line-1165"> }</span>
<span class="source-line-no">1166</span><span id="line-1166"></span>
<span class="source-line-no">1167</span><span id="line-1167"> if (</span>
<span class="source-line-no">1168</span><span id="line-1168"> conf.getBoolean(HTTP_SPNEGO_AUTHENTICATION_PROXYUSER_ENABLE_KEY,</span>
<span class="source-line-no">1169</span><span id="line-1169"> HTTP_SPNEGO_AUTHENTICATION_PROXYUSER_ENABLE_DEFAULT)</span>
<span class="source-line-no">1170</span><span id="line-1170"> ) {</span>
<span class="source-line-no">1171</span><span id="line-1171"> // Copy/rename standard hadoop proxyuser settings to filter</span>
<span class="source-line-no">1172</span><span id="line-1172"> for (Map.Entry&lt;String, String&gt; proxyEntry : conf</span>
<span class="source-line-no">1173</span><span id="line-1173"> .getPropsWithPrefix(ProxyUsers.CONF_HADOOP_PROXYUSER).entrySet()) {</span>
<span class="source-line-no">1174</span><span id="line-1174"> params.put(ProxyUserAuthenticationFilter.PROXYUSER_PREFIX + proxyEntry.getKey(),</span>
<span class="source-line-no">1175</span><span id="line-1175"> proxyEntry.getValue());</span>
<span class="source-line-no">1176</span><span id="line-1176"> }</span>
<span class="source-line-no">1177</span><span id="line-1177"> addGlobalFilter(SPNEGO_PROXYUSER_FILTER, ProxyUserAuthenticationFilter.class.getName(),</span>
<span class="source-line-no">1178</span><span id="line-1178"> params);</span>
<span class="source-line-no">1179</span><span id="line-1179"> } else {</span>
<span class="source-line-no">1180</span><span id="line-1180"> addGlobalFilter(SPNEGO_FILTER, AuthenticationFilter.class.getName(), params);</span>
<span class="source-line-no">1181</span><span id="line-1181"> }</span>
<span class="source-line-no">1182</span><span id="line-1182"> }</span>
<span class="source-line-no">1183</span><span id="line-1183"></span>
<span class="source-line-no">1184</span><span id="line-1184"> /**</span>
<span class="source-line-no">1185</span><span id="line-1185"> * Returns true if the argument is non-null and not whitespace</span>
<span class="source-line-no">1186</span><span id="line-1186"> */</span>
<span class="source-line-no">1187</span><span id="line-1187"> private boolean isMissing(String value) {</span>
<span class="source-line-no">1188</span><span id="line-1188"> if (null == value) {</span>
<span class="source-line-no">1189</span><span id="line-1189"> return true;</span>
<span class="source-line-no">1190</span><span id="line-1190"> }</span>
<span class="source-line-no">1191</span><span id="line-1191"> return value.trim().isEmpty();</span>
<span class="source-line-no">1192</span><span id="line-1192"> }</span>
<span class="source-line-no">1193</span><span id="line-1193"></span>
<span class="source-line-no">1194</span><span id="line-1194"> /**</span>
<span class="source-line-no">1195</span><span id="line-1195"> * Extracts the value for the given key from the configuration of returns a string of zero length.</span>
<span class="source-line-no">1196</span><span id="line-1196"> */</span>
<span class="source-line-no">1197</span><span id="line-1197"> private String getOrEmptyString(Configuration conf, String key) {</span>
<span class="source-line-no">1198</span><span id="line-1198"> if (null == key) {</span>
<span class="source-line-no">1199</span><span id="line-1199"> return EMPTY_STRING;</span>
<span class="source-line-no">1200</span><span id="line-1200"> }</span>
<span class="source-line-no">1201</span><span id="line-1201"> final String value = conf.get(key.trim());</span>
<span class="source-line-no">1202</span><span id="line-1202"> return null == value ? EMPTY_STRING : value;</span>
<span class="source-line-no">1203</span><span id="line-1203"> }</span>
<span class="source-line-no">1204</span><span id="line-1204"></span>
<span class="source-line-no">1205</span><span id="line-1205"> /**</span>
<span class="source-line-no">1206</span><span id="line-1206"> * Start the server. Does not wait for the server to start.</span>
<span class="source-line-no">1207</span><span id="line-1207"> */</span>
<span class="source-line-no">1208</span><span id="line-1208"> public void start() throws IOException {</span>
<span class="source-line-no">1209</span><span id="line-1209"> try {</span>
<span class="source-line-no">1210</span><span id="line-1210"> try {</span>
<span class="source-line-no">1211</span><span id="line-1211"> openListeners();</span>
<span class="source-line-no">1212</span><span id="line-1212"> webServer.start();</span>
<span class="source-line-no">1213</span><span id="line-1213"> } catch (IOException ex) {</span>
<span class="source-line-no">1214</span><span id="line-1214"> LOG.info("HttpServer.start() threw a non Bind IOException", ex);</span>
<span class="source-line-no">1215</span><span id="line-1215"> throw ex;</span>
<span class="source-line-no">1216</span><span id="line-1216"> } catch (MultiException ex) {</span>
<span class="source-line-no">1217</span><span id="line-1217"> LOG.info("HttpServer.start() threw a MultiException", ex);</span>
<span class="source-line-no">1218</span><span id="line-1218"> throw ex;</span>
<span class="source-line-no">1219</span><span id="line-1219"> }</span>
<span class="source-line-no">1220</span><span id="line-1220"> // Make sure there is no handler failures.</span>
<span class="source-line-no">1221</span><span id="line-1221"> Handler[] handlers = webServer.getHandlers();</span>
<span class="source-line-no">1222</span><span id="line-1222"> for (int i = 0; i &lt; handlers.length; i++) {</span>
<span class="source-line-no">1223</span><span id="line-1223"> if (handlers[i].isFailed()) {</span>
<span class="source-line-no">1224</span><span id="line-1224"> throw new IOException("Problem in starting http server. Server handlers failed");</span>
<span class="source-line-no">1225</span><span id="line-1225"> }</span>
<span class="source-line-no">1226</span><span id="line-1226"> }</span>
<span class="source-line-no">1227</span><span id="line-1227"> // Make sure there are no errors initializing the context.</span>
<span class="source-line-no">1228</span><span id="line-1228"> Throwable unavailableException = webAppContext.getUnavailableException();</span>
<span class="source-line-no">1229</span><span id="line-1229"> if (unavailableException != null) {</span>
<span class="source-line-no">1230</span><span id="line-1230"> // Have to stop the webserver, or else its non-daemon threads</span>
<span class="source-line-no">1231</span><span id="line-1231"> // will hang forever.</span>
<span class="source-line-no">1232</span><span id="line-1232"> webServer.stop();</span>
<span class="source-line-no">1233</span><span id="line-1233"> throw new IOException("Unable to initialize WebAppContext", unavailableException);</span>
<span class="source-line-no">1234</span><span id="line-1234"> }</span>
<span class="source-line-no">1235</span><span id="line-1235"> } catch (IOException e) {</span>
<span class="source-line-no">1236</span><span id="line-1236"> throw e;</span>
<span class="source-line-no">1237</span><span id="line-1237"> } catch (InterruptedException e) {</span>
<span class="source-line-no">1238</span><span id="line-1238"> throw (IOException) new InterruptedIOException("Interrupted while starting HTTP server")</span>
<span class="source-line-no">1239</span><span id="line-1239"> .initCause(e);</span>
<span class="source-line-no">1240</span><span id="line-1240"> } catch (Exception e) {</span>
<span class="source-line-no">1241</span><span id="line-1241"> throw new IOException("Problem starting http server", e);</span>
<span class="source-line-no">1242</span><span id="line-1242"> }</span>
<span class="source-line-no">1243</span><span id="line-1243"> }</span>
<span class="source-line-no">1244</span><span id="line-1244"></span>
<span class="source-line-no">1245</span><span id="line-1245"> private void loadListeners() {</span>
<span class="source-line-no">1246</span><span id="line-1246"> for (ListenerInfo li : listeners) {</span>
<span class="source-line-no">1247</span><span id="line-1247"> webServer.addConnector(li.listener);</span>
<span class="source-line-no">1248</span><span id="line-1248"> }</span>
<span class="source-line-no">1249</span><span id="line-1249"> }</span>
<span class="source-line-no">1250</span><span id="line-1250"></span>
<span class="source-line-no">1251</span><span id="line-1251"> /**</span>
<span class="source-line-no">1252</span><span id="line-1252"> * Open the main listener for the server</span>
<span class="source-line-no">1253</span><span id="line-1253"> * @throws Exception if the listener cannot be opened or the appropriate port is already in use</span>
<span class="source-line-no">1254</span><span id="line-1254"> */</span>
<span class="source-line-no">1255</span><span id="line-1255"> void openListeners() throws Exception {</span>
<span class="source-line-no">1256</span><span id="line-1256"> for (ListenerInfo li : listeners) {</span>
<span class="source-line-no">1257</span><span id="line-1257"> ServerConnector listener = li.listener;</span>
<span class="source-line-no">1258</span><span id="line-1258"> if (!li.isManaged || (li.listener.getLocalPort() != -1 &amp;&amp; li.listener.getLocalPort() != -2)) {</span>
<span class="source-line-no">1259</span><span id="line-1259"> // This listener is either started externally, or has not been opened, or has been closed</span>
<span class="source-line-no">1260</span><span id="line-1260"> continue;</span>
<span class="source-line-no">1261</span><span id="line-1261"> }</span>
<span class="source-line-no">1262</span><span id="line-1262"> int port = listener.getPort();</span>
<span class="source-line-no">1263</span><span id="line-1263"> while (true) {</span>
<span class="source-line-no">1264</span><span id="line-1264"> // jetty has a bug where you can't reopen a listener that previously</span>
<span class="source-line-no">1265</span><span id="line-1265"> // failed to open w/o issuing a close first, even if the port is changed</span>
<span class="source-line-no">1266</span><span id="line-1266"> try {</span>
<span class="source-line-no">1267</span><span id="line-1267"> listener.close();</span>
<span class="source-line-no">1268</span><span id="line-1268"> listener.open();</span>
<span class="source-line-no">1269</span><span id="line-1269"> LOG.info("Jetty bound to port " + listener.getLocalPort());</span>
<span class="source-line-no">1270</span><span id="line-1270"> break;</span>
<span class="source-line-no">1271</span><span id="line-1271"> } catch (IOException ex) {</span>
<span class="source-line-no">1272</span><span id="line-1272"> if (!(ex instanceof BindException) &amp;&amp; !(ex.getCause() instanceof BindException)) {</span>
<span class="source-line-no">1273</span><span id="line-1273"> throw ex;</span>
<span class="source-line-no">1274</span><span id="line-1274"> }</span>
<span class="source-line-no">1275</span><span id="line-1275"> if (port == 0 || !findPort) {</span>
<span class="source-line-no">1276</span><span id="line-1276"> BindException be =</span>
<span class="source-line-no">1277</span><span id="line-1277"> new BindException("Port in use: " + listener.getHost() + ":" + listener.getPort());</span>
<span class="source-line-no">1278</span><span id="line-1278"> be.initCause(ex);</span>
<span class="source-line-no">1279</span><span id="line-1279"> throw be;</span>
<span class="source-line-no">1280</span><span id="line-1280"> }</span>
<span class="source-line-no">1281</span><span id="line-1281"> }</span>
<span class="source-line-no">1282</span><span id="line-1282"> // try the next port number</span>
<span class="source-line-no">1283</span><span id="line-1283"> listener.setPort(++port);</span>
<span class="source-line-no">1284</span><span id="line-1284"> Thread.sleep(100);</span>
<span class="source-line-no">1285</span><span id="line-1285"> }</span>
<span class="source-line-no">1286</span><span id="line-1286"> }</span>
<span class="source-line-no">1287</span><span id="line-1287"> }</span>
<span class="source-line-no">1288</span><span id="line-1288"></span>
<span class="source-line-no">1289</span><span id="line-1289"> /**</span>
<span class="source-line-no">1290</span><span id="line-1290"> * stop the server</span>
<span class="source-line-no">1291</span><span id="line-1291"> */</span>
<span class="source-line-no">1292</span><span id="line-1292"> public void stop() throws Exception {</span>
<span class="source-line-no">1293</span><span id="line-1293"> MultiException exception = null;</span>
<span class="source-line-no">1294</span><span id="line-1294"> for (ListenerInfo li : listeners) {</span>
<span class="source-line-no">1295</span><span id="line-1295"> if (!li.isManaged) {</span>
<span class="source-line-no">1296</span><span id="line-1296"> continue;</span>
<span class="source-line-no">1297</span><span id="line-1297"> }</span>
<span class="source-line-no">1298</span><span id="line-1298"></span>
<span class="source-line-no">1299</span><span id="line-1299"> try {</span>
<span class="source-line-no">1300</span><span id="line-1300"> li.listener.close();</span>
<span class="source-line-no">1301</span><span id="line-1301"> } catch (Exception e) {</span>
<span class="source-line-no">1302</span><span id="line-1302"> LOG.error("Error while stopping listener for webapp" + webAppContext.getDisplayName(), e);</span>
<span class="source-line-no">1303</span><span id="line-1303"> exception = addMultiException(exception, e);</span>
<span class="source-line-no">1304</span><span id="line-1304"> }</span>
<span class="source-line-no">1305</span><span id="line-1305"> }</span>
<span class="source-line-no">1306</span><span id="line-1306"></span>
<span class="source-line-no">1307</span><span id="line-1307"> try {</span>
<span class="source-line-no">1308</span><span id="line-1308"> // clear &amp; stop webAppContext attributes to avoid memory leaks.</span>
<span class="source-line-no">1309</span><span id="line-1309"> webAppContext.clearAttributes();</span>
<span class="source-line-no">1310</span><span id="line-1310"> webAppContext.stop();</span>
<span class="source-line-no">1311</span><span id="line-1311"> } catch (Exception e) {</span>
<span class="source-line-no">1312</span><span id="line-1312"> LOG.error("Error while stopping web app context for webapp " + webAppContext.getDisplayName(),</span>
<span class="source-line-no">1313</span><span id="line-1313"> e);</span>
<span class="source-line-no">1314</span><span id="line-1314"> exception = addMultiException(exception, e);</span>
<span class="source-line-no">1315</span><span id="line-1315"> }</span>
<span class="source-line-no">1316</span><span id="line-1316"></span>
<span class="source-line-no">1317</span><span id="line-1317"> try {</span>
<span class="source-line-no">1318</span><span id="line-1318"> webServer.stop();</span>
<span class="source-line-no">1319</span><span id="line-1319"> } catch (Exception e) {</span>
<span class="source-line-no">1320</span><span id="line-1320"> LOG.error("Error while stopping web server for webapp " + webAppContext.getDisplayName(), e);</span>
<span class="source-line-no">1321</span><span id="line-1321"> exception = addMultiException(exception, e);</span>
<span class="source-line-no">1322</span><span id="line-1322"> }</span>
<span class="source-line-no">1323</span><span id="line-1323"></span>
<span class="source-line-no">1324</span><span id="line-1324"> if (exception != null) {</span>
<span class="source-line-no">1325</span><span id="line-1325"> exception.ifExceptionThrow();</span>
<span class="source-line-no">1326</span><span id="line-1326"> }</span>
<span class="source-line-no">1327</span><span id="line-1327"></span>
<span class="source-line-no">1328</span><span id="line-1328"> }</span>
<span class="source-line-no">1329</span><span id="line-1329"></span>
<span class="source-line-no">1330</span><span id="line-1330"> private MultiException addMultiException(MultiException exception, Exception e) {</span>
<span class="source-line-no">1331</span><span id="line-1331"> if (exception == null) {</span>
<span class="source-line-no">1332</span><span id="line-1332"> exception = new MultiException();</span>
<span class="source-line-no">1333</span><span id="line-1333"> }</span>
<span class="source-line-no">1334</span><span id="line-1334"> exception.add(e);</span>
<span class="source-line-no">1335</span><span id="line-1335"> return exception;</span>
<span class="source-line-no">1336</span><span id="line-1336"> }</span>
<span class="source-line-no">1337</span><span id="line-1337"></span>
<span class="source-line-no">1338</span><span id="line-1338"> public void join() throws InterruptedException {</span>
<span class="source-line-no">1339</span><span id="line-1339"> webServer.join();</span>
<span class="source-line-no">1340</span><span id="line-1340"> }</span>
<span class="source-line-no">1341</span><span id="line-1341"></span>
<span class="source-line-no">1342</span><span id="line-1342"> /**</span>
<span class="source-line-no">1343</span><span id="line-1343"> * Test for the availability of the web server</span>
<span class="source-line-no">1344</span><span id="line-1344"> * @return true if the web server is started, false otherwise</span>
<span class="source-line-no">1345</span><span id="line-1345"> */</span>
<span class="source-line-no">1346</span><span id="line-1346"> public boolean isAlive() {</span>
<span class="source-line-no">1347</span><span id="line-1347"> return webServer != null &amp;&amp; webServer.isStarted();</span>
<span class="source-line-no">1348</span><span id="line-1348"> }</span>
<span class="source-line-no">1349</span><span id="line-1349"></span>
<span class="source-line-no">1350</span><span id="line-1350"> /**</span>
<span class="source-line-no">1351</span><span id="line-1351"> * Return the host and port of the HttpServer, if live</span>
<span class="source-line-no">1352</span><span id="line-1352"> * @return the classname and any HTTP URL</span>
<span class="source-line-no">1353</span><span id="line-1353"> */</span>
<span class="source-line-no">1354</span><span id="line-1354"> @Override</span>
<span class="source-line-no">1355</span><span id="line-1355"> public String toString() {</span>
<span class="source-line-no">1356</span><span id="line-1356"> if (listeners.isEmpty()) {</span>
<span class="source-line-no">1357</span><span id="line-1357"> return "Inactive HttpServer";</span>
<span class="source-line-no">1358</span><span id="line-1358"> } else {</span>
<span class="source-line-no">1359</span><span id="line-1359"> StringBuilder sb = new StringBuilder("HttpServer (")</span>
<span class="source-line-no">1360</span><span id="line-1360"> .append(isAlive() ? STATE_DESCRIPTION_ALIVE : STATE_DESCRIPTION_NOT_LIVE)</span>
<span class="source-line-no">1361</span><span id="line-1361"> .append("), listening at:");</span>
<span class="source-line-no">1362</span><span id="line-1362"> for (ListenerInfo li : listeners) {</span>
<span class="source-line-no">1363</span><span id="line-1363"> ServerConnector l = li.listener;</span>
<span class="source-line-no">1364</span><span id="line-1364"> sb.append(l.getHost()).append(":").append(l.getPort()).append("/,");</span>
<span class="source-line-no">1365</span><span id="line-1365"> }</span>
<span class="source-line-no">1366</span><span id="line-1366"> return sb.toString();</span>
<span class="source-line-no">1367</span><span id="line-1367"> }</span>
<span class="source-line-no">1368</span><span id="line-1368"> }</span>
<span class="source-line-no">1369</span><span id="line-1369"></span>
<span class="source-line-no">1370</span><span id="line-1370"> /**</span>
<span class="source-line-no">1371</span><span id="line-1371"> * Checks the user has privileges to access to instrumentation servlets.</span>
<span class="source-line-no">1372</span><span id="line-1372"> * &lt;p&gt;</span>
<span class="source-line-no">1373</span><span id="line-1373"> * If &lt;code&gt;hadoop.security.instrumentation.requires.admin&lt;/code&gt; is set to FALSE (default value)</span>
<span class="source-line-no">1374</span><span id="line-1374"> * it always returns TRUE.</span>
<span class="source-line-no">1375</span><span id="line-1375"> * &lt;/p&gt;</span>
<span class="source-line-no">1376</span><span id="line-1376"> * &lt;p&gt;</span>
<span class="source-line-no">1377</span><span id="line-1377"> * If &lt;code&gt;hadoop.security.instrumentation.requires.admin&lt;/code&gt; is set to TRUE it will check</span>
<span class="source-line-no">1378</span><span id="line-1378"> * that if the current user is in the admin ACLS. If the user is in the admin ACLs it returns</span>
<span class="source-line-no">1379</span><span id="line-1379"> * TRUE, otherwise it returns FALSE.</span>
<span class="source-line-no">1380</span><span id="line-1380"> * &lt;/p&gt;</span>
<span class="source-line-no">1381</span><span id="line-1381"> * @param servletContext the servlet context.</span>
<span class="source-line-no">1382</span><span id="line-1382"> * @param request the servlet request.</span>
<span class="source-line-no">1383</span><span id="line-1383"> * @param response the servlet response.</span>
<span class="source-line-no">1384</span><span id="line-1384"> * @return TRUE/FALSE based on the logic decribed above.</span>
<span class="source-line-no">1385</span><span id="line-1385"> */</span>
<span class="source-line-no">1386</span><span id="line-1386"> public static boolean isInstrumentationAccessAllowed(ServletContext servletContext,</span>
<span class="source-line-no">1387</span><span id="line-1387"> HttpServletRequest request, HttpServletResponse response) throws IOException {</span>
<span class="source-line-no">1388</span><span id="line-1388"> Configuration conf = (Configuration) servletContext.getAttribute(CONF_CONTEXT_ATTRIBUTE);</span>
<span class="source-line-no">1389</span><span id="line-1389"></span>
<span class="source-line-no">1390</span><span id="line-1390"> boolean access = true;</span>
<span class="source-line-no">1391</span><span id="line-1391"> boolean adminAccess = conf</span>
<span class="source-line-no">1392</span><span id="line-1392"> .getBoolean(CommonConfigurationKeys.HADOOP_SECURITY_INSTRUMENTATION_REQUIRES_ADMIN, false);</span>
<span class="source-line-no">1393</span><span id="line-1393"> if (adminAccess) {</span>
<span class="source-line-no">1394</span><span id="line-1394"> access = hasAdministratorAccess(servletContext, request, response);</span>
<span class="source-line-no">1395</span><span id="line-1395"> }</span>
<span class="source-line-no">1396</span><span id="line-1396"> return access;</span>
<span class="source-line-no">1397</span><span id="line-1397"> }</span>
<span class="source-line-no">1398</span><span id="line-1398"></span>
<span class="source-line-no">1399</span><span id="line-1399"> /**</span>
<span class="source-line-no">1400</span><span id="line-1400"> * Does the user sending the HttpServletRequest has the administrator ACLs? If it isn't the case,</span>
<span class="source-line-no">1401</span><span id="line-1401"> * response will be modified to send an error to the user.</span>
<span class="source-line-no">1402</span><span id="line-1402"> * @param servletContext the {@link ServletContext} to use</span>
<span class="source-line-no">1403</span><span id="line-1403"> * @param request the {@link HttpServletRequest} to check</span>
<span class="source-line-no">1404</span><span id="line-1404"> * @param response used to send the error response if user does not have admin access.</span>
<span class="source-line-no">1405</span><span id="line-1405"> * @return true if admin-authorized, false otherwise</span>
<span class="source-line-no">1406</span><span id="line-1406"> * @throws IOException if an unauthenticated or unauthorized user tries to access the page</span>
<span class="source-line-no">1407</span><span id="line-1407"> */</span>
<span class="source-line-no">1408</span><span id="line-1408"> public static boolean hasAdministratorAccess(ServletContext servletContext,</span>
<span class="source-line-no">1409</span><span id="line-1409"> HttpServletRequest request, HttpServletResponse response) throws IOException {</span>
<span class="source-line-no">1410</span><span id="line-1410"> Configuration conf = (Configuration) servletContext.getAttribute(CONF_CONTEXT_ATTRIBUTE);</span>
<span class="source-line-no">1411</span><span id="line-1411"> AccessControlList acl = (AccessControlList) servletContext.getAttribute(ADMINS_ACL);</span>
<span class="source-line-no">1412</span><span id="line-1412"></span>
<span class="source-line-no">1413</span><span id="line-1413"> return hasAdministratorAccess(conf, acl, request, response);</span>
<span class="source-line-no">1414</span><span id="line-1414"> }</span>
<span class="source-line-no">1415</span><span id="line-1415"></span>
<span class="source-line-no">1416</span><span id="line-1416"> public static boolean hasAdministratorAccess(Configuration conf, AccessControlList acl,</span>
<span class="source-line-no">1417</span><span id="line-1417"> HttpServletRequest request, HttpServletResponse response) throws IOException {</span>
<span class="source-line-no">1418</span><span id="line-1418"> // If there is no authorization, anybody has administrator access.</span>
<span class="source-line-no">1419</span><span id="line-1419"> if (!conf.getBoolean(CommonConfigurationKeys.HADOOP_SECURITY_AUTHORIZATION, false)) {</span>
<span class="source-line-no">1420</span><span id="line-1420"> return true;</span>
<span class="source-line-no">1421</span><span id="line-1421"> }</span>
<span class="source-line-no">1422</span><span id="line-1422"></span>
<span class="source-line-no">1423</span><span id="line-1423"> String remoteUser = request.getRemoteUser();</span>
<span class="source-line-no">1424</span><span id="line-1424"> if (remoteUser == null) {</span>
<span class="source-line-no">1425</span><span id="line-1425"> response.sendError(HttpServletResponse.SC_UNAUTHORIZED,</span>
<span class="source-line-no">1426</span><span id="line-1426"> "Unauthenticated users are not " + "authorized to access this page.");</span>
<span class="source-line-no">1427</span><span id="line-1427"> return false;</span>
<span class="source-line-no">1428</span><span id="line-1428"> }</span>
<span class="source-line-no">1429</span><span id="line-1429"></span>
<span class="source-line-no">1430</span><span id="line-1430"> if (acl != null &amp;&amp; !userHasAdministratorAccess(acl, remoteUser)) {</span>
<span class="source-line-no">1431</span><span id="line-1431"> response.sendError(HttpServletResponse.SC_FORBIDDEN,</span>
<span class="source-line-no">1432</span><span id="line-1432"> "User " + remoteUser + " is unauthorized to access this page.");</span>
<span class="source-line-no">1433</span><span id="line-1433"> return false;</span>
<span class="source-line-no">1434</span><span id="line-1434"> }</span>
<span class="source-line-no">1435</span><span id="line-1435"></span>
<span class="source-line-no">1436</span><span id="line-1436"> return true;</span>
<span class="source-line-no">1437</span><span id="line-1437"> }</span>
<span class="source-line-no">1438</span><span id="line-1438"></span>
<span class="source-line-no">1439</span><span id="line-1439"> /**</span>
<span class="source-line-no">1440</span><span id="line-1440"> * Get the admin ACLs from the given ServletContext and check if the given user is in the ACL.</span>
<span class="source-line-no">1441</span><span id="line-1441"> * @param servletContext the context containing the admin ACL.</span>
<span class="source-line-no">1442</span><span id="line-1442"> * @param remoteUser the remote user to check for.</span>
<span class="source-line-no">1443</span><span id="line-1443"> * @return true if the user is present in the ACL, false if no ACL is set or the user is not</span>
<span class="source-line-no">1444</span><span id="line-1444"> * present</span>
<span class="source-line-no">1445</span><span id="line-1445"> */</span>
<span class="source-line-no">1446</span><span id="line-1446"> public static boolean userHasAdministratorAccess(ServletContext servletContext,</span>
<span class="source-line-no">1447</span><span id="line-1447"> String remoteUser) {</span>
<span class="source-line-no">1448</span><span id="line-1448"> AccessControlList adminsAcl = (AccessControlList) servletContext.getAttribute(ADMINS_ACL);</span>
<span class="source-line-no">1449</span><span id="line-1449"> return userHasAdministratorAccess(adminsAcl, remoteUser);</span>
<span class="source-line-no">1450</span><span id="line-1450"> }</span>
<span class="source-line-no">1451</span><span id="line-1451"></span>
<span class="source-line-no">1452</span><span id="line-1452"> public static boolean userHasAdministratorAccess(AccessControlList acl, String remoteUser) {</span>
<span class="source-line-no">1453</span><span id="line-1453"> UserGroupInformation remoteUserUGI = UserGroupInformation.createRemoteUser(remoteUser);</span>
<span class="source-line-no">1454</span><span id="line-1454"> return acl != null &amp;&amp; acl.isUserAllowed(remoteUserUGI);</span>
<span class="source-line-no">1455</span><span id="line-1455"> }</span>
<span class="source-line-no">1456</span><span id="line-1456"></span>
<span class="source-line-no">1457</span><span id="line-1457"> /**</span>
<span class="source-line-no">1458</span><span id="line-1458"> * A very simple servlet to serve up a text representation of the current stack traces. It both</span>
<span class="source-line-no">1459</span><span id="line-1459"> * returns the stacks to the caller and logs them. Currently the stack traces are done</span>
<span class="source-line-no">1460</span><span id="line-1460"> * sequentially rather than exactly the same data.</span>
<span class="source-line-no">1461</span><span id="line-1461"> */</span>
<span class="source-line-no">1462</span><span id="line-1462"> public static class StackServlet extends HttpServlet {</span>
<span class="source-line-no">1463</span><span id="line-1463"> private static final long serialVersionUID = -6284183679759467039L;</span>
<span class="source-line-no">1464</span><span id="line-1464"></span>
<span class="source-line-no">1465</span><span id="line-1465"> @Override</span>
<span class="source-line-no">1466</span><span id="line-1466"> public void doGet(HttpServletRequest request, HttpServletResponse response)</span>
<span class="source-line-no">1467</span><span id="line-1467"> throws ServletException, IOException {</span>
<span class="source-line-no">1468</span><span id="line-1468"> if (!HttpServer.isInstrumentationAccessAllowed(getServletContext(), request, response)) {</span>
<span class="source-line-no">1469</span><span id="line-1469"> return;</span>
<span class="source-line-no">1470</span><span id="line-1470"> }</span>
<span class="source-line-no">1471</span><span id="line-1471"> response.setContentType("text/plain; charset=UTF-8");</span>
<span class="source-line-no">1472</span><span id="line-1472"> try (PrintStream out = new PrintStream(response.getOutputStream(), false, "UTF-8")) {</span>
<span class="source-line-no">1473</span><span id="line-1473"> Threads.printThreadInfo(out, "");</span>
<span class="source-line-no">1474</span><span id="line-1474"> out.flush();</span>
<span class="source-line-no">1475</span><span id="line-1475"> }</span>
<span class="source-line-no">1476</span><span id="line-1476"> ReflectionUtils.logThreadInfo(LOG, "jsp requested", 1);</span>
<span class="source-line-no">1477</span><span id="line-1477"> }</span>
<span class="source-line-no">1478</span><span id="line-1478"> }</span>
<span class="source-line-no">1479</span><span id="line-1479"></span>
<span class="source-line-no">1480</span><span id="line-1480"> /**</span>
<span class="source-line-no">1481</span><span id="line-1481"> * A Servlet input filter that quotes all HTML active characters in the parameter names and</span>
<span class="source-line-no">1482</span><span id="line-1482"> * values. The goal is to quote the characters to make all of the servlets resistant to cross-site</span>
<span class="source-line-no">1483</span><span id="line-1483"> * scripting attacks.</span>
<span class="source-line-no">1484</span><span id="line-1484"> */</span>
<span class="source-line-no">1485</span><span id="line-1485"> @InterfaceAudience.LimitedPrivate(HBaseInterfaceAudience.CONFIG)</span>
<span class="source-line-no">1486</span><span id="line-1486"> public static class QuotingInputFilter implements Filter {</span>
<span class="source-line-no">1487</span><span id="line-1487"> private FilterConfig config;</span>
<span class="source-line-no">1488</span><span id="line-1488"></span>
<span class="source-line-no">1489</span><span id="line-1489"> public static class RequestQuoter extends HttpServletRequestWrapper {</span>
<span class="source-line-no">1490</span><span id="line-1490"> private final HttpServletRequest rawRequest;</span>
<span class="source-line-no">1491</span><span id="line-1491"></span>
<span class="source-line-no">1492</span><span id="line-1492"> public RequestQuoter(HttpServletRequest rawRequest) {</span>
<span class="source-line-no">1493</span><span id="line-1493"> super(rawRequest);</span>
<span class="source-line-no">1494</span><span id="line-1494"> this.rawRequest = rawRequest;</span>
<span class="source-line-no">1495</span><span id="line-1495"> }</span>
<span class="source-line-no">1496</span><span id="line-1496"></span>
<span class="source-line-no">1497</span><span id="line-1497"> /**</span>
<span class="source-line-no">1498</span><span id="line-1498"> * Return the set of parameter names, quoting each name.</span>
<span class="source-line-no">1499</span><span id="line-1499"> */</span>
<span class="source-line-no">1500</span><span id="line-1500"> @Override</span>
<span class="source-line-no">1501</span><span id="line-1501"> public Enumeration&lt;String&gt; getParameterNames() {</span>
<span class="source-line-no">1502</span><span id="line-1502"> return new Enumeration&lt;String&gt;() {</span>
<span class="source-line-no">1503</span><span id="line-1503"> private Enumeration&lt;String&gt; rawIterator = rawRequest.getParameterNames();</span>
<span class="source-line-no">1504</span><span id="line-1504"></span>
<span class="source-line-no">1505</span><span id="line-1505"> @Override</span>
<span class="source-line-no">1506</span><span id="line-1506"> public boolean hasMoreElements() {</span>
<span class="source-line-no">1507</span><span id="line-1507"> return rawIterator.hasMoreElements();</span>
<span class="source-line-no">1508</span><span id="line-1508"> }</span>
<span class="source-line-no">1509</span><span id="line-1509"></span>
<span class="source-line-no">1510</span><span id="line-1510"> @Override</span>
<span class="source-line-no">1511</span><span id="line-1511"> public String nextElement() {</span>
<span class="source-line-no">1512</span><span id="line-1512"> return HtmlQuoting.quoteHtmlChars(rawIterator.nextElement());</span>
<span class="source-line-no">1513</span><span id="line-1513"> }</span>
<span class="source-line-no">1514</span><span id="line-1514"> };</span>
<span class="source-line-no">1515</span><span id="line-1515"> }</span>
<span class="source-line-no">1516</span><span id="line-1516"></span>
<span class="source-line-no">1517</span><span id="line-1517"> /**</span>
<span class="source-line-no">1518</span><span id="line-1518"> * Unquote the name and quote the value.</span>
<span class="source-line-no">1519</span><span id="line-1519"> */</span>
<span class="source-line-no">1520</span><span id="line-1520"> @Override</span>
<span class="source-line-no">1521</span><span id="line-1521"> public String getParameter(String name) {</span>
<span class="source-line-no">1522</span><span id="line-1522"> return HtmlQuoting</span>
<span class="source-line-no">1523</span><span id="line-1523"> .quoteHtmlChars(rawRequest.getParameter(HtmlQuoting.unquoteHtmlChars(name)));</span>
<span class="source-line-no">1524</span><span id="line-1524"> }</span>
<span class="source-line-no">1525</span><span id="line-1525"></span>
<span class="source-line-no">1526</span><span id="line-1526"> @Override</span>
<span class="source-line-no">1527</span><span id="line-1527"> public String[] getParameterValues(String name) {</span>
<span class="source-line-no">1528</span><span id="line-1528"> String unquoteName = HtmlQuoting.unquoteHtmlChars(name);</span>
<span class="source-line-no">1529</span><span id="line-1529"> String[] unquoteValue = rawRequest.getParameterValues(unquoteName);</span>
<span class="source-line-no">1530</span><span id="line-1530"> if (unquoteValue == null) {</span>
<span class="source-line-no">1531</span><span id="line-1531"> return null;</span>
<span class="source-line-no">1532</span><span id="line-1532"> }</span>
<span class="source-line-no">1533</span><span id="line-1533"> String[] result = new String[unquoteValue.length];</span>
<span class="source-line-no">1534</span><span id="line-1534"> for (int i = 0; i &lt; result.length; ++i) {</span>
<span class="source-line-no">1535</span><span id="line-1535"> result[i] = HtmlQuoting.quoteHtmlChars(unquoteValue[i]);</span>
<span class="source-line-no">1536</span><span id="line-1536"> }</span>
<span class="source-line-no">1537</span><span id="line-1537"> return result;</span>
<span class="source-line-no">1538</span><span id="line-1538"> }</span>
<span class="source-line-no">1539</span><span id="line-1539"></span>
<span class="source-line-no">1540</span><span id="line-1540"> @Override</span>
<span class="source-line-no">1541</span><span id="line-1541"> public Map&lt;String, String[]&gt; getParameterMap() {</span>
<span class="source-line-no">1542</span><span id="line-1542"> Map&lt;String, String[]&gt; result = new HashMap&lt;&gt;();</span>
<span class="source-line-no">1543</span><span id="line-1543"> Map&lt;String, String[]&gt; raw = rawRequest.getParameterMap();</span>
<span class="source-line-no">1544</span><span id="line-1544"> for (Map.Entry&lt;String, String[]&gt; item : raw.entrySet()) {</span>
<span class="source-line-no">1545</span><span id="line-1545"> String[] rawValue = item.getValue();</span>
<span class="source-line-no">1546</span><span id="line-1546"> String[] cookedValue = new String[rawValue.length];</span>
<span class="source-line-no">1547</span><span id="line-1547"> for (int i = 0; i &lt; rawValue.length; ++i) {</span>
<span class="source-line-no">1548</span><span id="line-1548"> cookedValue[i] = HtmlQuoting.quoteHtmlChars(rawValue[i]);</span>
<span class="source-line-no">1549</span><span id="line-1549"> }</span>
<span class="source-line-no">1550</span><span id="line-1550"> result.put(HtmlQuoting.quoteHtmlChars(item.getKey()), cookedValue);</span>
<span class="source-line-no">1551</span><span id="line-1551"> }</span>
<span class="source-line-no">1552</span><span id="line-1552"> return result;</span>
<span class="source-line-no">1553</span><span id="line-1553"> }</span>
<span class="source-line-no">1554</span><span id="line-1554"></span>
<span class="source-line-no">1555</span><span id="line-1555"> /**</span>
<span class="source-line-no">1556</span><span id="line-1556"> * Quote the url so that users specifying the HOST HTTP header can't inject attacks.</span>
<span class="source-line-no">1557</span><span id="line-1557"> */</span>
<span class="source-line-no">1558</span><span id="line-1558"> @Override</span>
<span class="source-line-no">1559</span><span id="line-1559"> public StringBuffer getRequestURL() {</span>
<span class="source-line-no">1560</span><span id="line-1560"> String url = rawRequest.getRequestURL().toString();</span>
<span class="source-line-no">1561</span><span id="line-1561"> return new StringBuffer(HtmlQuoting.quoteHtmlChars(url));</span>
<span class="source-line-no">1562</span><span id="line-1562"> }</span>
<span class="source-line-no">1563</span><span id="line-1563"></span>
<span class="source-line-no">1564</span><span id="line-1564"> /**</span>
<span class="source-line-no">1565</span><span id="line-1565"> * Quote the server name so that users specifying the HOST HTTP header can't inject attacks.</span>
<span class="source-line-no">1566</span><span id="line-1566"> */</span>
<span class="source-line-no">1567</span><span id="line-1567"> @Override</span>
<span class="source-line-no">1568</span><span id="line-1568"> public String getServerName() {</span>
<span class="source-line-no">1569</span><span id="line-1569"> return HtmlQuoting.quoteHtmlChars(rawRequest.getServerName());</span>
<span class="source-line-no">1570</span><span id="line-1570"> }</span>
<span class="source-line-no">1571</span><span id="line-1571"> }</span>
<span class="source-line-no">1572</span><span id="line-1572"></span>
<span class="source-line-no">1573</span><span id="line-1573"> @Override</span>
<span class="source-line-no">1574</span><span id="line-1574"> public void init(FilterConfig config) throws ServletException {</span>
<span class="source-line-no">1575</span><span id="line-1575"> this.config = config;</span>
<span class="source-line-no">1576</span><span id="line-1576"> }</span>
<span class="source-line-no">1577</span><span id="line-1577"></span>
<span class="source-line-no">1578</span><span id="line-1578"> @Override</span>
<span class="source-line-no">1579</span><span id="line-1579"> public void destroy() {</span>
<span class="source-line-no">1580</span><span id="line-1580"> }</span>
<span class="source-line-no">1581</span><span id="line-1581"></span>
<span class="source-line-no">1582</span><span id="line-1582"> @Override</span>
<span class="source-line-no">1583</span><span id="line-1583"> public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)</span>
<span class="source-line-no">1584</span><span id="line-1584"> throws IOException, ServletException {</span>
<span class="source-line-no">1585</span><span id="line-1585"> HttpServletRequestWrapper quoted = new RequestQuoter((HttpServletRequest) request);</span>
<span class="source-line-no">1586</span><span id="line-1586"> HttpServletResponse httpResponse = (HttpServletResponse) response;</span>
<span class="source-line-no">1587</span><span id="line-1587"></span>
<span class="source-line-no">1588</span><span id="line-1588"> String mime = inferMimeType(request);</span>
<span class="source-line-no">1589</span><span id="line-1589"> if (mime == null) {</span>
<span class="source-line-no">1590</span><span id="line-1590"> httpResponse.setContentType("text/plain; charset=utf-8");</span>
<span class="source-line-no">1591</span><span id="line-1591"> } else if (mime.startsWith("text/html")) {</span>
<span class="source-line-no">1592</span><span id="line-1592"> // HTML with unspecified encoding, we want to</span>
<span class="source-line-no">1593</span><span id="line-1593"> // force HTML with utf-8 encoding</span>
<span class="source-line-no">1594</span><span id="line-1594"> // This is to avoid the following security issue:</span>
<span class="source-line-no">1595</span><span id="line-1595"> // http://openmya.hacker.jp/hasegawa/security/utf7cs.html</span>
<span class="source-line-no">1596</span><span id="line-1596"> httpResponse.setContentType("text/html; charset=utf-8");</span>
<span class="source-line-no">1597</span><span id="line-1597"> } else if (mime.startsWith("application/xml")) {</span>
<span class="source-line-no">1598</span><span id="line-1598"> httpResponse.setContentType("text/xml; charset=utf-8");</span>
<span class="source-line-no">1599</span><span id="line-1599"> }</span>
<span class="source-line-no">1600</span><span id="line-1600"> chain.doFilter(quoted, httpResponse);</span>
<span class="source-line-no">1601</span><span id="line-1601"> }</span>
<span class="source-line-no">1602</span><span id="line-1602"></span>
<span class="source-line-no">1603</span><span id="line-1603"> /**</span>
<span class="source-line-no">1604</span><span id="line-1604"> * Infer the mime type for the response based on the extension of the request URI. Returns null</span>
<span class="source-line-no">1605</span><span id="line-1605"> * if unknown.</span>
<span class="source-line-no">1606</span><span id="line-1606"> */</span>
<span class="source-line-no">1607</span><span id="line-1607"> private String inferMimeType(ServletRequest request) {</span>
<span class="source-line-no">1608</span><span id="line-1608"> String path = ((HttpServletRequest) request).getRequestURI();</span>
<span class="source-line-no">1609</span><span id="line-1609"> ServletContext context = config.getServletContext();</span>
<span class="source-line-no">1610</span><span id="line-1610"> return context.getMimeType(path);</span>
<span class="source-line-no">1611</span><span id="line-1611"> }</span>
<span class="source-line-no">1612</span><span id="line-1612"> }</span>
<span class="source-line-no">1613</span><span id="line-1613">}</span>
</pre>
</div>
</main>
</body>
</html>