Google Git
Sign in
apache / hbase-site / 0082cda45f48d1755543336c908ec6d80d4ec0a9 / . / testapidocs / src-html / org / apache / hadoop / hbase / http / TestHttpServer.DummyServletFilter.html
blob: b3718c133fab1426dc6daf034bd700f925dbc602 [file] [log] [blame]
<!DOCTYPE HTML>
<html lang="en">
<head>
<!-- Generated by javadoc (17) -->
<title>Source code</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="source: package: org.apache.hadoop.hbase.http, class: TestHttpServer, class: DummyServletFilter">
<meta name="generator" content="javadoc/SourceToHTMLConverter">
<link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style">
</head>
<body class="source-page">
<main role="main">
<div class="source-container">
<pre><span class="source-line-no">001</span><span id="line-1">/*</span>
<span class="source-line-no">002</span><span id="line-2"> * Licensed to the Apache Software Foundation (ASF) under one</span>
<span class="source-line-no">003</span><span id="line-3"> * or more contributor license agreements. See the NOTICE file</span>
<span class="source-line-no">004</span><span id="line-4"> * distributed with this work for additional information</span>
<span class="source-line-no">005</span><span id="line-5"> * regarding copyright ownership. The ASF licenses this file</span>
<span class="source-line-no">006</span><span id="line-6"> * to you under the Apache License, Version 2.0 (the</span>
<span class="source-line-no">007</span><span id="line-7"> * "License"); you may not use this file except in compliance</span>
<span class="source-line-no">008</span><span id="line-8"> * with the License. You may obtain a copy of the License at</span>
<span class="source-line-no">009</span><span id="line-9"> *</span>
<span class="source-line-no">010</span><span id="line-10"> * http://www.apache.org/licenses/LICENSE-2.0</span>
<span class="source-line-no">011</span><span id="line-11"> *</span>
<span class="source-line-no">012</span><span id="line-12"> * Unless required by applicable law or agreed to in writing, software</span>
<span class="source-line-no">013</span><span id="line-13"> * distributed under the License is distributed on an "AS IS" BASIS,</span>
<span class="source-line-no">014</span><span id="line-14"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span>
<span class="source-line-no">015</span><span id="line-15"> * See the License for the specific language governing permissions and</span>
<span class="source-line-no">016</span><span id="line-16"> * limitations under the License.</span>
<span class="source-line-no">017</span><span id="line-17"> */</span>
<span class="source-line-no">018</span><span id="line-18">package org.apache.hadoop.hbase.http;</span>
<span class="source-line-no">019</span><span id="line-19"></span>
<span class="source-line-no">020</span><span id="line-20">import static org.hamcrest.Matchers.greaterThan;</span>
<span class="source-line-no">021</span><span id="line-21">import static org.junit.Assert.assertEquals;</span>
<span class="source-line-no">022</span><span id="line-22">import static org.junit.Assert.assertNotNull;</span>
<span class="source-line-no">023</span><span id="line-23">import static org.junit.Assert.assertNull;</span>
<span class="source-line-no">024</span><span id="line-24">import static org.junit.Assert.assertTrue;</span>
<span class="source-line-no">025</span><span id="line-25"></span>
<span class="source-line-no">026</span><span id="line-26">import java.io.BufferedReader;</span>
<span class="source-line-no">027</span><span id="line-27">import java.io.IOException;</span>
<span class="source-line-no">028</span><span id="line-28">import java.io.InputStream;</span>
<span class="source-line-no">029</span><span id="line-29">import java.io.InputStreamReader;</span>
<span class="source-line-no">030</span><span id="line-30">import java.io.PrintWriter;</span>
<span class="source-line-no">031</span><span id="line-31">import java.net.HttpURLConnection;</span>
<span class="source-line-no">032</span><span id="line-32">import java.net.URI;</span>
<span class="source-line-no">033</span><span id="line-33">import java.net.URL;</span>
<span class="source-line-no">034</span><span id="line-34">import java.nio.CharBuffer;</span>
<span class="source-line-no">035</span><span id="line-35">import java.nio.charset.StandardCharsets;</span>
<span class="source-line-no">036</span><span id="line-36">import java.util.Arrays;</span>
<span class="source-line-no">037</span><span id="line-37">import java.util.Collections;</span>
<span class="source-line-no">038</span><span id="line-38">import java.util.Enumeration;</span>
<span class="source-line-no">039</span><span id="line-39">import java.util.HashMap;</span>
<span class="source-line-no">040</span><span id="line-40">import java.util.List;</span>
<span class="source-line-no">041</span><span id="line-41">import java.util.Map;</span>
<span class="source-line-no">042</span><span id="line-42">import java.util.SortedSet;</span>
<span class="source-line-no">043</span><span id="line-43">import java.util.TreeSet;</span>
<span class="source-line-no">044</span><span id="line-44">import java.util.concurrent.CountDownLatch;</span>
<span class="source-line-no">045</span><span id="line-45">import java.util.concurrent.Executor;</span>
<span class="source-line-no">046</span><span id="line-46">import java.util.concurrent.Executors;</span>
<span class="source-line-no">047</span><span id="line-47">import javax.servlet.Filter;</span>
<span class="source-line-no">048</span><span id="line-48">import javax.servlet.FilterChain;</span>
<span class="source-line-no">049</span><span id="line-49">import javax.servlet.FilterConfig;</span>
<span class="source-line-no">050</span><span id="line-50">import javax.servlet.ServletContext;</span>
<span class="source-line-no">051</span><span id="line-51">import javax.servlet.ServletException;</span>
<span class="source-line-no">052</span><span id="line-52">import javax.servlet.ServletRequest;</span>
<span class="source-line-no">053</span><span id="line-53">import javax.servlet.ServletResponse;</span>
<span class="source-line-no">054</span><span id="line-54">import javax.servlet.http.HttpServlet;</span>
<span class="source-line-no">055</span><span id="line-55">import javax.servlet.http.HttpServletRequest;</span>
<span class="source-line-no">056</span><span id="line-56">import javax.servlet.http.HttpServletRequestWrapper;</span>
<span class="source-line-no">057</span><span id="line-57">import javax.servlet.http.HttpServletResponse;</span>
<span class="source-line-no">058</span><span id="line-58">import org.apache.hadoop.conf.Configuration;</span>
<span class="source-line-no">059</span><span id="line-59">import org.apache.hadoop.fs.CommonConfigurationKeys;</span>
<span class="source-line-no">060</span><span id="line-60">import org.apache.hadoop.hbase.HBaseClassTestRule;</span>
<span class="source-line-no">061</span><span id="line-61">import org.apache.hadoop.hbase.http.HttpServer.QuotingInputFilter.RequestQuoter;</span>
<span class="source-line-no">062</span><span id="line-62">import org.apache.hadoop.hbase.http.resource.JerseyResource;</span>
<span class="source-line-no">063</span><span id="line-63">import org.apache.hadoop.hbase.testclassification.MiscTests;</span>
<span class="source-line-no">064</span><span id="line-64">import org.apache.hadoop.hbase.testclassification.SmallTests;</span>
<span class="source-line-no">065</span><span id="line-65">import org.apache.hadoop.net.NetUtils;</span>
<span class="source-line-no">066</span><span id="line-66">import org.apache.hadoop.security.Groups;</span>
<span class="source-line-no">067</span><span id="line-67">import org.apache.hadoop.security.ShellBasedUnixGroupsMapping;</span>
<span class="source-line-no">068</span><span id="line-68">import org.apache.hadoop.security.UserGroupInformation;</span>
<span class="source-line-no">069</span><span id="line-69">import org.apache.hadoop.security.authorize.AccessControlList;</span>
<span class="source-line-no">070</span><span id="line-70">import org.apache.http.HttpEntity;</span>
<span class="source-line-no">071</span><span id="line-71">import org.apache.http.HttpHeaders;</span>
<span class="source-line-no">072</span><span id="line-72">import org.apache.http.client.methods.CloseableHttpResponse;</span>
<span class="source-line-no">073</span><span id="line-73">import org.apache.http.client.methods.HttpGet;</span>
<span class="source-line-no">074</span><span id="line-74">import org.apache.http.impl.client.CloseableHttpClient;</span>
<span class="source-line-no">075</span><span id="line-75">import org.apache.http.impl.client.HttpClients;</span>
<span class="source-line-no">076</span><span id="line-76">import org.hamcrest.MatcherAssert;</span>
<span class="source-line-no">077</span><span id="line-77">import org.junit.AfterClass;</span>
<span class="source-line-no">078</span><span id="line-78">import org.junit.Assert;</span>
<span class="source-line-no">079</span><span id="line-79">import org.junit.BeforeClass;</span>
<span class="source-line-no">080</span><span id="line-80">import org.junit.ClassRule;</span>
<span class="source-line-no">081</span><span id="line-81">import org.junit.Ignore;</span>
<span class="source-line-no">082</span><span id="line-82">import org.junit.Test;</span>
<span class="source-line-no">083</span><span id="line-83">import org.junit.experimental.categories.Category;</span>
<span class="source-line-no">084</span><span id="line-84">import org.mockito.Mockito;</span>
<span class="source-line-no">085</span><span id="line-85">import org.slf4j.Logger;</span>
<span class="source-line-no">086</span><span id="line-86">import org.slf4j.LoggerFactory;</span>
<span class="source-line-no">087</span><span id="line-87"></span>
<span class="source-line-no">088</span><span id="line-88">import org.apache.hbase.thirdparty.org.eclipse.jetty.server.ServerConnector;</span>
<span class="source-line-no">089</span><span id="line-89">import org.apache.hbase.thirdparty.org.eclipse.jetty.util.ajax.JSON;</span>
<span class="source-line-no">090</span><span id="line-90"></span>
<span class="source-line-no">091</span><span id="line-91">@Category({ MiscTests.class, SmallTests.class })</span>
<span class="source-line-no">092</span><span id="line-92">public class TestHttpServer extends HttpServerFunctionalTest {</span>
<span class="source-line-no">093</span><span id="line-93"> @ClassRule</span>
<span class="source-line-no">094</span><span id="line-94"> public static final HBaseClassTestRule CLASS_RULE =</span>
<span class="source-line-no">095</span><span id="line-95"> HBaseClassTestRule.forClass(TestHttpServer.class);</span>
<span class="source-line-no">096</span><span id="line-96"></span>
<span class="source-line-no">097</span><span id="line-97"> private static final Logger LOG = LoggerFactory.getLogger(TestHttpServer.class);</span>
<span class="source-line-no">098</span><span id="line-98"> private static HttpServer server;</span>
<span class="source-line-no">099</span><span id="line-99"> private static URL baseUrl;</span>
<span class="source-line-no">100</span><span id="line-100"> // jetty 9.4.x needs this many threads to start, even in the small.</span>
<span class="source-line-no">101</span><span id="line-101"> static final int MAX_THREADS = 16;</span>
<span class="source-line-no">102</span><span id="line-102"></span>
<span class="source-line-no">103</span><span id="line-103"> @SuppressWarnings("serial")</span>
<span class="source-line-no">104</span><span id="line-104"> public static class EchoMapServlet extends HttpServlet {</span>
<span class="source-line-no">105</span><span id="line-105"> @Override</span>
<span class="source-line-no">106</span><span id="line-106"> public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {</span>
<span class="source-line-no">107</span><span id="line-107"> PrintWriter out = response.getWriter();</span>
<span class="source-line-no">108</span><span id="line-108"> Map&lt;String, String[]&gt; params = request.getParameterMap();</span>
<span class="source-line-no">109</span><span id="line-109"> SortedSet&lt;String&gt; keys = new TreeSet&lt;&gt;(params.keySet());</span>
<span class="source-line-no">110</span><span id="line-110"> for (String key : keys) {</span>
<span class="source-line-no">111</span><span id="line-111"> out.print(key);</span>
<span class="source-line-no">112</span><span id="line-112"> out.print(':');</span>
<span class="source-line-no">113</span><span id="line-113"> String[] values = params.get(key);</span>
<span class="source-line-no">114</span><span id="line-114"> if (values.length &gt; 0) {</span>
<span class="source-line-no">115</span><span id="line-115"> out.print(values[0]);</span>
<span class="source-line-no">116</span><span id="line-116"> for (int i = 1; i &lt; values.length; ++i) {</span>
<span class="source-line-no">117</span><span id="line-117"> out.print(',');</span>
<span class="source-line-no">118</span><span id="line-118"> out.print(values[i]);</span>
<span class="source-line-no">119</span><span id="line-119"> }</span>
<span class="source-line-no">120</span><span id="line-120"> }</span>
<span class="source-line-no">121</span><span id="line-121"> out.print('\n');</span>
<span class="source-line-no">122</span><span id="line-122"> }</span>
<span class="source-line-no">123</span><span id="line-123"> out.close();</span>
<span class="source-line-no">124</span><span id="line-124"> }</span>
<span class="source-line-no">125</span><span id="line-125"> }</span>
<span class="source-line-no">126</span><span id="line-126"></span>
<span class="source-line-no">127</span><span id="line-127"> @SuppressWarnings("serial")</span>
<span class="source-line-no">128</span><span id="line-128"> public static class EchoServlet extends HttpServlet {</span>
<span class="source-line-no">129</span><span id="line-129"> @Override</span>
<span class="source-line-no">130</span><span id="line-130"> public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {</span>
<span class="source-line-no">131</span><span id="line-131"> PrintWriter out = response.getWriter();</span>
<span class="source-line-no">132</span><span id="line-132"> SortedSet&lt;String&gt; sortedKeys = new TreeSet&lt;&gt;();</span>
<span class="source-line-no">133</span><span id="line-133"> Enumeration&lt;String&gt; keys = request.getParameterNames();</span>
<span class="source-line-no">134</span><span id="line-134"> while (keys.hasMoreElements()) {</span>
<span class="source-line-no">135</span><span id="line-135"> sortedKeys.add(keys.nextElement());</span>
<span class="source-line-no">136</span><span id="line-136"> }</span>
<span class="source-line-no">137</span><span id="line-137"> for (String key : sortedKeys) {</span>
<span class="source-line-no">138</span><span id="line-138"> out.print(key);</span>
<span class="source-line-no">139</span><span id="line-139"> out.print(':');</span>
<span class="source-line-no">140</span><span id="line-140"> out.print(request.getParameter(key));</span>
<span class="source-line-no">141</span><span id="line-141"> out.print('\n');</span>
<span class="source-line-no">142</span><span id="line-142"> }</span>
<span class="source-line-no">143</span><span id="line-143"> out.close();</span>
<span class="source-line-no">144</span><span id="line-144"> }</span>
<span class="source-line-no">145</span><span id="line-145"> }</span>
<span class="source-line-no">146</span><span id="line-146"></span>
<span class="source-line-no">147</span><span id="line-147"> @SuppressWarnings("serial")</span>
<span class="source-line-no">148</span><span id="line-148"> public static class LongHeaderServlet extends HttpServlet {</span>
<span class="source-line-no">149</span><span id="line-149"> @Override</span>
<span class="source-line-no">150</span><span id="line-150"> public void doGet(HttpServletRequest request, HttpServletResponse response) {</span>
<span class="source-line-no">151</span><span id="line-151"> Assert.assertEquals(63 * 1024, request.getHeader("longheader").length());</span>
<span class="source-line-no">152</span><span id="line-152"> response.setStatus(HttpServletResponse.SC_OK);</span>
<span class="source-line-no">153</span><span id="line-153"> }</span>
<span class="source-line-no">154</span><span id="line-154"> }</span>
<span class="source-line-no">155</span><span id="line-155"></span>
<span class="source-line-no">156</span><span id="line-156"> @SuppressWarnings("serial")</span>
<span class="source-line-no">157</span><span id="line-157"> public static class HtmlContentServlet extends HttpServlet {</span>
<span class="source-line-no">158</span><span id="line-158"> @Override</span>
<span class="source-line-no">159</span><span id="line-159"> public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {</span>
<span class="source-line-no">160</span><span id="line-160"> response.setContentType("text/html");</span>
<span class="source-line-no">161</span><span id="line-161"> PrintWriter out = response.getWriter();</span>
<span class="source-line-no">162</span><span id="line-162"> out.print("hello world");</span>
<span class="source-line-no">163</span><span id="line-163"> out.close();</span>
<span class="source-line-no">164</span><span id="line-164"> }</span>
<span class="source-line-no">165</span><span id="line-165"> }</span>
<span class="source-line-no">166</span><span id="line-166"></span>
<span class="source-line-no">167</span><span id="line-167"> @BeforeClass</span>
<span class="source-line-no">168</span><span id="line-168"> public static void setup() throws Exception {</span>
<span class="source-line-no">169</span><span id="line-169"> Configuration conf = new Configuration();</span>
<span class="source-line-no">170</span><span id="line-170"> conf.setInt(HttpServer.HTTP_MAX_THREADS, MAX_THREADS);</span>
<span class="source-line-no">171</span><span id="line-171"> server = createTestServer(conf);</span>
<span class="source-line-no">172</span><span id="line-172"> server.addUnprivilegedServlet("echo", "/echo", EchoServlet.class);</span>
<span class="source-line-no">173</span><span id="line-173"> server.addUnprivilegedServlet("echomap", "/echomap", EchoMapServlet.class);</span>
<span class="source-line-no">174</span><span id="line-174"> server.addUnprivilegedServlet("htmlcontent", "/htmlcontent", HtmlContentServlet.class);</span>
<span class="source-line-no">175</span><span id="line-175"> server.addUnprivilegedServlet("longheader", "/longheader", LongHeaderServlet.class);</span>
<span class="source-line-no">176</span><span id="line-176"> server.addJerseyResourcePackage(JerseyResource.class.getPackage().getName(), "/jersey/*");</span>
<span class="source-line-no">177</span><span id="line-177"> server.start();</span>
<span class="source-line-no">178</span><span id="line-178"> baseUrl = getServerURL(server);</span>
<span class="source-line-no">179</span><span id="line-179"> LOG.info("HTTP server started: " + baseUrl);</span>
<span class="source-line-no">180</span><span id="line-180"> }</span>
<span class="source-line-no">181</span><span id="line-181"></span>
<span class="source-line-no">182</span><span id="line-182"> @AfterClass</span>
<span class="source-line-no">183</span><span id="line-183"> public static void cleanup() throws Exception {</span>
<span class="source-line-no">184</span><span id="line-184"> server.stop();</span>
<span class="source-line-no">185</span><span id="line-185"> }</span>
<span class="source-line-no">186</span><span id="line-186"></span>
<span class="source-line-no">187</span><span id="line-187"> /**</span>
<span class="source-line-no">188</span><span id="line-188"> * Test the maximum number of threads cannot be exceeded.</span>
<span class="source-line-no">189</span><span id="line-189"> */</span>
<span class="source-line-no">190</span><span id="line-190"> @Test</span>
<span class="source-line-no">191</span><span id="line-191"> public void testMaxThreads() throws Exception {</span>
<span class="source-line-no">192</span><span id="line-192"> int clientThreads = MAX_THREADS * 10;</span>
<span class="source-line-no">193</span><span id="line-193"> Executor executor = Executors.newFixedThreadPool(clientThreads);</span>
<span class="source-line-no">194</span><span id="line-194"> // Run many clients to make server reach its maximum number of threads</span>
<span class="source-line-no">195</span><span id="line-195"> final CountDownLatch ready = new CountDownLatch(clientThreads);</span>
<span class="source-line-no">196</span><span id="line-196"> final CountDownLatch start = new CountDownLatch(1);</span>
<span class="source-line-no">197</span><span id="line-197"> for (int i = 0; i &lt; clientThreads; i++) {</span>
<span class="source-line-no">198</span><span id="line-198"> executor.execute(() -&gt; {</span>
<span class="source-line-no">199</span><span id="line-199"> ready.countDown();</span>
<span class="source-line-no">200</span><span id="line-200"> try {</span>
<span class="source-line-no">201</span><span id="line-201"> start.await();</span>
<span class="source-line-no">202</span><span id="line-202"> assertEquals("a:b\nc:d\n", readOutput(new URL(baseUrl, "/echo?a=b&amp;c=d")));</span>
<span class="source-line-no">203</span><span id="line-203"> int serverThreads = server.webServer.getThreadPool().getThreads();</span>
<span class="source-line-no">204</span><span id="line-204"> assertTrue(</span>
<span class="source-line-no">205</span><span id="line-205"> "More threads are started than expected, Server Threads count: " + serverThreads,</span>
<span class="source-line-no">206</span><span id="line-206"> serverThreads &lt;= MAX_THREADS);</span>
<span class="source-line-no">207</span><span id="line-207"> LOG.info("Number of threads = " + serverThreads</span>
<span class="source-line-no">208</span><span id="line-208"> + " which is less or equal than the max = " + MAX_THREADS);</span>
<span class="source-line-no">209</span><span id="line-209"> } catch (Exception e) {</span>
<span class="source-line-no">210</span><span id="line-210"> // do nothing</span>
<span class="source-line-no">211</span><span id="line-211"> }</span>
<span class="source-line-no">212</span><span id="line-212"> });</span>
<span class="source-line-no">213</span><span id="line-213"> }</span>
<span class="source-line-no">214</span><span id="line-214"> // Start the client threads when they are all ready</span>
<span class="source-line-no">215</span><span id="line-215"> ready.await();</span>
<span class="source-line-no">216</span><span id="line-216"> start.countDown();</span>
<span class="source-line-no">217</span><span id="line-217"> }</span>
<span class="source-line-no">218</span><span id="line-218"></span>
<span class="source-line-no">219</span><span id="line-219"> @Test</span>
<span class="source-line-no">220</span><span id="line-220"> public void testEcho() throws Exception {</span>
<span class="source-line-no">221</span><span id="line-221"> assertEquals("a:b\nc:d\n", readOutput(new URL(baseUrl, "/echo?a=b&amp;c=d")));</span>
<span class="source-line-no">222</span><span id="line-222"> assertEquals("a:b\nc&amp;lt;:d\ne:&amp;gt;\n", readOutput(new URL(baseUrl, "/echo?a=b&amp;c&lt;=d&amp;e=&gt;")));</span>
<span class="source-line-no">223</span><span id="line-223"> }</span>
<span class="source-line-no">224</span><span id="line-224"></span>
<span class="source-line-no">225</span><span id="line-225"> /** Test the echo map servlet that uses getParameterMap. */</span>
<span class="source-line-no">226</span><span id="line-226"> @Test</span>
<span class="source-line-no">227</span><span id="line-227"> public void testEchoMap() throws Exception {</span>
<span class="source-line-no">228</span><span id="line-228"> assertEquals("a:b\nc:d\n", readOutput(new URL(baseUrl, "/echomap?a=b&amp;c=d")));</span>
<span class="source-line-no">229</span><span id="line-229"> assertEquals("a:b,&amp;gt;\nc&amp;lt;:d\n", readOutput(new URL(baseUrl, "/echomap?a=b&amp;c&lt;=d&amp;a=&gt;")));</span>
<span class="source-line-no">230</span><span id="line-230"> }</span>
<span class="source-line-no">231</span><span id="line-231"></span>
<span class="source-line-no">232</span><span id="line-232"> /**</span>
<span class="source-line-no">233</span><span id="line-233"> * Test that verifies headers can be up to 64K long. The test adds a 63K header leaving 1K for</span>
<span class="source-line-no">234</span><span id="line-234"> * other headers. This is because the header buffer setting is for ALL headers, names and values</span>
<span class="source-line-no">235</span><span id="line-235"> * included.</span>
<span class="source-line-no">236</span><span id="line-236"> */</span>
<span class="source-line-no">237</span><span id="line-237"> @Test</span>
<span class="source-line-no">238</span><span id="line-238"> public void testLongHeader() throws Exception {</span>
<span class="source-line-no">239</span><span id="line-239"> URL url = new URL(baseUrl, "/longheader");</span>
<span class="source-line-no">240</span><span id="line-240"> HttpURLConnection conn = (HttpURLConnection) url.openConnection();</span>
<span class="source-line-no">241</span><span id="line-241"> StringBuilder sb = new StringBuilder();</span>
<span class="source-line-no">242</span><span id="line-242"> for (int i = 0; i &lt; 63 * 1024; i++) {</span>
<span class="source-line-no">243</span><span id="line-243"> sb.append("a");</span>
<span class="source-line-no">244</span><span id="line-244"> }</span>
<span class="source-line-no">245</span><span id="line-245"> conn.setRequestProperty("longheader", sb.toString());</span>
<span class="source-line-no">246</span><span id="line-246"> assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());</span>
<span class="source-line-no">247</span><span id="line-247"> }</span>
<span class="source-line-no">248</span><span id="line-248"></span>
<span class="source-line-no">249</span><span id="line-249"> @Test</span>
<span class="source-line-no">250</span><span id="line-250"> public void testContentTypes() throws Exception {</span>
<span class="source-line-no">251</span><span id="line-251"> // Static CSS files should have text/css</span>
<span class="source-line-no">252</span><span id="line-252"> URL cssUrl = new URL(baseUrl, "/static/test.css");</span>
<span class="source-line-no">253</span><span id="line-253"> HttpURLConnection conn = (HttpURLConnection) cssUrl.openConnection();</span>
<span class="source-line-no">254</span><span id="line-254"> conn.connect();</span>
<span class="source-line-no">255</span><span id="line-255"> assertEquals(200, conn.getResponseCode());</span>
<span class="source-line-no">256</span><span id="line-256"> assertEquals("text/css", conn.getContentType());</span>
<span class="source-line-no">257</span><span id="line-257"></span>
<span class="source-line-no">258</span><span id="line-258"> // Servlets should have text/plain with proper encoding by default</span>
<span class="source-line-no">259</span><span id="line-259"> URL servletUrl = new URL(baseUrl, "/echo?a=b");</span>
<span class="source-line-no">260</span><span id="line-260"> conn = (HttpURLConnection) servletUrl.openConnection();</span>
<span class="source-line-no">261</span><span id="line-261"> conn.connect();</span>
<span class="source-line-no">262</span><span id="line-262"> assertEquals(200, conn.getResponseCode());</span>
<span class="source-line-no">263</span><span id="line-263"> assertEquals("text/plain;charset=utf-8", conn.getContentType());</span>
<span class="source-line-no">264</span><span id="line-264"></span>
<span class="source-line-no">265</span><span id="line-265"> // We should ignore parameters for mime types - ie a parameter</span>
<span class="source-line-no">266</span><span id="line-266"> // ending in .css should not change mime type</span>
<span class="source-line-no">267</span><span id="line-267"> servletUrl = new URL(baseUrl, "/echo?a=b.css");</span>
<span class="source-line-no">268</span><span id="line-268"> conn = (HttpURLConnection) servletUrl.openConnection();</span>
<span class="source-line-no">269</span><span id="line-269"> conn.connect();</span>
<span class="source-line-no">270</span><span id="line-270"> assertEquals(200, conn.getResponseCode());</span>
<span class="source-line-no">271</span><span id="line-271"> assertEquals("text/plain;charset=utf-8", conn.getContentType());</span>
<span class="source-line-no">272</span><span id="line-272"></span>
<span class="source-line-no">273</span><span id="line-273"> // Servlets that specify text/html should get that content type</span>
<span class="source-line-no">274</span><span id="line-274"> servletUrl = new URL(baseUrl, "/htmlcontent");</span>
<span class="source-line-no">275</span><span id="line-275"> conn = (HttpURLConnection) servletUrl.openConnection();</span>
<span class="source-line-no">276</span><span id="line-276"> conn.connect();</span>
<span class="source-line-no">277</span><span id="line-277"> assertEquals(200, conn.getResponseCode());</span>
<span class="source-line-no">278</span><span id="line-278"> assertEquals("text/html;charset=utf-8", conn.getContentType());</span>
<span class="source-line-no">279</span><span id="line-279"></span>
<span class="source-line-no">280</span><span id="line-280"> // JSPs should default to text/html with utf8</span>
<span class="source-line-no">281</span><span id="line-281"> // JSPs do not work from unit tests</span>
<span class="source-line-no">282</span><span id="line-282"> // servletUrl = new URL(baseUrl, "/testjsp.jsp");</span>
<span class="source-line-no">283</span><span id="line-283"> // conn = (HttpURLConnection)servletUrl.openConnection();</span>
<span class="source-line-no">284</span><span id="line-284"> // conn.connect();</span>
<span class="source-line-no">285</span><span id="line-285"> // assertEquals(200, conn.getResponseCode());</span>
<span class="source-line-no">286</span><span id="line-286"> // assertEquals("text/html; charset=utf-8", conn.getContentType());</span>
<span class="source-line-no">287</span><span id="line-287"> }</span>
<span class="source-line-no">288</span><span id="line-288"></span>
<span class="source-line-no">289</span><span id="line-289"> @Test</span>
<span class="source-line-no">290</span><span id="line-290"> public void testNegotiatesEncodingGzip() throws IOException {</span>
<span class="source-line-no">291</span><span id="line-291"> final InputStream stream = ClassLoader.getSystemResourceAsStream("webapps/static/test.css");</span>
<span class="source-line-no">292</span><span id="line-292"> assertNotNull(stream);</span>
<span class="source-line-no">293</span><span id="line-293"> final String sourceContent = readFully(stream);</span>
<span class="source-line-no">294</span><span id="line-294"></span>
<span class="source-line-no">295</span><span id="line-295"> try (final CloseableHttpClient client = HttpClients.createMinimal()) {</span>
<span class="source-line-no">296</span><span id="line-296"> final HttpGet request = new HttpGet(new URL(baseUrl, "/static/test.css").toString());</span>
<span class="source-line-no">297</span><span id="line-297"></span>
<span class="source-line-no">298</span><span id="line-298"> request.setHeader(HttpHeaders.ACCEPT_ENCODING, null);</span>
<span class="source-line-no">299</span><span id="line-299"> final long unencodedContentLength;</span>
<span class="source-line-no">300</span><span id="line-300"> try (final CloseableHttpResponse response = client.execute(request)) {</span>
<span class="source-line-no">301</span><span id="line-301"> final HttpEntity entity = response.getEntity();</span>
<span class="source-line-no">302</span><span id="line-302"> assertNotNull(entity);</span>
<span class="source-line-no">303</span><span id="line-303"> assertNull(entity.getContentEncoding());</span>
<span class="source-line-no">304</span><span id="line-304"> unencodedContentLength = entity.getContentLength();</span>
<span class="source-line-no">305</span><span id="line-305"> MatcherAssert.assertThat(unencodedContentLength, greaterThan(0L));</span>
<span class="source-line-no">306</span><span id="line-306"> final String unencodedEntityBody = readFully(entity.getContent());</span>
<span class="source-line-no">307</span><span id="line-307"> assertEquals(sourceContent, unencodedEntityBody);</span>
<span class="source-line-no">308</span><span id="line-308"> }</span>
<span class="source-line-no">309</span><span id="line-309"></span>
<span class="source-line-no">310</span><span id="line-310"> request.setHeader(HttpHeaders.ACCEPT_ENCODING, "gzip");</span>
<span class="source-line-no">311</span><span id="line-311"> final long encodedContentLength;</span>
<span class="source-line-no">312</span><span id="line-312"> try (final CloseableHttpResponse response = client.execute(request)) {</span>
<span class="source-line-no">313</span><span id="line-313"> final HttpEntity entity = response.getEntity();</span>
<span class="source-line-no">314</span><span id="line-314"> assertNotNull(entity);</span>
<span class="source-line-no">315</span><span id="line-315"> assertNotNull(entity.getContentEncoding());</span>
<span class="source-line-no">316</span><span id="line-316"> assertEquals("gzip", entity.getContentEncoding().getValue());</span>
<span class="source-line-no">317</span><span id="line-317"> encodedContentLength = entity.getContentLength();</span>
<span class="source-line-no">318</span><span id="line-318"> MatcherAssert.assertThat(encodedContentLength, greaterThan(0L));</span>
<span class="source-line-no">319</span><span id="line-319"> final String encodedEntityBody = readFully(entity.getContent());</span>
<span class="source-line-no">320</span><span id="line-320"> // the encoding/decoding process, as implemented in this specific combination of dependency</span>
<span class="source-line-no">321</span><span id="line-321"> // versions, does not perfectly preserve trailing whitespace. thus, `trim()`.</span>
<span class="source-line-no">322</span><span id="line-322"> assertEquals(sourceContent.trim(), encodedEntityBody.trim());</span>
<span class="source-line-no">323</span><span id="line-323"> }</span>
<span class="source-line-no">324</span><span id="line-324"> MatcherAssert.assertThat(unencodedContentLength, greaterThan(encodedContentLength));</span>
<span class="source-line-no">325</span><span id="line-325"> }</span>
<span class="source-line-no">326</span><span id="line-326"> }</span>
<span class="source-line-no">327</span><span id="line-327"></span>
<span class="source-line-no">328</span><span id="line-328"> private static String readFully(final InputStream input) throws IOException {</span>
<span class="source-line-no">329</span><span id="line-329"> // TODO: when the time comes, delete me and replace with a JDK11 IO helper API.</span>
<span class="source-line-no">330</span><span id="line-330"> try (final BufferedReader reader =</span>
<span class="source-line-no">331</span><span id="line-331"> new BufferedReader(new InputStreamReader(input, StandardCharsets.UTF_8))) {</span>
<span class="source-line-no">332</span><span id="line-332"> final StringBuilder sb = new StringBuilder();</span>
<span class="source-line-no">333</span><span id="line-333"> final CharBuffer buffer = CharBuffer.allocate(1024 * 2);</span>
<span class="source-line-no">334</span><span id="line-334"> while (reader.read(buffer) &gt; 0) {</span>
<span class="source-line-no">335</span><span id="line-335"> sb.append(buffer);</span>
<span class="source-line-no">336</span><span id="line-336"> buffer.clear();</span>
<span class="source-line-no">337</span><span id="line-337"> }</span>
<span class="source-line-no">338</span><span id="line-338"> return sb.toString();</span>
<span class="source-line-no">339</span><span id="line-339"> } finally {</span>
<span class="source-line-no">340</span><span id="line-340"> input.close();</span>
<span class="source-line-no">341</span><span id="line-341"> }</span>
<span class="source-line-no">342</span><span id="line-342"> }</span>
<span class="source-line-no">343</span><span id="line-343"></span>
<span class="source-line-no">344</span><span id="line-344"> /**</span>
<span class="source-line-no">345</span><span id="line-345"> * Dummy filter that mimics as an authentication filter. Obtains user identity from the request</span>
<span class="source-line-no">346</span><span id="line-346"> * parameter user.name. Wraps around the request so that request.getRemoteUser() returns the user</span>
<span class="source-line-no">347</span><span id="line-347"> * identity.</span>
<span class="source-line-no">348</span><span id="line-348"> */</span>
<span class="source-line-no">349</span><span id="line-349"> public static class DummyServletFilter implements Filter {</span>
<span class="source-line-no">350</span><span id="line-350"> @Override</span>
<span class="source-line-no">351</span><span id="line-351"> public void destroy() {</span>
<span class="source-line-no">352</span><span id="line-352"> }</span>
<span class="source-line-no">353</span><span id="line-353"></span>
<span class="source-line-no">354</span><span id="line-354"> @Override</span>
<span class="source-line-no">355</span><span id="line-355"> public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)</span>
<span class="source-line-no">356</span><span id="line-356"> throws IOException, ServletException {</span>
<span class="source-line-no">357</span><span id="line-357"> final String userName = request.getParameter("user.name");</span>
<span class="source-line-no">358</span><span id="line-358"> ServletRequest requestModified = new HttpServletRequestWrapper((HttpServletRequest) request) {</span>
<span class="source-line-no">359</span><span id="line-359"> @Override</span>
<span class="source-line-no">360</span><span id="line-360"> public String getRemoteUser() {</span>
<span class="source-line-no">361</span><span id="line-361"> return userName;</span>
<span class="source-line-no">362</span><span id="line-362"> }</span>
<span class="source-line-no">363</span><span id="line-363"> };</span>
<span class="source-line-no">364</span><span id="line-364"> filterChain.doFilter(requestModified, response);</span>
<span class="source-line-no">365</span><span id="line-365"> }</span>
<span class="source-line-no">366</span><span id="line-366"></span>
<span class="source-line-no">367</span><span id="line-367"> @Override</span>
<span class="source-line-no">368</span><span id="line-368"> public void init(FilterConfig arg0) {</span>
<span class="source-line-no">369</span><span id="line-369"> }</span>
<span class="source-line-no">370</span><span id="line-370"> }</span>
<span class="source-line-no">371</span><span id="line-371"></span>
<span class="source-line-no">372</span><span id="line-372"> /**</span>
<span class="source-line-no">373</span><span id="line-373"> * FilterInitializer that initialized the DummyFilter.</span>
<span class="source-line-no">374</span><span id="line-374"> */</span>
<span class="source-line-no">375</span><span id="line-375"> public static class DummyFilterInitializer extends FilterInitializer {</span>
<span class="source-line-no">376</span><span id="line-376"> public DummyFilterInitializer() {</span>
<span class="source-line-no">377</span><span id="line-377"> }</span>
<span class="source-line-no">378</span><span id="line-378"></span>
<span class="source-line-no">379</span><span id="line-379"> @Override</span>
<span class="source-line-no">380</span><span id="line-380"> public void initFilter(FilterContainer container, Configuration conf) {</span>
<span class="source-line-no">381</span><span id="line-381"> container.addFilter("DummyFilter", DummyServletFilter.class.getName(), null);</span>
<span class="source-line-no">382</span><span id="line-382"> }</span>
<span class="source-line-no">383</span><span id="line-383"> }</span>
<span class="source-line-no">384</span><span id="line-384"></span>
<span class="source-line-no">385</span><span id="line-385"> /**</span>
<span class="source-line-no">386</span><span id="line-386"> * Access a URL and get the corresponding return Http status code. The URL will be accessed as the</span>
<span class="source-line-no">387</span><span id="line-387"> * passed user, by sending user.name request parameter.</span>
<span class="source-line-no">388</span><span id="line-388"> * @param urlstring The url to access</span>
<span class="source-line-no">389</span><span id="line-389"> * @param userName The user to perform access as</span>
<span class="source-line-no">390</span><span id="line-390"> * @return The HTTP response code</span>
<span class="source-line-no">391</span><span id="line-391"> * @throws IOException if there is a problem communicating with the server</span>
<span class="source-line-no">392</span><span id="line-392"> */</span>
<span class="source-line-no">393</span><span id="line-393"> private static int getHttpStatusCode(String urlstring, String userName) throws IOException {</span>
<span class="source-line-no">394</span><span id="line-394"> URL url = new URL(urlstring + "?user.name=" + userName);</span>
<span class="source-line-no">395</span><span id="line-395"> System.out.println("Accessing " + url + " as user " + userName);</span>
<span class="source-line-no">396</span><span id="line-396"> HttpURLConnection connection = (HttpURLConnection) url.openConnection();</span>
<span class="source-line-no">397</span><span id="line-397"> connection.connect();</span>
<span class="source-line-no">398</span><span id="line-398"> return connection.getResponseCode();</span>
<span class="source-line-no">399</span><span id="line-399"> }</span>
<span class="source-line-no">400</span><span id="line-400"></span>
<span class="source-line-no">401</span><span id="line-401"> /**</span>
<span class="source-line-no">402</span><span id="line-402"> * Custom user-&gt;group mapping service.</span>
<span class="source-line-no">403</span><span id="line-403"> */</span>
<span class="source-line-no">404</span><span id="line-404"> public static class MyGroupsProvider extends ShellBasedUnixGroupsMapping {</span>
<span class="source-line-no">405</span><span id="line-405"> static Map&lt;String, List&lt;String&gt;&gt; mapping = new HashMap&lt;&gt;();</span>
<span class="source-line-no">406</span><span id="line-406"></span>
<span class="source-line-no">407</span><span id="line-407"> static void clearMapping() {</span>
<span class="source-line-no">408</span><span id="line-408"> mapping.clear();</span>
<span class="source-line-no">409</span><span id="line-409"> }</span>
<span class="source-line-no">410</span><span id="line-410"></span>
<span class="source-line-no">411</span><span id="line-411"> @Override</span>
<span class="source-line-no">412</span><span id="line-412"> public List&lt;String&gt; getGroups(String user) {</span>
<span class="source-line-no">413</span><span id="line-413"> return mapping.get(user);</span>
<span class="source-line-no">414</span><span id="line-414"> }</span>
<span class="source-line-no">415</span><span id="line-415"> }</span>
<span class="source-line-no">416</span><span id="line-416"></span>
<span class="source-line-no">417</span><span id="line-417"> /**</span>
<span class="source-line-no">418</span><span id="line-418"> * Verify the access for /logs, /stacks, /conf, /logLevel and /metrics servlets, when</span>
<span class="source-line-no">419</span><span id="line-419"> * authentication filters are set, but authorization is not enabled.</span>
<span class="source-line-no">420</span><span id="line-420"> */</span>
<span class="source-line-no">421</span><span id="line-421"> @Test</span>
<span class="source-line-no">422</span><span id="line-422"> @Ignore</span>
<span class="source-line-no">423</span><span id="line-423"> public void testDisabledAuthorizationOfDefaultServlets() throws Exception {</span>
<span class="source-line-no">424</span><span id="line-424"> Configuration conf = new Configuration();</span>
<span class="source-line-no">425</span><span id="line-425"></span>
<span class="source-line-no">426</span><span id="line-426"> // Authorization is disabled by default</span>
<span class="source-line-no">427</span><span id="line-427"> conf.set(HttpServer.FILTER_INITIALIZERS_PROPERTY, DummyFilterInitializer.class.getName());</span>
<span class="source-line-no">428</span><span id="line-428"> conf.set(CommonConfigurationKeys.HADOOP_SECURITY_GROUP_MAPPING,</span>
<span class="source-line-no">429</span><span id="line-429"> MyGroupsProvider.class.getName());</span>
<span class="source-line-no">430</span><span id="line-430"> Groups.getUserToGroupsMappingService(conf);</span>
<span class="source-line-no">431</span><span id="line-431"> MyGroupsProvider.clearMapping();</span>
<span class="source-line-no">432</span><span id="line-432"> MyGroupsProvider.mapping.put("userA", Collections.singletonList("groupA"));</span>
<span class="source-line-no">433</span><span id="line-433"> MyGroupsProvider.mapping.put("userB", Collections.singletonList("groupB"));</span>
<span class="source-line-no">434</span><span id="line-434"></span>
<span class="source-line-no">435</span><span id="line-435"> HttpServer myServer = new HttpServer.Builder().setName("test")</span>
<span class="source-line-no">436</span><span id="line-436"> .addEndpoint(new URI("http://localhost:0")).setFindPort(true).build();</span>
<span class="source-line-no">437</span><span id="line-437"> myServer.setAttribute(HttpServer.CONF_CONTEXT_ATTRIBUTE, conf);</span>
<span class="source-line-no">438</span><span id="line-438"> myServer.start();</span>
<span class="source-line-no">439</span><span id="line-439"> String serverURL =</span>
<span class="source-line-no">440</span><span id="line-440"> "http://" + NetUtils.getHostPortString(myServer.getConnectorAddress(0)) + "/";</span>
<span class="source-line-no">441</span><span id="line-441"> for (String servlet : new String[] { "conf", "logs", "stacks", "logLevel", "metrics" }) {</span>
<span class="source-line-no">442</span><span id="line-442"> for (String user : new String[] { "userA", "userB" }) {</span>
<span class="source-line-no">443</span><span id="line-443"> assertEquals(HttpURLConnection.HTTP_OK, getHttpStatusCode(serverURL + servlet, user));</span>
<span class="source-line-no">444</span><span id="line-444"> }</span>
<span class="source-line-no">445</span><span id="line-445"> }</span>
<span class="source-line-no">446</span><span id="line-446"> myServer.stop();</span>
<span class="source-line-no">447</span><span id="line-447"> }</span>
<span class="source-line-no">448</span><span id="line-448"></span>
<span class="source-line-no">449</span><span id="line-449"> /**</span>
<span class="source-line-no">450</span><span id="line-450"> * Verify the administrator access for /logs, /stacks, /conf, /logLevel and /metrics servlets.</span>
<span class="source-line-no">451</span><span id="line-451"> */</span>
<span class="source-line-no">452</span><span id="line-452"> @Test</span>
<span class="source-line-no">453</span><span id="line-453"> @Ignore</span>
<span class="source-line-no">454</span><span id="line-454"> public void testAuthorizationOfDefaultServlets() throws Exception {</span>
<span class="source-line-no">455</span><span id="line-455"> Configuration conf = new Configuration();</span>
<span class="source-line-no">456</span><span id="line-456"> conf.setBoolean(CommonConfigurationKeys.HADOOP_SECURITY_AUTHORIZATION, true);</span>
<span class="source-line-no">457</span><span id="line-457"> conf.setBoolean(CommonConfigurationKeys.HADOOP_SECURITY_INSTRUMENTATION_REQUIRES_ADMIN, true);</span>
<span class="source-line-no">458</span><span id="line-458"> conf.set(HttpServer.FILTER_INITIALIZERS_PROPERTY, DummyFilterInitializer.class.getName());</span>
<span class="source-line-no">459</span><span id="line-459"></span>
<span class="source-line-no">460</span><span id="line-460"> conf.set(CommonConfigurationKeys.HADOOP_SECURITY_GROUP_MAPPING,</span>
<span class="source-line-no">461</span><span id="line-461"> MyGroupsProvider.class.getName());</span>
<span class="source-line-no">462</span><span id="line-462"> Groups.getUserToGroupsMappingService(conf);</span>
<span class="source-line-no">463</span><span id="line-463"> MyGroupsProvider.clearMapping();</span>
<span class="source-line-no">464</span><span id="line-464"> MyGroupsProvider.mapping.put("userA", Collections.singletonList("groupA"));</span>
<span class="source-line-no">465</span><span id="line-465"> MyGroupsProvider.mapping.put("userB", Collections.singletonList("groupB"));</span>
<span class="source-line-no">466</span><span id="line-466"> MyGroupsProvider.mapping.put("userC", Collections.singletonList("groupC"));</span>
<span class="source-line-no">467</span><span id="line-467"> MyGroupsProvider.mapping.put("userD", Collections.singletonList("groupD"));</span>
<span class="source-line-no">468</span><span id="line-468"> MyGroupsProvider.mapping.put("userE", Collections.singletonList("groupE"));</span>
<span class="source-line-no">469</span><span id="line-469"></span>
<span class="source-line-no">470</span><span id="line-470"> HttpServer myServer = new HttpServer.Builder().setName("test")</span>
<span class="source-line-no">471</span><span id="line-471"> .addEndpoint(new URI("http://localhost:0")).setFindPort(true).setConf(conf)</span>
<span class="source-line-no">472</span><span id="line-472"> .setACL(new AccessControlList("userA,userB groupC,groupD")).build();</span>
<span class="source-line-no">473</span><span id="line-473"> myServer.setAttribute(HttpServer.CONF_CONTEXT_ATTRIBUTE, conf);</span>
<span class="source-line-no">474</span><span id="line-474"> myServer.start();</span>
<span class="source-line-no">475</span><span id="line-475"></span>
<span class="source-line-no">476</span><span id="line-476"> String serverURL =</span>
<span class="source-line-no">477</span><span id="line-477"> "http://" + NetUtils.getHostPortString(myServer.getConnectorAddress(0)) + "/";</span>
<span class="source-line-no">478</span><span id="line-478"> for (String servlet : new String[] { "conf", "logs", "stacks", "logLevel", "metrics" }) {</span>
<span class="source-line-no">479</span><span id="line-479"> for (String user : new String[] { "userA", "userB", "userC", "userD" }) {</span>
<span class="source-line-no">480</span><span id="line-480"> assertEquals(HttpURLConnection.HTTP_OK, getHttpStatusCode(serverURL + servlet, user));</span>
<span class="source-line-no">481</span><span id="line-481"> }</span>
<span class="source-line-no">482</span><span id="line-482"> assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED,</span>
<span class="source-line-no">483</span><span id="line-483"> getHttpStatusCode(serverURL + servlet, "userE"));</span>
<span class="source-line-no">484</span><span id="line-484"> }</span>
<span class="source-line-no">485</span><span id="line-485"> myServer.stop();</span>
<span class="source-line-no">486</span><span id="line-486"> }</span>
<span class="source-line-no">487</span><span id="line-487"></span>
<span class="source-line-no">488</span><span id="line-488"> @Test</span>
<span class="source-line-no">489</span><span id="line-489"> public void testRequestQuoterWithNull() {</span>
<span class="source-line-no">490</span><span id="line-490"> HttpServletRequest request = Mockito.mock(HttpServletRequest.class);</span>
<span class="source-line-no">491</span><span id="line-491"> Mockito.doReturn(null).when(request).getParameterValues("dummy");</span>
<span class="source-line-no">492</span><span id="line-492"> RequestQuoter requestQuoter = new RequestQuoter(request);</span>
<span class="source-line-no">493</span><span id="line-493"> String[] parameterValues = requestQuoter.getParameterValues("dummy");</span>
<span class="source-line-no">494</span><span id="line-494"> Assert.assertNull("It should return null " + "when there are no values for the parameter",</span>
<span class="source-line-no">495</span><span id="line-495"> parameterValues);</span>
<span class="source-line-no">496</span><span id="line-496"> }</span>
<span class="source-line-no">497</span><span id="line-497"></span>
<span class="source-line-no">498</span><span id="line-498"> @Test</span>
<span class="source-line-no">499</span><span id="line-499"> public void testRequestQuoterWithNotNull() {</span>
<span class="source-line-no">500</span><span id="line-500"> HttpServletRequest request = Mockito.mock(HttpServletRequest.class);</span>
<span class="source-line-no">501</span><span id="line-501"> String[] values = new String[] { "abc", "def" };</span>
<span class="source-line-no">502</span><span id="line-502"> Mockito.doReturn(values).when(request).getParameterValues("dummy");</span>
<span class="source-line-no">503</span><span id="line-503"> RequestQuoter requestQuoter = new RequestQuoter(request);</span>
<span class="source-line-no">504</span><span id="line-504"> String[] parameterValues = requestQuoter.getParameterValues("dummy");</span>
<span class="source-line-no">505</span><span id="line-505"> Assert.assertTrue("It should return Parameter Values", Arrays.equals(values, parameterValues));</span>
<span class="source-line-no">506</span><span id="line-506"> }</span>
<span class="source-line-no">507</span><span id="line-507"></span>
<span class="source-line-no">508</span><span id="line-508"> @SuppressWarnings("unchecked")</span>
<span class="source-line-no">509</span><span id="line-509"> private static Map&lt;String, Object&gt; parse(String jsonString) {</span>
<span class="source-line-no">510</span><span id="line-510"> return (Map&lt;String, Object&gt;) JSON.parse(jsonString);</span>
<span class="source-line-no">511</span><span id="line-511"> }</span>
<span class="source-line-no">512</span><span id="line-512"></span>
<span class="source-line-no">513</span><span id="line-513"> @Test</span>
<span class="source-line-no">514</span><span id="line-514"> public void testJersey() throws Exception {</span>
<span class="source-line-no">515</span><span id="line-515"> LOG.info("BEGIN testJersey()");</span>
<span class="source-line-no">516</span><span id="line-516"> final String js = readOutput(new URL(baseUrl, "/jersey/foo?op=bar"));</span>
<span class="source-line-no">517</span><span id="line-517"> final Map&lt;String, Object&gt; m = parse(js);</span>
<span class="source-line-no">518</span><span id="line-518"> LOG.info("m=" + m);</span>
<span class="source-line-no">519</span><span id="line-519"> assertEquals("foo", m.get(JerseyResource.PATH));</span>
<span class="source-line-no">520</span><span id="line-520"> assertEquals("bar", m.get(JerseyResource.OP));</span>
<span class="source-line-no">521</span><span id="line-521"> LOG.info("END testJersey()");</span>
<span class="source-line-no">522</span><span id="line-522"> }</span>
<span class="source-line-no">523</span><span id="line-523"></span>
<span class="source-line-no">524</span><span id="line-524"> @Test</span>
<span class="source-line-no">525</span><span id="line-525"> public void testHasAdministratorAccess() throws Exception {</span>
<span class="source-line-no">526</span><span id="line-526"> Configuration conf = new Configuration();</span>
<span class="source-line-no">527</span><span id="line-527"> conf.setBoolean(CommonConfigurationKeys.HADOOP_SECURITY_AUTHORIZATION, false);</span>
<span class="source-line-no">528</span><span id="line-528"> ServletContext context = Mockito.mock(ServletContext.class);</span>
<span class="source-line-no">529</span><span id="line-529"> Mockito.when(context.getAttribute(HttpServer.CONF_CONTEXT_ATTRIBUTE)).thenReturn(conf);</span>
<span class="source-line-no">530</span><span id="line-530"> Mockito.when(context.getAttribute(HttpServer.ADMINS_ACL)).thenReturn(null);</span>
<span class="source-line-no">531</span><span id="line-531"> HttpServletRequest request = Mockito.mock(HttpServletRequest.class);</span>
<span class="source-line-no">532</span><span id="line-532"> Mockito.when(request.getRemoteUser()).thenReturn(null);</span>
<span class="source-line-no">533</span><span id="line-533"> HttpServletResponse response = Mockito.mock(HttpServletResponse.class);</span>
<span class="source-line-no">534</span><span id="line-534"></span>
<span class="source-line-no">535</span><span id="line-535"> // authorization OFF</span>
<span class="source-line-no">536</span><span id="line-536"> Assert.assertTrue(HttpServer.hasAdministratorAccess(context, request, response));</span>
<span class="source-line-no">537</span><span id="line-537"></span>
<span class="source-line-no">538</span><span id="line-538"> // authorization ON &amp; user NULL</span>
<span class="source-line-no">539</span><span id="line-539"> response = Mockito.mock(HttpServletResponse.class);</span>
<span class="source-line-no">540</span><span id="line-540"> conf.setBoolean(CommonConfigurationKeys.HADOOP_SECURITY_AUTHORIZATION, true);</span>
<span class="source-line-no">541</span><span id="line-541"> Assert.assertFalse(HttpServer.hasAdministratorAccess(context, request, response));</span>
<span class="source-line-no">542</span><span id="line-542"> Mockito.verify(response).sendError(Mockito.eq(HttpServletResponse.SC_UNAUTHORIZED),</span>
<span class="source-line-no">543</span><span id="line-543"> Mockito.anyString());</span>
<span class="source-line-no">544</span><span id="line-544"></span>
<span class="source-line-no">545</span><span id="line-545"> // authorization ON &amp; user NOT NULL &amp; ACLs NULL</span>
<span class="source-line-no">546</span><span id="line-546"> response = Mockito.mock(HttpServletResponse.class);</span>
<span class="source-line-no">547</span><span id="line-547"> Mockito.when(request.getRemoteUser()).thenReturn("foo");</span>
<span class="source-line-no">548</span><span id="line-548"> Assert.assertTrue(HttpServer.hasAdministratorAccess(context, request, response));</span>
<span class="source-line-no">549</span><span id="line-549"></span>
<span class="source-line-no">550</span><span id="line-550"> // authorization ON &amp; user NOT NULL &amp; ACLs NOT NULL &amp; user not in ACLs</span>
<span class="source-line-no">551</span><span id="line-551"> response = Mockito.mock(HttpServletResponse.class);</span>
<span class="source-line-no">552</span><span id="line-552"> AccessControlList acls = Mockito.mock(AccessControlList.class);</span>
<span class="source-line-no">553</span><span id="line-553"> Mockito.when(acls.isUserAllowed(Mockito.&lt;UserGroupInformation&gt; any())).thenReturn(false);</span>
<span class="source-line-no">554</span><span id="line-554"> Mockito.when(context.getAttribute(HttpServer.ADMINS_ACL)).thenReturn(acls);</span>
<span class="source-line-no">555</span><span id="line-555"> Assert.assertFalse(HttpServer.hasAdministratorAccess(context, request, response));</span>
<span class="source-line-no">556</span><span id="line-556"> Mockito.verify(response).sendError(Mockito.eq(HttpServletResponse.SC_FORBIDDEN),</span>
<span class="source-line-no">557</span><span id="line-557"> Mockito.anyString());</span>
<span class="source-line-no">558</span><span id="line-558"></span>
<span class="source-line-no">559</span><span id="line-559"> // authorization ON &amp; user NOT NULL &amp; ACLs NOT NULL &amp; user in in ACLs</span>
<span class="source-line-no">560</span><span id="line-560"> response = Mockito.mock(HttpServletResponse.class);</span>
<span class="source-line-no">561</span><span id="line-561"> Mockito.when(acls.isUserAllowed(Mockito.&lt;UserGroupInformation&gt; any())).thenReturn(true);</span>
<span class="source-line-no">562</span><span id="line-562"> Mockito.when(context.getAttribute(HttpServer.ADMINS_ACL)).thenReturn(acls);</span>
<span class="source-line-no">563</span><span id="line-563"> Assert.assertTrue(HttpServer.hasAdministratorAccess(context, request, response));</span>
<span class="source-line-no">564</span><span id="line-564"></span>
<span class="source-line-no">565</span><span id="line-565"> }</span>
<span class="source-line-no">566</span><span id="line-566"></span>
<span class="source-line-no">567</span><span id="line-567"> @Test</span>
<span class="source-line-no">568</span><span id="line-568"> public void testRequiresAuthorizationAccess() throws Exception {</span>
<span class="source-line-no">569</span><span id="line-569"> Configuration conf = new Configuration();</span>
<span class="source-line-no">570</span><span id="line-570"> ServletContext context = Mockito.mock(ServletContext.class);</span>
<span class="source-line-no">571</span><span id="line-571"> Mockito.when(context.getAttribute(HttpServer.CONF_CONTEXT_ATTRIBUTE)).thenReturn(conf);</span>
<span class="source-line-no">572</span><span id="line-572"> HttpServletRequest request = Mockito.mock(HttpServletRequest.class);</span>
<span class="source-line-no">573</span><span id="line-573"> HttpServletResponse response = Mockito.mock(HttpServletResponse.class);</span>
<span class="source-line-no">574</span><span id="line-574"></span>
<span class="source-line-no">575</span><span id="line-575"> // requires admin access to instrumentation, FALSE by default</span>
<span class="source-line-no">576</span><span id="line-576"> Assert.assertTrue(HttpServer.isInstrumentationAccessAllowed(context, request, response));</span>
<span class="source-line-no">577</span><span id="line-577"></span>
<span class="source-line-no">578</span><span id="line-578"> // requires admin access to instrumentation, TRUE</span>
<span class="source-line-no">579</span><span id="line-579"> conf.setBoolean(CommonConfigurationKeys.HADOOP_SECURITY_INSTRUMENTATION_REQUIRES_ADMIN, true);</span>
<span class="source-line-no">580</span><span id="line-580"> conf.setBoolean(CommonConfigurationKeys.HADOOP_SECURITY_AUTHORIZATION, true);</span>
<span class="source-line-no">581</span><span id="line-581"> AccessControlList acls = Mockito.mock(AccessControlList.class);</span>
<span class="source-line-no">582</span><span id="line-582"> Mockito.when(acls.isUserAllowed(Mockito.&lt;UserGroupInformation&gt; any())).thenReturn(false);</span>
<span class="source-line-no">583</span><span id="line-583"> Mockito.when(context.getAttribute(HttpServer.ADMINS_ACL)).thenReturn(acls);</span>
<span class="source-line-no">584</span><span id="line-584"> Assert.assertFalse(HttpServer.isInstrumentationAccessAllowed(context, request, response));</span>
<span class="source-line-no">585</span><span id="line-585"> }</span>
<span class="source-line-no">586</span><span id="line-586"></span>
<span class="source-line-no">587</span><span id="line-587"> @Test</span>
<span class="source-line-no">588</span><span id="line-588"> public void testBindAddress() throws Exception {</span>
<span class="source-line-no">589</span><span id="line-589"> checkBindAddress("localhost", 0, false).stop();</span>
<span class="source-line-no">590</span><span id="line-590"> // hang onto this one for a bit more testing</span>
<span class="source-line-no">591</span><span id="line-591"> HttpServer myServer = checkBindAddress("localhost", 0, false);</span>
<span class="source-line-no">592</span><span id="line-592"> HttpServer myServer2 = null;</span>
<span class="source-line-no">593</span><span id="line-593"> try {</span>
<span class="source-line-no">594</span><span id="line-594"> int port = myServer.getConnectorAddress(0).getPort();</span>
<span class="source-line-no">595</span><span id="line-595"> // it's already in use, true = expect a higher port</span>
<span class="source-line-no">596</span><span id="line-596"> myServer2 = checkBindAddress("localhost", port, true);</span>
<span class="source-line-no">597</span><span id="line-597"> // try to reuse the port</span>
<span class="source-line-no">598</span><span id="line-598"> port = myServer2.getConnectorAddress(0).getPort();</span>
<span class="source-line-no">599</span><span id="line-599"> myServer2.stop();</span>
<span class="source-line-no">600</span><span id="line-600"> assertNull(myServer2.getConnectorAddress(0)); // not bound</span>
<span class="source-line-no">601</span><span id="line-601"> myServer2.openListeners();</span>
<span class="source-line-no">602</span><span id="line-602"> assertEquals(port, myServer2.getConnectorAddress(0).getPort()); // expect same port</span>
<span class="source-line-no">603</span><span id="line-603"> } finally {</span>
<span class="source-line-no">604</span><span id="line-604"> myServer.stop();</span>
<span class="source-line-no">605</span><span id="line-605"> if (myServer2 != null) {</span>
<span class="source-line-no">606</span><span id="line-606"> myServer2.stop();</span>
<span class="source-line-no">607</span><span id="line-607"> }</span>
<span class="source-line-no">608</span><span id="line-608"> }</span>
<span class="source-line-no">609</span><span id="line-609"> }</span>
<span class="source-line-no">610</span><span id="line-610"></span>
<span class="source-line-no">611</span><span id="line-611"> private HttpServer checkBindAddress(String host, int port, boolean findPort) throws Exception {</span>
<span class="source-line-no">612</span><span id="line-612"> HttpServer server = createServer(host, port);</span>
<span class="source-line-no">613</span><span id="line-613"> try {</span>
<span class="source-line-no">614</span><span id="line-614"> // not bound, ephemeral should return requested port (0 for ephemeral)</span>
<span class="source-line-no">615</span><span id="line-615"> ServerConnector listener = server.getServerConnectors().get(0);</span>
<span class="source-line-no">616</span><span id="line-616"></span>
<span class="source-line-no">617</span><span id="line-617"> assertEquals(port, listener.getPort());</span>
<span class="source-line-no">618</span><span id="line-618"> // verify hostname is what was given</span>
<span class="source-line-no">619</span><span id="line-619"> server.openListeners();</span>
<span class="source-line-no">620</span><span id="line-620"> assertEquals(host, server.getConnectorAddress(0).getHostName());</span>
<span class="source-line-no">621</span><span id="line-621"></span>
<span class="source-line-no">622</span><span id="line-622"> int boundPort = server.getConnectorAddress(0).getPort();</span>
<span class="source-line-no">623</span><span id="line-623"> if (port == 0) {</span>
<span class="source-line-no">624</span><span id="line-624"> assertTrue(boundPort != 0); // ephemeral should now return bound port</span>
<span class="source-line-no">625</span><span id="line-625"> } else if (findPort) {</span>
<span class="source-line-no">626</span><span id="line-626"> assertTrue(boundPort &gt; port);</span>
<span class="source-line-no">627</span><span id="line-627"> // allow a little wiggle room to prevent random test failures if</span>
<span class="source-line-no">628</span><span id="line-628"> // some consecutive ports are already in use</span>
<span class="source-line-no">629</span><span id="line-629"> assertTrue(boundPort - port &lt; 8);</span>
<span class="source-line-no">630</span><span id="line-630"> }</span>
<span class="source-line-no">631</span><span id="line-631"> } catch (Exception e) {</span>
<span class="source-line-no">632</span><span id="line-632"> server.stop();</span>
<span class="source-line-no">633</span><span id="line-633"> throw e;</span>
<span class="source-line-no">634</span><span id="line-634"> }</span>
<span class="source-line-no">635</span><span id="line-635"> return server;</span>
<span class="source-line-no">636</span><span id="line-636"> }</span>
<span class="source-line-no">637</span><span id="line-637"></span>
<span class="source-line-no">638</span><span id="line-638"> @Test</span>
<span class="source-line-no">639</span><span id="line-639"> public void testXFrameHeaderSameOrigin() throws Exception {</span>
<span class="source-line-no">640</span><span id="line-640"> Configuration conf = new Configuration();</span>
<span class="source-line-no">641</span><span id="line-641"> conf.set("hbase.http.filter.xframeoptions.mode", "SAMEORIGIN");</span>
<span class="source-line-no">642</span><span id="line-642"></span>
<span class="source-line-no">643</span><span id="line-643"> HttpServer myServer = new HttpServer.Builder().setName("test")</span>
<span class="source-line-no">644</span><span id="line-644"> .addEndpoint(new URI("http://localhost:0")).setFindPort(true).setConf(conf).build();</span>
<span class="source-line-no">645</span><span id="line-645"> myServer.setAttribute(HttpServer.CONF_CONTEXT_ATTRIBUTE, conf);</span>
<span class="source-line-no">646</span><span id="line-646"> myServer.addUnprivilegedServlet("echo", "/echo", EchoServlet.class);</span>
<span class="source-line-no">647</span><span id="line-647"> myServer.start();</span>
<span class="source-line-no">648</span><span id="line-648"></span>
<span class="source-line-no">649</span><span id="line-649"> String serverURL = "http://" + NetUtils.getHostPortString(myServer.getConnectorAddress(0));</span>
<span class="source-line-no">650</span><span id="line-650"> URL url = new URL(new URL(serverURL), "/echo?a=b&amp;c=d");</span>
<span class="source-line-no">651</span><span id="line-651"> HttpURLConnection conn = (HttpURLConnection) url.openConnection();</span>
<span class="source-line-no">652</span><span id="line-652"> assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());</span>
<span class="source-line-no">653</span><span id="line-653"> assertEquals("SAMEORIGIN", conn.getHeaderField("X-Frame-Options"));</span>
<span class="source-line-no">654</span><span id="line-654"> myServer.stop();</span>
<span class="source-line-no">655</span><span id="line-655"> }</span>
<span class="source-line-no">656</span><span id="line-656"></span>
<span class="source-line-no">657</span><span id="line-657"> @Test</span>
<span class="source-line-no">658</span><span id="line-658"> public void testNoCacheHeader() throws Exception {</span>
<span class="source-line-no">659</span><span id="line-659"> URL url = new URL(baseUrl, "/echo?a=b&amp;c=d");</span>
<span class="source-line-no">660</span><span id="line-660"> HttpURLConnection conn = (HttpURLConnection) url.openConnection();</span>
<span class="source-line-no">661</span><span id="line-661"> assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());</span>
<span class="source-line-no">662</span><span id="line-662"> assertEquals("no-cache", conn.getHeaderField("Cache-Control"));</span>
<span class="source-line-no">663</span><span id="line-663"> assertEquals("no-cache", conn.getHeaderField("Pragma"));</span>
<span class="source-line-no">664</span><span id="line-664"> assertNotNull(conn.getHeaderField("Expires"));</span>
<span class="source-line-no">665</span><span id="line-665"> assertNotNull(conn.getHeaderField("Date"));</span>
<span class="source-line-no">666</span><span id="line-666"> assertEquals(conn.getHeaderField("Expires"), conn.getHeaderField("Date"));</span>
<span class="source-line-no">667</span><span id="line-667"> assertEquals("DENY", conn.getHeaderField("X-Frame-Options"));</span>
<span class="source-line-no">668</span><span id="line-668"> }</span>
<span class="source-line-no">669</span><span id="line-669"></span>
<span class="source-line-no">670</span><span id="line-670"> @Test</span>
<span class="source-line-no">671</span><span id="line-671"> public void testHttpMethods() throws Exception {</span>
<span class="source-line-no">672</span><span id="line-672"> // HTTP TRACE method should be disabled for security</span>
<span class="source-line-no">673</span><span id="line-673"> // See https://www.owasp.org/index.php/Cross_Site_Tracing</span>
<span class="source-line-no">674</span><span id="line-674"> URL url = new URL(baseUrl, "/echo?a=b");</span>
<span class="source-line-no">675</span><span id="line-675"> HttpURLConnection conn = (HttpURLConnection) url.openConnection();</span>
<span class="source-line-no">676</span><span id="line-676"> conn.setRequestMethod("TRACE");</span>
<span class="source-line-no">677</span><span id="line-677"> conn.connect();</span>
<span class="source-line-no">678</span><span id="line-678"> assertEquals(HttpURLConnection.HTTP_FORBIDDEN, conn.getResponseCode());</span>
<span class="source-line-no">679</span><span id="line-679"> }</span>
<span class="source-line-no">680</span><span id="line-680">}</span>
</pre>
</div>
</main>
</body>
</html>