From 15a4a26fdd8b65bfe7c783f9f756f852ea05e4f9 Mon Sep 17 00:00:00 2001 From: Bilwa ST Date: Sat, 16 Dec 2023 00:52:57 +0530 Subject: [PATCH] HADOOP-18603 NPE in LdapAuthenticationHandler as disableHostNameVerification is never initialized. --- .../server/LdapAuthenticationHandler.java | 17 +++++++++++++++++ .../server/TestLdapAuthenticationHandler.java | 5 +++++ 2 files changed, 22 insertions(+) diff --git a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/LdapAuthenticationHandler.java b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/LdapAuthenticationHandler.java index 60a62f1a102b5..223c2f50fd424 100644 --- a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/LdapAuthenticationHandler.java +++ b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/LdapAuthenticationHandler.java @@ -100,6 +100,12 @@ public class LdapAuthenticationHandler implements AuthenticationHandler { */ public static final String ENABLE_START_TLS = TYPE + ".enablestarttls"; + /** + * Constant for disabling the host name verification for this handler. + */ + private static final String DISABLE_HOSTNAME_VERIFICATION = TYPE + + ".hostname.verification.disable"; + private String ldapDomain; private String baseDN; private String providerUrl; @@ -130,6 +136,15 @@ public void setDisableHostNameVerification( this.disableHostNameVerification = disableHostNameVerification; } + /** + * To get the configured value for Host name verification for this handler. + * This method is introduced only for unit testing. + */ + @VisibleForTesting + boolean getDisableHostNameVerification() { + return disableHostNameVerification; + } + @Override public String getType() { return TYPE; @@ -142,6 +157,8 @@ public void init(Properties config) throws ServletException { this.ldapDomain = config.getProperty(LDAP_BIND_DOMAIN); this.enableStartTls = Boolean.valueOf(config.getProperty(ENABLE_START_TLS, "false")); + this.disableHostNameVerification = + Boolean.valueOf(config.getProperty(DISABLE_HOSTNAME_VERIFICATION, "false")); if (this.providerUrl == null) { throw new NullPointerException("The LDAP URI can not be null"); diff --git a/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestLdapAuthenticationHandler.java b/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestLdapAuthenticationHandler.java index 59aef5a688363..b415344cbaf9c 100644 --- a/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestLdapAuthenticationHandler.java +++ b/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestLdapAuthenticationHandler.java @@ -136,6 +136,11 @@ public void testRequestWithAuthorization() throws Exception { Assert.assertEquals("bjones", token.getName()); } + @Test + public void testDisableHostNameVerifyConf() throws Exception { + Assert.assertNotNull(handler.getDisableHostNameVerification()); + } + @Test(timeout = 60000) public void testRequestWithWrongCredentials() throws Exception { HttpServletRequest request = Mockito.mock(HttpServletRequest.class);