org.apache.hadoop.hbase.http

Class HttpServer

java.lang.Object

org.apache.hadoop.hbase.http.HttpServer

All Implemented Interfaces:

FilterContainer

@InterfaceAudience.Private
 @InterfaceStability.Evolving
public class HttpServer
extends Object
implements FilterContainer

Create a Jetty embedded server to answer http requests. The primary goal is to serve up status information for the server. There are three contexts: "/logs/" -> points to the log directory "/static/" -> points to common static files (src/webapps/static) "/" -> the jsp server code from (src/webapps/<name>)

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	HttpServer.Builder Class to construct instances of HTTP server with specific options.
static class	HttpServer.QuotingInputFilter A Servlet input filter that quotes all HTML active characters in the parameter names and values.
static class	HttpServer.StackServlet A very simple servlet to serve up a text representation of the current stack traces.

Field Summary

Fields

Modifier and Type	Field and Description
static String	ADMINS_ACL
static String	APP_DIR
protected String	appDir
protected boolean	authenticationEnabled
static String	BIND_ADDRESS
static String	CONF_CONTEXT_ATTRIBUTE
protected Map<org.eclipse.jetty.servlet.ServletContextHandler,Boolean>	defaultContexts
protected List<String>	filterNames
protected boolean	findPort
static String	HTTP_AUTHENTICATION_SIGNATURE_SECRET_FILE_KEY
static boolean	HTTP_PRIVILEGED_CONF_DEFAULT
static String	HTTP_PRIVILEGED_CONF_KEY
static String	HTTP_SPNEGO_AUTHENTICATION_ADMIN_GROUPS_KEY
static String	HTTP_SPNEGO_AUTHENTICATION_ADMIN_USERS_KEY
static String	HTTP_SPNEGO_AUTHENTICATION_KEYTAB_KEY
static String	HTTP_SPNEGO_AUTHENTICATION_KRB_NAME_KEY
static String	HTTP_SPNEGO_AUTHENTICATION_PRINCIPAL_KEY
static String	HTTP_UI_AUTHENTICATION
protected String	logDir
static String	NO_CACHE_FILTER
static String	SPNEGO_FILTER
protected org.eclipse.jetty.webapp.WebAppContext	webAppContext
protected org.eclipse.jetty.server.Server	webServer

Constructor Summary

Constructors

Constructor and Description
HttpServer(String name, String bindAddress, int port, boolean findPort) Deprecated.
HttpServer(String name, String bindAddress, int port, boolean findPort, org.apache.hadoop.conf.Configuration conf) Deprecated.
HttpServer(String name, String bindAddress, int port, boolean findPort, org.apache.hadoop.conf.Configuration conf, org.apache.hadoop.security.authorize.AccessControlList adminsAcl) Deprecated.
HttpServer(String name, String bindAddress, int port, boolean findPort, org.apache.hadoop.conf.Configuration conf, org.apache.hadoop.security.authorize.AccessControlList adminsAcl, String[] pathSpecs) Deprecated.
HttpServer(String name, String bindAddress, int port, boolean findPort, org.apache.hadoop.conf.Configuration conf, String[] pathSpecs) Deprecated.

Method Summary

Modifier and Type	Method and Description
protected void	addDefaultApps(org.eclipse.jetty.server.handler.ContextHandlerCollection parent, String appDir, org.apache.hadoop.conf.Configuration conf) Add default apps.
protected void	addDefaultServlets(org.eclipse.jetty.server.handler.ContextHandlerCollection contexts, org.apache.hadoop.conf.Configuration conf) Add default servlets.
void	addFilter(String name, String classname, Map<String,String> parameters) Add a filter to the container.
protected void	addFilterPathMapping(String pathSpec, org.eclipse.jetty.webapp.WebAppContext webAppCtx) Add the path spec to the filter path mapping.
void	addGlobalFilter(String name, String classname, Map<String,String> parameters) Add a global filter to the container - This global filter will be applied to all available web contexts.
void	addJerseyResourcePackage(String packageName, String pathSpec) Add a Jersey resource package.
void	addPrivilegedServlet(String name, String pathSpec, Class<? extends javax.servlet.http.HttpServlet> clazz) Adds a servlet in the server that only administrators can access.
void	addUnprivilegedServlet(String name, String pathSpec, Class<? extends javax.servlet.http.HttpServlet> clazz) Adds a servlet in the server that any user can access.
static void	defineFilter(org.eclipse.jetty.servlet.ServletContextHandler handler, String name, String classname, Map<String,String> parameters, String[] urls) Define a filter for a context and set up default url mappings.
Object	getAttribute(String name) Get the value in the webapp context.
InetSocketAddress	getConnectorAddress(int index) Get the address that corresponds to a particular connector.
int	getPort() Deprecated.
List<org.eclipse.jetty.server.ServerConnector>	getServerConnectors()
org.eclipse.jetty.webapp.WebAppContext	getWebAppContext()
String	getWebAppsPath(String appName)
protected String	getWebAppsPath(String webapps, String appName) Get the pathname to the webapps files.
static boolean	hasAdministratorAccess(org.apache.hadoop.conf.Configuration conf, org.apache.hadoop.security.authorize.AccessControlList acl, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
static boolean	hasAdministratorAccess(javax.servlet.ServletContext servletContext, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Does the user sending the HttpServletRequest has the administrator ACLs? If it isn't the case, response will be modified to send an error to the user.
boolean	isAlive() Test for the availability of the web server
static boolean	isInstrumentationAccessAllowed(javax.servlet.ServletContext servletContext, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Checks the user has privileges to access to instrumentation servlets.
void	join()
void	setAttribute(String name, Object value) Set a value in the webapp context.
void	setThreads(int min, int max) Set the min, max number of worker threads (simultaneous connections).
void	start() Start the server.
void	stop() stop the server
String	toString() Return the host and port of the HttpServer, if live
static boolean	userHasAdministratorAccess(org.apache.hadoop.security.authorize.AccessControlList acl, String remoteUser)
static boolean	userHasAdministratorAccess(javax.servlet.ServletContext servletContext, String remoteUser) Get the admin ACLs from the given ServletContext and check if the given user is in the ACL.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

HTTP_UI_AUTHENTICATION

public static final String HTTP_UI_AUTHENTICATION

See Also:

Constant Field Values

HTTP_SPNEGO_AUTHENTICATION_PRINCIPAL_KEY

public static final String HTTP_SPNEGO_AUTHENTICATION_PRINCIPAL_KEY

See Also:

Constant Field Values

HTTP_SPNEGO_AUTHENTICATION_KEYTAB_KEY

public static final String HTTP_SPNEGO_AUTHENTICATION_KEYTAB_KEY

See Also:

Constant Field Values

HTTP_SPNEGO_AUTHENTICATION_KRB_NAME_KEY

public static final String HTTP_SPNEGO_AUTHENTICATION_KRB_NAME_KEY

See Also:

Constant Field Values

HTTP_AUTHENTICATION_SIGNATURE_SECRET_FILE_KEY

public static final String HTTP_AUTHENTICATION_SIGNATURE_SECRET_FILE_KEY

See Also:

Constant Field Values

HTTP_SPNEGO_AUTHENTICATION_ADMIN_USERS_KEY

public static final String HTTP_SPNEGO_AUTHENTICATION_ADMIN_USERS_KEY

See Also:

Constant Field Values

HTTP_SPNEGO_AUTHENTICATION_ADMIN_GROUPS_KEY

public static final String HTTP_SPNEGO_AUTHENTICATION_ADMIN_GROUPS_KEY

See Also:

Constant Field Values

HTTP_PRIVILEGED_CONF_KEY

public static final String HTTP_PRIVILEGED_CONF_KEY

See Also:

Constant Field Values

HTTP_PRIVILEGED_CONF_DEFAULT

public static final boolean HTTP_PRIVILEGED_CONF_DEFAULT

See Also:

Constant Field Values

CONF_CONTEXT_ATTRIBUTE

public static final String CONF_CONTEXT_ATTRIBUTE

See Also:

Constant Field Values

ADMINS_ACL

public static final String ADMINS_ACL

See Also:

Constant Field Values

BIND_ADDRESS

public static final String BIND_ADDRESS

See Also:

Constant Field Values

SPNEGO_FILTER

public static final String SPNEGO_FILTER

See Also:

Constant Field Values

NO_CACHE_FILTER

public static final String NO_CACHE_FILTER

See Also:

Constant Field Values

APP_DIR

public static final String APP_DIR

See Also:

Constant Field Values

webServer

protected final org.eclipse.jetty.server.Server webServer

appDir

protected String appDir

logDir

protected String logDir

webAppContext

protected final org.eclipse.jetty.webapp.WebAppContext webAppContext

findPort

protected final boolean findPort

defaultContexts

protected final Map<org.eclipse.jetty.servlet.ServletContextHandler,Boolean> defaultContexts

filterNames

protected final List<String> filterNames

authenticationEnabled

protected final boolean authenticationEnabled

Constructor Detail

HttpServer

@Deprecated
public HttpServer(String name,
                              String bindAddress,
                              int port,
                              boolean findPort)
                       throws IOException

Deprecated.

Same as this(name, bindAddress, port, findPort, null);

Throws:

IOException

HttpServer

@Deprecated
public HttpServer(String name,
                              String bindAddress,
                              int port,
                              boolean findPort,
                              org.apache.hadoop.conf.Configuration conf,
                              String[] pathSpecs)
                       throws IOException

Deprecated.

Create a status server on the given port. Allows you to specify the path specifications that this server will be serving so that they will be added to the filters properly.

Parameters:

name - The name of the server

bindAddress - The address for this server

port - The port to use on the server

findPort - whether the server should start at the given port and increment by 1 until it finds a free port.

conf - Configuration

pathSpecs - Path specifications that this httpserver will be serving. These will be added to any filters.

Throws:

IOException

HttpServer

@Deprecated
public HttpServer(String name,
                              String bindAddress,
                              int port,
                              boolean findPort,
                              org.apache.hadoop.conf.Configuration conf)
                       throws IOException

Deprecated.

Create a status server on the given port. The jsp scripts are taken from src/webapps/<name>.

Parameters:

name - The name of the server

port - The port to use on the server

findPort - whether the server should start at the given port and increment by 1 until it finds a free port.

conf - Configuration

Throws:

IOException

HttpServer

@Deprecated
public HttpServer(String name,
                              String bindAddress,
                              int port,
                              boolean findPort,
                              org.apache.hadoop.conf.Configuration conf,
                              org.apache.hadoop.security.authorize.AccessControlList adminsAcl)
                       throws IOException

Deprecated.

Throws:

IOException

HttpServer

@Deprecated
public HttpServer(String name,
                              String bindAddress,
                              int port,
                              boolean findPort,
                              org.apache.hadoop.conf.Configuration conf,
                              org.apache.hadoop.security.authorize.AccessControlList adminsAcl,
                              String[] pathSpecs)
                       throws IOException

Deprecated.

Create a status server on the given port. The jsp scripts are taken from src/webapps/<name>.

Parameters:

name - The name of the server

bindAddress - The address for this server

port - The port to use on the server

findPort - whether the server should start at the given port and increment by 1 until it finds a free port.

conf - Configuration

adminsAcl - AccessControlList of the admins

pathSpecs - Path specifications that this httpserver will be serving. These will be added to any filters.

Throws:

IOException

Method Detail

getServerConnectors

public List<org.eclipse.jetty.server.ServerConnector> getServerConnectors()

addDefaultApps

protected void addDefaultApps(org.eclipse.jetty.server.handler.ContextHandlerCollection parent,
                              String appDir,
                              org.apache.hadoop.conf.Configuration conf)
                       throws IOException

Add default apps.

Parameters:

appDir - The application directory

Throws:

IOException

addDefaultServlets

protected void addDefaultServlets(org.eclipse.jetty.server.handler.ContextHandlerCollection contexts,
                                  org.apache.hadoop.conf.Configuration conf)
                           throws IOException

Add default servlets.

Throws:

IOException

setAttribute

public void setAttribute(String name,
                         Object value)

Set a value in the webapp context. These values are available to the jsp pages as "application.getAttribute(name)".

Parameters:

name - The name of the attribute

value - The value of the attribute

addJerseyResourcePackage

public void addJerseyResourcePackage(String packageName,
                                     String pathSpec)

Add a Jersey resource package.

Parameters:

packageName - The Java package name containing the Jersey resource.

pathSpec - The path spec for the servlet

addUnprivilegedServlet

public void addUnprivilegedServlet(String name,
                                   String pathSpec,
                                   Class<? extends javax.servlet.http.HttpServlet> clazz)

Adds a servlet in the server that any user can access. This method differs from addPrivilegedServlet(String, String, Class) in that any authenticated user can interact with the servlet added by this method.

Parameters:

name - The name of the servlet (can be passed as null)

pathSpec - The path spec for the servlet

clazz - The servlet class

addPrivilegedServlet

public void addPrivilegedServlet(String name,
                                 String pathSpec,
                                 Class<? extends javax.servlet.http.HttpServlet> clazz)

Adds a servlet in the server that only administrators can access. This method differs from addUnprivilegedServlet(String, String, Class) in that only those authenticated user who are identified as administrators can interact with the servlet added by this method.

addFilter

public void addFilter(String name,
                      String classname,
                      Map<String,String> parameters)

Description copied from interface: FilterContainer

Add a filter to the container.

Specified by:

addFilter in interface FilterContainer

Parameters:

name - Filter name

classname - Filter class name

parameters - a map from parameter names to initial values

addGlobalFilter

public void addGlobalFilter(String name,
                            String classname,
                            Map<String,String> parameters)

Description copied from interface: FilterContainer

Add a global filter to the container - This global filter will be applied to all available web contexts.

Specified by:

addGlobalFilter in interface FilterContainer

Parameters:

name - filter name

classname - filter class name

parameters - a map from parameter names to initial values

defineFilter

public static void defineFilter(org.eclipse.jetty.servlet.ServletContextHandler handler,
                                String name,
                                String classname,
                                Map<String,String> parameters,
                                String[] urls)

Define a filter for a context and set up default url mappings.

addFilterPathMapping

protected void addFilterPathMapping(String pathSpec,
                                    org.eclipse.jetty.webapp.WebAppContext webAppCtx)

Add the path spec to the filter path mapping.

Parameters:

pathSpec - The path spec

webAppCtx - The WebApplicationContext to add to

getAttribute

public Object getAttribute(String name)

Get the value in the webapp context.

Parameters:

name - The name of the attribute

Returns:

The value of the attribute

getWebAppContext

public org.eclipse.jetty.webapp.WebAppContext getWebAppContext()

getWebAppsPath

public String getWebAppsPath(String appName)
                      throws FileNotFoundException

Throws:

FileNotFoundException

getWebAppsPath

protected String getWebAppsPath(String webapps,
                                String appName)
                         throws FileNotFoundException

Get the pathname to the webapps files.

Parameters:

appName - eg "secondary" or "datanode"

Returns:

the pathname as a URL

Throws:

FileNotFoundException - if 'webapps' directory cannot be found on CLASSPATH.

getPort

@Deprecated
public int getPort()

Deprecated.

Get the port that the server is on

Returns:

the port

getConnectorAddress

public InetSocketAddress getConnectorAddress(int index)

Get the address that corresponds to a particular connector.

Returns:

the corresponding address for the connector, or null if there's no such connector or the connector is not bounded.

setThreads

public void setThreads(int min,
                       int max)

Set the min, max number of worker threads (simultaneous connections).

start

public void start()
           throws IOException

Start the server. Does not wait for the server to start.

Throws:

IOException

stop

public void stop()
          throws Exception

stop the server

Throws:

Exception

join

public void join()
          throws InterruptedException

Throws:

InterruptedException

isAlive

public boolean isAlive()

Test for the availability of the web server

Returns:

true if the web server is started, false otherwise

toString

public String toString()

Return the host and port of the HttpServer, if live

Overrides:

toString in class Object

Returns:

the classname and any HTTP URL

isInstrumentationAccessAllowed

public static boolean isInstrumentationAccessAllowed(javax.servlet.ServletContext servletContext,
                                                     javax.servlet.http.HttpServletRequest request,
                                                     javax.servlet.http.HttpServletResponse response)
                                              throws IOException

Checks the user has privileges to access to instrumentation servlets.

If hadoop.security.instrumentation.requires.admin is set to FALSE (default value) it always returns TRUE.

If hadoop.security.instrumentation.requires.admin is set to TRUE it will check that if the current user is in the admin ACLS. If the user is in the admin ACLs it returns TRUE, otherwise it returns FALSE.

Parameters:

servletContext - the servlet context.

request - the servlet request.

response - the servlet response.

Returns:

TRUE/FALSE based on the logic decribed above.

Throws:

IOException

hasAdministratorAccess

public static boolean hasAdministratorAccess(javax.servlet.ServletContext servletContext,
                                             javax.servlet.http.HttpServletRequest request,
                                             javax.servlet.http.HttpServletResponse response)
                                      throws IOException

Does the user sending the HttpServletRequest has the administrator ACLs? If it isn't the case, response will be modified to send an error to the user.

Parameters:

servletContext -

request -

response - used to send the error response if user does not have admin access.

Returns:

true if admin-authorized, false otherwise

Throws:

IOException

hasAdministratorAccess

public static boolean hasAdministratorAccess(org.apache.hadoop.conf.Configuration conf,
                                             org.apache.hadoop.security.authorize.AccessControlList acl,
                                             javax.servlet.http.HttpServletRequest request,
                                             javax.servlet.http.HttpServletResponse response)
                                      throws IOException

Throws:

IOException

userHasAdministratorAccess

public static boolean userHasAdministratorAccess(javax.servlet.ServletContext servletContext,
                                                 String remoteUser)

Get the admin ACLs from the given ServletContext and check if the given user is in the ACL.

Parameters:

servletContext - the context containing the admin ACL.

remoteUser - the remote user to check for.

Returns:

true if the user is present in the ACL, false if no ACL is set or the user is not present

userHasAdministratorAccess

public static boolean userHasAdministratorAccess(org.apache.hadoop.security.authorize.AccessControlList acl,
                                                 String remoteUser)