HADOOP-19212 [JDK23] org.apache.hadoop.security.UserGroupInformation …

dev-support/bin/hadoop.sh

@@ -582,6 +582,7 @@ function shadedclient_rebuild
 
   extra=(
     "-Dtest=NoUnitTests"
+    "-Dsurefire.failIfNoSpecifiedTests=false"
     "-Dmaven.javadoc.skip=true"
     "-Dcheckstyle.skip=true"
     "-Dspotbugs.skip=true"
@@ -619,7 +620,7 @@ function shadedclient_rebuild
   echo_and_redirect "${logfile}" \
     "${MAVEN}" "${MAVEN_ARGS[@]}" verify -fae --batch-mode -am \
       "${modules[@]}" \
-      -DskipShade -Dtest=NoUnitTests -Dmaven.javadoc.skip=true -Dcheckstyle.skip=true \
+      -DskipShade -Dtest=NoUnitTests -Dsurefire.failIfNoSpecifiedTests=false -Dmaven.javadoc.skip=true -Dcheckstyle.skip=true \
       -Dspotbugs.skip=true ${extra[*]}
 
   count=$("${GREP}" -c '\[ERROR\]' "${logfile}")

hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java

@@ -19,6 +19,7 @@
 import org.apache.hadoop.security.authentication.server.HttpConstants;
 import org.apache.hadoop.security.authentication.util.AuthToken;
 import org.apache.hadoop.security.authentication.util.KerberosUtil;
+import org.apache.hadoop.util.SubjectUtil;
 import org.ietf.jgss.GSSContext;
 import org.ietf.jgss.GSSManager;
 import org.ietf.jgss.GSSName;
@@ -35,12 +36,10 @@
 import java.io.IOException;
 import java.net.HttpURLConnection;
 import java.net.URL;
-import java.security.AccessControlContext;
-import java.security.AccessController;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.concurrent.Callable;
+import java.util.concurrent.CompletionException;
 
 import static org.apache.hadoop.util.PlatformName.IBM_JAVA;
 
@@ -300,8 +299,7 @@ private boolean isNegotiate(HttpURLConnection conn) throws IOException {
   private void doSpnegoSequence(final AuthenticatedURL.Token token)
       throws IOException, AuthenticationException {
     try {
-      AccessControlContext context = AccessController.getContext();
-      Subject subject = Subject.getSubject(context);
+      Subject subject = SubjectUtil.current();
       if (subject == null
           || (!KerberosUtil.hasKerberosKeyTab(subject)
               && !KerberosUtil.hasKerberosTicket(subject))) {
@@ -315,10 +313,10 @@ private void doSpnegoSequence(final AuthenticatedURL.Token token)
       if (LOG.isDebugEnabled()) {
         LOG.debug("Using subject: " + subject);
       }
-      Subject.doAs(subject, new PrivilegedExceptionAction<Void>() {
+      SubjectUtil.callAs(subject, new Callable<Void>() {
 
         @Override
-        public Void run() throws Exception {
+        public Void call() throws Exception {
           GSSContext gssContext = null;
           try {
             GSSManager gssManager = GSSManager.getInstance();
@@ -361,11 +359,11 @@ public Void run() throws Exception {
           return null;
         }
       });
-    } catch (PrivilegedActionException ex) {
-      if (ex.getException() instanceof IOException) {
-        throw (IOException) ex.getException();
+    } catch (CompletionException ex) {
+      if (ex.getCause() instanceof IOException) {
+        throw (IOException) ex.getCause();
       } else {
-        throw new AuthenticationException(ex.getException());
+        throw new AuthenticationException(ex.getCause());
       }
     } catch (LoginException ex) {
       throw new AuthenticationException(ex);

hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.java

@@ -19,6 +19,7 @@
 import org.apache.commons.codec.binary.Base64;
 import org.apache.hadoop.security.authentication.util.KerberosName;
 import org.apache.hadoop.security.authentication.util.KerberosUtil;
+import org.apache.hadoop.util.SubjectUtil;
 import org.ietf.jgss.GSSException;
 import org.ietf.jgss.GSSContext;
 import org.ietf.jgss.GSSCredential;
@@ -43,6 +44,8 @@
 import java.util.HashSet;
 import java.util.Properties;
 import java.util.Set;
+import java.util.concurrent.Callable;
+import java.util.concurrent.CompletionException;
 import java.util.regex.Pattern;
 
 /**
@@ -201,15 +204,20 @@ public void init(Properties config) throws ServletException {
       }
 
       try {
-        gssManager = Subject.doAs(serverSubject,
-            new PrivilegedExceptionAction<GSSManager>() {
+        gssManager = SubjectUtil.callAs(serverSubject,
+            new Callable<GSSManager>() {
               @Override
-              public GSSManager run() throws Exception {
+              public GSSManager call() throws Exception {
                 return GSSManager.getInstance();
               }
             });
-      } catch (PrivilegedActionException ex) {
-        throw ex.getException();
+      } catch (CompletionException ex) {
+        Throwable cause = ex.getCause();
+        if (cause instanceof Exception) {
+          throw (Exception)cause;
+        } else {
+          throw new RuntimeException(ex.getCause());
+        }
       }
     } catch (Exception ex) {
       throw new ServletException(ex);
@@ -334,19 +342,19 @@ public AuthenticationToken authenticate(HttpServletRequest request,
               "Invalid server principal " + serverPrincipal +
               "decoded from client request");
         }
-        token = Subject.doAs(serverSubject,
-            new PrivilegedExceptionAction<AuthenticationToken>() {
+        token = SubjectUtil.callAs(serverSubject,
+            new Callable<AuthenticationToken>() {
               @Override
-              public AuthenticationToken run() throws Exception {
+              public AuthenticationToken call() throws Exception {
                 return runWithPrincipal(serverPrincipal, clientToken,
                       base64, response);
               }
             });
-      } catch (PrivilegedActionException ex) {
-        if (ex.getException() instanceof IOException) {
-          throw (IOException) ex.getException();
+      } catch (CompletionException ex) {
+        if (ex.getCause() instanceof IOException) {
+          throw (IOException) ex.getCause();
         } else {
-          throw new AuthenticationException(ex.getException());
+          throw new AuthenticationException(ex.getCause());
         }
       } catch (Exception ex) {
         throw new AuthenticationException(ex);

hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/util/SubjectUtil.java

@@ -0,0 +1,250 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.util;
+
+import java.lang.invoke.MethodHandle;
+import java.lang.invoke.MethodHandles;
+import java.lang.invoke.MethodType;
+import java.lang.reflect.UndeclaredThrowableException;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+import java.util.concurrent.Callable;
+import java.util.concurrent.CompletionException;
+
+import javax.security.auth.Subject;
+
+import org.apache.hadoop.classification.InterfaceAudience;
+
+@InterfaceAudience.Private()
+public class SubjectUtil {
+	private static final MethodHandle CALL_AS = lookupCallAs();
+	private static final MethodHandle CURRENT = lookupCurrent();
+	private static boolean HAS_CALL_AS = true;
+
+	private SubjectUtil() {
+	}
+
+	private static MethodHandle lookupCallAs() {
+		MethodHandles.Lookup lookup = MethodHandles.lookup();
+		try {
+			try {
+				// Subject.doAs() is deprecated for removal and replaced by Subject.callAs().
+				// Lookup first the new API, since for Java versions where both exist, the
+				// new API delegates to the old API (for example Java 18, 19 and 20).
+				// Otherwise (Java 17), lookup the old API.
+				return lookup.findStatic(Subject.class, "callAs",
+						MethodType.methodType(Object.class, Subject.class, Callable.class));
+			} catch (NoSuchMethodException x) {
+			  HAS_CALL_AS = false;
+				try {
+					// Lookup the old API.
+					MethodType oldSignature = MethodType.methodType(Object.class, Subject.class,
+							PrivilegedExceptionAction.class);
+					MethodHandle doAs = lookup.findStatic(Subject.class, "doAs", oldSignature);
+					// Convert the Callable used in the new API to the PrivilegedAction used in the
+					// old
+					// API.
+					MethodType convertSignature = MethodType.methodType(PrivilegedExceptionAction.class,
+							Callable.class);
+					MethodHandle converter = lookup.findStatic(SubjectUtil.class, "callableToPrivilegedExceptionAction",
+							convertSignature);
+					return MethodHandles.filterArguments(doAs, 1, converter);
+				} catch (NoSuchMethodException e) {
+					throw new AssertionError(e);
+				}
+			}
+		} catch (IllegalAccessException e) {
+			throw new AssertionError(e);
+		}
+	}
+
+	private static MethodHandle lookupCurrent() {
+		MethodHandles.Lookup lookup = MethodHandles.lookup();
+		try {
+			// Subject.getSubject(AccessControlContext) is deprecated for removal and
+			// replaced by
+			// Subject.current().
+			// Lookup first the new API, since for Java versions where both exists, the
+			// new API delegates to the old API (for example Java 18, 19 and 20).
+			// Otherwise (Java 17), lookup the old API.
+			return lookup.findStatic(Subject.class, "current", MethodType.methodType(Subject.class));
+		} catch (NoSuchMethodException e) {
+			MethodHandle getContext = lookupGetContext();
+			MethodHandle getSubject = lookupGetSubject();
+			return MethodHandles.filterReturnValue(getContext, getSubject);
+		} catch (IllegalAccessException e) {
+			throw new AssertionError(e);
+		}
+	}
+
+	private static MethodHandle lookupGetSubject() {
+		MethodHandles.Lookup lookup = MethodHandles.lookup();
+		try {
+			Class<?> contextklass = ClassLoader.getSystemClassLoader().loadClass("java.security.AccessControlContext");
+			return lookup.findStatic(Subject.class, "getSubject", MethodType.methodType(Subject.class, contextklass));
+		} catch (ClassNotFoundException | NoSuchMethodException | IllegalAccessException e) {
+			throw new AssertionError(e);
+		}
+	}
+
+	private static MethodHandle lookupGetContext() {
+		try {
+			// Use reflection to work with Java versions that have and don't have
+			// AccessController.
+			Class<?> controllerKlass = ClassLoader.getSystemClassLoader().loadClass("java.security.AccessController");
+			Class<?> contextklass = ClassLoader.getSystemClassLoader().loadClass("java.security.AccessControlContext");
+
+			MethodHandles.Lookup lookup = MethodHandles.lookup();
+			return lookup.findStatic(controllerKlass, "getContext", MethodType.methodType(contextklass));
+		} catch (ClassNotFoundException | NoSuchMethodException | IllegalAccessException e) {
+			throw new AssertionError(e);
+		}
+	}
+
+	/**
+	 * Maps to Subject.callAs() if available, otherwise maps to Subject.doAs().
+	 * It also wraps the Callable so that the Subject is propagated to the new thread
+	 * in all Java versions.
+	 * 
+	 * @param subject the subject this action runs as
+	 * @param action  the action to run
+	 * @return the result of the action
+	 * @param <T> the type of the result
+	 * @throws CompletionException
+	 */
+	public static <T> T callAs(Subject subject, Callable<T> action) throws CompletionException {
+		try {
+			return (T) CALL_AS.invoke(subject, action);
+		} catch (PrivilegedActionException e) {
+			throw new CompletionException(e.getCause());
+		} catch (Throwable t) {
+			throw sneakyThrow(t);
+		}
+	}
+
+	/**
+	 * Maps action to a Callable, and delegates to callAs(). On older JVMs, the
+	 * action may be double wrapped (into Callable, and then back into
+	 * PrivilegedAction).
+	 * 
+	 * @param subject the subject this action runs as
+	 * @param action action  the action to run
+	 * @return the result of the action
+	 */
+	public static <T> T doAs(Subject subject, PrivilegedAction<T> action) {
+		return callAs(subject, privilegedActionToCallable(action));
+	}
+
+	 /**
+   * Maps action to a Callable, and delegates to callAs(). On older JVMs, the
+   * action may be double wrapped (into Callable, and then back into
+   * PrivilegedAction).
+   * 
+   * @param subject the subject this action runs as
+   * @param action action  the action to run
+   * @return the result of the action
+   */
+	public static <T> T doAs(Subject subject, PrivilegedExceptionAction<T> action) throws PrivilegedActionException {
+		try {
+			return callAs(subject, privilegedExceptionActionToCallable(action));
+		} catch (CompletionException ce) {
+			try {
+				Exception cause = (Exception) (ce.getCause());
+				throw new PrivilegedActionException(cause);
+			} catch (ClassCastException castException) {
+				// This should never happen, as PrivilegedExceptionAction should not wrap
+				// non-checked exceptions
+				throw new PrivilegedActionException(new UndeclaredThrowableException(ce.getCause()));
+			}
+		}
+	}
+
+	/**
+	 * Maps to Subject.currect() is available, otherwise maps to
+	 * Subject.getSubject()
+	 * 
+	 * @return the current subject
+	 */
+	public static Subject current() {
+		try {
+			return (Subject) CURRENT.invoke();
+		} catch (Throwable t) {
+			throw sneakyThrow(t);
+		}
+	}
+
+  /**
+   * Wraps Runnable in callAs() to preserve pre-JEP486 behaviour
+   * 
+   * Note that this snapshots the subject at the time wrap() is called.
+   * If the subject is changed between calling this and starting the thread,
+   * that is going to be ignored.
+   * 
+   * @param r Runnable
+   * @return r wrapped in callAs()
+   */
+  public static Runnable wrap(Runnable r) {
+    if (!HAS_CALL_AS) {
+      return r;
+    }
+    Subject s = current();
+    return () -> callAs(s, () -> {
+      r.run();
+      return null;
+    });
+  }
+
+  /**
+   * Wraps Callable in callAs() to preserve pre-JEP486 behaviour
+   * 
+   * Note that this snapshots the subject at the time wrap() is called.
+   * If the subject is changed between calling this and starting the thread,
+   * that is going to be ignored.
+   * 
+   * @param <T> the return type of the Callable
+   * @param c Callable
+   * @return c wrapped in callAs()
+   */
+  public static <T> Callable<T> wrap(Callable<T> c) {
+    if (!HAS_CALL_AS) {
+      return c;
+    }
+    Subject s = current();
+    return () -> callAs(s, () -> c.call());
+  }
+
+	@SuppressWarnings("unused")
+	private static <T> PrivilegedExceptionAction<T> callableToPrivilegedExceptionAction(Callable<T> callable) {
+		return callable::call;
+	}
+
+	private static <T> Callable<T> privilegedExceptionActionToCallable(PrivilegedExceptionAction<T> action) {
+		return action::run;
+	}
+
+	private static <T> Callable<T> privilegedActionToCallable(PrivilegedAction<T> action) {
+		return action::run;
+	}
+
+	@SuppressWarnings("unchecked")
+	private static <E extends Throwable> RuntimeException sneakyThrow(Throwable e) throws E {
+		throw (E) e;
+	}
+}