azkaban-aplcache
Changes
build.gradle 2(+1 -1)
Details
build.gradle 2(+1 -1)
diff --git a/build.gradle b/build.gradle
index fe5400e..989c460 100644
--- a/build.gradle
+++ b/build.gradle
@@ -48,7 +48,7 @@ configurations {
}
}
-pegasusVersion = '1.13.4'
+pegasusVersion = '1.15.7'
dependencies {
compile (
diff --git a/src/restli/java/azkaban/restli/ProjectManagerResource.java b/src/restli/java/azkaban/restli/ProjectManagerResource.java
index 6a93395..c70696a 100644
--- a/src/restli/java/azkaban/restli/ProjectManagerResource.java
+++ b/src/restli/java/azkaban/restli/ProjectManagerResource.java
@@ -48,7 +48,8 @@ public class ProjectManagerResource extends ResourceContextHolder {
", projectName: " + projectName +
", packageUrl:" + packageUrl + "}");
- User user = ResourceUtils.getUserFromSessionId(sessionId);
+ String ip = (String)this.getContext().getRawRequestContext().getLocalAttr("REMOTE_ADDR");
+ User user = ResourceUtils.getUserFromSessionId(sessionId, ip);
ProjectManager projectManager = getAzkaban().getProjectManager();
Project project = projectManager.getProject(projectName);
if (project == null) {
diff --git a/src/restli/java/azkaban/restli/ResourceUtils.java b/src/restli/java/azkaban/restli/ResourceUtils.java
index 609f5cb..4d482d1 100644
--- a/src/restli/java/azkaban/restli/ResourceUtils.java
+++ b/src/restli/java/azkaban/restli/ResourceUtils.java
@@ -28,11 +28,14 @@ public class ResourceUtils {
return false;
}
- public static User getUserFromSessionId(String sessionId) throws UserManagerException {
+ public static User getUserFromSessionId(String sessionId, String ip) throws UserManagerException {
Session session = AzkabanWebServer.getInstance().getSessionCache().getSession(sessionId);
if (session == null) {
throw new UserManagerException("Invalid session. Login required");
}
+ else if (!session.getIp().equals(ip)) {
+ throw new UserManagerException("Invalid session. Session expired.");
+ }
return session.getUser();
}
diff --git a/src/restli/java/azkaban/restli/UserManagerResource.java b/src/restli/java/azkaban/restli/UserManagerResource.java
index e80967d..4903b35 100644
--- a/src/restli/java/azkaban/restli/UserManagerResource.java
+++ b/src/restli/java/azkaban/restli/UserManagerResource.java
@@ -1,27 +1,12 @@
package azkaban.restli;
-import java.io.BufferedInputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.security.KeyFactory;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.spec.X509EncodedKeySpec;
import java.util.UUID;
-
-import javax.crypto.Cipher;
import javax.servlet.ServletException;
-
-import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.io.IOUtils;
import org.apache.log4j.Logger;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
import azkaban.restli.user.User;
import azkaban.user.UserManager;
import azkaban.user.UserManagerException;
-import azkaban.utils.cache.Cache;
-import azkaban.utils.cache.CacheManager;
import azkaban.webapp.AzkabanWebServer;
import azkaban.webapp.session.Session;
@@ -44,7 +29,10 @@ public class UserManagerResource extends ResourceContextHolder {
@ActionParam("username") String username,
@ActionParam("password") String password)
throws UserManagerException, ServletException {
- String ip = this.getContext().getRequestHeaders().get("client_ip");
+ String ip = (String)this.getContext().getRawRequestContext().getLocalAttr("REMOTE_ADDR");
+ for(String key : this.getContext().getRawRequestContext().getLocalAttrs().keySet()) {
+ System.out.println("Key: " + key + ", Value: " + this.getContext().getRawRequestContext().getLocalAttr(key));
+ }
logger.info("Attempting to login for " + username + " from ip '" + ip + "'");
Session session = createSession(username, password, ip);
@@ -92,25 +80,4 @@ public class UserManagerResource extends ResourceContextHolder {
return session;
}
-
- /**
- *
- */
- private static class LoginChallenge {
- private final String user;
- private final String challenge;
-
- public LoginChallenge(String user, String challenge) {
- this.user = user;
- this.challenge = challenge;
- }
-
- public String getUser() {
- return user;
- }
-
- public String getChallenge() {
- return challenge;
- }
- }
}
\ No newline at end of file