001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.http;
019
020import java.io.FileNotFoundException;
021import java.io.IOException;
022import java.io.InterruptedIOException;
023import java.io.PrintStream;
024import java.net.BindException;
025import java.net.InetSocketAddress;
026import java.net.URI;
027import java.net.URISyntaxException;
028import java.net.URL;
029import java.nio.file.Files;
030import java.nio.file.Path;
031import java.nio.file.Paths;
032import java.util.ArrayList;
033import java.util.Collections;
034import java.util.Enumeration;
035import java.util.HashMap;
036import java.util.List;
037import java.util.Map;
038import java.util.stream.Collectors;
039import javax.servlet.Filter;
040import javax.servlet.FilterChain;
041import javax.servlet.FilterConfig;
042import javax.servlet.Servlet;
043import javax.servlet.ServletContext;
044import javax.servlet.ServletException;
045import javax.servlet.ServletRequest;
046import javax.servlet.ServletResponse;
047import javax.servlet.http.HttpServlet;
048import javax.servlet.http.HttpServletRequest;
049import javax.servlet.http.HttpServletRequestWrapper;
050import javax.servlet.http.HttpServletResponse;
051import org.apache.hadoop.HadoopIllegalArgumentException;
052import org.apache.hadoop.conf.Configuration;
053import org.apache.hadoop.fs.CommonConfigurationKeys;
054import org.apache.hadoop.hbase.HBaseInterfaceAudience;
055import org.apache.hadoop.hbase.http.conf.ConfServlet;
056import org.apache.hadoop.hbase.http.log.LogLevel;
057import org.apache.hadoop.hbase.util.ReflectionUtils;
058import org.apache.hadoop.hbase.util.Threads;
059import org.apache.hadoop.security.AuthenticationFilterInitializer;
060import org.apache.hadoop.security.SecurityUtil;
061import org.apache.hadoop.security.UserGroupInformation;
062import org.apache.hadoop.security.authentication.server.AuthenticationFilter;
063import org.apache.hadoop.security.authorize.AccessControlList;
064import org.apache.hadoop.security.authorize.ProxyUsers;
065import org.apache.hadoop.util.Shell;
066import org.apache.hadoop.util.StringUtils;
067import org.apache.yetus.audience.InterfaceAudience;
068import org.apache.yetus.audience.InterfaceStability;
069import org.slf4j.Logger;
070import org.slf4j.LoggerFactory;
071
072import org.apache.hbase.thirdparty.com.google.common.base.Preconditions;
073import org.apache.hbase.thirdparty.com.google.common.collect.ImmutableMap;
074import org.apache.hbase.thirdparty.com.google.common.collect.Lists;
075import org.apache.hbase.thirdparty.org.eclipse.jetty.http.HttpVersion;
076import org.apache.hbase.thirdparty.org.eclipse.jetty.server.Handler;
077import org.apache.hbase.thirdparty.org.eclipse.jetty.server.HttpConfiguration;
078import org.apache.hbase.thirdparty.org.eclipse.jetty.server.HttpConnectionFactory;
079import org.apache.hbase.thirdparty.org.eclipse.jetty.server.RequestLog;
080import org.apache.hbase.thirdparty.org.eclipse.jetty.server.SecureRequestCustomizer;
081import org.apache.hbase.thirdparty.org.eclipse.jetty.server.Server;
082import org.apache.hbase.thirdparty.org.eclipse.jetty.server.ServerConnector;
083import org.apache.hbase.thirdparty.org.eclipse.jetty.server.SslConnectionFactory;
084import org.apache.hbase.thirdparty.org.eclipse.jetty.server.SymlinkAllowedResourceAliasChecker;
085import org.apache.hbase.thirdparty.org.eclipse.jetty.server.handler.ContextHandlerCollection;
086import org.apache.hbase.thirdparty.org.eclipse.jetty.server.handler.ErrorHandler;
087import org.apache.hbase.thirdparty.org.eclipse.jetty.server.handler.HandlerCollection;
088import org.apache.hbase.thirdparty.org.eclipse.jetty.server.handler.RequestLogHandler;
089import org.apache.hbase.thirdparty.org.eclipse.jetty.server.handler.gzip.GzipHandler;
090import org.apache.hbase.thirdparty.org.eclipse.jetty.servlet.DefaultServlet;
091import org.apache.hbase.thirdparty.org.eclipse.jetty.servlet.FilterHolder;
092import org.apache.hbase.thirdparty.org.eclipse.jetty.servlet.FilterMapping;
093import org.apache.hbase.thirdparty.org.eclipse.jetty.servlet.ServletContextHandler;
094import org.apache.hbase.thirdparty.org.eclipse.jetty.servlet.ServletHolder;
095import org.apache.hbase.thirdparty.org.eclipse.jetty.util.MultiException;
096import org.apache.hbase.thirdparty.org.eclipse.jetty.util.ssl.SslContextFactory;
097import org.apache.hbase.thirdparty.org.eclipse.jetty.util.thread.QueuedThreadPool;
098import org.apache.hbase.thirdparty.org.eclipse.jetty.webapp.WebAppContext;
099import org.apache.hbase.thirdparty.org.glassfish.jersey.server.ResourceConfig;
100import org.apache.hbase.thirdparty.org.glassfish.jersey.servlet.ServletContainer;
101
102/**
103 * Create a Jetty embedded server to answer http requests. The primary goal is to serve up status
104 * information for the server. There are three contexts: "/logs/" -> points to the log directory
105 * "/static/" -> points to common static files (src/webapps/static) "/" -> the jsp server code
106 * from (src/webapps/<name>)
107 */
108@InterfaceAudience.Private
109@InterfaceStability.Evolving
110public class HttpServer implements FilterContainer {
111  private static final Logger LOG = LoggerFactory.getLogger(HttpServer.class);
112  private static final String EMPTY_STRING = "";
113
114  // Jetty's max header size is Character.MAX_VALUE - 1, See ArrayTernaryTrie for more details
115  // And in newer jetty version, they add a check when creating a server so we must follow this
116  // limitation otherwise the UTs will fail
117  private static final int DEFAULT_MAX_HEADER_SIZE = Character.MAX_VALUE - 1;
118
119  // Add configuration for jetty idle timeout
120  private static final String HTTP_JETTY_IDLE_TIMEOUT = "hbase.ui.connection.idleTimeout";
121  // Default jetty idle timeout
122  private static final long DEFAULT_HTTP_JETTY_IDLE_TIMEOUT = 30000;
123
124  static final String FILTER_INITIALIZERS_PROPERTY = "hbase.http.filter.initializers";
125  static final String HTTP_MAX_THREADS = "hbase.http.max.threads";
126
127  public static final String HTTP_UI_AUTHENTICATION = "hbase.security.authentication.ui";
128  static final String HTTP_AUTHENTICATION_PREFIX = "hbase.security.authentication.";
129  static final String HTTP_SPNEGO_AUTHENTICATION_PREFIX = HTTP_AUTHENTICATION_PREFIX + "spnego.";
130  static final String HTTP_SPNEGO_AUTHENTICATION_PRINCIPAL_SUFFIX = "kerberos.principal";
131  public static final String HTTP_SPNEGO_AUTHENTICATION_PRINCIPAL_KEY =
132    HTTP_SPNEGO_AUTHENTICATION_PREFIX + HTTP_SPNEGO_AUTHENTICATION_PRINCIPAL_SUFFIX;
133  static final String HTTP_SPNEGO_AUTHENTICATION_KEYTAB_SUFFIX = "kerberos.keytab";
134  public static final String HTTP_SPNEGO_AUTHENTICATION_KEYTAB_KEY =
135    HTTP_SPNEGO_AUTHENTICATION_PREFIX + HTTP_SPNEGO_AUTHENTICATION_KEYTAB_SUFFIX;
136  static final String HTTP_SPNEGO_AUTHENTICATION_KRB_NAME_SUFFIX = "kerberos.name.rules";
137  public static final String HTTP_SPNEGO_AUTHENTICATION_KRB_NAME_KEY =
138    HTTP_SPNEGO_AUTHENTICATION_PREFIX + HTTP_SPNEGO_AUTHENTICATION_KRB_NAME_SUFFIX;
139  static final String HTTP_SPNEGO_AUTHENTICATION_PROXYUSER_ENABLE_SUFFIX =
140    "kerberos.proxyuser.enable";
141  public static final String HTTP_SPNEGO_AUTHENTICATION_PROXYUSER_ENABLE_KEY =
142    HTTP_SPNEGO_AUTHENTICATION_PREFIX + HTTP_SPNEGO_AUTHENTICATION_PROXYUSER_ENABLE_SUFFIX;
143  public static final boolean HTTP_SPNEGO_AUTHENTICATION_PROXYUSER_ENABLE_DEFAULT = false;
144  static final String HTTP_AUTHENTICATION_SIGNATURE_SECRET_FILE_SUFFIX = "signature.secret.file";
145  public static final String HTTP_AUTHENTICATION_SIGNATURE_SECRET_FILE_KEY =
146    HTTP_AUTHENTICATION_PREFIX + HTTP_AUTHENTICATION_SIGNATURE_SECRET_FILE_SUFFIX;
147  public static final String HTTP_SPNEGO_AUTHENTICATION_ADMIN_USERS_KEY =
148    HTTP_SPNEGO_AUTHENTICATION_PREFIX + "admin.users";
149  public static final String HTTP_SPNEGO_AUTHENTICATION_ADMIN_GROUPS_KEY =
150    HTTP_SPNEGO_AUTHENTICATION_PREFIX + "admin.groups";
151
152  static final String HTTP_LDAP_AUTHENTICATION_PREFIX = HTTP_AUTHENTICATION_PREFIX + "ldap.";
153  public static final String HTTP_LDAP_AUTHENTICATION_ADMIN_USERS_KEY =
154    HTTP_LDAP_AUTHENTICATION_PREFIX + "admin.users";
155
156  public static final String HTTP_PRIVILEGED_CONF_KEY =
157    "hbase.security.authentication.ui.config.protected";
158  public static final String HTTP_UI_NO_CACHE_ENABLE_KEY = "hbase.http.filter.no-store.enable";
159  public static final boolean HTTP_PRIVILEGED_CONF_DEFAULT = false;
160
161  // The ServletContext attribute where the daemon Configuration
162  // gets stored.
163  public static final String CONF_CONTEXT_ATTRIBUTE = "hbase.conf";
164  public static final String ADMINS_ACL = "admins.acl";
165  public static final String BIND_ADDRESS = "bind.address";
166  public static final String SPNEGO_FILTER = "SpnegoFilter";
167  public static final String SPNEGO_PROXYUSER_FILTER = "SpnegoProxyUserFilter";
168  public static final String NO_CACHE_FILTER = "NoCacheFilter";
169  public static final String APP_DIR = "webapps";
170  public static final String HTTP_UI_SHOW_STACKTRACE_KEY = "hbase.ui.show-stack-traces";
171
172  public static final String METRIC_SERVLETS_CONF_KEY = "hbase.http.metrics.servlets";
173  public static final String[] METRICS_SERVLETS_DEFAULT = { "jmx", "metrics", "prometheus" };
174  private static final ImmutableMap<String,
175    ServletConfig> METRIC_SERVLETS = new ImmutableMap.Builder<String, ServletConfig>()
176      .put("jmx",
177        new ServletConfig("jmx", "/jmx", "org.apache.hadoop.hbase.http.jmx.JMXJsonServlet"))
178      .put("metrics",
179        // MetricsServlet is deprecated in hadoop 2.8 and removed in 3.0. We shouldn't expect it,
180        // so pass false so that we don't create a noisy warn during instantiation.
181        new ServletConfig("metrics", "/metrics", "org.apache.hadoop.metrics.MetricsServlet", false))
182      .put("prometheus", new ServletConfig("prometheus", "/prometheus",
183        "org.apache.hadoop.hbase.http.prometheus.PrometheusHadoopServlet"))
184      .build();
185
186  private final AccessControlList adminsAcl;
187
188  protected final Server webServer;
189  protected String appDir;
190  protected String logDir;
191
192  private static final class ListenerInfo {
193    /**
194     * Boolean flag to determine whether the HTTP server should clean up the listener in stop().
195     */
196    private final boolean isManaged;
197    private final ServerConnector listener;
198
199    private ListenerInfo(boolean isManaged, ServerConnector listener) {
200      this.isManaged = isManaged;
201      this.listener = listener;
202    }
203  }
204
205  private final List<ListenerInfo> listeners = Lists.newArrayList();
206
207  public List<ServerConnector> getServerConnectors() {
208    return listeners.stream().map(info -> info.listener).collect(Collectors.toList());
209  }
210
211  protected final WebAppContext webAppContext;
212  protected final boolean findPort;
213  protected final Map<ServletContextHandler, Boolean> defaultContexts = new HashMap<>();
214  protected final List<String> filterNames = new ArrayList<>();
215  protected final boolean authenticationEnabled;
216  static final String STATE_DESCRIPTION_ALIVE = " - alive";
217  static final String STATE_DESCRIPTION_NOT_LIVE = " - not live";
218
219  /**
220   * Class to construct instances of HTTP server with specific options.
221   */
222  public static class Builder {
223    private ArrayList<URI> endpoints = Lists.newArrayList();
224    private Configuration conf;
225    private String[] pathSpecs;
226    private AccessControlList adminsAcl;
227    private boolean securityEnabled = false;
228    private String usernameConfKey;
229    private String keytabConfKey;
230    private boolean needsClientAuth;
231    private String excludeCiphers;
232
233    private String hostName;
234    private String appDir = APP_DIR;
235    private String logDir;
236    private boolean findPort;
237
238    private String trustStore;
239    private String trustStorePassword;
240    private String trustStoreType;
241
242    private String keyStore;
243    private String keyStorePassword;
244    private String keyStoreType;
245
246    // The -keypass option in keytool
247    private String keyPassword;
248
249    private String kerberosNameRulesKey;
250    private String signatureSecretFileKey;
251
252    /**
253     * @see #setAppDir(String)
254     * @deprecated Since 0.99.0. Use builder pattern via {@link #setAppDir(String)} instead.
255     */
256    @Deprecated
257    private String name;
258    /**
259     * @see #addEndpoint(URI)
260     * @deprecated Since 0.99.0. Use builder pattern via {@link #addEndpoint(URI)} instead.
261     */
262    @Deprecated
263    private String bindAddress;
264    /**
265     * @see #addEndpoint(URI)
266     * @deprecated Since 0.99.0. Use builder pattern via {@link #addEndpoint(URI)} instead.
267     */
268    @Deprecated
269    private int port = -1;
270
271    /**
272     * Add an endpoint that the HTTP server should listen to. the endpoint of that the HTTP server
273     * should listen to. The scheme specifies the protocol (i.e. HTTP / HTTPS), the host specifies
274     * the binding address, and the port specifies the listening port. Unspecified or zero port
275     * means that the server can listen to any port.
276     */
277    public Builder addEndpoint(URI endpoint) {
278      endpoints.add(endpoint);
279      return this;
280    }
281
282    /**
283     * Set the hostname of the http server. The host name is used to resolve the _HOST field in
284     * Kerberos principals. The hostname of the first listener will be used if the name is
285     * unspecified.
286     */
287    public Builder hostName(String hostName) {
288      this.hostName = hostName;
289      return this;
290    }
291
292    public Builder trustStore(String location, String password, String type) {
293      this.trustStore = location;
294      this.trustStorePassword = password;
295      this.trustStoreType = type;
296      return this;
297    }
298
299    public Builder keyStore(String location, String password, String type) {
300      this.keyStore = location;
301      this.keyStorePassword = password;
302      this.keyStoreType = type;
303      return this;
304    }
305
306    public Builder keyPassword(String password) {
307      this.keyPassword = password;
308      return this;
309    }
310
311    /**
312     * Specify whether the server should authorize the client in SSL connections.
313     */
314    public Builder needsClientAuth(boolean value) {
315      this.needsClientAuth = value;
316      return this;
317    }
318
319    /**
320     * @see #setAppDir(String)
321     * @deprecated Since 0.99.0. Use {@link #setAppDir(String)} instead.
322     */
323    @Deprecated
324    public Builder setName(String name) {
325      this.name = name;
326      return this;
327    }
328
329    /**
330     * @see #addEndpoint(URI)
331     * @deprecated Since 0.99.0. Use {@link #addEndpoint(URI)} instead.
332     */
333    @Deprecated
334    public Builder setBindAddress(String bindAddress) {
335      this.bindAddress = bindAddress;
336      return this;
337    }
338
339    /**
340     * @see #addEndpoint(URI)
341     * @deprecated Since 0.99.0. Use {@link #addEndpoint(URI)} instead.
342     */
343    @Deprecated
344    public Builder setPort(int port) {
345      this.port = port;
346      return this;
347    }
348
349    public Builder setFindPort(boolean findPort) {
350      this.findPort = findPort;
351      return this;
352    }
353
354    public Builder setConf(Configuration conf) {
355      this.conf = conf;
356      return this;
357    }
358
359    public Builder setPathSpec(String[] pathSpec) {
360      this.pathSpecs = pathSpec;
361      return this;
362    }
363
364    public Builder setACL(AccessControlList acl) {
365      this.adminsAcl = acl;
366      return this;
367    }
368
369    public Builder setSecurityEnabled(boolean securityEnabled) {
370      this.securityEnabled = securityEnabled;
371      return this;
372    }
373
374    public Builder setUsernameConfKey(String usernameConfKey) {
375      this.usernameConfKey = usernameConfKey;
376      return this;
377    }
378
379    public Builder setKeytabConfKey(String keytabConfKey) {
380      this.keytabConfKey = keytabConfKey;
381      return this;
382    }
383
384    public Builder setKerberosNameRulesKey(String kerberosNameRulesKey) {
385      this.kerberosNameRulesKey = kerberosNameRulesKey;
386      return this;
387    }
388
389    public Builder setSignatureSecretFileKey(String signatureSecretFileKey) {
390      this.signatureSecretFileKey = signatureSecretFileKey;
391      return this;
392    }
393
394    public Builder setAppDir(String appDir) {
395      this.appDir = appDir;
396      return this;
397    }
398
399    public Builder setLogDir(String logDir) {
400      this.logDir = logDir;
401      return this;
402    }
403
404    public void excludeCiphers(String excludeCiphers) {
405      this.excludeCiphers = excludeCiphers;
406    }
407
408    public HttpServer build() throws IOException {
409
410      // Do we still need to assert this non null name if it is deprecated?
411      if (this.name == null) {
412        throw new HadoopIllegalArgumentException("name is not set");
413      }
414
415      // Make the behavior compatible with deprecated interfaces
416      if (bindAddress != null && port != -1) {
417        try {
418          endpoints.add(0, new URI("http", "", bindAddress, port, "", "", ""));
419        } catch (URISyntaxException e) {
420          throw new HadoopIllegalArgumentException("Invalid endpoint: " + e);
421        }
422      }
423
424      if (endpoints.isEmpty()) {
425        throw new HadoopIllegalArgumentException("No endpoints specified");
426      }
427
428      if (hostName == null) {
429        hostName = endpoints.get(0).getHost();
430      }
431
432      if (this.conf == null) {
433        conf = new Configuration();
434      }
435
436      HttpServer server = new HttpServer(this);
437
438      for (URI ep : endpoints) {
439        ServerConnector listener = null;
440        String scheme = ep.getScheme();
441        HttpConfiguration httpConfig = new HttpConfiguration();
442        httpConfig.setSecureScheme("https");
443        httpConfig.setHeaderCacheSize(DEFAULT_MAX_HEADER_SIZE);
444        httpConfig.setResponseHeaderSize(DEFAULT_MAX_HEADER_SIZE);
445        httpConfig.setRequestHeaderSize(DEFAULT_MAX_HEADER_SIZE);
446        httpConfig.setSendServerVersion(false);
447
448        if ("http".equals(scheme)) {
449          listener = new ServerConnector(server.webServer, new HttpConnectionFactory(httpConfig));
450        } else if ("https".equals(scheme)) {
451          HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);
452          httpsConfig.addCustomizer(new SecureRequestCustomizer());
453          SslContextFactory.Server sslCtxFactory = new SslContextFactory.Server();
454          sslCtxFactory.setNeedClientAuth(needsClientAuth);
455          sslCtxFactory.setKeyManagerPassword(keyPassword);
456
457          if (keyStore != null) {
458            sslCtxFactory.setKeyStorePath(keyStore);
459            sslCtxFactory.setKeyStoreType(keyStoreType);
460            sslCtxFactory.setKeyStorePassword(keyStorePassword);
461          }
462
463          if (trustStore != null) {
464            sslCtxFactory.setTrustStorePath(trustStore);
465            sslCtxFactory.setTrustStoreType(trustStoreType);
466            sslCtxFactory.setTrustStorePassword(trustStorePassword);
467          }
468
469          if (excludeCiphers != null && !excludeCiphers.trim().isEmpty()) {
470            sslCtxFactory.setExcludeCipherSuites(StringUtils.getTrimmedStrings(excludeCiphers));
471            LOG.debug("Excluded SSL Cipher List:" + excludeCiphers);
472          }
473
474          listener = new ServerConnector(server.webServer,
475            new SslConnectionFactory(sslCtxFactory, HttpVersion.HTTP_1_1.toString()),
476            new HttpConnectionFactory(httpsConfig));
477        } else {
478          throw new HadoopIllegalArgumentException("unknown scheme for endpoint:" + ep);
479        }
480
481        // default settings for connector
482        listener.setAcceptQueueSize(128);
483        // config idle timeout for jetty
484        listener
485          .setIdleTimeout(conf.getLong(HTTP_JETTY_IDLE_TIMEOUT, DEFAULT_HTTP_JETTY_IDLE_TIMEOUT));
486        if (Shell.WINDOWS) {
487          // result of setting the SO_REUSEADDR flag is different on Windows
488          // http://msdn.microsoft.com/en-us/library/ms740621(v=vs.85).aspx
489          // without this 2 NN's can start on the same machine and listen on
490          // the same port with indeterminate routing of incoming requests to them
491          listener.setReuseAddress(false);
492        }
493
494        listener.setHost(ep.getHost());
495        listener.setPort(ep.getPort() == -1 ? 0 : ep.getPort());
496        server.addManagedListener(listener);
497      }
498
499      server.loadListeners();
500      return server;
501
502    }
503
504  }
505
506  /**
507   * @see #HttpServer(String, String, int, boolean, Configuration)
508   * @deprecated Since 0.99.0
509   */
510  @Deprecated
511  public HttpServer(String name, String bindAddress, int port, boolean findPort)
512    throws IOException {
513    this(name, bindAddress, port, findPort, new Configuration());
514  }
515
516  /**
517   * Create a status server on the given port. Allows you to specify the path specifications that
518   * this server will be serving so that they will be added to the filters properly.
519   * @param name        The name of the server
520   * @param bindAddress The address for this server
521   * @param port        The port to use on the server
522   * @param findPort    whether the server should start at the given port and increment by 1 until
523   *                    it finds a free port.
524   * @param conf        Configuration
525   * @param pathSpecs   Path specifications that this httpserver will be serving. These will be
526   *                    added to any filters.
527   * @deprecated Since 0.99.0
528   */
529  @Deprecated
530  public HttpServer(String name, String bindAddress, int port, boolean findPort, Configuration conf,
531    String[] pathSpecs) throws IOException {
532    this(name, bindAddress, port, findPort, conf, null, pathSpecs);
533  }
534
535  /**
536   * Create a status server on the given port. The jsp scripts are taken from
537   * src/webapps/&lt;name&gt;.
538   * @param name     The name of the server
539   * @param port     The port to use on the server
540   * @param findPort whether the server should start at the given port and increment by 1 until it
541   *                 finds a free port.
542   * @param conf     Configuration
543   * @deprecated Since 0.99.0
544   */
545  @Deprecated
546  public HttpServer(String name, String bindAddress, int port, boolean findPort, Configuration conf)
547    throws IOException {
548    this(name, bindAddress, port, findPort, conf, null, null);
549  }
550
551  /**
552   * Creates a status server on the given port. The JSP scripts are taken from
553   * src/webapp&lt;name&gt;.
554   * @param name        the name of the server
555   * @param bindAddress the address for this server
556   * @param port        the port to use on the server
557   * @param findPort    whether the server should start at the given port and increment by 1 until
558   *                    it finds a free port
559   * @param conf        the configuration to use
560   * @param adminsAcl   {@link AccessControlList} of the admins
561   * @throws IOException when creating the server fails
562   * @deprecated Since 0.99.0
563   */
564  @Deprecated
565  public HttpServer(String name, String bindAddress, int port, boolean findPort, Configuration conf,
566    AccessControlList adminsAcl) throws IOException {
567    this(name, bindAddress, port, findPort, conf, adminsAcl, null);
568  }
569
570  /**
571   * Create a status server on the given port. The jsp scripts are taken from
572   * src/webapps/&lt;name&gt;.
573   * @param name        The name of the server
574   * @param bindAddress The address for this server
575   * @param port        The port to use on the server
576   * @param findPort    whether the server should start at the given port and increment by 1 until
577   *                    it finds a free port.
578   * @param conf        Configuration
579   * @param adminsAcl   {@link AccessControlList} of the admins
580   * @param pathSpecs   Path specifications that this httpserver will be serving. These will be
581   *                    added to any filters.
582   * @deprecated Since 0.99.0
583   */
584  @Deprecated
585  public HttpServer(String name, String bindAddress, int port, boolean findPort, Configuration conf,
586    AccessControlList adminsAcl, String[] pathSpecs) throws IOException {
587    this(new Builder().setName(name).addEndpoint(URI.create("http://" + bindAddress + ":" + port))
588      .setFindPort(findPort).setConf(conf).setACL(adminsAcl).setPathSpec(pathSpecs));
589  }
590
591  private HttpServer(final Builder b) throws IOException {
592    this.appDir = b.appDir;
593    this.logDir = b.logDir;
594    final String appDir = getWebAppsPath(b.name);
595
596    int maxThreads = b.conf.getInt(HTTP_MAX_THREADS, 16);
597    // If HTTP_MAX_THREADS is less than or equal to 0, QueueThreadPool() will use the
598    // default value (currently 200).
599    QueuedThreadPool threadPool =
600      maxThreads <= 0 ? new QueuedThreadPool() : new QueuedThreadPool(maxThreads);
601    threadPool.setDaemon(true);
602    this.webServer = new Server(threadPool);
603
604    this.adminsAcl = b.adminsAcl;
605    this.webAppContext = createWebAppContext(b.name, b.conf, adminsAcl, appDir);
606    this.findPort = b.findPort;
607    this.authenticationEnabled = b.securityEnabled;
608    initializeWebServer(b.name, b.hostName, b.conf, b.pathSpecs, b);
609    this.webServer.setHandler(buildGzipHandler(this.webServer.getHandler()));
610  }
611
612  private void initializeWebServer(String name, String hostName, Configuration conf,
613    String[] pathSpecs, HttpServer.Builder b) throws FileNotFoundException, IOException {
614
615    Preconditions.checkNotNull(webAppContext);
616
617    HandlerCollection handlerCollection = new HandlerCollection();
618
619    ContextHandlerCollection contexts = new ContextHandlerCollection();
620    RequestLog requestLog = HttpRequestLog.getRequestLog(name);
621
622    if (requestLog != null) {
623      RequestLogHandler requestLogHandler = new RequestLogHandler();
624      requestLogHandler.setRequestLog(requestLog);
625      handlerCollection.addHandler(requestLogHandler);
626    }
627
628    final String appDir = getWebAppsPath(name);
629
630    handlerCollection.addHandler(contexts);
631    handlerCollection.addHandler(webAppContext);
632
633    webServer.setHandler(handlerCollection);
634
635    webAppContext.setAttribute(ADMINS_ACL, adminsAcl);
636
637    // Default apps need to be set first, so that all filters are applied to them.
638    // Because they're added to defaultContexts, we need them there before we start
639    // adding filters
640    addDefaultApps(contexts, appDir, conf);
641
642    addGlobalFilter("safety", QuotingInputFilter.class.getName(), null);
643
644    addGlobalFilter("clickjackingprevention", ClickjackingPreventionFilter.class.getName(),
645      ClickjackingPreventionFilter.getDefaultParameters(conf));
646
647    HttpConfig httpConfig = new HttpConfig(conf);
648
649    addGlobalFilter("securityheaders", SecurityHeadersFilter.class.getName(),
650      SecurityHeadersFilter.getDefaultParameters(conf, httpConfig.isSecure()));
651
652    // But security needs to be enabled prior to adding the other servlets
653    if (authenticationEnabled) {
654      initSpnego(conf, hostName, b.usernameConfKey, b.keytabConfKey, b.kerberosNameRulesKey,
655        b.signatureSecretFileKey);
656    }
657
658    final FilterInitializer[] initializers = getFilterInitializers(conf);
659    if (initializers != null) {
660      conf = new Configuration(conf);
661      conf.set(BIND_ADDRESS, hostName);
662      for (FilterInitializer c : initializers) {
663        c.initFilter(this, conf);
664      }
665    }
666
667    addDefaultServlets(contexts, conf);
668
669    if (pathSpecs != null) {
670      for (String path : pathSpecs) {
671        LOG.info("adding path spec: " + path);
672        addFilterPathMapping(path, webAppContext);
673      }
674    }
675    // Check if disable stack trace property is configured
676    if (!conf.getBoolean(HTTP_UI_SHOW_STACKTRACE_KEY, true)) {
677      // Disable stack traces for server errors in UI
678      webServer.setErrorHandler(new ErrorHandler());
679      webServer.getErrorHandler().setShowStacks(false);
680      // Disable stack traces for web app errors in UI
681      webAppContext.getErrorHandler().setShowStacks(false);
682    }
683  }
684
685  private void addManagedListener(ServerConnector connector) {
686    listeners.add(new ListenerInfo(true, connector));
687  }
688
689  private static WebAppContext createWebAppContext(String name, Configuration conf,
690    AccessControlList adminsAcl, final String appDir) {
691    WebAppContext ctx = new WebAppContext();
692    ctx.setDisplayName(name);
693    ctx.setContextPath("/");
694    ctx.setWar(appDir + "/" + name);
695    ctx.getServletContext().setAttribute(CONF_CONTEXT_ATTRIBUTE, conf);
696    // for org.apache.hadoop.metrics.MetricsServlet
697    ctx.getServletContext().setAttribute(org.apache.hadoop.http.HttpServer2.CONF_CONTEXT_ATTRIBUTE,
698      conf);
699    ctx.getServletContext().setAttribute(ADMINS_ACL, adminsAcl);
700    addNoCacheFilter(ctx, conf);
701    return ctx;
702  }
703
704  /**
705   * Construct and configure an instance of {@link GzipHandler}. With complex
706   * multi-{@link WebAppContext} configurations, it's easiest to apply this handler directly to the
707   * instance of {@link Server} near the end of its configuration, something like
708   *
709   * <pre>
710   * Server server = new Server();
711   * // ...
712   * server.setHandler(buildGzipHandler(server.getHandler()));
713   * server.start();
714   * </pre>
715   */
716  public static GzipHandler buildGzipHandler(final Handler wrapped) {
717    final GzipHandler gzipHandler = new GzipHandler();
718    gzipHandler.setHandler(wrapped);
719    return gzipHandler;
720  }
721
722  private static void addNoCacheFilter(ServletContextHandler ctxt, Configuration conf) {
723    if (conf.getBoolean(HTTP_UI_NO_CACHE_ENABLE_KEY, false)) {
724      Map<String, String> filterConfig =
725        AuthenticationFilterInitializer.getFilterConfigMap(conf, "hbase.http.filter.");
726      defineFilter(ctxt, NO_CACHE_FILTER, NoCacheFilter.class.getName(), filterConfig,
727        new String[] { "/*" });
728    } else {
729      defineFilter(ctxt, NO_CACHE_FILTER, NoCacheFilter.class.getName(),
730        Collections.<String, String> emptyMap(), new String[] { "/*" });
731    }
732  }
733
734  /** Get an array of FilterConfiguration specified in the conf */
735  private static FilterInitializer[] getFilterInitializers(Configuration conf) {
736    if (conf == null) {
737      return null;
738    }
739
740    Class<?>[] classes = conf.getClasses(FILTER_INITIALIZERS_PROPERTY);
741    if (classes == null) {
742      return null;
743    }
744
745    FilterInitializer[] initializers = new FilterInitializer[classes.length];
746    for (int i = 0; i < classes.length; i++) {
747      initializers[i] = (FilterInitializer) ReflectionUtils.newInstance(classes[i]);
748    }
749    return initializers;
750  }
751
752  /**
753   * Add default apps.
754   * @param appDir The application directory
755   */
756  protected void addDefaultApps(ContextHandlerCollection parent, final String appDir,
757    Configuration conf) {
758    // set up the context for "/logs/" if "hadoop.log.dir" property is defined.
759    String logDir = this.logDir;
760    if (logDir == null) {
761      logDir = System.getProperty("hadoop.log.dir");
762    }
763    if (logDir != null) {
764      ServletContextHandler logContext = new ServletContextHandler(parent, "/logs");
765      logContext.addServlet(AdminAuthorizedServlet.class, "/*");
766      logContext.setResourceBase(logDir);
767      logContext.setDisplayName("logs");
768      configureAliasChecks(logContext,
769        conf.getBoolean(ServerConfigurationKeys.HBASE_JETTY_LOGS_SERVE_ALIASES,
770          ServerConfigurationKeys.DEFAULT_HBASE_JETTY_LOGS_SERVE_ALIASES));
771      setContextAttributes(logContext, conf);
772      addNoCacheFilter(logContext, conf);
773      defaultContexts.put(logContext, true);
774    }
775    // set up the context for "/static/*"
776    ServletContextHandler staticContext = new ServletContextHandler(parent, "/static");
777    staticContext.setResourceBase(appDir + "/static");
778    staticContext.addServlet(DefaultServlet.class, "/*");
779    staticContext.setDisplayName("static");
780    setContextAttributes(staticContext, conf);
781    defaultContexts.put(staticContext, true);
782  }
783
784  /**
785   * This method configures the alias checks for the given ServletContextHandler based on the
786   * provided value of shouldServeAlias.<br>
787   * If shouldServeAlias is set to true, it checks if SymlinkAllowedResourceAliasChecker is already
788   * a part of the alias check list. If it is already a part of the list, no changes are made, else,
789   * it adds it to the list.<br>
790   * If shouldServeAlias is set to false, it clears all alias checks from the
791   * ServletContextHandler.<br>
792   * .
793   * @param context          The ServletContextHandler whose alias checks are to be configured
794   * @param shouldServeAlias Whether aliases should be allowed or not
795   */
796  private void configureAliasChecks(ServletContextHandler context, boolean shouldServeAlias) {
797    if (shouldServeAlias) {
798      Class aliasCheckerClass = SymlinkAllowedResourceAliasChecker.class;
799      // check if SymlinkAllowedResourceAliasChecker is already part of alias check list
800      // NOTE: we are doing this because this is already present in the context (by default)
801      if (context.getAliasChecks().stream().anyMatch(aliasCheckerClass::isInstance)) {
802        LOG.debug("{} is already part of alias check list", aliasCheckerClass.getName());
803      } else {
804        context.addAliasCheck(new SymlinkAllowedResourceAliasChecker(context));
805        LOG.debug("{} added to the alias check list", aliasCheckerClass.getName());
806      }
807      LOG.info("Serving aliases allowed for /logs context");
808    } else {
809      // if aliasing is disabled, then we should clear the alias check list
810      context.clearAliasChecks();
811      LOG.info("Serving aliases disabled for /logs context");
812    }
813  }
814
815  private void setContextAttributes(ServletContextHandler context, Configuration conf) {
816    context.getServletContext().setAttribute(CONF_CONTEXT_ATTRIBUTE, conf);
817    context.getServletContext().setAttribute(ADMINS_ACL, adminsAcl);
818  }
819
820  /**
821   * Add default servlets.
822   */
823  protected void addDefaultServlets(ContextHandlerCollection contexts, Configuration conf)
824    throws IOException {
825    // set up default servlets
826    addPrivilegedServlet("stacks", "/stacks", StackServlet.class);
827    addPrivilegedServlet("logLevel", "/logLevel", LogLevel.Servlet.class);
828
829    // While we don't expect users to have sensitive information in their configuration, they
830    // might. Give them an option to not expose the service configuration to all users.
831    if (conf.getBoolean(HTTP_PRIVILEGED_CONF_KEY, HTTP_PRIVILEGED_CONF_DEFAULT)) {
832      addPrivilegedServlet("conf", "/conf", ConfServlet.class);
833    } else {
834      addUnprivilegedServlet("conf", "/conf", ConfServlet.class);
835    }
836    final String asyncProfilerHome = ProfileServlet.getAsyncProfilerHome();
837    if (asyncProfilerHome != null && !asyncProfilerHome.trim().isEmpty()) {
838      addPrivilegedServlet("prof", "/prof", ProfileServlet.class);
839      Path tmpDir = Paths.get(ProfileServlet.OUTPUT_DIR);
840      if (Files.notExists(tmpDir)) {
841        Files.createDirectories(tmpDir);
842      }
843      ServletContextHandler genCtx = new ServletContextHandler(contexts, "/prof-output-hbase");
844      genCtx.addServlet(ProfileOutputServlet.class, "/*");
845      genCtx.setResourceBase(tmpDir.toAbsolutePath().toString());
846      genCtx.setDisplayName("prof-output-hbase");
847    } else {
848      addUnprivilegedServlet("prof", "/prof", ProfileServlet.DisabledServlet.class);
849      LOG.info("ASYNC_PROFILER_HOME environment variable and async.profiler.home system property "
850        + "not specified. Disabling /prof endpoint.");
851    }
852
853    /* register metrics servlets */
854    String[] enabledServlets = conf.getStrings(METRIC_SERVLETS_CONF_KEY, METRICS_SERVLETS_DEFAULT);
855    for (String enabledServlet : enabledServlets) {
856      ServletConfig servletConfig = METRIC_SERVLETS.get(enabledServlet);
857      if (servletConfig != null) {
858        try {
859          Class<?> clz = Class.forName(servletConfig.getClazz());
860          addPrivilegedServlet(servletConfig.getName(), servletConfig.getPathSpec(),
861            clz.asSubclass(HttpServlet.class));
862        } catch (Exception e) {
863          if (servletConfig.isExpected()) {
864            // metrics are not critical to read/write, so an exception here shouldn't be fatal
865            // if the class was expected we should warn though
866            LOG.warn("Couldn't register the servlet " + enabledServlet, e);
867          }
868        }
869      }
870    }
871  }
872
873  /**
874   * Set a value in the webapp context. These values are available to the jsp pages as
875   * "application.getAttribute(name)".
876   * @param name  The name of the attribute
877   * @param value The value of the attribute
878   */
879  public void setAttribute(String name, Object value) {
880    webAppContext.setAttribute(name, value);
881  }
882
883  /**
884   * Add a Jersey resource package.
885   * @param packageName The Java package name containing the Jersey resource.
886   * @param pathSpec    The path spec for the servlet
887   */
888  public void addJerseyResourcePackage(final String packageName, final String pathSpec) {
889    LOG.info("addJerseyResourcePackage: packageName=" + packageName + ", pathSpec=" + pathSpec);
890
891    ResourceConfig application = new ResourceConfig().packages(packageName);
892    final ServletHolder sh = new ServletHolder(new ServletContainer(application));
893    webAppContext.addServlet(sh, pathSpec);
894  }
895
896  /**
897   * Adds a servlet in the server that any user can access. This method differs from
898   * {@link #addPrivilegedServlet(String, String, Class)} in that any authenticated user can
899   * interact with the servlet added by this method.
900   * @param name     The name of the servlet (can be passed as null)
901   * @param pathSpec The path spec for the servlet
902   * @param clazz    The servlet class
903   */
904  public void addUnprivilegedServlet(String name, String pathSpec,
905    Class<? extends HttpServlet> clazz) {
906    addServletWithAuth(name, pathSpec, clazz, false);
907  }
908
909  /**
910   * Adds a servlet in the server that any user can access. This method differs from
911   * {@link #addPrivilegedServlet(String, ServletHolder)} in that any authenticated user can
912   * interact with the servlet added by this method.
913   * @param pathSpec The path spec for the servlet
914   * @param holder   The servlet holder
915   */
916  public void addUnprivilegedServlet(String pathSpec, ServletHolder holder) {
917    addServletWithAuth(pathSpec, holder, false);
918  }
919
920  /**
921   * Adds a servlet in the server that only administrators can access. This method differs from
922   * {@link #addUnprivilegedServlet(String, String, Class)} in that only those authenticated user
923   * who are identified as administrators can interact with the servlet added by this method.
924   */
925  public void addPrivilegedServlet(String name, String pathSpec,
926    Class<? extends HttpServlet> clazz) {
927    addServletWithAuth(name, pathSpec, clazz, true);
928  }
929
930  /**
931   * Adds a servlet in the server that only administrators can access. This method differs from
932   * {@link #addUnprivilegedServlet(String, ServletHolder)} in that only those authenticated user
933   * who are identified as administrators can interact with the servlet added by this method.
934   */
935  public void addPrivilegedServlet(String pathSpec, ServletHolder holder) {
936    addServletWithAuth(pathSpec, holder, true);
937  }
938
939  /**
940   * Internal method to add a servlet to the HTTP server. Developers should not call this method
941   * directly, but invoke it via {@link #addUnprivilegedServlet(String, String, Class)} or
942   * {@link #addPrivilegedServlet(String, String, Class)}.
943   */
944  void addServletWithAuth(String name, String pathSpec, Class<? extends HttpServlet> clazz,
945    boolean requireAuthz) {
946    addInternalServlet(name, pathSpec, clazz, requireAuthz);
947    addFilterPathMapping(pathSpec, webAppContext);
948  }
949
950  /**
951   * Internal method to add a servlet to the HTTP server. Developers should not call this method
952   * directly, but invoke it via {@link #addUnprivilegedServlet(String, ServletHolder)} or
953   * {@link #addPrivilegedServlet(String, ServletHolder)}.
954   */
955  void addServletWithAuth(String pathSpec, ServletHolder holder, boolean requireAuthz) {
956    addInternalServlet(pathSpec, holder, requireAuthz);
957    addFilterPathMapping(pathSpec, webAppContext);
958  }
959
960  /**
961   * Add an internal servlet in the server, specifying whether or not to protect with Kerberos
962   * authentication. Note: This method is to be used for adding servlets that facilitate internal
963   * communication and not for user facing functionality. For servlets added using this method,
964   * filters (except internal Kerberos filters) are not enabled.
965   * @param name         The name of the {@link Servlet} (can be passed as null)
966   * @param pathSpec     The path spec for the {@link Servlet}
967   * @param clazz        The {@link Servlet} class
968   * @param requireAuthz Require Kerberos authenticate to access servlet
969   */
970  void addInternalServlet(String name, String pathSpec, Class<? extends HttpServlet> clazz,
971    boolean requireAuthz) {
972    ServletHolder holder = new ServletHolder(clazz);
973    if (name != null) {
974      holder.setName(name);
975    }
976    addInternalServlet(pathSpec, holder, requireAuthz);
977  }
978
979  /**
980   * Add an internal servlet in the server, specifying whether or not to protect with Kerberos
981   * authentication. Note: This method is to be used for adding servlets that facilitate internal
982   * communication and not for user facing functionality. For servlets added using this method,
983   * filters (except internal Kerberos filters) are not enabled.
984   * @param pathSpec     The path spec for the {@link Servlet}
985   * @param holder       The object providing the {@link Servlet} instance
986   * @param requireAuthz Require Kerberos authenticate to access servlet
987   */
988  void addInternalServlet(String pathSpec, ServletHolder holder, boolean requireAuthz) {
989    if (authenticationEnabled && requireAuthz) {
990      FilterHolder filter = new FilterHolder(AdminAuthorizedFilter.class);
991      filter.setName(AdminAuthorizedFilter.class.getSimpleName());
992      FilterMapping fmap = new FilterMapping();
993      fmap.setPathSpec(pathSpec);
994      fmap.setDispatches(FilterMapping.ALL);
995      fmap.setFilterName(AdminAuthorizedFilter.class.getSimpleName());
996      webAppContext.getServletHandler().addFilter(filter, fmap);
997    }
998    webAppContext.getSessionHandler().getSessionCookieConfig().setHttpOnly(true);
999    webAppContext.getSessionHandler().getSessionCookieConfig().setSecure(true);
1000    webAppContext.addServlet(holder, pathSpec);
1001  }
1002
1003  @Override
1004  public void addFilter(String name, String classname, Map<String, String> parameters) {
1005    final String[] USER_FACING_URLS = { "*.html", "*.jsp" };
1006    defineFilter(webAppContext, name, classname, parameters, USER_FACING_URLS);
1007    LOG.info("Added filter " + name + " (class=" + classname + ") to context "
1008      + webAppContext.getDisplayName());
1009    final String[] ALL_URLS = { "/*" };
1010    for (Map.Entry<ServletContextHandler, Boolean> e : defaultContexts.entrySet()) {
1011      if (e.getValue()) {
1012        ServletContextHandler handler = e.getKey();
1013        defineFilter(handler, name, classname, parameters, ALL_URLS);
1014        LOG.info("Added filter " + name + " (class=" + classname + ") to context "
1015          + handler.getDisplayName());
1016      }
1017    }
1018    filterNames.add(name);
1019  }
1020
1021  @Override
1022  public void addGlobalFilter(String name, String classname, Map<String, String> parameters) {
1023    final String[] ALL_URLS = { "/*" };
1024    defineFilter(webAppContext, name, classname, parameters, ALL_URLS);
1025    for (ServletContextHandler ctx : defaultContexts.keySet()) {
1026      defineFilter(ctx, name, classname, parameters, ALL_URLS);
1027    }
1028    LOG.info("Added global filter '" + name + "' (class=" + classname + ")");
1029  }
1030
1031  /**
1032   * Define a filter for a context and set up default url mappings.
1033   */
1034  public static void defineFilter(ServletContextHandler handler, String name, String classname,
1035    Map<String, String> parameters, String[] urls) {
1036    FilterHolder holder = new FilterHolder();
1037    holder.setName(name);
1038    holder.setClassName(classname);
1039    if (parameters != null) {
1040      holder.setInitParameters(parameters);
1041    }
1042    FilterMapping fmap = new FilterMapping();
1043    fmap.setPathSpecs(urls);
1044    fmap.setDispatches(FilterMapping.ALL);
1045    fmap.setFilterName(name);
1046    handler.getServletHandler().addFilter(holder, fmap);
1047  }
1048
1049  /**
1050   * Add the path spec to the filter path mapping.
1051   * @param pathSpec  The path spec
1052   * @param webAppCtx The WebApplicationContext to add to
1053   */
1054  protected void addFilterPathMapping(String pathSpec, WebAppContext webAppCtx) {
1055    for (String name : filterNames) {
1056      FilterMapping fmap = new FilterMapping();
1057      fmap.setPathSpec(pathSpec);
1058      fmap.setFilterName(name);
1059      fmap.setDispatches(FilterMapping.ALL);
1060      webAppCtx.getServletHandler().addFilterMapping(fmap);
1061    }
1062  }
1063
1064  /**
1065   * Get the value in the webapp context.
1066   * @param name The name of the attribute
1067   * @return The value of the attribute
1068   */
1069  public Object getAttribute(String name) {
1070    return webAppContext.getAttribute(name);
1071  }
1072
1073  public WebAppContext getWebAppContext() {
1074    return this.webAppContext;
1075  }
1076
1077  public String getWebAppsPath(String appName) throws FileNotFoundException {
1078    return getWebAppsPath(this.appDir, appName);
1079  }
1080
1081  /**
1082   * Get the pathname to the webapps files.
1083   * @param appName eg "secondary" or "datanode"
1084   * @return the pathname as a URL
1085   * @throws FileNotFoundException if 'webapps' directory cannot be found on CLASSPATH.
1086   */
1087  protected String getWebAppsPath(String webapps, String appName) throws FileNotFoundException {
1088    URL url = getClass().getClassLoader().getResource(webapps + "/" + appName);
1089
1090    if (url == null) {
1091      throw new FileNotFoundException(webapps + "/" + appName + " not found in CLASSPATH");
1092    }
1093
1094    String urlString = url.toString();
1095    return urlString.substring(0, urlString.lastIndexOf('/'));
1096  }
1097
1098  /**
1099   * Get the port that the server is on
1100   * @return the port
1101   * @deprecated Since 0.99.0
1102   */
1103  @Deprecated
1104  public int getPort() {
1105    return ((ServerConnector) webServer.getConnectors()[0]).getLocalPort();
1106  }
1107
1108  /**
1109   * Get the address that corresponds to a particular connector.
1110   * @return the corresponding address for the connector, or null if there's no such connector or
1111   *         the connector is not bounded.
1112   */
1113  public InetSocketAddress getConnectorAddress(int index) {
1114    Preconditions.checkArgument(index >= 0);
1115
1116    if (index > webServer.getConnectors().length) {
1117      return null;
1118    }
1119
1120    ServerConnector c = (ServerConnector) webServer.getConnectors()[index];
1121    if (c.getLocalPort() == -1 || c.getLocalPort() == -2) {
1122      // -1 if the connector has not been opened
1123      // -2 if it has been closed
1124      return null;
1125    }
1126
1127    return new InetSocketAddress(c.getHost(), c.getLocalPort());
1128  }
1129
1130  /**
1131   * Set the min, max number of worker threads (simultaneous connections).
1132   */
1133  public void setThreads(int min, int max) {
1134    QueuedThreadPool pool = (QueuedThreadPool) webServer.getThreadPool();
1135    pool.setMinThreads(min);
1136    pool.setMaxThreads(max);
1137  }
1138
1139  private void initSpnego(Configuration conf, String hostName, String usernameConfKey,
1140    String keytabConfKey, String kerberosNameRuleKey, String signatureSecretKeyFileKey)
1141    throws IOException {
1142    Map<String, String> params = new HashMap<>();
1143    String principalInConf = getOrEmptyString(conf, usernameConfKey);
1144    if (!principalInConf.isEmpty()) {
1145      params.put(HTTP_SPNEGO_AUTHENTICATION_PRINCIPAL_SUFFIX,
1146        SecurityUtil.getServerPrincipal(principalInConf, hostName));
1147    }
1148    String httpKeytab = getOrEmptyString(conf, keytabConfKey);
1149    if (!httpKeytab.isEmpty()) {
1150      params.put(HTTP_SPNEGO_AUTHENTICATION_KEYTAB_SUFFIX, httpKeytab);
1151    }
1152    String kerberosNameRule = getOrEmptyString(conf, kerberosNameRuleKey);
1153    if (!kerberosNameRule.isEmpty()) {
1154      params.put(HTTP_SPNEGO_AUTHENTICATION_KRB_NAME_SUFFIX, kerberosNameRule);
1155    }
1156    String signatureSecretKeyFile = getOrEmptyString(conf, signatureSecretKeyFileKey);
1157    if (!signatureSecretKeyFile.isEmpty()) {
1158      params.put(HTTP_AUTHENTICATION_SIGNATURE_SECRET_FILE_SUFFIX, signatureSecretKeyFile);
1159    }
1160    params.put(AuthenticationFilter.AUTH_TYPE, "kerberos");
1161
1162    // Verify that the required options were provided
1163    if (
1164      isMissing(params.get(HTTP_SPNEGO_AUTHENTICATION_PRINCIPAL_SUFFIX))
1165        || isMissing(params.get(HTTP_SPNEGO_AUTHENTICATION_KEYTAB_SUFFIX))
1166    ) {
1167      throw new IllegalArgumentException(
1168        usernameConfKey + " and " + keytabConfKey + " are both required in the configuration "
1169          + "to enable SPNEGO/Kerberos authentication for the Web UI");
1170    }
1171
1172    if (
1173      conf.getBoolean(HTTP_SPNEGO_AUTHENTICATION_PROXYUSER_ENABLE_KEY,
1174        HTTP_SPNEGO_AUTHENTICATION_PROXYUSER_ENABLE_DEFAULT)
1175    ) {
1176      // Copy/rename standard hadoop proxyuser settings to filter
1177      for (Map.Entry<String, String> proxyEntry : conf
1178        .getPropsWithPrefix(ProxyUsers.CONF_HADOOP_PROXYUSER).entrySet()) {
1179        params.put(ProxyUserAuthenticationFilter.PROXYUSER_PREFIX + proxyEntry.getKey(),
1180          proxyEntry.getValue());
1181      }
1182      addGlobalFilter(SPNEGO_PROXYUSER_FILTER, ProxyUserAuthenticationFilter.class.getName(),
1183        params);
1184    } else {
1185      addGlobalFilter(SPNEGO_FILTER, AuthenticationFilter.class.getName(), params);
1186    }
1187  }
1188
1189  /**
1190   * Returns true if the argument is non-null and not whitespace
1191   */
1192  private boolean isMissing(String value) {
1193    if (null == value) {
1194      return true;
1195    }
1196    return value.trim().isEmpty();
1197  }
1198
1199  /**
1200   * Extracts the value for the given key from the configuration of returns a string of zero length.
1201   */
1202  private String getOrEmptyString(Configuration conf, String key) {
1203    if (null == key) {
1204      return EMPTY_STRING;
1205    }
1206    final String value = conf.get(key.trim());
1207    return null == value ? EMPTY_STRING : value;
1208  }
1209
1210  /**
1211   * Start the server. Does not wait for the server to start.
1212   */
1213  public void start() throws IOException {
1214    try {
1215      try {
1216        openListeners();
1217        webServer.start();
1218      } catch (IOException ex) {
1219        LOG.info("HttpServer.start() threw a non Bind IOException", ex);
1220        throw ex;
1221      } catch (MultiException ex) {
1222        LOG.info("HttpServer.start() threw a MultiException", ex);
1223        throw ex;
1224      }
1225      // Make sure there is no handler failures.
1226      Handler[] handlers = webServer.getHandlers();
1227      for (int i = 0; i < handlers.length; i++) {
1228        if (handlers[i].isFailed()) {
1229          throw new IOException("Problem in starting http server. Server handlers failed");
1230        }
1231      }
1232      // Make sure there are no errors initializing the context.
1233      Throwable unavailableException = webAppContext.getUnavailableException();
1234      if (unavailableException != null) {
1235        // Have to stop the webserver, or else its non-daemon threads
1236        // will hang forever.
1237        webServer.stop();
1238        throw new IOException("Unable to initialize WebAppContext", unavailableException);
1239      }
1240    } catch (IOException e) {
1241      throw e;
1242    } catch (InterruptedException e) {
1243      throw (IOException) new InterruptedIOException("Interrupted while starting HTTP server")
1244        .initCause(e);
1245    } catch (Exception e) {
1246      throw new IOException("Problem starting http server", e);
1247    }
1248  }
1249
1250  private void loadListeners() {
1251    for (ListenerInfo li : listeners) {
1252      webServer.addConnector(li.listener);
1253    }
1254  }
1255
1256  /**
1257   * Open the main listener for the server
1258   * @throws Exception if the listener cannot be opened or the appropriate port is already in use
1259   */
1260  void openListeners() throws Exception {
1261    for (ListenerInfo li : listeners) {
1262      ServerConnector listener = li.listener;
1263      if (!li.isManaged || (li.listener.getLocalPort() != -1 && li.listener.getLocalPort() != -2)) {
1264        // This listener is either started externally, or has not been opened, or has been closed
1265        continue;
1266      }
1267      int port = listener.getPort();
1268      while (true) {
1269        // jetty has a bug where you can't reopen a listener that previously
1270        // failed to open w/o issuing a close first, even if the port is changed
1271        try {
1272          listener.close();
1273          listener.open();
1274          LOG.info("Jetty bound to port " + listener.getLocalPort());
1275          break;
1276        } catch (IOException ex) {
1277          if (!(ex instanceof BindException) && !(ex.getCause() instanceof BindException)) {
1278            throw ex;
1279          }
1280          if (port == 0 || !findPort) {
1281            BindException be =
1282              new BindException("Port in use: " + listener.getHost() + ":" + listener.getPort());
1283            be.initCause(ex);
1284            throw be;
1285          }
1286        }
1287        // try the next port number
1288        listener.setPort(++port);
1289        Thread.sleep(100);
1290      }
1291    }
1292  }
1293
1294  /**
1295   * stop the server
1296   */
1297  public void stop() throws Exception {
1298    MultiException exception = null;
1299    for (ListenerInfo li : listeners) {
1300      if (!li.isManaged) {
1301        continue;
1302      }
1303
1304      try {
1305        li.listener.close();
1306      } catch (Exception e) {
1307        LOG.error("Error while stopping listener for webapp" + webAppContext.getDisplayName(), e);
1308        exception = addMultiException(exception, e);
1309      }
1310    }
1311
1312    try {
1313      // clear & stop webAppContext attributes to avoid memory leaks.
1314      webAppContext.clearAttributes();
1315      webAppContext.stop();
1316    } catch (Exception e) {
1317      LOG.error("Error while stopping web app context for webapp " + webAppContext.getDisplayName(),
1318        e);
1319      exception = addMultiException(exception, e);
1320    }
1321
1322    try {
1323      webServer.stop();
1324    } catch (Exception e) {
1325      LOG.error("Error while stopping web server for webapp " + webAppContext.getDisplayName(), e);
1326      exception = addMultiException(exception, e);
1327    }
1328
1329    if (exception != null) {
1330      exception.ifExceptionThrow();
1331    }
1332
1333  }
1334
1335  private MultiException addMultiException(MultiException exception, Exception e) {
1336    if (exception == null) {
1337      exception = new MultiException();
1338    }
1339    exception.add(e);
1340    return exception;
1341  }
1342
1343  public void join() throws InterruptedException {
1344    webServer.join();
1345  }
1346
1347  /**
1348   * Test for the availability of the web server
1349   * @return true if the web server is started, false otherwise
1350   */
1351  public boolean isAlive() {
1352    return webServer != null && webServer.isStarted();
1353  }
1354
1355  /**
1356   * Return the host and port of the HttpServer, if live
1357   * @return the classname and any HTTP URL
1358   */
1359  @Override
1360  public String toString() {
1361    if (listeners.isEmpty()) {
1362      return "Inactive HttpServer";
1363    } else {
1364      StringBuilder sb = new StringBuilder("HttpServer (")
1365        .append(isAlive() ? STATE_DESCRIPTION_ALIVE : STATE_DESCRIPTION_NOT_LIVE)
1366        .append("), listening at:");
1367      for (ListenerInfo li : listeners) {
1368        ServerConnector l = li.listener;
1369        sb.append(l.getHost()).append(":").append(l.getPort()).append("/,");
1370      }
1371      return sb.toString();
1372    }
1373  }
1374
1375  /**
1376   * Checks the user has privileges to access to instrumentation servlets.
1377   * <p>
1378   * If <code>hadoop.security.instrumentation.requires.admin</code> is set to FALSE (default value)
1379   * it always returns TRUE.
1380   * </p>
1381   * <p>
1382   * If <code>hadoop.security.instrumentation.requires.admin</code> is set to TRUE it will check
1383   * that if the current user is in the admin ACLS. If the user is in the admin ACLs it returns
1384   * TRUE, otherwise it returns FALSE.
1385   * </p>
1386   * @param servletContext the servlet context.
1387   * @param request        the servlet request.
1388   * @param response       the servlet response.
1389   * @return TRUE/FALSE based on the logic decribed above.
1390   */
1391  public static boolean isInstrumentationAccessAllowed(ServletContext servletContext,
1392    HttpServletRequest request, HttpServletResponse response) throws IOException {
1393    Configuration conf = (Configuration) servletContext.getAttribute(CONF_CONTEXT_ATTRIBUTE);
1394
1395    boolean access = true;
1396    boolean adminAccess = conf
1397      .getBoolean(CommonConfigurationKeys.HADOOP_SECURITY_INSTRUMENTATION_REQUIRES_ADMIN, false);
1398    if (adminAccess) {
1399      access = hasAdministratorAccess(servletContext, request, response);
1400    }
1401    return access;
1402  }
1403
1404  /**
1405   * Does the user sending the HttpServletRequest has the administrator ACLs? If it isn't the case,
1406   * response will be modified to send an error to the user.
1407   * @param servletContext the {@link ServletContext} to use
1408   * @param request        the {@link HttpServletRequest} to check
1409   * @param response       used to send the error response if user does not have admin access.
1410   * @return true if admin-authorized, false otherwise
1411   * @throws IOException if an unauthenticated or unauthorized user tries to access the page
1412   */
1413  public static boolean hasAdministratorAccess(ServletContext servletContext,
1414    HttpServletRequest request, HttpServletResponse response) throws IOException {
1415    Configuration conf = (Configuration) servletContext.getAttribute(CONF_CONTEXT_ATTRIBUTE);
1416    AccessControlList acl = (AccessControlList) servletContext.getAttribute(ADMINS_ACL);
1417
1418    return hasAdministratorAccess(conf, acl, request, response);
1419  }
1420
1421  public static boolean hasAdministratorAccess(Configuration conf, AccessControlList acl,
1422    HttpServletRequest request, HttpServletResponse response) throws IOException {
1423    // If there is no authorization, anybody has administrator access.
1424    if (!conf.getBoolean(CommonConfigurationKeys.HADOOP_SECURITY_AUTHORIZATION, false)) {
1425      return true;
1426    }
1427
1428    String remoteUser = request.getRemoteUser();
1429    if (remoteUser == null) {
1430      response.sendError(HttpServletResponse.SC_UNAUTHORIZED,
1431        "Unauthenticated users are not " + "authorized to access this page.");
1432      return false;
1433    }
1434
1435    if (acl != null && !userHasAdministratorAccess(acl, remoteUser)) {
1436      response.sendError(HttpServletResponse.SC_FORBIDDEN,
1437        "User " + remoteUser + " is unauthorized to access this page.");
1438      return false;
1439    }
1440
1441    return true;
1442  }
1443
1444  /**
1445   * Get the admin ACLs from the given ServletContext and check if the given user is in the ACL.
1446   * @param servletContext the context containing the admin ACL.
1447   * @param remoteUser     the remote user to check for.
1448   * @return true if the user is present in the ACL, false if no ACL is set or the user is not
1449   *         present
1450   */
1451  public static boolean userHasAdministratorAccess(ServletContext servletContext,
1452    String remoteUser) {
1453    AccessControlList adminsAcl = (AccessControlList) servletContext.getAttribute(ADMINS_ACL);
1454    return userHasAdministratorAccess(adminsAcl, remoteUser);
1455  }
1456
1457  public static boolean userHasAdministratorAccess(AccessControlList acl, String remoteUser) {
1458    UserGroupInformation remoteUserUGI = UserGroupInformation.createRemoteUser(remoteUser);
1459    return acl != null && acl.isUserAllowed(remoteUserUGI);
1460  }
1461
1462  /**
1463   * A very simple servlet to serve up a text representation of the current stack traces. It both
1464   * returns the stacks to the caller and logs them. Currently the stack traces are done
1465   * sequentially rather than exactly the same data.
1466   */
1467  public static class StackServlet extends HttpServlet {
1468    private static final long serialVersionUID = -6284183679759467039L;
1469
1470    @Override
1471    public void doGet(HttpServletRequest request, HttpServletResponse response)
1472      throws ServletException, IOException {
1473      if (!HttpServer.isInstrumentationAccessAllowed(getServletContext(), request, response)) {
1474        return;
1475      }
1476      response.setContentType("text/plain; charset=UTF-8");
1477      try (PrintStream out = new PrintStream(response.getOutputStream(), false, "UTF-8")) {
1478        Threads.printThreadInfo(out, "");
1479        out.flush();
1480      }
1481      ReflectionUtils.logThreadInfo(LOG, "jsp requested", 1);
1482    }
1483  }
1484
1485  /**
1486   * A Servlet input filter that quotes all HTML active characters in the parameter names and
1487   * values. The goal is to quote the characters to make all of the servlets resistant to cross-site
1488   * scripting attacks.
1489   */
1490  @InterfaceAudience.LimitedPrivate(HBaseInterfaceAudience.CONFIG)
1491  public static class QuotingInputFilter implements Filter {
1492    private FilterConfig config;
1493
1494    public static class RequestQuoter extends HttpServletRequestWrapper {
1495      private final HttpServletRequest rawRequest;
1496
1497      public RequestQuoter(HttpServletRequest rawRequest) {
1498        super(rawRequest);
1499        this.rawRequest = rawRequest;
1500      }
1501
1502      /**
1503       * Return the set of parameter names, quoting each name.
1504       */
1505      @Override
1506      public Enumeration<String> getParameterNames() {
1507        return new Enumeration<String>() {
1508          private Enumeration<String> rawIterator = rawRequest.getParameterNames();
1509
1510          @Override
1511          public boolean hasMoreElements() {
1512            return rawIterator.hasMoreElements();
1513          }
1514
1515          @Override
1516          public String nextElement() {
1517            return HtmlQuoting.quoteHtmlChars(rawIterator.nextElement());
1518          }
1519        };
1520      }
1521
1522      /**
1523       * Unquote the name and quote the value.
1524       */
1525      @Override
1526      public String getParameter(String name) {
1527        return HtmlQuoting
1528          .quoteHtmlChars(rawRequest.getParameter(HtmlQuoting.unquoteHtmlChars(name)));
1529      }
1530
1531      @Override
1532      public String[] getParameterValues(String name) {
1533        String unquoteName = HtmlQuoting.unquoteHtmlChars(name);
1534        String[] unquoteValue = rawRequest.getParameterValues(unquoteName);
1535        if (unquoteValue == null) {
1536          return null;
1537        }
1538        String[] result = new String[unquoteValue.length];
1539        for (int i = 0; i < result.length; ++i) {
1540          result[i] = HtmlQuoting.quoteHtmlChars(unquoteValue[i]);
1541        }
1542        return result;
1543      }
1544
1545      @Override
1546      public Map<String, String[]> getParameterMap() {
1547        Map<String, String[]> result = new HashMap<>();
1548        Map<String, String[]> raw = rawRequest.getParameterMap();
1549        for (Map.Entry<String, String[]> item : raw.entrySet()) {
1550          String[] rawValue = item.getValue();
1551          String[] cookedValue = new String[rawValue.length];
1552          for (int i = 0; i < rawValue.length; ++i) {
1553            cookedValue[i] = HtmlQuoting.quoteHtmlChars(rawValue[i]);
1554          }
1555          result.put(HtmlQuoting.quoteHtmlChars(item.getKey()), cookedValue);
1556        }
1557        return result;
1558      }
1559
1560      /**
1561       * Quote the url so that users specifying the HOST HTTP header can't inject attacks.
1562       */
1563      @Override
1564      public StringBuffer getRequestURL() {
1565        String url = rawRequest.getRequestURL().toString();
1566        return new StringBuffer(HtmlQuoting.quoteHtmlChars(url));
1567      }
1568
1569      /**
1570       * Quote the server name so that users specifying the HOST HTTP header can't inject attacks.
1571       */
1572      @Override
1573      public String getServerName() {
1574        return HtmlQuoting.quoteHtmlChars(rawRequest.getServerName());
1575      }
1576    }
1577
1578    @Override
1579    public void init(FilterConfig config) throws ServletException {
1580      this.config = config;
1581    }
1582
1583    @Override
1584    public void destroy() {
1585    }
1586
1587    @Override
1588    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
1589      throws IOException, ServletException {
1590      HttpServletRequestWrapper quoted = new RequestQuoter((HttpServletRequest) request);
1591      HttpServletResponse httpResponse = (HttpServletResponse) response;
1592
1593      String mime = inferMimeType(request);
1594      if (mime == null) {
1595        httpResponse.setContentType("text/plain; charset=utf-8");
1596      } else if (mime.startsWith("text/html")) {
1597        // HTML with unspecified encoding, we want to
1598        // force HTML with utf-8 encoding
1599        // This is to avoid the following security issue:
1600        // http://openmya.hacker.jp/hasegawa/security/utf7cs.html
1601        httpResponse.setContentType("text/html; charset=utf-8");
1602      } else if (mime.startsWith("application/xml")) {
1603        httpResponse.setContentType("text/xml; charset=utf-8");
1604      }
1605      chain.doFilter(quoted, httpResponse);
1606    }
1607
1608    /**
1609     * Infer the mime type for the response based on the extension of the request URI. Returns null
1610     * if unknown.
1611     */
1612    private String inferMimeType(ServletRequest request) {
1613      String path = ((HttpServletRequest) request).getRequestURI();
1614      ServletContext context = config.getServletContext();
1615      return context.getMimeType(path);
1616    }
1617  }
1618}