HADOOP-7463. Adding a configuration parameter to SecurityInfo interface. (mahadev)

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1150565 13f79535-47bb-0310-9956-ffa450edef68
2011-07-25 07:48:54 +00:00 · 2011-07-25 07:48:54 +00:00 · 85461fb0fa
parent 00b526a146
commit 85461fb0fa
7 changed files with 29 additions and 16 deletions
--- a/common/CHANGES.txt
+++ b/common/CHANGES.txt
@ -277,6 +277,9 @@ Trunk (unreleased changes)
    HADOOP-7434. Display error when using "daemonlog -setlevel" with
    illegal level. (yanjinshuang via eli)

+    HADOOP-7463. Adding a configuration parameter to SecurityInfo interface.
+    (mahadev)
+
  OPTIMIZATIONS
  
    HADOOP-7333. Performance improvement in PureJavaCrc32. (Eric Caspole
--- a/common/src/java/org/apache/hadoop/ipc/Client.java
+++ b/common/src/java/org/apache/hadoop/ipc/Client.java
@ -252,7 +252,7 @@ public class Client {
      Class<?> protocol = remoteId.getProtocol();
      this.useSasl = UserGroupInformation.isSecurityEnabled();
      if (useSasl && protocol != null) {
-        TokenInfo tokenInfo = SecurityUtil.getTokenInfo(protocol);
+        TokenInfo tokenInfo = SecurityUtil.getTokenInfo(protocol, conf);
        if (tokenInfo != null) {
          TokenSelector<? extends TokenIdentifier> tokenSelector = null;
          try {
@ -267,7 +267,7 @@ public class Client {
              .getHostAddress() + ":" + addr.getPort()), 
              ticket.getTokens());
        }
-        KerberosInfo krbInfo = SecurityUtil.getKerberosInfo(protocol);
+        KerberosInfo krbInfo = SecurityUtil.getKerberosInfo(protocol, conf);
        if (krbInfo != null) {
          serverPrincipal = remoteId.getServerPrincipal();
          if (LOG.isDebugEnabled()) {
@ -1285,7 +1285,7 @@ public class Client {
      if (!UserGroupInformation.isSecurityEnabled() || protocol == null) {
        return null;
      }
-      KerberosInfo krbInfo = SecurityUtil.getKerberosInfo(protocol);
+      KerberosInfo krbInfo = SecurityUtil.getKerberosInfo(protocol, conf);
      if (krbInfo != null) {
        String serverKey = krbInfo.serverPrincipal();
        if (serverKey == null) {
--- a/common/src/java/org/apache/hadoop/security/AnnotatedSecurityInfo.java
+++ b/common/src/java/org/apache/hadoop/security/AnnotatedSecurityInfo.java
@ -18,6 +18,7 @@

 package org.apache.hadoop.security;

+import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.security.token.TokenInfo;

 /**
@ -26,12 +27,12 @@ import org.apache.hadoop.security.token.TokenInfo;
 public class AnnotatedSecurityInfo extends SecurityInfo {

  @Override
-  public KerberosInfo getKerberosInfo(Class<?> protocol) {
+  public KerberosInfo getKerberosInfo(Class<?> protocol, Configuration conf) {
    return protocol.getAnnotation(KerberosInfo.class);
  }

  @Override
-  public TokenInfo getTokenInfo(Class<?> protocol) {
+  public TokenInfo getTokenInfo(Class<?> protocol, Configuration conf) {
    return protocol.getAnnotation(TokenInfo.class);
  }

--- a/common/src/java/org/apache/hadoop/security/SecurityInfo.java
+++ b/common/src/java/org/apache/hadoop/security/SecurityInfo.java
@ -18,8 +18,13 @@

 package org.apache.hadoop.security;

+import org.apache.hadoop.classification.InterfaceAudience.LimitedPrivate;
+import org.apache.hadoop.classification.InterfaceStability.Evolving;
+import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.security.token.TokenInfo;

+@Evolving
+@LimitedPrivate({"MapReduce", "HDFS"})
 /**
 * Interface used by RPC to get the Security information for a given 
 * protocol.
@ -29,15 +34,17 @@ public abstract class SecurityInfo {
  /**
   * Get the KerberosInfo for a given protocol.
   * @param protocol interface class
+   * @param conf configuration
   * @return KerberosInfo
   */
-  public abstract KerberosInfo getKerberosInfo(Class<?> protocol);
+  public abstract KerberosInfo getKerberosInfo(Class<?> protocol, Configuration conf);

  /**
   * Get the TokenInfo for a given protocol.
   * @param protocol interface class
+   * @param conf configuration object.
   * @return TokenInfo instance
   */
-  public abstract TokenInfo getTokenInfo(Class<?> protocol);
+  public abstract TokenInfo getTokenInfo(Class<?> protocol, Configuration conf);

 }
--- a/common/src/java/org/apache/hadoop/security/SecurityUtil.java
+++ b/common/src/java/org/apache/hadoop/security/SecurityUtil.java
@ -310,17 +310,18 @@ public class SecurityUtil {
   * Look up the KerberosInfo for a given protocol. It searches all known
   * SecurityInfo providers.
   * @param protocol the protocol class to get the information for
+   * @param conf configuration object
   * @return the KerberosInfo or null if it has no KerberosInfo defined
   */
-  public static KerberosInfo getKerberosInfo(Class<?> protocol) {
+  public static KerberosInfo getKerberosInfo(Class<?> protocol, Configuration conf) {
    for(SecurityInfo provider: testProviders) {
-      KerberosInfo result = provider.getKerberosInfo(protocol);
+      KerberosInfo result = provider.getKerberosInfo(protocol, conf);
      if (result != null) {
        return result;
      }
    }
    for(SecurityInfo provider: securityInfoProviders) {
-      KerberosInfo result = provider.getKerberosInfo(protocol);
+      KerberosInfo result = provider.getKerberosInfo(protocol, conf);
      if (result != null) {
        return result;
      }
@ -332,17 +333,18 @@ public class SecurityUtil {
   * Look up the TokenInfo for a given protocol. It searches all known
   * SecurityInfo providers.
   * @param protocol The protocol class to get the information for.
+   * @conf conf Configuration object
   * @return the TokenInfo or null if it has no KerberosInfo defined
   */
-  public static TokenInfo getTokenInfo(Class<?> protocol) {
+  public static TokenInfo getTokenInfo(Class<?> protocol, Configuration conf) {
    for(SecurityInfo provider: testProviders) {
-      TokenInfo result = provider.getTokenInfo(protocol);
+      TokenInfo result = provider.getTokenInfo(protocol, conf);
      if (result != null) {
        return result;
      }      
    }
    for(SecurityInfo provider: securityInfoProviders) {
-      TokenInfo result = provider.getTokenInfo(protocol);
+      TokenInfo result = provider.getTokenInfo(protocol, conf);
      if (result != null) {
        return result;
      }
--- a/common/src/java/org/apache/hadoop/security/authorize/ServiceAuthorizationManager.java
+++ b/common/src/java/org/apache/hadoop/security/authorize/ServiceAuthorizationManager.java
@ -84,7 +84,7 @@ public class ServiceAuthorizationManager {
    }
    
    // get client principal key to verify (if available)
-    KerberosInfo krbInfo = SecurityUtil.getKerberosInfo(protocol);
+    KerberosInfo krbInfo = SecurityUtil.getKerberosInfo(protocol, conf);
    String clientPrincipal = null; 
    if (krbInfo != null) {
      String clientKey = krbInfo.clientPrincipal();
--- a/common/src/test/core/org/apache/hadoop/ipc/TestSaslRPC.java
+++ b/common/src/test/core/org/apache/hadoop/ipc/TestSaslRPC.java
@ -193,7 +193,7 @@ public class TestSaslRPC {
  public static class CustomSecurityInfo extends SecurityInfo {

    @Override
-    public KerberosInfo getKerberosInfo(Class<?> protocol) {
+    public KerberosInfo getKerberosInfo(Class<?> protocol, Configuration conf) {
      return new KerberosInfo() {
        @Override
        public Class<? extends Annotation> annotationType() {
@ -211,7 +211,7 @@ public class TestSaslRPC {
    }

    @Override
-    public TokenInfo getTokenInfo(Class<?> protocol) {
+    public TokenInfo getTokenInfo(Class<?> protocol, Configuration conf) {
      return new TokenInfo() {
        @Override
        public Class<? extends TokenSelector<? extends