Revert "HDDS-1183. Override getDelegationToken API for OzoneFileSystem. Contr…" (#544)

* Revert "Fix checkstyle issue" This reverts commit 78c8a3323e. * Revert "HDDS-1183. Override getDelegationToken API for OzoneFileSystem. Contributed by Xiaoyu Yao." This reverts commit 6fef6fc5ee.
2019-03-01 16:19:43 -08:00 · 2019-03-01 16:19:43 -08:00 · 9e53088493
parent 78c8a3323e
commit 9e53088493
5 changed files with 14 additions and 95 deletions
--- a/hadoop-hdds/common/src/main/java/org/apache/hadoop/hdds/security/token/OzoneBlockTokenIdentifier.java
+++ b/hadoop-hdds/common/src/main/java/org/apache/hadoop/hdds/security/token/OzoneBlockTokenIdentifier.java
@ -28,7 +28,6 @@ import org.apache.hadoop.hdds.protocol.proto.HddsProtos.BlockTokenSecretProto.Bu
 import org.apache.hadoop.io.Text;
 import org.apache.hadoop.security.UserGroupInformation;
 import org.apache.hadoop.security.token.TokenIdentifier;
-import org.apache.hadoop.security.token.Token.TrivialRenewer;

 import java.io.DataInput;
 import java.io.DataInputStream;
@ -196,17 +195,5 @@ public class OzoneBlockTokenIdentifier extends TokenIdentifier {
    }
    out.write(builder.build().toByteArray());
  }
-
-  /**
-   * Default TrivialRenewer.
-   */
-  @InterfaceAudience.Private
-  public static class Renewer extends TrivialRenewer {
-
-    @Override
-    protected Text getKind() {
-      return KIND_NAME;
-    }
-  }
 }

--- a/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/OzoneTokenIdentifier.java
+++ b/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/OzoneTokenIdentifier.java
@ -29,6 +29,7 @@ import org.apache.hadoop.classification.InterfaceStability;
 import org.apache.hadoop.io.Text;
 import org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.OMTokenProto;
 import org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier;
+import org.apache.hadoop.security.token.Token;

 /**
 * The token identifier for Ozone Master.
@ -67,6 +68,18 @@ public class OzoneTokenIdentifier extends
    return KIND_NAME;
  }

+  /**
+   * Default TrivialRenewer.
+   */
+  @InterfaceAudience.Private
+  public static class Renewer extends Token.TrivialRenewer {
+
+    @Override
+    protected Text getKind() {
+      return KIND_NAME;
+    }
+  }
+
  /**
   * Overrides default implementation to write using Protobuf.
   *
--- a/hadoop-ozone/ozonefs/src/main/java/org/apache/hadoop/fs/ozone/OzoneClientAdapter.java
+++ b/hadoop-ozone/ozonefs/src/main/java/org/apache/hadoop/fs/ozone/OzoneClientAdapter.java
@ -17,9 +17,6 @@
 */
 package org.apache.hadoop.fs.ozone;

-import org.apache.hadoop.ozone.security.OzoneTokenIdentifier;
-import org.apache.hadoop.security.token.Token;
-
 import java.io.IOException;
 import java.io.InputStream;
 import java.util.Iterator;
@ -55,6 +52,4 @@ public interface OzoneClientAdapter {

  Iterator<BasicKeyInfo> listKeys(String pathKey);

-  Token<OzoneTokenIdentifier> getDelegationToken(String renewer)
-      throws IOException;
 }
--- a/hadoop-ozone/ozonefs/src/main/java/org/apache/hadoop/fs/ozone/OzoneClientAdapterImpl.java
+++ b/hadoop-ozone/ozonefs/src/main/java/org/apache/hadoop/fs/ozone/OzoneClientAdapterImpl.java
@ -22,12 +22,9 @@ import java.io.InputStream;
 import java.util.HashMap;
 import java.util.Iterator;

-import org.apache.hadoop.classification.InterfaceAudience;
-import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.hdds.client.ReplicationFactor;
 import org.apache.hadoop.hdds.client.ReplicationType;
 import org.apache.hadoop.hdds.conf.OzoneConfiguration;
-import org.apache.hadoop.io.Text;
 import org.apache.hadoop.ozone.OzoneConfigKeys;
 import org.apache.hadoop.ozone.client.ObjectStore;
 import org.apache.hadoop.ozone.client.OzoneBucket;
@ -38,10 +35,6 @@ import org.apache.hadoop.ozone.client.OzoneVolume;
 import org.apache.hadoop.ozone.client.io.OzoneOutputStream;

 import static org.apache.hadoop.ozone.OzoneConsts.OZONE_URI_DELIMITER;
-
-import org.apache.hadoop.ozone.security.OzoneTokenIdentifier;
-import org.apache.hadoop.security.token.Token;
-import org.apache.hadoop.security.token.TokenRenewer;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

@ -258,64 +251,8 @@ public class OzoneClientAdapterImpl implements OzoneClientAdapter {
    return new IteratorAdapter(bucket.listKeys(pathKey));
  }

-  @Override
-  public Token<OzoneTokenIdentifier> getDelegationToken(String renewer)
-      throws IOException {
-    Token<OzoneTokenIdentifier> token =
-        ozoneClient.getObjectStore().getDelegationToken(new Text(renewer));
-    token.setKind(OzoneTokenIdentifier.KIND_NAME);
-    return token;
-  }
-
  /**
-   * Ozone Delegation Token Renewer.
-   */
-  @InterfaceAudience.Private
-  public static class Renewer extends TokenRenewer {
-
-    //Ensure that OzoneConfiguration files are loaded before trying to use
-    // the renewer.
-    static {
-      OzoneConfiguration.activate();
-    }
-
-    public Text getKind() {
-      return OzoneTokenIdentifier.KIND_NAME;
-    }
-
-    @Override
-    public boolean handleKind(Text kind) {
-      return getKind().equals(kind);
-    }
-
-    @Override
-    public boolean isManaged(Token<?> token) throws IOException {
-      return true;
-    }
-
-    @Override
-    public long renew(Token<?> token, Configuration conf)
-        throws IOException, InterruptedException {
-      Token<OzoneTokenIdentifier> ozoneDt =
-          (Token<OzoneTokenIdentifier>) token;
-      OzoneClient ozoneClient =
-          OzoneClientFactory.getRpcClient(conf);
-      return ozoneClient.getObjectStore().renewDelegationToken(ozoneDt);
-    }
-
-    @Override
-    public void cancel(Token<?> token, Configuration conf)
-        throws IOException, InterruptedException {
-      Token<OzoneTokenIdentifier> ozoneDt =
-          (Token<OzoneTokenIdentifier>) token;
-      OzoneClient ozoneClient =
-          OzoneClientFactory.getRpcClient(conf);
-      ozoneClient.getObjectStore().cancelDelegationToken(ozoneDt);
-    }
-  }
-
-  /**
-   * Adapter to convert OzoneKey to a safe and simple Key implementation.
+   * Adapter to conver OzoneKey to a safe and simple Key implementation.
   */
  public static class IteratorAdapter implements Iterator<BasicKeyInfo> {

--- a/hadoop-ozone/ozonefs/src/main/java/org/apache/hadoop/fs/ozone/OzoneFileSystem.java
+++ b/hadoop-ozone/ozonefs/src/main/java/org/apache/hadoop/fs/ozone/OzoneFileSystem.java
@ -48,9 +48,7 @@ import org.apache.hadoop.fs.PathIsNotEmptyDirectoryException;
 import org.apache.hadoop.fs.GlobalStorageStatistics;
 import org.apache.hadoop.fs.permission.FsPermission;
 import org.apache.hadoop.hdds.conf.OzoneConfiguration;
-import org.apache.hadoop.hdds.security.x509.SecurityConfig;
 import org.apache.hadoop.security.UserGroupInformation;
-import org.apache.hadoop.security.token.Token;
 import org.apache.hadoop.util.Progressable;

 import com.google.common.base.Preconditions;
@ -86,7 +84,6 @@ public class OzoneFileSystem extends FileSystem {
  private Path workingDir;

  private OzoneClientAdapter adapter;
-  private boolean securityEnabled;


  private OzoneFSStorageStatistics storageStatistics;
@ -159,10 +156,6 @@ public class OzoneFileSystem extends FileSystem {
        } else {
          ozoneConfiguration = new OzoneConfiguration(conf);
        }
-        SecurityConfig secConfig = new SecurityConfig(ozoneConfiguration);
-        if (secConfig.isSecurityEnabled()) {
-          this.securityEnabled = true;
-        }
        this.adapter = new OzoneClientAdapterImpl(ozoneConfiguration,
            volumeStr, bucketStr, storageStatistics);
      }
@ -676,12 +669,6 @@ public class OzoneFileSystem extends FileSystem {
    return workingDir;
  }

-  @Override
-  public Token<?> getDelegationToken(String renewer) throws IOException {
-    return securityEnabled? adapter.getDelegationToken(renewer) :
-        super.getDelegationToken(renewer);
-  }
-
  /**
   * Get the username of the FS.
   *