Revert HDFS-3654. TestJspHelper#testGetUgi fails with NPE.

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-2@1362764 13f79535-47bb-0310-9956-ffa450edef68

hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt

@@ -351,8 +351,6 @@ Release 2.0.1-alpha - UNRELEASED
     HDFS-3609. libhdfs: don't force the URI to look like hdfs://hostname:port.
     (Colin Patrick McCabe via eli)
 
-    HDFS-3654. TestJspHelper#testGetUgi fails with NPE. (eli)
-
   BREAKDOWN OF HDFS-3042 SUBTASKS
 
     HDFS-2185. HDFS portion of ZK-based FailoverController (todd)

hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/common/JspHelper.java

@@ -540,7 +540,7 @@ public class JspHelper {
     final String usernameFromQuery = getUsernameFromQuery(request, tryUgiParameter);
     final String doAsUserFromQuery = request.getParameter(DoAsParam.NAME);
 
-    if (UserGroupInformation.isSecurityEnabled()) {
+    if(UserGroupInformation.isSecurityEnabled()) {
       final String remoteUser = request.getRemoteUser();
       String tokenString = request.getParameter(DELEGATION_PARAMETER_NAME);
       if (tokenString != null) {
@@ -558,7 +558,7 @@ public class JspHelper {
         DelegationTokenIdentifier id = new DelegationTokenIdentifier();
         id.readFields(in);
         final NameNode nn = NameNodeHttpServer.getNameNodeFromContext(context);
-        nn.verifyToken(id, token.getPassword());
+        nn.getNamesystem().verifyToken(id, token.getPassword());
         ugi = id.getUser();
         if (ugi.getRealUser() == null) {
           //non-proxy case

hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java

@@ -5449,11 +5449,21 @@ public class FSNamesystem implements Namesystem, FSClusterStats,
     return blockManager;
   }
   
+  /**
+   * Verifies that the given identifier and password are valid and match.
+   * @param identifier Token identifier.
+   * @param password Password in the token.
+   * @throws InvalidToken
+   */
+  public synchronized void verifyToken(DelegationTokenIdentifier identifier,
+      byte[] password) throws InvalidToken {
+    getDelegationTokenSecretManager().verifyToken(identifier, password);
+  }
+  
   @Override
   public boolean isGenStampInFuture(long genStamp) {
     return (genStamp > getGenerationStamp());
   }
-
   @VisibleForTesting
   public EditLogTailer getEditLogTailer() {
     return editLogTailer;

hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/NameNode.java

@@ -51,7 +51,6 @@ import org.apache.hadoop.hdfs.HAUtil;
 import org.apache.hadoop.hdfs.HdfsConfiguration;
 import org.apache.hadoop.hdfs.protocol.ClientProtocol;
 import org.apache.hadoop.hdfs.protocol.HdfsConstants;
-import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier;
 import org.apache.hadoop.hdfs.server.common.HdfsServerConstants.NamenodeRole;
 import org.apache.hadoop.hdfs.server.common.HdfsServerConstants.StartupOption;
 import org.apache.hadoop.hdfs.server.common.Storage.StorageDirectory;
@@ -80,7 +79,6 @@ import org.apache.hadoop.security.RefreshUserMappingsProtocol;
 import org.apache.hadoop.security.SecurityUtil;
 import org.apache.hadoop.security.UserGroupInformation;
 import org.apache.hadoop.security.authorize.RefreshAuthorizationPolicyProtocol;
-import org.apache.hadoop.security.token.SecretManager.InvalidToken;
 import org.apache.hadoop.tools.GetUserMappingsProtocol;
 import org.apache.hadoop.util.ServicePlugin;
 import org.apache.hadoop.util.StringUtils;
@@ -1291,18 +1289,7 @@ public class NameNode {
     }
     terminate(1, t);
   }
-
-  /**
-   * Verifies that the given identifier and password are valid and match.
-   * @param identifier Token identifier.
-   * @param password Password in the token.
-   * @throws InvalidToken
-   */
-  public synchronized void verifyToken(DelegationTokenIdentifier identifier,
-      byte[] password) throws InvalidToken {
-    namesystem.getDelegationTokenSecretManager().verifyToken(identifier, password);
-  }
-
+  
   /**
    * Class used to expose {@link NameNode} as context to {@link HAState}
    */

hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/NameNodeHttpServer.java

@@ -63,7 +63,7 @@ public class NameNodeHttpServer {
   
   public static final String NAMENODE_ADDRESS_ATTRIBUTE_KEY = "name.node.address";
   public static final String FSIMAGE_ATTRIBUTE_KEY = "name.system.image";
-  public static final String NAMENODE_ATTRIBUTE_KEY = "name.node";
+  protected static final String NAMENODE_ATTRIBUTE_KEY = "name.node";
   
   public NameNodeHttpServer(
       Configuration conf,

hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/common/TestJspHelper.java

@@ -30,7 +30,6 @@ import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.hdfs.DFSConfigKeys;
 import org.apache.hadoop.hdfs.HdfsConfiguration;
 import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier;
-import org.apache.hadoop.hdfs.server.namenode.NameNode;
 import org.apache.hadoop.hdfs.server.namenode.NameNodeHttpServer;
 import org.apache.hadoop.io.Text;
 import org.apache.hadoop.security.UserGroupInformation;
@@ -70,7 +69,6 @@ public class TestJspHelper {
     conf.set(DFSConfigKeys.FS_DEFAULT_NAME_KEY, "hdfs://localhost:4321/");
     HttpServletRequest request = mock(HttpServletRequest.class);
     ServletContext context = mock(ServletContext.class);
-    NameNode nn = mock(NameNode.class);
     String user = "TheDoctor";
     Text userText = new Text(user);
     DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(userText,
@@ -81,8 +79,6 @@ public class TestJspHelper {
     when(request.getParameter(JspHelper.DELEGATION_PARAMETER_NAME)).thenReturn(
         tokenString);
     when(request.getRemoteUser()).thenReturn(user);
-    when(context.getAttribute(
-        NameNodeHttpServer.NAMENODE_ATTRIBUTE_KEY)).thenReturn(nn);
 
     //Test attribute in the url to be used as service in the token.
     when(request.getParameter(JspHelper.NAMENODE_ADDRESS)).thenReturn(