HDFS-14670: RBF: Create secret manager instance using FederationUtil#newInstance.

hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/FederationUtil.java

@@ -28,11 +28,13 @@ import java.net.URLConnection;
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.fs.Path;
 import org.apache.hadoop.hdfs.protocol.HdfsFileStatus;
+import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier;
 import org.apache.hadoop.hdfs.server.federation.resolver.ActiveNamenodeResolver;
 import org.apache.hadoop.hdfs.server.federation.resolver.FileSubclusterResolver;
 import org.apache.hadoop.hdfs.server.federation.store.StateStoreService;
 import org.apache.hadoop.hdfs.web.URLConnectionFactory;
 import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager;
 import org.apache.hadoop.util.VersionInfo;
 import org.codehaus.jettison.json.JSONArray;
 import org.codehaus.jettison.json.JSONException;
@@ -203,6 +205,23 @@ public final class FederationUtil {
     return newInstance(conf, stateStore, StateStoreService.class, clazz);
   }
 
+  /**
+   * Creates an instance of DelegationTokenSecretManager from the
+   * configuration.
+   *
+   * @param conf Configuration that defines the token manager class.
+   * @return New delegation token secret manager.
+   */
+  public static AbstractDelegationTokenSecretManager<DelegationTokenIdentifier>
+      newSecretManager(Configuration conf) {
+    Class<? extends AbstractDelegationTokenSecretManager> clazz =
+        conf.getClass(
+        RBFConfigKeys.DFS_ROUTER_DELEGATION_TOKEN_DRIVER_CLASS,
+        RBFConfigKeys.DFS_ROUTER_DELEGATION_TOKEN_DRIVER_CLASS_DEFAULT,
+        AbstractDelegationTokenSecretManager.class);
+    return newInstance(conf, null, null, clazz);
+  }
+
   /**
    * Check if the given path is the child of parent path.
    * @param path Path to be check.

hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/security/RouterSecurityManager.java

@@ -22,7 +22,7 @@ import com.google.common.annotations.VisibleForTesting;
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.hdfs.DFSUtil;
 import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier;
-import org.apache.hadoop.hdfs.server.federation.router.RBFConfigKeys;
+import org.apache.hadoop.hdfs.server.federation.router.FederationUtil;
 import org.apache.hadoop.hdfs.server.federation.router.RouterRpcServer;
 import org.apache.hadoop.hdfs.server.federation.router.Router;
 import org.apache.hadoop.io.Text;
@@ -39,7 +39,6 @@ import org.slf4j.LoggerFactory;
 
 import java.io.IOException;
 import java.net.InetSocketAddress;
-import java.lang.reflect.Constructor;
 
 /**
  * Manager to hold underlying delegation token secret manager implementations.
@@ -58,7 +57,7 @@ public class RouterSecurityManager {
     AuthenticationMethod authMethodToInit =
         AuthenticationMethod.KERBEROS;
     if (authMethodConfigured.equals(authMethodToInit)) {
-      this.dtSecretManager = newSecretManager(conf);
+      this.dtSecretManager = FederationUtil.newSecretManager(conf);
     }
   }
 
@@ -68,37 +67,6 @@ public class RouterSecurityManager {
     this.dtSecretManager = dtSecretManager;
   }
 
-  /**
-   * Creates an instance of a SecretManager from the configuration.
-   *
-   * @param conf Configuration that defines the secret manager class.
-   * @return New secret manager.
-   */
-  public static AbstractDelegationTokenSecretManager<DelegationTokenIdentifier>
-      newSecretManager(Configuration conf) {
-    Class<? extends AbstractDelegationTokenSecretManager> clazz =
-        conf.getClass(
-        RBFConfigKeys.DFS_ROUTER_DELEGATION_TOKEN_DRIVER_CLASS,
-        RBFConfigKeys.DFS_ROUTER_DELEGATION_TOKEN_DRIVER_CLASS_DEFAULT,
-        AbstractDelegationTokenSecretManager.class);
-    AbstractDelegationTokenSecretManager secretManager;
-    try {
-      Constructor constructor = clazz.getConstructor(Configuration.class);
-      secretManager = (AbstractDelegationTokenSecretManager)
-          constructor.newInstance(conf);
-      LOG.info("Delegation token secret manager object instantiated");
-    } catch (ReflectiveOperationException e) {
-      LOG.error("Could not instantiate: {}", clazz.getSimpleName(),
-          e.getCause());
-      return null;
-    } catch (RuntimeException e) {
-      LOG.error("RuntimeException to instantiate: {}",
-          clazz.getSimpleName(), e);
-      return null;
-    }
-    return secretManager;
-  }
-
   public AbstractDelegationTokenSecretManager<DelegationTokenIdentifier>
       getSecretManager() {
     return this.dtSecretManager;

hadoop-hdfs-project/hadoop-hdfs-rbf/src/test/java/org/apache/hadoop/hdfs/server/federation/security/TestRouterSecurityManager.java

@@ -21,6 +21,7 @@ package org.apache.hadoop.hdfs.server.federation.security;
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.fs.Path;
 import org.apache.hadoop.fs.contract.router.RouterHDFSContract;
+import org.apache.hadoop.hdfs.HdfsConfiguration;
 import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier;
 import org.apache.hadoop.hdfs.server.federation.RouterConfigBuilder;
 import org.apache.hadoop.hdfs.server.federation.router.security.RouterSecurityManager;
@@ -35,10 +36,14 @@ import org.junit.rules.ExpectedException;
 import org.junit.BeforeClass;
 import org.junit.Rule;
 import org.junit.Test;
+
 import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertEquals;
 import static org.apache.hadoop.fs.contract.router.SecurityConfUtil.initSecurity;
+import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION;
+import static org.apache.hadoop.hdfs.server.federation.router.RBFConfigKeys.DFS_ROUTER_DELEGATION_TOKEN_DRIVER_CLASS;
 
 import org.hamcrest.core.StringContains;
 import java.io.IOException;
@@ -71,6 +76,24 @@ public class TestRouterSecurityManager {
   @Rule
   public ExpectedException exceptionRule = ExpectedException.none();
 
+  @Test
+  public void testCreateSecretManagerUsingReflection() {
+    Configuration conf = new HdfsConfiguration();
+    conf.set(
+        DFS_ROUTER_DELEGATION_TOKEN_DRIVER_CLASS,
+        MockDelegationTokenSecretManager.class.getName());
+    conf.set(HADOOP_SECURITY_AUTHENTICATION,
+        UserGroupInformation.AuthenticationMethod.KERBEROS.name());
+    RouterSecurityManager routerSecurityManager =
+        new RouterSecurityManager(conf);
+    AbstractDelegationTokenSecretManager<DelegationTokenIdentifier>
+        secretManager = routerSecurityManager.getSecretManager();
+    assertNotNull(secretManager);
+    assertTrue(secretManager.isRunning());
+    routerSecurityManager.stop();
+    assertFalse(secretManager.isRunning());
+  }
+
   @Test
   public void testDelegationTokens() throws IOException {
     UserGroupInformation.reset();