commit 8dd4b0642676c702e6c9250125d209d71a02c399

Author: Jitendra Nath Pandey <jitendra@yahoo-inc.com>
Date:   Fri Jan 22 17:17:08 2010 -0800

    HADOOP-6495 from https://issues.apache.org/jira/secure/attachment/12431145/HADOOP-6495-0_20.2.patch
    
    +++ b/YAHOO-CHANGES.txt
    +    HADOOP-6495. Identifier should be serialized after the password is created
    +    In Token constructor. (Jitendra Nath Pandey)
    +


git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-0.20-security-patches@1077120 13f79535-47bb-0310-9956-ffa450edef68

src/core/org/apache/hadoop/security/token/SecretManager.java

@@ -45,10 +45,11 @@ public abstract class SecretManager<T extends TokenIdentifier> {
   
   /**
    * Create the password for the given identifier.
+   * identifier may be modified inside this method.
    * @param identifier the identifier to use
    * @return the new password
    */
-  public abstract byte[] createPassword(T identifier);
+  protected abstract byte[] createPassword(T identifier);
   
   /**
    * Retrieve the password for the given token identifier. Should check the date

src/core/org/apache/hadoop/security/token/Token.java

@@ -42,8 +42,8 @@ public class Token<T extends TokenIdentifier> implements Writable {
    * @param mgr the secret manager
    */
   public Token(T id, SecretManager<T> mgr) {
-    identifier = id.getBytes();
     password = mgr.createPassword(id);
+    identifier = id.getBytes();
     kind = id.getKind();
     service = new Text();
   }