|
@@ -21,6 +21,8 @@ import org.apache.hadoop.classification.InterfaceAudience;
|
|
|
import org.apache.hadoop.classification.InterfaceStability;
|
|
import org.apache.hadoop.classification.InterfaceStability;
|
|
|
import org.apache.hadoop.io.Text;
|
|
import org.apache.hadoop.io.Text;
|
|
|
import org.apache.hadoop.security.Credentials;
|
|
import org.apache.hadoop.security.Credentials;
|
|
|
|
|
+import org.slf4j.Logger;
|
|
|
|
|
+import org.slf4j.LoggerFactory;
|
|
|
|
|
|
|
|
import java.io.IOException;
|
|
import java.io.IOException;
|
|
|
import java.util.ArrayList;
|
|
import java.util.ArrayList;
|
|
@@ -32,7 +34,7 @@ import java.util.List;
|
|
|
@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce", "Yarn"})
|
|
@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce", "Yarn"})
|
|
|
@InterfaceStability.Unstable
|
|
@InterfaceStability.Unstable
|
|
|
public interface DelegationTokenIssuer {
|
|
public interface DelegationTokenIssuer {
|
|
|
-
|
|
|
|
|
|
|
+ Logger TOKEN_LOG = LoggerFactory.getLogger(DelegationTokenIssuer.class);
|
|
|
/**
|
|
/**
|
|
|
* The service name used as the alias for the token in the credential
|
|
* The service name used as the alias for the token in the credential
|
|
|
* token map. addDelegationTokens will use this to determine if
|
|
* token map. addDelegationTokens will use this to determine if
|
|
@@ -88,15 +90,28 @@ public interface DelegationTokenIssuer {
|
|
|
final List<Token<?>> tokens) throws IOException {
|
|
final List<Token<?>> tokens) throws IOException {
|
|
|
final String serviceName = issuer.getCanonicalServiceName();
|
|
final String serviceName = issuer.getCanonicalServiceName();
|
|
|
// Collect token of the this issuer and then of its embedded children
|
|
// Collect token of the this issuer and then of its embedded children
|
|
|
|
|
+ if (TOKEN_LOG.isDebugEnabled()) {
|
|
|
|
|
+ TOKEN_LOG.debug("Search token for service {} in credentials",
|
|
|
|
|
+ serviceName);
|
|
|
|
|
+ }
|
|
|
if (serviceName != null) {
|
|
if (serviceName != null) {
|
|
|
final Text service = new Text(serviceName);
|
|
final Text service = new Text(serviceName);
|
|
|
Token<?> token = credentials.getToken(service);
|
|
Token<?> token = credentials.getToken(service);
|
|
|
if (token == null) {
|
|
if (token == null) {
|
|
|
|
|
+ if (TOKEN_LOG.isDebugEnabled()) {
|
|
|
|
|
+ TOKEN_LOG.debug("Token for service {} not found in credentials," +
|
|
|
|
|
+ " try getDelegationToken.", serviceName);
|
|
|
|
|
+ }
|
|
|
token = issuer.getDelegationToken(renewer);
|
|
token = issuer.getDelegationToken(renewer);
|
|
|
if (token != null) {
|
|
if (token != null) {
|
|
|
tokens.add(token);
|
|
tokens.add(token);
|
|
|
credentials.addToken(service, token);
|
|
credentials.addToken(service, token);
|
|
|
}
|
|
}
|
|
|
|
|
+ } else {
|
|
|
|
|
+ if (TOKEN_LOG.isDebugEnabled()) {
|
|
|
|
|
+ TOKEN_LOG.debug("Token for service {} found in credentials," +
|
|
|
|
|
+ "skip getDelegationToken.", serviceName);
|
|
|
|
|
+ }
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
// Now collect the tokens from the children.
|
|
// Now collect the tokens from the children.
|
Xiaoyu Yao