Previous commit for HDFS-2392 was incomplete, reverting.

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-0.20-security-205@1178702 13f79535-47bb-0310-9956-ffa450edef68

CHANGES.txt

@@ -254,8 +254,6 @@ Release 0.20.205.0 - 2011.09.28
 
     HADOOP-7715. Removed unnecessary security logger configuration. (Eric Yang)
 
-    HDFS-2392. Dist with hftp is failing again. (Daryn Sharp via jitendra)
-
   IMPROVEMENTS
 
     MAPREDUCE-2928. MR-2413 improvements (Eli Collins via mattf)

src/hdfs/org/apache/hadoop/hdfs/HftpFileSystem.java

@@ -155,42 +155,31 @@ public class HftpFileSystem extends FileSystem {
     this.hftpURI = createUri(name.getScheme(), nnAddr);
     
     if (UserGroupInformation.isSecurityEnabled()) {
-      initDelegationToken();
-    }
-  }
-  
-  protected void initDelegationToken() throws IOException {
-    // look for hftp token, then try hdfs
-    Token<?> token = selectHftpDelegationToken();
-    if (token == null) {
-      token = selectHdfsDelegationToken();
-    }   
-
-    //since we don't already have a token, go get one over https
-    boolean createdToken = false;
-    if (token == null) {
-      token = getDelegationToken(null);
-      createdToken = (token != null);
-    }
-
-    // security might be disabled
-    if (token != null) {
-      setDelegationToken(token);
-      if (createdToken) {
-        renewer.addTokenToRenew(this);
-        LOG.debug("Created new DT for " + token.getService());
+      Token<?> token = selectHftpDelegationToken();
+      if (token == null) {
+        token = selectHdfsDelegationToken();
+      }   
+      //since we don't already have a token, go get one over https
+      if (token == null) {
+        token = getDelegationToken(null);
+        // security might be disabled
+        if (token != null) {
+          setDelegationToken(token);
+          renewer.addTokenToRenew(this);
+          LOG.debug("Created new DT for " + token.getService());
+        }
       } else {
         LOG.debug("Found existing DT for " + token.getService());        
       }
     }
   }
 
-  protected Token<DelegationTokenIdentifier> selectHftpDelegationToken() {
+  private Token<DelegationTokenIdentifier> selectHftpDelegationToken() {
     Text serviceName = SecurityUtil.buildTokenService(nnSecureAddr);
     return hftpTokenSelector.selectToken(serviceName, ugi.getTokens());      
   }
   
-  protected Token<DelegationTokenIdentifier> selectHdfsDelegationToken() {
+  private Token<DelegationTokenIdentifier> selectHdfsDelegationToken() {
     // this guesses the remote cluster's rpc service port.
     // the current token design assumes it's the same as the local cluster's
     // rpc port unless a config key is set.  there should be a way to automatic
@@ -223,7 +212,7 @@ public class HftpFileSystem extends FileSystem {
     return uri;
   }
 
-  protected <T extends TokenIdentifier> void setDelegationToken(Token<T> token) {
+  private <T extends TokenIdentifier> void setDelegationToken(Token<T> token) {
     renewToken = token;
     // emulate the 203 usage of the tokens
     // by setting the kind and service as if they were hdfs tokens

src/test/org/apache/hadoop/hdfs/TestHftpFileSystem.java

@@ -18,7 +18,6 @@
 
 package org.apache.hadoop.hdfs;
 
-import static org.junit.Assert.*;
 import static org.junit.Assert.assertEquals;
 
 import java.io.IOException;
@@ -26,11 +25,6 @@ import java.net.URI;
 
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.fs.FileSystem;
-import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier;
-import org.apache.hadoop.io.Text;
-import org.apache.hadoop.security.SecurityUtil;
-import org.apache.hadoop.security.token.Token;
-import org.apache.hadoop.security.token.TokenIdentifier;
 import org.junit.Before;
 import org.junit.Test;
 
@@ -212,74 +206,4 @@ public class TestHftpFileSystem {
         fs.getCanonicalServiceName()
     );
   }
-
-  Token<DelegationTokenIdentifier> hftpToken;
-  Token<DelegationTokenIdentifier> hdfsToken;
-  Token<DelegationTokenIdentifier> gotToken;
-  
-  class StubbedHftpFileSystem extends HftpFileSystem {
-    @Override
-    protected Token<DelegationTokenIdentifier> selectHftpDelegationToken() {
-      return hftpToken;
-    }
-    
-    @Override
-    protected Token<DelegationTokenIdentifier> selectHdfsDelegationToken() {
-      return hdfsToken;
-    }
-    
-    @Override
-    public Token<DelegationTokenIdentifier> getDelegationToken(String renewer) {
-      return makeDummyToken("new");
-    }
-    
-    @SuppressWarnings("unchecked")
-    @Override
-    protected <T extends TokenIdentifier> void setDelegationToken(Token<T> token) {
-      gotToken = (Token<DelegationTokenIdentifier>) token;
-    }
-  }
-  
-  static Token<DelegationTokenIdentifier> makeDummyToken(String kind) {
-    Token<DelegationTokenIdentifier> token = new Token();
-    token.setKind(new Text(kind));
-    return token;
-  }
-  
-  @Before
-  public void resetTokens() {
-    hftpToken = hdfsToken = gotToken = null;
-  }
-  
-  @Test
-  public void testHftpWithNoTokens() throws IOException {
-    new StubbedHftpFileSystem().initDelegationToken();
-    assertNotNull(gotToken);
-    assertEquals(new Text("new"), gotToken.getKind());
-    
-  }
-  @Test
-  public void testHftpWithHftpToken() throws IOException {
-    hftpToken = makeDummyToken("hftp");
-    new StubbedHftpFileSystem().initDelegationToken();
-    assertNotNull(gotToken);
-    assertEquals(gotToken, hftpToken);
-  }
-  
-  @Test
-  public void testHftpWithHdfsToken() throws IOException {
-    hdfsToken = makeDummyToken("hdfs");
-    new StubbedHftpFileSystem().initDelegationToken();
-    assertNotNull(gotToken);
-    assertEquals(gotToken, hdfsToken);
-  }
-
-  @Test
-  public void testHftpWithHftpAndHdfsToken() throws IOException {
-    hftpToken = makeDummyToken("hftp");
-    hdfsToken = makeDummyToken("hdfs");
-    new StubbedHftpFileSystem().initDelegationToken();
-    assertNotNull(gotToken);
-    assertEquals(gotToken, hftpToken);
-  }
 }