HDFS-14322. RBF: Security manager should not load if security is disabled. Contributed by CR Hota.

This commit is contained in:
Inigo Goiri 2019-02-27 18:34:42 -08:00 committed by Brahma Reddy Battula
parent c4b1fa91fa
commit 1c7ab59be3

View File

@ -26,6 +26,7 @@
import org.apache.hadoop.hdfs.server.federation.router.RouterRpcServer;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.security.AccessControlException;
import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod;
import org.apache.hadoop.security.token.SecretManager;
@ -49,8 +50,14 @@ public class RouterSecurityManager {
dtSecretManager = null;
public RouterSecurityManager(Configuration conf) {
AuthenticationMethod authMethodConfigured =
SecurityUtil.getAuthenticationMethod(conf);
AuthenticationMethod authMethodToInit =
AuthenticationMethod.KERBEROS;
if (authMethodConfigured.equals(authMethodToInit)) {
this.dtSecretManager = newSecretManager(conf);
}
}
@VisibleForTesting
public RouterSecurityManager(AbstractDelegationTokenSecretManager
@ -78,7 +85,8 @@ public RouterSecurityManager(AbstractDelegationTokenSecretManager
constructor.newInstance(conf);
LOG.info("Delegation token secret manager object instantiated");
} catch (ReflectiveOperationException e) {
LOG.error("Could not instantiate: {}", clazz.getSimpleName(), e);
LOG.error("Could not instantiate: {}", clazz.getSimpleName(),
e.getCause());
return null;
} catch (RuntimeException e) {
LOG.error("RuntimeException to instantiate: {}",