HADOOP-7463. Adding a configuration parameter to SecurityInfo interface. (mahadev)

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1150565 13f79535-47bb-0310-9956-ffa450edef68

common/CHANGES.txt

@@ -277,6 +277,9 @@ Trunk (unreleased changes)
     HADOOP-7434. Display error when using "daemonlog -setlevel" with
     illegal level. (yanjinshuang via eli)
 
+    HADOOP-7463. Adding a configuration parameter to SecurityInfo interface.
+    (mahadev)
+
   OPTIMIZATIONS
   
     HADOOP-7333. Performance improvement in PureJavaCrc32. (Eric Caspole

common/src/java/org/apache/hadoop/ipc/Client.java

@@ -252,7 +252,7 @@ public Connection(ConnectionId remoteId) throws IOException {
       Class<?> protocol = remoteId.getProtocol();
       this.useSasl = UserGroupInformation.isSecurityEnabled();
       if (useSasl && protocol != null) {
-        TokenInfo tokenInfo = SecurityUtil.getTokenInfo(protocol);
+        TokenInfo tokenInfo = SecurityUtil.getTokenInfo(protocol, conf);
         if (tokenInfo != null) {
           TokenSelector<? extends TokenIdentifier> tokenSelector = null;
           try {
@@ -267,7 +267,7 @@ public Connection(ConnectionId remoteId) throws IOException {
               .getHostAddress() + ":" + addr.getPort()), 
               ticket.getTokens());
         }
-        KerberosInfo krbInfo = SecurityUtil.getKerberosInfo(protocol);
+        KerberosInfo krbInfo = SecurityUtil.getKerberosInfo(protocol, conf);
         if (krbInfo != null) {
           serverPrincipal = remoteId.getServerPrincipal();
           if (LOG.isDebugEnabled()) {
@@ -1285,7 +1285,7 @@ private static String getRemotePrincipal(Configuration conf,
       if (!UserGroupInformation.isSecurityEnabled() || protocol == null) {
         return null;
       }
-      KerberosInfo krbInfo = SecurityUtil.getKerberosInfo(protocol);
+      KerberosInfo krbInfo = SecurityUtil.getKerberosInfo(protocol, conf);
       if (krbInfo != null) {
         String serverKey = krbInfo.serverPrincipal();
         if (serverKey == null) {

common/src/java/org/apache/hadoop/security/AnnotatedSecurityInfo.java

@@ -18,6 +18,7 @@
 
 package org.apache.hadoop.security;
 
+import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.security.token.TokenInfo;
 
 /**
@@ -26,12 +27,12 @@
 public class AnnotatedSecurityInfo extends SecurityInfo {
 
   @Override
-  public KerberosInfo getKerberosInfo(Class<?> protocol) {
+  public KerberosInfo getKerberosInfo(Class<?> protocol, Configuration conf) {
     return protocol.getAnnotation(KerberosInfo.class);
   }
 
   @Override
-  public TokenInfo getTokenInfo(Class<?> protocol) {
+  public TokenInfo getTokenInfo(Class<?> protocol, Configuration conf) {
     return protocol.getAnnotation(TokenInfo.class);
   }
 

common/src/java/org/apache/hadoop/security/SecurityInfo.java

@@ -18,8 +18,13 @@
 
 package org.apache.hadoop.security;
 
+import org.apache.hadoop.classification.InterfaceAudience.LimitedPrivate;
+import org.apache.hadoop.classification.InterfaceStability.Evolving;
+import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.security.token.TokenInfo;
 
+@Evolving
+@LimitedPrivate({"MapReduce", "HDFS"})
 /**
  * Interface used by RPC to get the Security information for a given 
  * protocol.
@@ -29,15 +34,17 @@ public abstract class SecurityInfo {
   /**
    * Get the KerberosInfo for a given protocol.
    * @param protocol interface class
+   * @param conf configuration
    * @return KerberosInfo
    */
-  public abstract KerberosInfo getKerberosInfo(Class<?> protocol);
+  public abstract KerberosInfo getKerberosInfo(Class<?> protocol, Configuration conf);
 
   /**
    * Get the TokenInfo for a given protocol.
    * @param protocol interface class
+   * @param conf configuration object.
    * @return TokenInfo instance
    */
-  public abstract TokenInfo getTokenInfo(Class<?> protocol);
+  public abstract TokenInfo getTokenInfo(Class<?> protocol, Configuration conf);
 
 }

common/src/java/org/apache/hadoop/security/SecurityUtil.java

@@ -310,17 +310,18 @@ public static void setSecurityInfoProviders(SecurityInfo... providers) {
    * Look up the KerberosInfo for a given protocol. It searches all known
    * SecurityInfo providers.
    * @param protocol the protocol class to get the information for
+   * @param conf configuration object
    * @return the KerberosInfo or null if it has no KerberosInfo defined
    */
-  public static KerberosInfo getKerberosInfo(Class<?> protocol) {
+  public static KerberosInfo getKerberosInfo(Class<?> protocol, Configuration conf) {
     for(SecurityInfo provider: testProviders) {
-      KerberosInfo result = provider.getKerberosInfo(protocol);
+      KerberosInfo result = provider.getKerberosInfo(protocol, conf);
       if (result != null) {
         return result;
       }
     }
     for(SecurityInfo provider: securityInfoProviders) {
-      KerberosInfo result = provider.getKerberosInfo(protocol);
+      KerberosInfo result = provider.getKerberosInfo(protocol, conf);
       if (result != null) {
         return result;
       }
@@ -332,17 +333,18 @@ public static KerberosInfo getKerberosInfo(Class<?> protocol) {
    * Look up the TokenInfo for a given protocol. It searches all known
    * SecurityInfo providers.
    * @param protocol The protocol class to get the information for.
+   * @conf conf Configuration object
    * @return the TokenInfo or null if it has no KerberosInfo defined
    */
-  public static TokenInfo getTokenInfo(Class<?> protocol) {
+  public static TokenInfo getTokenInfo(Class<?> protocol, Configuration conf) {
     for(SecurityInfo provider: testProviders) {
-      TokenInfo result = provider.getTokenInfo(protocol);
+      TokenInfo result = provider.getTokenInfo(protocol, conf);
       if (result != null) {
         return result;
       }      
     }
     for(SecurityInfo provider: securityInfoProviders) {
-      TokenInfo result = provider.getTokenInfo(protocol);
+      TokenInfo result = provider.getTokenInfo(protocol, conf);
       if (result != null) {
         return result;
       }

common/src/java/org/apache/hadoop/security/authorize/ServiceAuthorizationManager.java

@@ -84,7 +84,7 @@ public void authorize(UserGroupInformation user,
     }
     
     // get client principal key to verify (if available)
-    KerberosInfo krbInfo = SecurityUtil.getKerberosInfo(protocol);
+    KerberosInfo krbInfo = SecurityUtil.getKerberosInfo(protocol, conf);
     String clientPrincipal = null; 
     if (krbInfo != null) {
       String clientKey = krbInfo.clientPrincipal();

common/src/test/core/org/apache/hadoop/ipc/TestSaslRPC.java

@@ -193,7 +193,7 @@ public AuthenticationMethod getAuthMethod() throws IOException {
   public static class CustomSecurityInfo extends SecurityInfo {
 
     @Override
-    public KerberosInfo getKerberosInfo(Class<?> protocol) {
+    public KerberosInfo getKerberosInfo(Class<?> protocol, Configuration conf) {
       return new KerberosInfo() {
         @Override
         public Class<? extends Annotation> annotationType() {
@@ -211,7 +211,7 @@ public String clientPrincipal() {
     }
 
     @Override
-    public TokenInfo getTokenInfo(Class<?> protocol) {
+    public TokenInfo getTokenInfo(Class<?> protocol, Configuration conf) {
       return new TokenInfo() {
         @Override
         public Class<? extends TokenSelector<? extends