From 8ffc356b1e8845c370f05e97437544f75ed6e8db Mon Sep 17 00:00:00 2001
From: Akira Ajisaka <aajisaka@apache.org>
Date: Wed, 13 May 2020 17:14:14 +0900
Subject: [PATCH] Revert "SPNEGO TLS verification"

This reverts commit ba66f3b454a5f6ea84f2cf7ac0082c555e2954a7.
---
 .../org/apache/hadoop/hdfs/web/WebHdfsFileSystem.java     | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/web/WebHdfsFileSystem.java b/hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/web/WebHdfsFileSystem.java
index a2eaa33e78..4caa0e91fb 100644
--- a/hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/web/WebHdfsFileSystem.java
+++ b/hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/web/WebHdfsFileSystem.java
@@ -152,7 +152,6 @@ public class WebHdfsFileSystem extends FileSystem
       + "/v" + VERSION;
   public static final String EZ_HEADER = "X-Hadoop-Accept-EZ";
   public static final String FEFINFO_HEADER = "X-Hadoop-feInfo";
-  public static final String DFS_HTTP_POLICY_KEY = "dfs.http.policy";
 
   /**
    * Default connection factory may be overridden in tests to use smaller
@@ -182,7 +181,6 @@ public class WebHdfsFileSystem extends FileSystem
 
   private DFSOpsCountStatistics storageStatistics;
   private KeyProvider testProvider;
-  private boolean isTLSKrb;
 
   /**
    * Return the protocol scheme for the FileSystem.
@@ -244,7 +242,6 @@ public synchronized void initialize(URI uri, Configuration conf
           .newDefaultURLConnectionFactory(connectTimeout, readTimeout, conf);
     }
 
-    this.isTLSKrb = "HTTPS_ONLY".equals(conf.get(DFS_HTTP_POLICY_KEY));
 
     ugi = UserGroupInformation.getCurrentUser();
     this.uri = URI.create(uri.getScheme() + "://" + uri.getAuthority());
@@ -702,11 +699,6 @@ protected HttpURLConnection connect(URL url) throws IOException {
       //redirect hostname and port
       redirectHost = null;
 
-      if (url.getProtocol().equals(getTransportScheme()) &&
-        UserGroupInformation.isSecurityEnabled() &&
-        isTLSKrb) {
-        throw new IOException("Access denied: dfs.http.policy is HTTPS_ONLY.");
-      }
 
       // resolve redirects for a DN operation unless already resolved
       if (op.getRedirect() && !redirected) {