Repository: hadoop
Updated Branches:
refs/heads/branch-2.8 1e25fd6b3 -> 24715cefe
HADOOP-10776 Open up already widely-used APIs for delegation-token fetching & renewal
to ecosystem projects. Contributed by Vinod Kumar Vavilapalli
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/24715cef
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/24715cef
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/24715cef
Branch: refs/heads/branch-2.8
Commit: 24715cefe80fba531dd16a44ec1cead67c389eb1
Parents: 1e25fd6
Author: Steve Loughran <stevel@apache.org>
Authored: Thu Nov 24 17:51:49 2016 +0000
Committer: Steve Loughran <stevel@apache.org>
Committed: Thu Nov 24 17:51:49 2016 +0000
----------------------------------------------------------------------
.../src/main/java/org/apache/hadoop/fs/FileSystem.java | 8 +++++---
.../apache/hadoop/security/AccessControlException.java | 2 +-
.../main/java/org/apache/hadoop/security/Credentials.java | 4 ++--
.../java/org/apache/hadoop/security/SecurityUtil.java | 10 ++++++++--
.../org/apache/hadoop/security/UserGroupInformation.java | 10 +++++-----
.../hadoop/security/authorize/AuthorizationException.java | 2 +-
.../main/java/org/apache/hadoop/security/token/Token.java | 4 ++--
.../delegation/AbstractDelegationTokenIdentifier.java | 2 +-
.../delegation/AbstractDelegationTokenSecretManager.java | 2 +-
9 files changed, 26 insertions(+), 18 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java
index 85c3e32..7f2bfb1 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java
@@ -312,9 +312,10 @@ public abstract class FileSystem extends Configured implements Closeable
{
*
* @return a service string that uniquely identifies this file system, null
* if the filesystem does not implement tokens
- * @see SecurityUtil#buildDTServiceName(URI, int)
+ * @see SecurityUtil#buildDTServiceName(URI, int)
*/
- @InterfaceAudience.LimitedPrivate({ "HDFS", "MapReduce" })
+ @InterfaceAudience.Public
+ @InterfaceStability.Evolving
public String getCanonicalServiceName() {
return (getChildFileSystems() == null)
? SecurityUtil.buildDTServiceName(getUri(), getDefaultPort())
@@ -515,7 +516,8 @@ public abstract class FileSystem extends Configured implements Closeable
{
* @return list of new delegation tokens
* @throws IOException
*/
- @InterfaceAudience.LimitedPrivate({ "HDFS", "MapReduce" })
+ @InterfaceAudience.Public
+ @InterfaceStability.Evolving
public Token<?>[] addDelegationTokens(
final String renewer, Credentials credentials) throws IOException {
if (credentials == null) {
http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AccessControlException.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AccessControlException.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AccessControlException.java
index 5f0faa6..aff2806 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AccessControlException.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AccessControlException.java
@@ -23,7 +23,7 @@ import org.apache.hadoop.classification.InterfaceStability;
/**
* An exception class for access control related issues.
*/
-@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"})
+@InterfaceAudience.Public
@InterfaceStability.Evolving
public class AccessControlException
extends org.apache.hadoop.fs.permission.AccessControlException {
http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Credentials.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Credentials.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Credentials.java
index 738cd56..98a72a7 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Credentials.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Credentials.java
@@ -50,10 +50,10 @@ import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.security.token.TokenIdentifier;
/**
- * A class that provides the facilities of reading and writing
+ * A class that provides the facilities of reading and writing
* secret keys and Tokens.
*/
-@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"})
+@InterfaceAudience.Public
@InterfaceStability.Evolving
public class Credentials implements Writable {
private static final Log LOG = LogFactory.getLog(Credentials.class);
http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java
index 61cd516..5a51898 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java
@@ -58,14 +58,20 @@ import sun.net.util.IPAddressUtil;
import com.google.common.annotations.VisibleForTesting;
-@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"})
+/**
+ * Security Utils.
+ */
+@InterfaceAudience.Public
@InterfaceStability.Evolving
-public class SecurityUtil {
+public final class SecurityUtil {
public static final Log LOG = LogFactory.getLog(SecurityUtil.class);
public static final String HOSTNAME_PATTERN = "_HOST";
public static final String FAILED_TO_GET_UGI_MSG_HEADER =
"Failed to obtain user group information:";
+ private SecurityUtil() {
+ }
+
// controls whether buildTokenService will use an ip or host/ip as given
// by the user
@VisibleForTesting
http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java
index b224b07..7bb6e05 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java
@@ -85,7 +85,7 @@ import org.slf4j.LoggerFactory;
* user's username and groups. It supports both the Windows, Unix and Kerberos
* login modules.
*/
-@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce", "HBase", "Hive", "Oozie"})
+@InterfaceAudience.Public
@InterfaceStability.Evolving
public class UserGroupInformation {
@VisibleForTesting
@@ -703,7 +703,7 @@ public class UserGroupInformation {
*
* @param user The principal name to load from the ticket
* cache
- * @param ticketCachePath the path to the ticket cache file
+ * @param ticketCache the path to the ticket cache file
*
* @throws IOException if the kerberos login fails
*/
@@ -763,7 +763,7 @@ public class UserGroupInformation {
/**
* Create a UserGroupInformation from a Subject with Kerberos principal.
*
- * @param user The KerberosPrincipal to use in UGI
+ * @param subject The KerberosPrincipal to use in UGI
*
* @throws IOException if the kerberos login fails
*/
@@ -821,7 +821,7 @@ public class UserGroupInformation {
/**
* Log in a user using the given subject
- * @parma subject the subject to use when logging in a user, or null to
+ * @param subject the subject to use when logging in a user, or null to
* create a new subject.
* @throws IOException if login fails
*/
@@ -1644,7 +1644,7 @@ public class UserGroupInformation {
}
/**
- * Get the group names for this user. {@ #getGroups(String)} is less
+ * Get the group names for this user. {@link #getGroups()} is less
* expensive alternative when checking for a contained element.
* @return the list of users with the primary group first. If the command
* fails, it returns an empty list.
http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java
index 07f0321..03f4d99 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java
@@ -29,7 +29,7 @@ import org.apache.hadoop.security.AccessControlException;
*
* This class <em>does not</em> provide the stack trace for security purposes.
*/
-@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce", "YARN"})
+@InterfaceAudience.Public
@InterfaceStability.Evolving
public class AuthorizationException extends AccessControlException {
private static final long serialVersionUID = 1L;
http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/Token.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/Token.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/Token.java
index b45d8dc..e47c585 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/Token.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/Token.java
@@ -399,10 +399,10 @@ public class Token<T extends TokenIdentifier> implements Writable
{
* A trivial renewer for token kinds that aren't managed. Sub-classes need
* to implement getKind for their token kind.
*/
- @InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"})
+ @InterfaceAudience.Public
@InterfaceStability.Evolving
public static class TrivialRenewer extends TokenRenewer {
-
+
// define the kind for this renewer
protected Text getKind() {
return null;
http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenIdentifier.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenIdentifier.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenIdentifier.java
index 5a9d076..7dad087 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenIdentifier.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenIdentifier.java
@@ -34,7 +34,7 @@ import org.apache.hadoop.security.token.TokenIdentifier;
import com.google.common.annotations.VisibleForTesting;
-@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"})
+@InterfaceAudience.Public
@InterfaceStability.Evolving
public abstract class AbstractDelegationTokenIdentifier
extends TokenIdentifier {
http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
index 0e311dd..21d3dd6 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
@@ -44,7 +44,7 @@ import org.apache.hadoop.util.Time;
import com.google.common.base.Preconditions;
-@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce", "Hive"})
+@InterfaceAudience.Public
@InterfaceStability.Evolving
public abstract
class AbstractDelegationTokenSecretManager<TokenIdent
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org
|