hadoop-common-commits mailing list archives

Site index · List index

Message view	« Date » · « Thread »
Top	« Date » · « Thread »
From	ste...@apache.org
Subject	hadoop git commit: HADOOP-10776 Open up already widely-used APIs for delegation-token fetching & renewal to ecosystem projects. Contributed by Vinod Kumar Vavilapalli
Date	Thu, 24 Nov 2016 17:51:53 GMT
Repository: hadoop Updated Branches: refs/heads/branch-2.8 1e25fd6b3 -> 24715cefe HADOOP-10776 Open up already widely-used APIs for delegation-token fetching & renewal to ecosystem projects. Contributed by Vinod Kumar Vavilapalli Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/24715cef Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/24715cef Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/24715cef Branch: refs/heads/branch-2.8 Commit: 24715cefe80fba531dd16a44ec1cead67c389eb1 Parents: 1e25fd6 Author: Steve Loughran <stevel@apache.org> Authored: Thu Nov 24 17:51:49 2016 +0000 Committer: Steve Loughran <stevel@apache.org> Committed: Thu Nov 24 17:51:49 2016 +0000 ---------------------------------------------------------------------- .../src/main/java/org/apache/hadoop/fs/FileSystem.java \| 8 +++++--- .../apache/hadoop/security/AccessControlException.java \| 2 +- .../main/java/org/apache/hadoop/security/Credentials.java \| 4 ++-- .../java/org/apache/hadoop/security/SecurityUtil.java \| 10 ++++++++-- .../org/apache/hadoop/security/UserGroupInformation.java \| 10 +++++----- .../hadoop/security/authorize/AuthorizationException.java \| 2 +- .../main/java/org/apache/hadoop/security/token/Token.java \| 4 ++-- .../delegation/AbstractDelegationTokenIdentifier.java \| 2 +- .../delegation/AbstractDelegationTokenSecretManager.java \| 2 +- 9 files changed, 26 insertions(+), 18 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java index 85c3e32..7f2bfb1 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java @@ -312,9 +312,10 @@ public abstract class FileSystem extends Configured implements Closeable { * * @return a service string that uniquely identifies this file system, null * if the filesystem does not implement tokens - * @see SecurityUtil#buildDTServiceName(URI, int) + * @see SecurityUtil#buildDTServiceName(URI, int) / - @InterfaceAudience.LimitedPrivate({ "HDFS", "MapReduce" }) + @InterfaceAudience.Public + @InterfaceStability.Evolving public String getCanonicalServiceName() { return (getChildFileSystems() == null) ? SecurityUtil.buildDTServiceName(getUri(), getDefaultPort()) @@ -515,7 +516,8 @@ public abstract class FileSystem extends Configured implements Closeable { @return list of new delegation tokens * @throws IOException / - @InterfaceAudience.LimitedPrivate({ "HDFS", "MapReduce" }) + @InterfaceAudience.Public + @InterfaceStability.Evolving public Token<?>[] addDelegationTokens( final String renewer, Credentials credentials) throws IOException { if (credentials == null) { http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AccessControlException.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AccessControlException.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AccessControlException.java index 5f0faa6..aff2806 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AccessControlException.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/AccessControlException.java @@ -23,7 +23,7 @@ import org.apache.hadoop.classification.InterfaceStability; /* * An exception class for access control related issues. / -@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"}) +@InterfaceAudience.Public @InterfaceStability.Evolving public class AccessControlException extends org.apache.hadoop.fs.permission.AccessControlException { http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Credentials.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Credentials.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Credentials.java index 738cd56..98a72a7 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Credentials.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Credentials.java @@ -50,10 +50,10 @@ import org.apache.hadoop.security.token.Token; import org.apache.hadoop.security.token.TokenIdentifier; /* - * A class that provides the facilities of reading and writing + * A class that provides the facilities of reading and writing * secret keys and Tokens. / -@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"}) +@InterfaceAudience.Public @InterfaceStability.Evolving public class Credentials implements Writable { private static final Log LOG = LogFactory.getLog(Credentials.class); http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java index 61cd516..5a51898 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java @@ -58,14 +58,20 @@ import sun.net.util.IPAddressUtil; import com.google.common.annotations.VisibleForTesting; -@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"}) +/* + * Security Utils. + / +@InterfaceAudience.Public @InterfaceStability.Evolving -public class SecurityUtil { +public final class SecurityUtil { public static final Log LOG = LogFactory.getLog(SecurityUtil.class); public static final String HOSTNAME_PATTERN = "_HOST"; public static final String FAILED_TO_GET_UGI_MSG_HEADER = "Failed to obtain user group information:"; + private SecurityUtil() { + } + // controls whether buildTokenService will use an ip or host/ip as given // by the user @VisibleForTesting http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java index b224b07..7bb6e05 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java @@ -85,7 +85,7 @@ import org.slf4j.LoggerFactory; user's username and groups. It supports both the Windows, Unix and Kerberos * login modules. / -@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce", "HBase", "Hive", "Oozie"}) +@InterfaceAudience.Public @InterfaceStability.Evolving public class UserGroupInformation { @VisibleForTesting @@ -703,7 +703,7 @@ public class UserGroupInformation { * @param user The principal name to load from the ticket * cache - * @param ticketCachePath the path to the ticket cache file + * @param ticketCache the path to the ticket cache file * * @throws IOException if the kerberos login fails / @@ -763,7 +763,7 @@ public class UserGroupInformation { /* * Create a UserGroupInformation from a Subject with Kerberos principal. * - * @param user The KerberosPrincipal to use in UGI + * @param subject The KerberosPrincipal to use in UGI * * @throws IOException if the kerberos login fails / @@ -821,7 +821,7 @@ public class UserGroupInformation { /* * Log in a user using the given subject - * @parma subject the subject to use when logging in a user, or null to + * @param subject the subject to use when logging in a user, or null to * create a new subject. * @throws IOException if login fails / @@ -1644,7 +1644,7 @@ public class UserGroupInformation { } /* - * Get the group names for this user. {@ #getGroups(String)} is less + * Get the group names for this user. {@link #getGroups()} is less * expensive alternative when checking for a contained element. * @return the list of users with the primary group first. If the command * fails, it returns an empty list. http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java index 07f0321..03f4d99 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/authorize/AuthorizationException.java @@ -29,7 +29,7 @@ import org.apache.hadoop.security.AccessControlException; * * This class <em>does not</em> provide the stack trace for security purposes. / -@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce", "YARN"}) +@InterfaceAudience.Public @InterfaceStability.Evolving public class AuthorizationException extends AccessControlException { private static final long serialVersionUID = 1L; http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/Token.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/Token.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/Token.java index b45d8dc..e47c585 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/Token.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/Token.java @@ -399,10 +399,10 @@ public class Token<T extends TokenIdentifier> implements Writable { A trivial renewer for token kinds that aren't managed. Sub-classes need * to implement getKind for their token kind. */ - @InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"}) + @InterfaceAudience.Public @InterfaceStability.Evolving public static class TrivialRenewer extends TokenRenewer { - + // define the kind for this renewer protected Text getKind() { return null; http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenIdentifier.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenIdentifier.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenIdentifier.java index 5a9d076..7dad087 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenIdentifier.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenIdentifier.java @@ -34,7 +34,7 @@ import org.apache.hadoop.security.token.TokenIdentifier; import com.google.common.annotations.VisibleForTesting; -@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"}) +@InterfaceAudience.Public @InterfaceStability.Evolving public abstract class AbstractDelegationTokenIdentifier extends TokenIdentifier { http://git-wip-us.apache.org/repos/asf/hadoop/blob/24715cef/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java index 0e311dd..21d3dd6 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java @@ -44,7 +44,7 @@ import org.apache.hadoop.util.Time; import com.google.common.base.Preconditions; -@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce", "Hive"}) +@InterfaceAudience.Public @InterfaceStability.Evolving public abstract class AbstractDelegationTokenSecretManager<TokenIdent --------------------------------------------------------------------- To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org For additional commands, e-mail: common-commits-help@hadoop.apache.org
Mime	Unnamed text/plain (inline, 7-Bit, 14404 bytes)
	View raw message