Address review comments.

Author: szetszwo

hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SaslMechanismFactory.java

@@ -30,7 +30,7 @@
 /**
  * SASL related constants.
  */
-@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"})
+@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce", "YARN", "HBase"})
 @InterfaceStability.Evolving
 public final class SaslMechanismFactory {
   static final Logger LOG = LoggerFactory.getLogger(SaslMechanismFactory.class);
@@ -44,7 +44,7 @@ public final class SaslMechanismFactory {
     LOG.debug("{} = {} (env)", SASL_MECHANISM_ENV, envValue);
 
     // conf
-    final Configuration conf = new Configuration();
+    final Configuration conf = new Configuration(false);
     final String confValue = conf.get(HADOOP_SECURITY_SASL_MECHANISM_KEY,
         HADOOP_SECURITY_SASL_MECHANISM_DEFAULT);
     LOG.debug("{} = {} (conf)", HADOOP_SECURITY_SASL_MECHANISM_KEY, confValue);

hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/package-info.java

@@ -19,4 +19,7 @@
 /**
  * Classes for hadoop security.
  */
-package org.apache.hadoop.security;
+@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce", "YARN", "HBase"})
+package org.apache.hadoop.security;
+
+import org.apache.hadoop.classification.InterfaceAudience;

hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/client/HdfsClientConfigKeys.java

@@ -236,9 +236,6 @@ public interface HdfsClientConfigKeys {
   String DFS_DATA_TRANSFER_SASL_PROPS_RESOLVER_CLASS_KEY =
       "dfs.data.transfer.saslproperties.resolver.class";
 
-  String DFS_DATA_TRANSFER_SASL_CUSTOMIZEDCALLBACKHANDLER_CLASS_KEY
-      = "dfs.data.transfer.sasl.CustomizedCallbackHandler.class";
-
   String DFS_ENCRYPT_DATA_TRANSFER_CIPHER_KEY_BITLENGTH_KEY =
       "dfs.encrypt.data.transfer.cipher.key.bitlength";
   int    DFS_ENCRYPT_DATA_TRANSFER_CIPHER_KEY_BITLENGTH_DEFAULT = 128;

hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocol/datatransfer/sasl/SaslDataTransferServer.java

@@ -17,6 +17,7 @@
  */
 package org.apache.hadoop.hdfs.protocol.datatransfer.sasl;
 
+import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.HADOOP_SECURITY_SASL_CUSTOMIZEDCALLBACKHANDLER_CLASS_KEY;
 import static org.apache.hadoop.hdfs.client.HdfsClientConfigKeys.DFS_DATA_TRANSFER_PROTECTION_KEY;
 import static org.apache.hadoop.hdfs.client.HdfsClientConfigKeys.DFS_ENCRYPT_DATA_TRANSFER_CIPHER_SUITES_KEY;
 import static org.apache.hadoop.hdfs.protocol.datatransfer.sasl.DataTransferSaslUtil.*;
@@ -47,7 +48,6 @@
 import org.apache.hadoop.classification.InterfaceAudience;
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.crypto.CipherOption;
-import org.apache.hadoop.hdfs.client.HdfsClientConfigKeys;
 import org.apache.hadoop.hdfs.net.Peer;
 import org.apache.hadoop.hdfs.protocol.DatanodeID;
 import org.apache.hadoop.hdfs.protocol.datatransfer.IOStreamPair;
@@ -226,7 +226,7 @@ static final class SaslServerCallbackHandler
     SaslServerCallbackHandler(Configuration conf, PasswordFunction passwordFunction) {
       this.passwordFunction = passwordFunction;
       this.customizedCallbackHandler = CustomizedCallbackHandler.get(
-          HdfsClientConfigKeys.DFS_DATA_TRANSFER_SASL_CUSTOMIZEDCALLBACKHANDLER_CLASS_KEY, conf);
+          HADOOP_SECURITY_SASL_CUSTOMIZEDCALLBACKHANDLER_CLASS_KEY, conf);
     }
 
     @Override

hadoop-hdfs-project/hadoop-hdfs/src/main/resources/hdfs-default.xml

@@ -2641,15 +2641,6 @@
   </description>
 </property>
 
-<property>
-  <name>dfs.data.transfer.sasl.CustomizedCallbackHandler.class</name>
-  <value></value>
-  <description>
-    Some security provider may define a new javax.security.auth.callback.Callback.
-    This property allows users to configure a customized callback handler.
-  </description>
-</property>
-
 <property>
   <name>dfs.journalnode.rpc-address</name>
   <value>0.0.0.0:8485</value>

hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/protocol/datatransfer/sasl/TestCustomizedCallbackHandler.java

@@ -18,7 +18,6 @@
 package org.apache.hadoop.hdfs.protocol.datatransfer.sasl;
 
 import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.hdfs.client.HdfsClientConfigKeys;
 import org.apache.hadoop.hdfs.protocol.datatransfer.sasl.SaslDataTransferServer.SaslServerCallbackHandler;
 import org.apache.hadoop.security.CustomizedCallbackHandler;
 import org.apache.hadoop.security.SaslRpcServer;
@@ -82,7 +81,7 @@ public void testCustomizedCallbackHandler() throws Exception {
 
     // set conf and expect success
     reset();
-    conf.setClass(HdfsClientConfigKeys.DFS_DATA_TRANSFER_SASL_CUSTOMIZEDCALLBACKHANDLER_CLASS_KEY,
+    conf.setClass(HADOOP_SECURITY_SASL_CUSTOMIZEDCALLBACKHANDLER_CLASS_KEY,
         MyCallbackHandler.class, CustomizedCallbackHandler.class);
     runTest(conf, callbacks);
     assertCallbacks(callbacks);
@@ -120,14 +119,14 @@ public void testCustomizedCallbackMethod() throws Exception {
 
     // set conf and expect success
     reset();
-    conf.setClass(HdfsClientConfigKeys.DFS_DATA_TRANSFER_SASL_CUSTOMIZEDCALLBACKHANDLER_CLASS_KEY,
+    conf.setClass(HADOOP_SECURITY_SASL_CUSTOMIZEDCALLBACKHANDLER_CLASS_KEY,
         MyCallbackMethod.class, Object.class);
     runTest(conf, callbacks);
     assertCallbacks(callbacks);
 
     // set conf and expect exception
     reset();
-    conf.setClass(HdfsClientConfigKeys.DFS_DATA_TRANSFER_SASL_CUSTOMIZEDCALLBACKHANDLER_CLASS_KEY,
+    conf.setClass(HADOOP_SECURITY_SASL_CUSTOMIZEDCALLBACKHANDLER_CLASS_KEY,
         MyExceptionMethod.class, Object.class);
     LambdaTestUtils.intercept(IOException.class, () -> runTest(conf, callbacks));
   }