Rename SaslConstants to SaslMechanismFactory.

Author: szetszwo

hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/ipc/Server.java

@@ -106,7 +106,7 @@
 import org.apache.hadoop.ipc.protobuf.RpcHeaderProtos.RPCTraceInfoProto;
 import org.apache.hadoop.net.NetUtils;
 import org.apache.hadoop.security.AccessControlException;
-import org.apache.hadoop.security.SaslConstants;
+import org.apache.hadoop.security.SaslMechanismFactory;
 import org.apache.hadoop.security.SaslPropertiesResolver;
 import org.apache.hadoop.security.SaslRpcServer;
 import org.apache.hadoop.security.SaslRpcServer.AuthMethod;
@@ -2610,7 +2610,7 @@ private RpcSaslProto buildSaslNegotiateResponse()
       // accelerate token negotiation by sending initial challenge
       // in the negotiation response
       if (enabledAuthMethods.contains(AuthMethod.TOKEN)
-          && SaslConstants.isDefaultMechanism(AuthMethod.TOKEN.getMechanismName())) {
+          && SaslMechanismFactory.isDefaultMechanism(AuthMethod.TOKEN.getMechanismName())) {
         saslServer = createSaslServer(AuthMethod.TOKEN);
         byte[] challenge = saslServer.evaluateResponse(new byte[0]);
         RpcSaslProto.Builder negotiateBuilder =

hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SaslConstants.java renamed to hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SaslMechanismFactory.java

@@ -17,6 +17,7 @@
  */
 package org.apache.hadoop.security;
 
+import org.apache.hadoop.HadoopIllegalArgumentException;
 import org.apache.hadoop.classification.InterfaceAudience;
 import org.apache.hadoop.classification.InterfaceStability;
 import org.apache.hadoop.conf.Configuration;
@@ -31,31 +32,44 @@
  */
 @InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"})
 @InterfaceStability.Evolving
-public class SaslConstants {
-  public static final Logger LOG = LoggerFactory.getLogger(SaslConstants.class);
+public class SaslMechanismFactory {
+  static final Logger LOG = LoggerFactory.getLogger(SaslMechanismFactory.class);
 
   private static final String SASL_MECHANISM_ENV = "HADOOP_SASL_MECHANISM";
-  public static final String SASL_MECHANISM;
+  private static final String SASL_MECHANISM;
 
   static {
     // env
-    String mechanism = System.getenv(SASL_MECHANISM_ENV);
-    LOG.debug("{} = {} (env)", SASL_MECHANISM_ENV, mechanism);
-
-    if (mechanism == null) {
-      // conf
-      final Configuration conf = new Configuration();
-      mechanism = conf.get(HADOOP_SECURITY_SASL_MECHANISM_KEY,
-          HADOOP_SECURITY_SASL_MECHANISM_DEFAULT);
+    final String envValue = System.getenv(SASL_MECHANISM_ENV);
+    LOG.debug("{} = {} (env)", SASL_MECHANISM_ENV, envValue);
+
+    // conf
+    final Configuration conf = new Configuration();
+    final String confValue = conf.get(HADOOP_SECURITY_SASL_MECHANISM_KEY,
+        HADOOP_SECURITY_SASL_MECHANISM_DEFAULT);
+    LOG.debug("{} = {} (conf)", HADOOP_SECURITY_SASL_MECHANISM_KEY, confValue);
+
+    if (envValue != null && confValue != null) {
+      if (!envValue.equals(confValue)) {
+        throw new HadoopIllegalArgumentException("SASL Mechanism mismatched: env "
+            + SASL_MECHANISM_ENV + " is " + envValue + " but conf "
+            + HADOOP_SECURITY_SASL_MECHANISM_KEY + " is " + confValue);
+      }
     }
 
-    SASL_MECHANISM = mechanism != null? mechanism : HADOOP_SECURITY_SASL_MECHANISM_DEFAULT;
-    LOG.debug("{} = {} (effective)", SASL_MECHANISM_ENV, SASL_MECHANISM);
+    SASL_MECHANISM = envValue != null ? envValue
+        : confValue != null ? confValue
+        : HADOOP_SECURITY_SASL_MECHANISM_DEFAULT;
+    LOG.debug("SASL_MECHANISM = {} (effective)", SASL_MECHANISM);
+  }
+
+  public static String getMechanism() {
+    return SASL_MECHANISM;
   }
 
   public static boolean isDefaultMechanism(String mechanism) {
     return HADOOP_SECURITY_SASL_MECHANISM_DEFAULT.equals(mechanism);
   }
 
-  private SaslConstants() {}
+  private SaslMechanismFactory() {}
 }

hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SaslRpcServer.java

@@ -225,8 +225,8 @@ public enum AuthMethod {
     SIMPLE((byte) 80, ""),
     KERBEROS((byte) 81, "GSSAPI"),
     @Deprecated
-    DIGEST((byte) 82, SaslConstants.SASL_MECHANISM),
-    TOKEN((byte) 82, SaslConstants.SASL_MECHANISM),
+    DIGEST((byte) 82, SaslMechanismFactory.getMechanism()),
+    TOKEN((byte) 82, SaslMechanismFactory.getMechanism()),
     PLAIN((byte) 83, "PLAIN");
 
     /** The code for this method. */

hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/ipc/TestSaslRPC.java

@@ -536,7 +536,7 @@ public void handle(Callback[] callbacks)
   private static Pattern BadToken =
       Pattern.compile("^" + RemoteException.class.getName() +
           "\\("+ SaslException.class.getName() + "\\): " +
-          SaslConstants.SASL_MECHANISM + ": digest response format violation.*");
+          SaslMechanismFactory.getMechanism() + ": digest response format violation.*");
   private static Pattern KrbFailed =
       Pattern.compile(".*Failed on local exception:.* " +
                       "Failed to specify server's Kerberos principal name.*");

hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/protocol/datatransfer/sasl/SaslParticipant.java

@@ -33,7 +33,7 @@
 import org.apache.hadoop.hdfs.protocol.datatransfer.IOStreamPair;
 import org.apache.hadoop.security.FastSaslClientFactory;
 import org.apache.hadoop.security.FastSaslServerFactory;
-import org.apache.hadoop.security.SaslConstants;
+import org.apache.hadoop.security.SaslMechanismFactory;
 import org.apache.hadoop.security.SaslInputStream;
 import org.apache.hadoop.security.SaslOutputStream;
 
@@ -52,7 +52,7 @@ class SaslParticipant {
   // a short string.
   private static final String SERVER_NAME = "0";
   private static final String PROTOCOL = "hdfs";
-  private static final String[] MECHANISM_ARRAY = {SaslConstants.SASL_MECHANISM};
+  private static final String[] MECHANISM_ARRAY = {SaslMechanismFactory.getMechanism()};
   private static final byte[] EMPTY_BYTE_ARRAY = {};
 
   // One of these will always be null.
@@ -127,7 +127,7 @@ private SaslParticipant(SaslClient saslClient) {
   }
 
   byte[] createFirstMessage() throws SaslException {
-    return SaslConstants.isDefaultMechanism(MECHANISM_ARRAY[0]) ? EMPTY_BYTE_ARRAY
+    return SaslMechanismFactory.isDefaultMechanism(MECHANISM_ARRAY[0]) ? EMPTY_BYTE_ARRAY
         : evaluateChallengeOrResponse(EMPTY_BYTE_ARRAY);
   }