You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by om...@apache.org on 2011/03/04 05:15:28 UTC
svn commit: r1077442 -
/hadoop/common/branches/branch-0.20-security-patches/src/hdfs/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java
Author: omalley
Date: Fri Mar 4 04:15:28 2011
New Revision: 1077442
URL: http://svn.apache.org/viewvc?rev=1077442&view=rev
Log:
commit ebdc0709836b6ec9823d2a335c083a9ff411f72a
Author: Devaraj Das <dd...@yahoo-inc.com>
Date: Wed May 5 14:09:32 2010 -0700
HDFS:1006 from https://issues.apache.org/jira/secure/attachment/12443766/hdfs-1006-bugfix-1.patch
+++ b/YAHOO-CHANGES.txt
+ HDFS-1006. Removes unnecessary logins from the previous patch. (ddas)
+
+ HADOOP-6745. adding some java doc to Server.RpcMetrics, UGI (boryas)
+
Modified:
hadoop/common/branches/branch-0.20-security-patches/src/hdfs/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java
Modified: hadoop/common/branches/branch-0.20-security-patches/src/hdfs/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/hdfs/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java?rev=1077442&r1=1077441&r2=1077442&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/hdfs/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java (original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/hdfs/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java Fri Mar 4 04:15:28 2011
@@ -180,20 +180,19 @@ public class SecondaryNameNode implement
// initialize the webserver for uploading files.
// Kerberized SSL servers must be run from the host principal...
- if (UserGroupInformation.isSecurityEnabled()) {
- SecurityUtil.login(conf,
- DFSConfigKeys.DFS_SECONDARY_NAMENODE_KEYTAB_FILE_KEY,
- DFSConfigKeys.DFS_SECONDARY_NAMENODE_KRB_HTTPS_USER_NAME_KEY,
- infoBindAddress);
- }
- UserGroupInformation ugi = UserGroupInformation.getLoginUser();
+ UserGroupInformation httpUGI =
+ UserGroupInformation.loginUserFromKeytabAndReturnUGI(
+ SecurityUtil.getServerPrincipal(conf
+ .get(DFSConfigKeys.DFS_SECONDARY_NAMENODE_KRB_HTTPS_USER_NAME_KEY),
+ infoBindAddress),
+ conf.get(DFSConfigKeys.DFS_SECONDARY_NAMENODE_KEYTAB_FILE_KEY));
try {
- infoServer = ugi.doAs(new PrivilegedExceptionAction<HttpServer>() {
+ infoServer = httpUGI.doAs(new PrivilegedExceptionAction<HttpServer>() {
@Override
public HttpServer run() throws IOException, InterruptedException {
LOG.info("Starting web server as: " +
- UserGroupInformation.getLoginUser().getUserName());
+ UserGroupInformation.getCurrentUser().getUserName());
int tmpInfoPort = infoSocAddr.getPort();
infoServer = new HttpServer("secondary", infoBindAddress, tmpInfoPort,
@@ -219,17 +218,8 @@ public class SecondaryNameNode implement
});
} catch (InterruptedException e) {
throw new RuntimeException(e);
- } finally {
- if (UserGroupInformation.isSecurityEnabled()) {
- // Go back to being the correct Namenode principal
- SecurityUtil.login(conf,
- DFSConfigKeys.DFS_SECONDARY_NAMENODE_KEYTAB_FILE_KEY,
- DFSConfigKeys.DFS_SECONDARY_NAMENODE_USER_NAME_KEY,
- infoBindAddress);
- LOG.info("Web server init done, returning to: " +
- UserGroupInformation.getLoginUser().getUserName());
- }
}
+ LOG.info("Web server init done");
// The web-server port can be ephemeral... ensure we have the correct info
infoPort = infoServer.getPort();