You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by ct...@apache.org on 2016/06/22 18:32:03 UTC
[2/7] accumulo git commit: ACCUMULO-4348 Deprecate KerberosToken
constructor with side effects
ACCUMULO-4348 Deprecate KerberosToken constructor with side effects
`KerberosToken(String, File, boolean)` is deprecated in favor of `KerberosToken(String, File)`.
The boolean flag would log in the requested user with Hadoop's `UserGroupInformation` class. This
changed global state about who the active user was. In a multi-user environment, this potentially
made little sense as other users could overwrite eachother.
This patch includes a convenience constructor that doesn't have any side effects, but has the same
semantics as logging in a user with a keytab.
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/1ddc7257
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/1ddc7257
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/1ddc7257
Branch: refs/heads/master
Commit: 1ddc7257073f18a3ddeeee9e00955e230f285b5d
Parents: f45a65c
Author: Bill Slacum <bi...@minerkasch.com>
Authored: Tue Jun 21 15:26:07 2016 -0400
Committer: Bill Slacum <bi...@minerkasch.com>
Committed: Tue Jun 21 15:47:13 2016 -0400
----------------------------------------------------------------------
.../core/client/security/tokens/KerberosToken.java | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/accumulo/blob/1ddc7257/core/src/main/java/org/apache/accumulo/core/client/security/tokens/KerberosToken.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/security/tokens/KerberosToken.java b/core/src/main/java/org/apache/accumulo/core/client/security/tokens/KerberosToken.java
index 284a838..1a4869d 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/security/tokens/KerberosToken.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/security/tokens/KerberosToken.java
@@ -59,6 +59,20 @@ public class KerberosToken implements AuthenticationToken {
}
/**
+ * Creates a Kerberos token for the specified principal using the provided keytab. The principal and keytab combination are verified by attempting a log in.
+ * <p>
+ * This constructor does not have any side effects.
+ *
+ * @param principal
+ * The Kerberos principal
+ * @param keytab
+ * A keytab file containing the principal's credentials.
+ */
+ public KerberosToken(String principal, File keytab) throws IOException {
+ this(principal, keytab, false);
+ }
+
+ /**
* Creates a token and logs in via {@link UserGroupInformation} using the provided principal and keytab. A key for the principal must exist in the keytab,
* otherwise login will fail.
*
@@ -68,7 +82,9 @@ public class KerberosToken implements AuthenticationToken {
* A keytab file
* @param replaceCurrentUser
* Should the current Hadoop user be replaced with this user
+ * @deprecated since 1.8.0, @see #KerberosToken(String, File)
*/
+ @Deprecated
public KerberosToken(String principal, File keytab, boolean replaceCurrentUser) throws IOException {
requireNonNull(principal, "Principal was null");
requireNonNull(keytab, "Keytab was null");