You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by jg...@apache.org on 2011/01/11 03:43:15 UTC
svn commit: r1057455 - in /hadoop/common/trunk: CHANGES.txt
src/java/org/apache/hadoop/security/UserGroupInformation.java
Author: jghoman
Date: Tue Jan 11 02:43:15 2011
New Revision: 1057455
URL: http://svn.apache.org/viewvc?rev=1057455&view=rev
Log:
HADOOP-7091. reloginFromKeytab() should happen even if TGT can't be found. Contribued by Kan Zhang.
Modified:
hadoop/common/trunk/CHANGES.txt
hadoop/common/trunk/src/java/org/apache/hadoop/security/UserGroupInformation.java
Modified: hadoop/common/trunk/CHANGES.txt
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/CHANGES.txt?rev=1057455&r1=1057454&r2=1057455&view=diff
==============================================================================
--- hadoop/common/trunk/CHANGES.txt (original)
+++ hadoop/common/trunk/CHANGES.txt Tue Jan 11 02:43:15 2011
@@ -56,6 +56,9 @@ Trunk (unreleased changes)
HADOOP-6939. Inconsistent lock ordering in
AbstractDelegationTokenSecretManager. (Todd Lipcon via tomwhite)
+ HADOOP-7091. reloginFromKeytab() should happen even if TGT can't be found.
+ (Kan Zhang via jghoman)
+
Release 0.22.0 - Unreleased
INCOMPATIBLE CHANGES
Modified: hadoop/common/trunk/src/java/org/apache/hadoop/security/UserGroupInformation.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/src/java/org/apache/hadoop/security/UserGroupInformation.java?rev=1057455&r1=1057454&r2=1057455&view=diff
==============================================================================
--- hadoop/common/trunk/src/java/org/apache/hadoop/security/UserGroupInformation.java (original)
+++ hadoop/common/trunk/src/java/org/apache/hadoop/security/UserGroupInformation.java Tue Jan 11 02:43:15 2011
@@ -526,7 +526,7 @@ public class UserGroupInformation {
* Get the Kerberos TGT
* @return the user's TGT or null if none was found
*/
- private KerberosTicket getTGT() {
+ private synchronized KerberosTicket getTGT() {
Set<KerberosTicket> tickets = subject
.getPrivateCredentials(KerberosTicket.class);
for (KerberosTicket ticket : tickets) {
@@ -657,12 +657,14 @@ public class UserGroupInformation {
!isKeytab)
return;
- KerberosTicket tgt = getTGT();
- if (tgt == null) {
+ long now = System.currentTimeMillis();
+ if (!hasSufficientTimeElapsed(now)) {
return;
}
+
+ KerberosTicket tgt = getTGT();
//Return if TGT is valid and is not going to expire soon.
- if (System.currentTimeMillis() < getRefreshTime(tgt)) {
+ if (tgt != null && now < getRefreshTime(tgt)) {
return;
}
@@ -670,7 +672,6 @@ public class UserGroupInformation {
if (login == null || keytabFile == null) {
throw new IOException("loginUserFromKeyTab must be done first");
}
- long now = System.currentTimeMillis();
long start = 0;
// register most recent relogin attempt