You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by in...@apache.org on 2019/03/03 18:37:23 UTC
[hadoop] 44/45: HDFS-14322. RBF: Security manager should not load
if security is disabled. Contributed by CR Hota.
This is an automated email from the ASF dual-hosted git repository.
inigoiri pushed a commit to branch HDFS-13891
in repository https://gitbox.apache.org/repos/asf/hadoop.git
commit cb54d8b1637391a358feb08126cb2464eb67b3e7
Author: Inigo Goiri <in...@apache.org>
AuthorDate: Wed Feb 27 18:34:42 2019 -0800
HDFS-14322. RBF: Security manager should not load if security is disabled. Contributed by CR Hota.
---
.../federation/router/security/RouterSecurityManager.java | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/security/RouterSecurityManager.java b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/security/RouterSecurityManager.java
index 0f0089a..dcfaa44 100644
--- a/hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/security/RouterSecurityManager.java
+++ b/hadoop-hdfs-project/hadoop-hdfs-rbf/src/main/java/org/apache/hadoop/hdfs/server/federation/router/security/RouterSecurityManager.java
@@ -26,6 +26,7 @@ import org.apache.hadoop.hdfs.server.federation.router.RBFConfigKeys;
import org.apache.hadoop.hdfs.server.federation.router.RouterRpcServer;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.security.AccessControlException;
+import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod;
import org.apache.hadoop.security.token.SecretManager;
@@ -49,7 +50,13 @@ public class RouterSecurityManager {
dtSecretManager = null;
public RouterSecurityManager(Configuration conf) {
- this.dtSecretManager = newSecretManager(conf);
+ AuthenticationMethod authMethodConfigured =
+ SecurityUtil.getAuthenticationMethod(conf);
+ AuthenticationMethod authMethodToInit =
+ AuthenticationMethod.KERBEROS;
+ if (authMethodConfigured.equals(authMethodToInit)) {
+ this.dtSecretManager = newSecretManager(conf);
+ }
}
@VisibleForTesting
@@ -78,7 +85,8 @@ public class RouterSecurityManager {
constructor.newInstance(conf);
LOG.info("Delegation token secret manager object instantiated");
} catch (ReflectiveOperationException e) {
- LOG.error("Could not instantiate: {}", clazz.getSimpleName(), e);
+ LOG.error("Could not instantiate: {}", clazz.getSimpleName(),
+ e.getCause());
return null;
} catch (RuntimeException e) {
LOG.error("RuntimeException to instantiate: {}",
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org