You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by om...@apache.org on 2011/03/04 05:46:59 UTC

svn commit: r1077710 - /hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/security/UserGroupInformation.java

Author: omalley
Date: Fri Mar  4 04:46:59 2011
New Revision: 1077710

URL: http://svn.apache.org/viewvc?rev=1077710&view=rev
Log:
commit 141fe63b4f81032ad6966b1dfe96da71aa7cc50d
Author: Devaraj Das <dd...@yahoo-inc.com>
Date:   Sun Sep 19 23:39:14 2010 -0700

    . Makes the reloginFromKeytab synchronized on the UGI. Contributed by Owen O'Malley.
    
    +++ b/YAHOO-CHANGES.txt
    +    . Makes the reloginFromKeytab synchronized on the UGI
    +    class. (Owen O'Malley via ddas)
    +

Modified:
    hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/security/UserGroupInformation.java

Modified: hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/security/UserGroupInformation.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/security/UserGroupInformation.java?rev=1077710&r1=1077709&r2=1077710&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/security/UserGroupInformation.java (original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/security/UserGroupInformation.java Fri Mar  4 04:46:59 2011
@@ -691,20 +691,22 @@ public class UserGroupInformation {
     long start = 0;
     try {
       LOG.info("Initiating logout for " + getUserName());
-      //clear up the kerberos state. But the tokens are not cleared! As per 
-      //the Java kerberos login module code, only the kerberos credentials
-      //are cleared
-      login.logout();
-      //login and also update the subject field of this instance to 
-      //have the new credentials (pass it to the LoginContext constructor)
-      login = 
-        new LoginContext(HadoopConfiguration.KEYTAB_KERBEROS_CONFIG_NAME, 
-            getSubject());
-      LOG.info("Initiating re-login for " + keytabPrincipal);
-      start = System.currentTimeMillis();
-      login.login();
-      metrics.addLoginSuccess(System.currentTimeMillis() - start);
-      setLogin(login);
+      synchronized (UserGroupInformation.class) {
+        //clear up the kerberos state. But the tokens are not cleared! As per 
+        //the Java kerberos login module code, only the kerberos credentials
+        //are cleared
+        login.logout();
+        //login and also update the subject field of this instance to 
+        //have the new credentials (pass it to the LoginContext constructor)
+        login = 
+          new LoginContext(HadoopConfiguration.KEYTAB_KERBEROS_CONFIG_NAME, 
+                           getSubject());
+        LOG.info("Initiating re-login for " + keytabPrincipal);
+        start = System.currentTimeMillis();
+        login.login();
+        metrics.addLoginSuccess(System.currentTimeMillis() - start);
+        setLogin(login);
+      }
     } catch (LoginException le) {
       if (start > 0) {
         metrics.addLoginFailure(System.currentTimeMillis() - start);