You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by at...@apache.org on 2012/08/22 20:47:08 UTC
svn commit: r1376188 -
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
Author: atm
Date: Wed Aug 22 18:47:07 2012
New Revision: 1376188
URL: http://svn.apache.org/viewvc?rev=1376188&view=rev
Log:
HDFS-3835. Long-lived 2NN cannot perform a checkpoint if security is enabled and the NN restarts with outstanding delegation tokens. Contributed by Aaron T. Myers.
Modified:
hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java?rev=1376188&r1=1376187&r2=1376188&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java Wed Aug 22 18:47:07 2012
@@ -113,6 +113,16 @@ extends AbstractDelegationTokenIdentifie
}
}
+ /**
+ * Reset all data structures and mutable state.
+ */
+ public synchronized void reset() {
+ currentId = 0;
+ allKeys.clear();
+ delegationTokenSequenceNumber = 0;
+ currentTokens.clear();
+ }
+
/**
* Add a previously used master key to cache (when NN restarts),
* should be called before activate().
@@ -190,7 +200,6 @@ extends AbstractDelegationTokenIdentifie
@Override
protected synchronized byte[] createPassword(TokenIdent identifier) {
- LOG.info("Creating password for identifier: "+identifier);
int sequenceNum;
long now = Time.now();
sequenceNum = ++delegationTokenSequenceNumber;
@@ -198,6 +207,7 @@ extends AbstractDelegationTokenIdentifie
identifier.setMaxDate(now + tokenMaxLifetime);
identifier.setMasterKeyId(currentId);
identifier.setSequenceNumber(sequenceNum);
+ LOG.info("Creating password for identifier: " + identifier);
byte[] password = createPassword(identifier.getBytes(), currentKey.getKey());
currentTokens.put(identifier, new DelegationTokenInformation(now
+ tokenRenewInterval, password));