You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by to...@apache.org on 2010/10/26 19:04:51 UTC
svn commit: r1027654 - in /hadoop/common/trunk: CHANGES.txt
src/java/org/apache/hadoop/security/UserGroupInformation.java
src/test/core/org/apache/hadoop/security/ManualTestKeytabLogins.java
Author: tomwhite
Date: Tue Oct 26 17:04:51 2010
New Revision: 1027654
URL: http://svn.apache.org/viewvc?rev=1027654&view=rev
Log:
HADOOP-6947. Kerberos relogin should set refreshKrb5Config to true. Contributed by Todd Lipcon.
Added:
hadoop/common/trunk/src/test/core/org/apache/hadoop/security/ManualTestKeytabLogins.java (with props)
Modified:
hadoop/common/trunk/CHANGES.txt
hadoop/common/trunk/src/java/org/apache/hadoop/security/UserGroupInformation.java
Modified: hadoop/common/trunk/CHANGES.txt
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/CHANGES.txt?rev=1027654&r1=1027653&r2=1027654&view=diff
==============================================================================
--- hadoop/common/trunk/CHANGES.txt (original)
+++ hadoop/common/trunk/CHANGES.txt Tue Oct 26 17:04:51 2010
@@ -272,6 +272,9 @@ Trunk (unreleased changes)
HADOOP-6933. TestListFiles is flaky. (Todd Lipcon via tomwhite)
+ HADOOP-6947. Kerberos relogin should set refreshKrb5Config to true.
+ (Todd Lipcon via tomwhite)
+
Release 0.21.1 - Unreleased
IMPROVEMENTS
Modified: hadoop/common/trunk/src/java/org/apache/hadoop/security/UserGroupInformation.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/src/java/org/apache/hadoop/security/UserGroupInformation.java?rev=1027654&r1=1027653&r2=1027654&view=diff
==============================================================================
--- hadoop/common/trunk/src/java/org/apache/hadoop/security/UserGroupInformation.java (original)
+++ hadoop/common/trunk/src/java/org/apache/hadoop/security/UserGroupInformation.java Tue Oct 26 17:04:51 2010
@@ -378,6 +378,7 @@ public class UserGroupInformation {
KEYTAB_KERBEROS_OPTIONS.put("doNotPrompt", "true");
KEYTAB_KERBEROS_OPTIONS.put("useKeyTab", "true");
KEYTAB_KERBEROS_OPTIONS.put("storeKey", "true");
+ KEYTAB_KERBEROS_OPTIONS.put("refreshKrb5Config", "true");
}
private static final AppConfigurationEntry KEYTAB_KERBEROS_LOGIN =
new AppConfigurationEntry(Krb5LoginModule.class.getName(),
Added: hadoop/common/trunk/src/test/core/org/apache/hadoop/security/ManualTestKeytabLogins.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/src/test/core/org/apache/hadoop/security/ManualTestKeytabLogins.java?rev=1027654&view=auto
==============================================================================
--- hadoop/common/trunk/src/test/core/org/apache/hadoop/security/ManualTestKeytabLogins.java (added)
+++ hadoop/common/trunk/src/test/core/org/apache/hadoop/security/ManualTestKeytabLogins.java Tue Oct 26 17:04:51 2010
@@ -0,0 +1,57 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.security;
+
+import org.apache.hadoop.security.UserGroupInformation;
+import static org.junit.Assert.assertTrue;
+
+/**
+ * Regression test for HADOOP-6947 which can be run manually in
+ * a kerberos environment.
+ *
+ * To run this test, set up two keytabs, each with a different principal.
+ * Then run something like:
+ * <code>
+ * HADOOP_CLASSPATH=build/test/classes bin/hadoop \
+ * org.apache.hadoop.security.ManualTestKeytabLogins \
+ * usera/test@REALM /path/to/usera-keytab \
+ * userb/test@REALM /path/to/userb-keytab
+ * </code>
+ */
+public class ManualTestKeytabLogins {
+
+ public static void main(String []args) throws Exception {
+ if (args.length != 4) {
+ System.err.println(
+ "usage: ManualTestKeytabLogins <principal 1> <keytab 1> <principal 2> <keytab 2>");
+ System.exit(1);
+ }
+
+ UserGroupInformation ugi1 =
+ UserGroupInformation.loginUserFromKeytabAndReturnUGI(
+ args[0], args[1]);
+ System.out.println("UGI 1 = " + ugi1);
+ assertTrue(ugi1.getUserName().equals(args[0]));
+
+ UserGroupInformation ugi2 =
+ UserGroupInformation.loginUserFromKeytabAndReturnUGI(
+ args[2], args[3]);
+ System.out.println("UGI 2 = " + ugi2);
+ assertTrue(ugi2.getUserName().equals(args[2]));
+ }
+}
Propchange: hadoop/common/trunk/src/test/core/org/apache/hadoop/security/ManualTestKeytabLogins.java
------------------------------------------------------------------------------
svn:eol-style = native