You are viewing a plain text version of this content. The canonical link for it is here.
Posted to hdfs-commits@hadoop.apache.org by tg...@apache.org on 2012/10/03 21:18:12 UTC
svn commit: r1393699 - in
/hadoop/common/branches/branch-0.23/hadoop-hdfs-project/hadoop-hdfs:
CHANGES.txt
src/main/java/org/apache/hadoop/hdfs/tools/DelegationTokenFetcher.java
Author: tgraves
Date: Wed Oct 3 19:18:12 2012
New Revision: 1393699
URL: http://svn.apache.org/viewvc?rev=1393699&view=rev
Log:
HDFS-3905. Secure cluster cannot use hftp to an insecure cluster (Daryn Sharp via tgraves)
Modified:
hadoop/common/branches/branch-0.23/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
hadoop/common/branches/branch-0.23/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/tools/DelegationTokenFetcher.java
Modified: hadoop/common/branches/branch-0.23/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.23/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt?rev=1393699&r1=1393698&r2=1393699&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.23/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt (original)
+++ hadoop/common/branches/branch-0.23/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt Wed Oct 3 19:18:12 2012
@@ -15,6 +15,9 @@ Release 0.23.5 - UNRELEASED
HDFS-3919. MiniDFSCluster:waitClusterUp can hang forever.
(Andy Isaacson via eli)
+ HDFS-3905. Secure cluster cannot use hftp to an insecure cluster
+ (Daryn Sharp via tgraves)
+
Release 0.23.4 - UNRELEASED
INCOMPATIBLE CHANGES
Modified: hadoop/common/branches/branch-0.23/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/tools/DelegationTokenFetcher.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.23/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/tools/DelegationTokenFetcher.java?rev=1393699&r1=1393698&r2=1393699&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.23/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/tools/DelegationTokenFetcher.java (original)
+++ hadoop/common/branches/branch-0.23/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/tools/DelegationTokenFetcher.java Wed Oct 3 19:18:12 2012
@@ -24,6 +24,7 @@ import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PrintStream;
+import java.net.ConnectException;
import java.net.HttpURLConnection;
import java.net.InetSocketAddress;
import java.net.URL;
@@ -385,10 +386,24 @@ public class DelegationTokenFetcher {
return ugi.doAs(
new PrivilegedExceptionAction<URLConnection>() {
public URLConnection run() throws IOException {
- SecurityUtil.fetchServiceTicket(url);
- URLConnection connection = URLUtils.openConnection(url);
- connection.connect();
- return connection;
+ // might not be fatal if secure port doesn't connect because
+ // security may be disabled on remote cluster
+ IOException ioeForTGS = null;
+ try {
+ SecurityUtil.fetchServiceTicket(url);
+ } catch (IOException ioe) {
+ ioeForTGS = ioe;
+ }
+ try {
+ URLConnection connection = URLUtils.openConnection(url);
+ connection.connect();
+ return connection;
+ } catch (ConnectException e) {
+ throw e;
+ } catch (IOException ioe) {
+ // throw TGS exception instead if negotiation fails
+ throw (ioeForTGS != null) ? ioeForTGS : ioe;
+ }
}
});
} catch (InterruptedException ie) {