You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hive.apache.org by se...@apache.org on 2016/09/12 20:25:55 UTC
[2/2] hive git commit: HIVE-14702 : LLAPIF: after a long period of
inactivity, signing key may be removed from local store (Sergey Shelukhin,
reviewed by Jason Dere)
HIVE-14702 : LLAPIF: after a long period of inactivity, signing key may be removed from local store (Sergey Shelukhin, reviewed by Jason Dere)
Project: http://git-wip-us.apache.org/repos/asf/hive/repo
Commit: http://git-wip-us.apache.org/repos/asf/hive/commit/ee89e32a
Tree: http://git-wip-us.apache.org/repos/asf/hive/tree/ee89e32a
Diff: http://git-wip-us.apache.org/repos/asf/hive/diff/ee89e32a
Branch: refs/heads/branch-2.1
Commit: ee89e32a1c992fa44ac1cadf1da1ec2447d7dd2a
Parents: 2a8f1ce
Author: Sergey Shelukhin <se...@apache.org>
Authored: Mon Sep 12 12:58:04 2016 -0700
Committer: Sergey Shelukhin <se...@apache.org>
Committed: Mon Sep 12 12:58:56 2016 -0700
----------------------------------------------------------------------
.../org/apache/hadoop/hive/llap/security/SecretManager.java | 9 +++++++--
.../hadoop/hive/llap/security/SigningSecretManager.java | 4 +++-
2 files changed, 10 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hive/blob/ee89e32a/llap-common/src/java/org/apache/hadoop/hive/llap/security/SecretManager.java
----------------------------------------------------------------------
diff --git a/llap-common/src/java/org/apache/hadoop/hive/llap/security/SecretManager.java b/llap-common/src/java/org/apache/hadoop/hive/llap/security/SecretManager.java
index 1464278..fa4ef69 100644
--- a/llap-common/src/java/org/apache/hadoop/hive/llap/security/SecretManager.java
+++ b/llap-common/src/java/org/apache/hadoop/hive/llap/security/SecretManager.java
@@ -38,6 +38,7 @@ import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.security.token.delegation.DelegationKey;
+import org.apache.hadoop.security.token.delegation.HiveDelegationTokenSupport;
import org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager;
import org.apache.hadoop.security.token.delegation.web.DelegationTokenManager;
import org.apache.zookeeper.data.ACL;
@@ -119,8 +120,12 @@ public class SecretManager extends ZKDelegationTokenSecretManager<LlapTokenIdent
}
@Override
- public synchronized DelegationKey getCurrentKey() {
- return allKeys.get(getCurrentKeyId());
+ public synchronized DelegationKey getCurrentKey() throws IOException {
+ DelegationKey currentKey = getDelegationKey(getCurrentKeyId());
+ if (currentKey != null) return currentKey;
+ // Try to roll the key if none is found.
+ HiveDelegationTokenSupport.rollMasterKey(this);
+ return getDelegationKey(getCurrentKeyId());
}
@Override
http://git-wip-us.apache.org/repos/asf/hive/blob/ee89e32a/llap-common/src/java/org/apache/hadoop/hive/llap/security/SigningSecretManager.java
----------------------------------------------------------------------
diff --git a/llap-common/src/java/org/apache/hadoop/hive/llap/security/SigningSecretManager.java b/llap-common/src/java/org/apache/hadoop/hive/llap/security/SigningSecretManager.java
index 067a98e..233cd97 100644
--- a/llap-common/src/java/org/apache/hadoop/hive/llap/security/SigningSecretManager.java
+++ b/llap-common/src/java/org/apache/hadoop/hive/llap/security/SigningSecretManager.java
@@ -17,10 +17,12 @@
*/
package org.apache.hadoop.hive.llap.security;
+import java.io.IOException;
+
import org.apache.hadoop.security.token.delegation.DelegationKey;
public interface SigningSecretManager {
- DelegationKey getCurrentKey();
+ DelegationKey getCurrentKey() throws IOException;
byte[] signWithKey(byte[] message, DelegationKey key);
byte[] signWithKey(byte[] message, int keyId) throws SecurityException;
}
\ No newline at end of file