You are viewing a plain text version of this content. The canonical link for it is here.
Posted to hdfs-commits@hadoop.apache.org by jg...@apache.org on 2010/06/11 03:01:26 UTC
svn commit: r953527 - in /hadoop/hdfs/trunk: CHANGES.txt
src/java/org/apache/hadoop/hdfs/server/namenode/TransferFsImage.java
src/java/org/apache/hadoop/hdfs/tools/DelegationTokenFetcher.java
Author: jghoman
Date: Fri Jun 11 01:01:26 2010
New Revision: 953527
URL: http://svn.apache.org/viewvc?rev=953527&view=rev
Log:
HDFS-1198. Resolving cross-realm principals. Contributed by Jitendra Pandey.
Modified:
hadoop/hdfs/trunk/CHANGES.txt
hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/server/namenode/TransferFsImage.java
hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/tools/DelegationTokenFetcher.java
Modified: hadoop/hdfs/trunk/CHANGES.txt
URL: http://svn.apache.org/viewvc/hadoop/hdfs/trunk/CHANGES.txt?rev=953527&r1=953526&r2=953527&view=diff
==============================================================================
--- hadoop/hdfs/trunk/CHANGES.txt (original)
+++ hadoop/hdfs/trunk/CHANGES.txt Fri Jun 11 01:01:26 2010
@@ -73,6 +73,8 @@ Trunk (unreleased changes)
HDFS-1080. SecondaryNameNode image transfer should use the defined http
address rather than local ip address. (jghoman)
+ HDSF-1198. Resolving cross-realm principals. (Jitendra Pandey via jghoman)
+
Release 0.21.0 - Unreleased
INCOMPATIBLE CHANGES
Modified: hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/server/namenode/TransferFsImage.java
URL: http://svn.apache.org/viewvc/hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/server/namenode/TransferFsImage.java?rev=953527&r1=953526&r2=953527&view=diff
==============================================================================
--- hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/server/namenode/TransferFsImage.java (original)
+++ hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/server/namenode/TransferFsImage.java Fri Jun 11 01:01:26 2010
@@ -25,6 +25,7 @@ import java.lang.Math;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletRequest;
+import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.hdfs.protocol.FSConstants;
import org.apache.hadoop.hdfs.DFSUtil.ErrorSimulator;
@@ -160,6 +161,9 @@ class TransferFsImage implements FSConst
// open connection to remote server
//
URL url = new URL(str.toString());
+
+ // Avoid Krb bug with cross-realm hosts
+ SecurityUtil.fetchServiceTicket(url);
URLConnection connection = url.openConnection();
long advertisedSize;
String contentLength = connection.getHeaderField(CONTENT_LENGTH);
Modified: hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/tools/DelegationTokenFetcher.java
URL: http://svn.apache.org/viewvc/hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/tools/DelegationTokenFetcher.java?rev=953527&r1=953526&r2=953527&view=diff
==============================================================================
--- hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/tools/DelegationTokenFetcher.java (original)
+++ hadoop/hdfs/trunk/src/java/org/apache/hadoop/hdfs/tools/DelegationTokenFetcher.java Fri Jun 11 01:01:26 2010
@@ -30,6 +30,7 @@ import java.security.PrivilegedException
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.hdfs.DistributedFileSystem;
+import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.hdfs.HdfsConfiguration;
import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier;
import org.apache.hadoop.hdfs.server.namenode.DelegationTokenServlet;
@@ -149,6 +150,7 @@ public class DelegationTokenFetcher {
System.out.println("Retrieving token from: " +
nnAddr + DelegationTokenServlet.PATH_SPEC + ugiPostfix);
URL remoteURL = new URL(nnAddr + DelegationTokenServlet.PATH_SPEC + ugiPostfix);
+ SecurityUtil.fetchServiceTicket(remoteURL);
URLConnection connection = remoteURL.openConnection();
InputStream in = connection.getInputStream();