You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by wh...@apache.org on 2014/12/09 06:10:54 UTC
hadoop git commit: HADOOP-11287. Simplify UGI#reloginFromKeytab for
Java 7+. Contributed by Li Lu.
Repository: hadoop
Updated Branches:
refs/heads/branch-2 46a736516 -> e2c1ef4de
HADOOP-11287. Simplify UGI#reloginFromKeytab for Java 7+. Contributed by Li Lu.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/e2c1ef4d
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/e2c1ef4d
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/e2c1ef4d
Branch: refs/heads/branch-2
Commit: e2c1ef4debd291d5defc9ca527a085d83e44cc0a
Parents: 46a7365
Author: Haohui Mai <wh...@apache.org>
Authored: Mon Dec 8 21:10:32 2014 -0800
Committer: Haohui Mai <wh...@apache.org>
Committed: Mon Dec 8 21:10:49 2014 -0800
----------------------------------------------------------------------
hadoop-common-project/hadoop-common/CHANGES.txt | 3 +++
.../hadoop/security/UserGroupInformation.java | 18 ++----------------
2 files changed, 5 insertions(+), 16 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hadoop/blob/e2c1ef4d/hadoop-common-project/hadoop-common/CHANGES.txt
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt b/hadoop-common-project/hadoop-common/CHANGES.txt
index e82e357..e842fe6 100644
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@@ -52,6 +52,9 @@ Release 2.7.0 - UNRELEASED
HADOOP-11313. Adding a document about NativeLibraryChecker.
(Tsuyoshi OZAWA via cnauroth)
+ HADOOP-11287. Simplify UGI#reloginFromKeytab for Java 7+.
+ (Li Lu via wheat9)
+
OPTIMIZATIONS
HADOOP-11323. WritableComparator#compare keeps reference to byte array.
http://git-wip-us.apache.org/repos/asf/hadoop/blob/e2c1ef4d/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java
index bb75ce8..65e4166 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java
@@ -42,9 +42,9 @@ import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
import javax.security.auth.kerberos.KerberosTicket;
+import javax.security.auth.kerberos.KeyTab;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
import javax.security.auth.login.LoginContext;
@@ -598,20 +598,6 @@ public class UserGroupInformation {
user.setLogin(login);
}
- private static Class<?> KEY_TAB_CLASS = KerberosKey.class;
- static {
- try {
- // We use KEY_TAB_CLASS to determine if the UGI is logged in from
- // keytab. In JDK6 and JDK7, if useKeyTab and storeKey are specified
- // in the Krb5LoginModule, then some number of KerberosKey objects
- // are added to the Subject's private credentials. However, in JDK8,
- // a KeyTab object is added instead. More details in HADOOP-10786.
- KEY_TAB_CLASS = Class.forName("javax.security.auth.kerberos.KeyTab");
- } catch (ClassNotFoundException cnfe) {
- // Ignore. javax.security.auth.kerberos.KeyTab does not exist in JDK6.
- }
- }
-
/**
* Create a UserGroupInformation for the given subject.
* This does not change the subject or acquire new credentials.
@@ -620,7 +606,7 @@ public class UserGroupInformation {
UserGroupInformation(Subject subject) {
this.subject = subject;
this.user = subject.getPrincipals(User.class).iterator().next();
- this.isKeytab = !subject.getPrivateCredentials(KEY_TAB_CLASS).isEmpty();
+ this.isKeytab = !subject.getPrivateCredentials(KeyTab.class).isEmpty();
this.isKrbTkt = !subject.getPrivateCredentials(KerberosTicket.class).isEmpty();
}