Etusivu Tutki Apua
Kirjaudu sisään
apache
/
hadoop
peilaus alkaen https://github.com/apache/hadoop.git
2
0
Fork 1
Tiedostot Ongelmat 0 Wiki
Selaa lähdekoodia

commit ea9cfe2f071253b979ba9da8ccd883afaa385904
Author: Boris Shkolnik <borya@yahoo-inc.com>
Date: Thu Mar 18 15:42:18 2010 -0700

HDFS:1044 from https://issues.apache.org/jira/secure/attachment/12439220/HDFS-1044-BP20-6.patch

+++ b/YAHOO-CHANGES.txt
+ HDFS-1044. Cannot submit mapreduce job from secure client to
+ unsecure sever. (boryas)


git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-0.20-security-patches@1077337 13f79535-47bb-0310-9956-ffa450edef68

Owen O'Malley 14 vuotta sitten
vanhempi
8e891c326b
commit
22f84a7d11
3 muutettua tiedostoa jossa 17 lisäystä ja 2 poistoa
Jaettu näkymä Näytä diff tilastot
  1. 8 0
      src/core/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
  2. 5 0
      src/hdfs/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java
  3. 4 2
      src/mapred/org/apache/hadoop/mapreduce/security/TokenCache.java

+ 8 - 0
src/core/org/apache/hadoop/security/token/delegation/AbstractDelegationTokenSecretManager.java
Näytä tiedosto 

@@ -102,6 +102,14 @@ extends AbstractDelegationTokenIdentifier>
 
     tokenRemoverThread.start();
 
   }
 
   
+  /**
 
+   * is secretMgr running
 
+   * @return true if secret mgr is running
 
+   */
 
+  public synchronized boolean isRunning() {
 
+    return running;
 
+  }
 
+  
   /** 
    * Add a previously used master key to cache (when NN restarts), 
    * should be called before activate().

+ 5 - 0
src/hdfs/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java
Näytä tiedosto 

@@ -4947,6 +4947,11 @@ public class FSNamesystem implements FSConstants, FSNamesystemMBean {
 
       throw new IOException(
 
           "Delegation Token can be issued only with kerberos or web authentication");
 
     }
 
+    if(dtSecretManager == null || !dtSecretManager.isRunning()) {
 
+      LOG.warn("trying to get DT with no secret manager running");
 
+      return null;
 
+    }
 
+    
     UserGroupInformation ugi = UserGroupInformation.getCurrentUser();
 
     String user = ugi.getUserName();
 
     Text owner = new Text(user);

+ 4 - 2
src/mapred/org/apache/hadoop/mapreduce/security/TokenCache.java
Näytä tiedosto 

@@ -123,8 +123,10 @@ public class TokenCache {
 
         }
 
         // get the token
 
         token = dfs.getDelegationToken(delegTokenRenewer);
 
-        if(token==null) 
-          throw new IOException("Token from " + fs_addr + " is null");
 
+        if(token==null) {
 
+          LOG.warn("Token from " + fs_addr + " is null");
 
+          continue;
 
+        }
 
 
         token.setService(new Text(fs_addr));
 
         credentials.addToken(new Text(fs_addr), token);