首页 发现 帮助
注册 登录
apache
/
hadoop
镜像自地址 https://github.com/apache/hadoop.git
2
0
派生 1
文件 工单管理 0 Wiki
浏览代码

commit ebdc0709836b6ec9823d2a335c083a9ff411f72a
Author: Devaraj Das <ddas@yahoo-inc.com>
Date: Wed May 5 14:09:32 2010 -0700

HDFS:1006 from https://issues.apache.org/jira/secure/attachment/12443766/hdfs-1006-bugfix-1.patch

+++ b/YAHOO-CHANGES.txt
+ HDFS-1006. Removes unnecessary logins from the previous patch. (ddas)
+
+ HADOOP-6745. adding some java doc to Server.RpcMetrics, UGI (boryas)
+


git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-0.20-security-patches@1077442 13f79535-47bb-0310-9956-ffa450edef68

Owen O'Malley 14 年之前
父节点
8508019a23
当前提交
31eaf3ced7
共有 1 个文件被更改,包括 9 次插入19 次删除
分列视图 显示文件统计
  1. 9 19
      src/hdfs/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java

+ 9 - 19
src/hdfs/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java
查看文件 

@@ -180,20 +180,19 @@ public class SecondaryNameNode implements Runnable {
 
 
     // initialize the webserver for uploading files.
 
     // Kerberized SSL servers must be run from the host principal...
 
-    if (UserGroupInformation.isSecurityEnabled()) {
 
-      SecurityUtil.login(conf,
 
-          DFSConfigKeys.DFS_SECONDARY_NAMENODE_KEYTAB_FILE_KEY,
 
-          DFSConfigKeys.DFS_SECONDARY_NAMENODE_KRB_HTTPS_USER_NAME_KEY,
 
-          infoBindAddress);
 
-    }
 
-    UserGroupInformation ugi = UserGroupInformation.getLoginUser();
 
+    UserGroupInformation httpUGI = 
+      UserGroupInformation.loginUserFromKeytabAndReturnUGI(
 
+          SecurityUtil.getServerPrincipal(conf
 
+        .get(DFSConfigKeys.DFS_SECONDARY_NAMENODE_KRB_HTTPS_USER_NAME_KEY), 
+        infoBindAddress), 
+        conf.get(DFSConfigKeys.DFS_SECONDARY_NAMENODE_KEYTAB_FILE_KEY));
 
     try {
 
-      infoServer = ugi.doAs(new PrivilegedExceptionAction<HttpServer>() {
 
+      infoServer = httpUGI.doAs(new PrivilegedExceptionAction<HttpServer>() {
 
 
         @Override
 
         public HttpServer run() throws IOException, InterruptedException {
 
           LOG.info("Starting web server as: " +
 
-              UserGroupInformation.getLoginUser().getUserName());
 
+              UserGroupInformation.getCurrentUser().getUserName());
 
 
           int tmpInfoPort = infoSocAddr.getPort();
 
           infoServer = new HttpServer("secondary", infoBindAddress, tmpInfoPort,
 
@@ -219,17 +218,8 @@ public class SecondaryNameNode implements Runnable {
 
       });
 
     } catch (InterruptedException e) {
 
       throw new RuntimeException(e);
 
-    } finally {
 
-      if (UserGroupInformation.isSecurityEnabled()) {
 
-        // Go back to being the correct Namenode principal
 
-        SecurityUtil.login(conf, 
-            DFSConfigKeys.DFS_SECONDARY_NAMENODE_KEYTAB_FILE_KEY,
 
-            DFSConfigKeys.DFS_SECONDARY_NAMENODE_USER_NAME_KEY,
 
-            infoBindAddress);
 
-        LOG.info("Web server init done, returning to: " + 
-            UserGroupInformation.getLoginUser().getUserName());
 
-      }
 
     }
 
+    LOG.info("Web server init done");
 
     // The web-server port can be ephemeral... ensure we have the correct info
 
     
     infoPort = infoServer.getPort();