15 سال پیش · 7d5ed1f39b
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -73,6 +73,8 @@ Trunk (unreleased changes)
 
				     HDFS-1080. SecondaryNameNode image transfer should use the defined http 
			
 
				     address rather than local ip address. (jghoman)
			
 
				 
			
 
				+    HDSF-1198. Resolving cross-realm principals. (Jitendra Pandey via jghoman)
			
 
				+
			
 
				 Release 0.21.0 - Unreleased
			
 
				 
			
 
				   INCOMPATIBLE CHANGES
			
--- a/src/java/org/apache/hadoop/hdfs/server/namenode/TransferFsImage.java
+++ b/src/java/org/apache/hadoop/hdfs/server/namenode/TransferFsImage.java
@@ -25,6 +25,7 @@ import java.lang.Math;
 
				 import javax.servlet.http.HttpServletResponse;
			
 
				 import javax.servlet.http.HttpServletRequest;
			
 
				 
			
 
				+import org.apache.hadoop.security.SecurityUtil;
			
 
				 import org.apache.hadoop.hdfs.protocol.FSConstants;
			
 
				 import org.apache.hadoop.hdfs.DFSUtil.ErrorSimulator;
			
 
				 
			
@@ -160,6 +161,9 @@ class TransferFsImage implements FSConstants {
 
				     // open connection to remote server
			
 
				     //
			
 
				     URL url = new URL(str.toString());
			
 
				+    
			
 
				+    // Avoid Krb bug with cross-realm hosts
			
 
				+    SecurityUtil.fetchServiceTicket(url);
			
 
				     URLConnection connection = url.openConnection();
			
 
				     long advertisedSize;
			
 
				     String contentLength = connection.getHeaderField(CONTENT_LENGTH);
			
--- a/src/java/org/apache/hadoop/hdfs/tools/DelegationTokenFetcher.java
+++ b/src/java/org/apache/hadoop/hdfs/tools/DelegationTokenFetcher.java
@@ -30,6 +30,7 @@ import java.security.PrivilegedExceptionAction;
 
				 import org.apache.hadoop.conf.Configuration;
			
 
				 import org.apache.hadoop.fs.FileSystem;
			
 
				 import org.apache.hadoop.hdfs.DistributedFileSystem;
			
 
				+import org.apache.hadoop.security.SecurityUtil;
			
 
				 import org.apache.hadoop.hdfs.HdfsConfiguration;
			
 
				 import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier;
			
 
				 import org.apache.hadoop.hdfs.server.namenode.DelegationTokenServlet;
			
@@ -149,6 +150,7 @@ public class DelegationTokenFetcher {
 
				       System.out.println("Retrieving token from: " + 
			
 
				           nnAddr + DelegationTokenServlet.PATH_SPEC + ugiPostfix);
			
 
				       URL remoteURL = new URL(nnAddr + DelegationTokenServlet.PATH_SPEC + ugiPostfix);
			
 
				+      SecurityUtil.fetchServiceTicket(remoteURL);
			
 
				       URLConnection connection = remoteURL.openConnection();
			
 
				       
			
 
				       InputStream in = connection.getInputStream();