HDFS-999. Secondary namenode should login using kerberos if security is configured (boryas)

git-svn-id: https://svn.apache.org/repos/asf/hadoop/hdfs/trunk@916072 13f79535-47bb-0310-9956-ffa450edef68

CHANGES.txt

@@ -153,6 +153,9 @@ Trunk (unreleased changes)
     HDFS-965. Split TestDelegationToken in to two parts and fix configuration
     to allow proxy users in the test. (Jitendra Pandey via omalley)
 
+    HDFS-999. Secondary namenode should login using kerberos if security is 
+    configured (boryas)
+
 Release 0.21.0 - Unreleased
 
   INCOMPATIBLE CHANGES

src/java/org/apache/hadoop/hdfs/server/namenode/SecondaryNameNode.java

@@ -39,12 +39,14 @@ import org.apache.hadoop.hdfs.server.namenode.FSImage.NameNodeDirType;
 import org.apache.hadoop.hdfs.server.namenode.FSImage.NameNodeFile;
 import org.apache.hadoop.hdfs.server.protocol.NamenodeProtocol;
 import org.apache.hadoop.hdfs.DFSConfigKeys;
+import org.apache.hadoop.hdfs.DFSUtil;
 import org.apache.hadoop.hdfs.HdfsConfiguration;
 import org.apache.hadoop.http.HttpServer;
 import org.apache.hadoop.ipc.RPC;
 import org.apache.hadoop.ipc.RemoteException;
 import org.apache.hadoop.metrics.jvm.JvmMetrics;
 import org.apache.hadoop.net.NetUtils;
+import org.apache.hadoop.security.UserGroupInformation;
 import org.apache.hadoop.util.Daemon;
 import org.apache.hadoop.util.StringUtils;
 
@@ -106,6 +108,11 @@ public class SecondaryNameNode implements Runnable {
    * Create a connection to the primary namenode.
    */
   public SecondaryNameNode(Configuration conf)  throws IOException {
+    UserGroupInformation.setConfiguration(conf);
+    DFSUtil.login(conf, 
+        DFSConfigKeys.DFS_NAMENODE_KEYTAB_FILE_KEY,
+        DFSConfigKeys.DFS_NAMENODE_USER_NAME_KEY);
+
     try {
       initialize(conf);
     } catch(IOException e) {