HADOOP-11117 UGI HadoopLoginModule doesn't catch & wrap all kerberos-related exceptions (stevel)

hadoop-common-project/hadoop-common/CHANGES.txt

@@ -918,6 +918,9 @@ Release 2.6.0 - UNRELEASED
 
     HADOOP-11145. TestFairCallQueue fails. (Akira AJISAKA via cnauroth)
 
+    HADOOP-11117 UGI HadoopLoginModule doesn't catch & wrap all
+    kerberos-related exceptions (stevel)
+
 Release 2.5.1 - 2014-09-05
 
   INCOMPATIBLE CHANGES

hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/User.java

@@ -47,7 +47,8 @@ class User implements Principal {
     try {
       shortName = new HadoopKerberosName(name).getShortName();
     } catch (IOException ioe) {
-      throw new IllegalArgumentException("Illegal principal name " + name, ioe);
+      throw new IllegalArgumentException("Illegal principal name " + name
+                                         +": " + ioe.toString(), ioe);
     }
     fullName = name;
 

hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java

@@ -178,7 +178,21 @@ public class UserGroupInformation {
       }
       // if we found the user, add our principal
       if (user != null) {
-        subject.getPrincipals().add(new User(user.getName()));
+        if (LOG.isDebugEnabled()) {
+          LOG.debug("Using user: \"" + user + "\" with name " + user.getName());
+        }
+
+        User userEntry = null;
+        try {
+          userEntry = new User(user.getName());
+        } catch (Exception e) {
+          throw (LoginException)(new LoginException(e.toString()).initCause(e));
+        }
+        if (LOG.isDebugEnabled()) {
+          LOG.debug("User entry: \"" + userEntry.toString() + "\"" );
+        }
+
+        subject.getPrincipals().add(userEntry);
         return true;
       }
       LOG.error("Can't find user in " + subject);
@@ -931,7 +945,7 @@ public class UserGroupInformation {
         metrics.loginFailure.add(Time.now() - start);
       }
       throw new IOException("Login failure for " + user + " from keytab " + 
-                            path, le);
+                            path+ ": " + le, le);
     }
     LOG.info("Login successful for user " + keytabPrincipal
         + " using keytab file " + keytabFile);

hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestUserGroupInformation.java

@@ -340,7 +340,8 @@ public class TestUserGroupInformation {
     } catch (IllegalArgumentException e) {
       String expect = (userName == null || userName.isEmpty())
           ? "Null user" : "Illegal principal name "+userName;
-      assertEquals(expect, e.getMessage());
+      assertTrue("Did not find "+ expect + " in " + e,
+          e.toString().contains(expect));
     }
   }