HADOOP-15402. Prevent double logout of UGI's LoginContext

Signed-off-by: Akira Ajisaka <aajisaka@apache.org>

hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java

@@ -47,6 +47,7 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicBoolean;
 import java.util.concurrent.atomic.AtomicReference;
 
 import javax.security.auth.DestroyFailedException;
@@ -1843,6 +1844,7 @@ public class UserGroupInformation {
   private static class HadoopLoginContext extends LoginContext {
     private final String appName;
     private final HadoopConfiguration conf;
+    private AtomicBoolean isLoggedIn = new AtomicBoolean();
 
     HadoopLoginContext(String appName, Subject subject,
                        HadoopConfiguration conf) throws LoginException {
@@ -1875,6 +1877,7 @@ public class UserGroupInformation {
         long start = Time.monotonicNow();
         try {
           super.login();
+          isLoggedIn.set(true);
           metric = metrics.loginSuccess;
         } finally {
           metric.add(Time.monotonicNow() - start);
@@ -1885,8 +1888,7 @@ public class UserGroupInformation {
     @Override
     public void logout() throws LoginException {
       synchronized(getSubjectLock()) {
-        if (this.getSubject() != null
-            && !this.getSubject().getPrivateCredentials().isEmpty()) {
+        if (isLoggedIn.compareAndSet(true, false)) {
           super.logout();
         }
       }