9 年之前 · de32cf3c75
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java
@@ -474,8 +474,6 @@ public class KMSClientProvider extends KeyProvider implements CryptoExtension,
 
				           UserGroupInformation.AuthenticationMethod.PROXY)
			
 
				                               ? currentUgi.getShortUserName() : null;
			
 
				 
			
 
				-      // check and renew TGT to handle potential expiration
			
 
				-      actualUgi.checkTGTAndReloginFromKeytab();
			
 
				       // creating the HTTP connection using the current UGI at constructor time
			
 
				       conn = actualUgi.doAs(new PrivilegedExceptionAction<HttpURLConnection>() {
			
 
				         @Override
			
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticator.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/delegation/web/DelegationTokenAuthenticator.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.security.token.delegation.web;
 
				 import org.apache.hadoop.classification.InterfaceAudience;
			
 
				 import org.apache.hadoop.classification.InterfaceStability;
			
 
				 import org.apache.hadoop.security.SecurityUtil;
			
 
				+import org.apache.hadoop.security.UserGroupInformation;
			
 
				 import org.apache.hadoop.security.authentication.client.AuthenticatedURL;
			
 
				 import org.apache.hadoop.security.authentication.client.AuthenticationException;
			
 
				 import org.apache.hadoop.security.authentication.client.Authenticator;
			
@@ -125,6 +126,8 @@ public abstract class DelegationTokenAuthenticator implements Authenticator {
 
				   public void authenticate(URL url, AuthenticatedURL.Token token)
			
 
				       throws IOException, AuthenticationException {
			
 
				     if (!hasDelegationToken(url, token)) {
			
 
				+      // check and renew TGT to handle potential expiration
			
 
				+      UserGroupInformation.getCurrentUser().checkTGTAndReloginFromKeytab();
			
 
				       authenticator.authenticate(url, token);
			
 
				     }
			
 
				   }
			
--- a/hadoop-common-project/hadoop-kms/src/test/resources/log4j.properties
+++ b/hadoop-common-project/hadoop-kms/src/test/resources/log4j.properties
@@ -22,7 +22,7 @@ log4j.appender.stdout.Target=System.out
 
				 log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
			
 
				 log4j.appender.stdout.layout.ConversionPattern=%d{ISO8601} %-5p %c{1} - %m%n
			
 
				 
			
 
				-log4j.rootLogger=WARN, stdout
			
 
				+log4j.rootLogger=INFO, stdout
			
 
				 log4j.logger.org.apache.hadoop.conf=ERROR
			
 
				 log4j.logger.org.apache.hadoop.crytpo.key.kms.server=ALL
			
 
				 log4j.logger.com.sun.jersey.server.wadl.generators.WadlGeneratorJAXBGrammarGenerator=OFF