[3/3] hive git commit: HIVE-14386 : UGI clone shim also needs to clone credentials (Sergey Shelukhin, reviewed by Siddharth Seth)

Mon, 01 Aug 2016 11:44:52 -0700 

HIVE-14386 : UGI clone shim also needs to clone credentials (Sergey Shelukhin, 
reviewed by Siddharth Seth)


Project: http://git-wip-us.apache.org/repos/asf/hive/repo
Commit: http://git-wip-us.apache.org/repos/asf/hive/commit/e21386e4
Tree: http://git-wip-us.apache.org/repos/asf/hive/tree/e21386e4
Diff: http://git-wip-us.apache.org/repos/asf/hive/diff/e21386e4

Branch: refs/heads/master
Commit: e21386e497374377cf89387c25c2d53077a24050
Parents: d72d2cf
Author: Sergey Shelukhin <[email protected]>
Authored: Mon Aug 1 11:34:46 2016 -0700
Committer: Sergey Shelukhin <[email protected]>
Committed: Mon Aug 1 11:44:01 2016 -0700

----------------------------------------------------------------------
 .../org/apache/hadoop/hive/shims/Hadoop23Shims.java | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hive/blob/e21386e4/shims/0.23/src/main/java/org/apache/hadoop/hive/shims/Hadoop23Shims.java
----------------------------------------------------------------------
diff --git 
a/shims/0.23/src/main/java/org/apache/hadoop/hive/shims/Hadoop23Shims.java 
b/shims/0.23/src/main/java/org/apache/hadoop/hive/shims/Hadoop23Shims.java
index 9ea174f..a4c7808 100644
--- a/shims/0.23/src/main/java/org/apache/hadoop/hive/shims/Hadoop23Shims.java
+++ b/shims/0.23/src/main/java/org/apache/hadoop/hive/shims/Hadoop23Shims.java
@@ -32,9 +32,11 @@ import java.security.NoSuchAlgorithmException;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Comparator;
+import java.util.HashSet;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 import java.util.TreeMap;
 
 import javax.security.auth.Subject;
@@ -1300,11 +1302,23 @@ public class Hadoop23Shims extends HadoopShimsSecure {
     }
     try {
       Subject origSubject = (Subject) getSubjectMethod.invoke(baseUgi);
+      
       Subject subject = new Subject(false, origSubject.getPrincipals(),
-          origSubject.getPublicCredentials(), 
origSubject.getPrivateCredentials());
+          cloneCredentials(origSubject.getPublicCredentials()),
+          cloneCredentials(origSubject.getPrivateCredentials()));
       return ugiCtor.newInstance(subject);
     } catch (InstantiationException | IllegalAccessException | 
InvocationTargetException e) {
       throw new IOException(e);
     }
   }
+
+  private static Set<Object> cloneCredentials(Set<Object> old) {
+    Set<Object> set = new HashSet<>();
+    // Make sure Hadoop credentials objects do not reuse the maps.
+    for (Object o : old) {
+      set.add(o instanceof Credentials ? new Credentials((Credentials)o) : o);
+    }
+    return set;
+  }
+  
 }

Reply via email to