[1/3] incubator-ranger git commit: RANGER-1053: policy download fails with HTTP code 401 for long running components in kerberized cluster

Thu, 23 Jun 2016 08:14:32 -0700 

Repository: incubator-ranger
Updated Branches:
  refs/heads/master 0468bc0c1 -> 65d7fbc6e


RANGER-1053: policy download fails with HTTP code 401 for long running 
components in kerberized cluster

Signed-off-by: Velmurugan Periasamy <[email protected]>


Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/559c6f48
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/559c6f48
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/559c6f48

Branch: refs/heads/master
Commit: 559c6f4826c251e5984a694c1c622975465be669
Parents: 0468bc0
Author: Abhay Kulkarni <[email protected]>
Authored: Tue Jun 21 16:20:48 2016 -0700
Committer: Velmurugan Periasamy <[email protected]>
Committed: Thu Jun 23 11:12:48 2016 -0400

----------------------------------------------------------------------
 .../java/org/apache/ranger/audit/provider/MiscUtil.java     | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/559c6f48/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java
----------------------------------------------------------------------
diff --git 
a/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java 
b/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java
index 752a6df..7c48055 100644
--- a/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java
+++ b/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java
@@ -482,7 +482,14 @@ public class MiscUtil {
        public static UserGroupInformation getUGILoginUser() {
                if (ugiLoginUser == null) {
                        try {
-                               ugiLoginUser = 
UserGroupInformation.getLoginUser();
+                               // Do not cache ugiLoginUser if it is not 
explicitly set with
+                               // setUGILoginUser.
+                               // It appears that the user represented by
+                               // the returned object is periodically logged 
out and logged back
+                               // in when the token is scheduled to expire. So 
it is better
+                               // to get the user object every time from 
UserGroupInformation class and
+                               // not cache it
+                               return UserGroupInformation.getLoginUser();
                        } catch (IOException e) {
                                logger.error("Error getting UGI.", e);
                        }

Reply via email to