Repository: zeppelin
Updated Branches:
  refs/heads/master 2ba75c72f -> 87e5be901


[ZEPPELIN-3384] Reduce the number of calls that are made to 
`loginUserFromKeytab` in JDBC interpreter

In JDBC interpreter every time `getConnection` has requested a call is made to 
`UserGroupInformation.loginUserFromKeytab` this PR is created to reduce the 
number of time it gets called.

[Improvement]

* [ZEPPELIN-3384](https://issues.apache.org/jira/browse/ZEPPELIN-3384)

* Does the licenses files need update? n/a
* Is there breaking changes for older versions? n/a
* Does this needs documentation? n/a

Author: Prabhjyot Singh <prabhjyotsi...@gmail.com>

Closes #2909 from prabhjyotsingh/ZEPPELIN-3384 and squashes the following 
commits:

72b16be0e [Prabhjyot Singh] add more log
b0be20785 [Prabhjyot Singh] ZEPPELIN-3384: Reduce number of calls that are made 
to `UserGroupInformation.loginUserFromKeytab`

Change-Id: I5d6265bcfddf32d84b22a520475caf290efcba44


Project: http://git-wip-us.apache.org/repos/asf/zeppelin/repo
Commit: http://git-wip-us.apache.org/repos/asf/zeppelin/commit/87e5be90
Tree: http://git-wip-us.apache.org/repos/asf/zeppelin/tree/87e5be90
Diff: http://git-wip-us.apache.org/repos/asf/zeppelin/diff/87e5be90

Branch: refs/heads/master
Commit: 87e5be901e5fd36140fca9cc0141c503b450cbe1
Parents: 2ba75c7
Author: Prabhjyot Singh <prabhjyotsi...@gmail.com>
Authored: Wed Apr 4 20:45:54 2018 +0530
Committer: Prabhjyot Singh <prabhjyotsi...@gmail.com>
Committed: Fri Apr 13 10:38:10 2018 +0530

----------------------------------------------------------------------
 .../zeppelin/jdbc/security/JDBCSecurityImpl.java   | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/zeppelin/blob/87e5be90/jdbc/src/main/java/org/apache/zeppelin/jdbc/security/JDBCSecurityImpl.java
----------------------------------------------------------------------
diff --git 
a/jdbc/src/main/java/org/apache/zeppelin/jdbc/security/JDBCSecurityImpl.java 
b/jdbc/src/main/java/org/apache/zeppelin/jdbc/security/JDBCSecurityImpl.java
index ef2c729..5411821 100644
--- a/jdbc/src/main/java/org/apache/zeppelin/jdbc/security/JDBCSecurityImpl.java
+++ b/jdbc/src/main/java/org/apache/zeppelin/jdbc/security/JDBCSecurityImpl.java
@@ -46,10 +46,19 @@ public class JDBCSecurityImpl {
         conf.set("hadoop.security.authentication", KERBEROS.toString());
         UserGroupInformation.setConfiguration(conf);
         try {
-          UserGroupInformation.loginUserFromKeytab(
-              properties.getProperty("zeppelin.jdbc.principal"),
-              properties.getProperty("zeppelin.jdbc.keytab.location")
-          );
+          // Check TGT before calling login
+          // Ref: 
https://github.com/apache/hadoop/blob/release-3.0.1-RC1/hadoop-common-project/
+          // 
hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java#L1232
+          if (!UserGroupInformation.isSecurityEnabled()
+              || 
UserGroupInformation.getCurrentUser().getAuthenticationMethod() != KERBEROS
+              || !UserGroupInformation.isLoginKeytabBased()) {
+            UserGroupInformation.loginUserFromKeytab(
+                properties.getProperty("zeppelin.jdbc.principal"),
+                properties.getProperty("zeppelin.jdbc.keytab.location"));
+          } else {
+            LOGGER.info("The user has already logged in using Keytab and 
principal, " +
+              "no action required");
+          }
         } catch (IOException e) {
           LOGGER.error("Failed to get either keytab location or principal name 
in the " +
               "interpreter", e);

Reply via email to