Author: ddas
Date: Thu May 3 17:32:52 2012
New Revision: 1333567
URL: http://svn.apache.org/viewvc?rev=1333567&view=rev
Log:
Merge -r 1333563:1333564 from branch-1 onto branch-1.0. Fixes HADOOP-8346.
Modified:
hadoop/common/branches/branch-1.0/ (props changed)
hadoop/common/branches/branch-1.0/CHANGES.txt (contents, props changed)
hadoop/common/branches/branch-1.0/src/core/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
hadoop/common/branches/branch-1.0/src/core/org/apache/hadoop/security/authentication/util/KerberosUtil.java
hadoop/common/branches/branch-1.0/src/mapred/ (props changed)
hadoop/common/branches/branch-1.0/src/test/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
Propchange: hadoop/common/branches/branch-1.0/
------------------------------------------------------------------------------
Merged /hadoop/common/branches/branch-1:r1333564
Modified: hadoop/common/branches/branch-1.0/CHANGES.txt
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/branch-1.0/CHANGES.txt?rev=1333567&r1=1333566&r2=1333567&view=diff
==============================================================================
--- hadoop/common/branches/branch-1.0/CHANGES.txt (original)
+++ hadoop/common/branches/branch-1.0/CHANGES.txt Thu May 3 17:32:52 2012
@@ -62,6 +62,9 @@ Release 1.0.3 - unreleased
HADOOP-8338. Fix renew and cancel of RPC HDFS delegation tokens. (omalley)
+ HADOOP-8346. Makes oid changes to make SPNEGO work. Was broken due to
fixes
+ introduced by the IBM JDK compatibility patch. (ddas)
+
Release 1.0.2 - 2012.03.24
NEW FEATURES
Propchange: hadoop/common/branches/branch-1.0/CHANGES.txt
------------------------------------------------------------------------------
Merged /hadoop/common/branches/branch-1/CHANGES.txt:r1333564
Modified:
hadoop/common/branches/branch-1.0/src/core/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/branch-1.0/src/core/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java?rev=1333567&r1=1333566&r2=1333567&view=diff
==============================================================================
---
hadoop/common/branches/branch-1.0/src/core/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
(original)
+++
hadoop/common/branches/branch-1.0/src/core/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
Thu May 3 17:32:52 2012
@@ -26,7 +26,6 @@ import javax.security.auth.login.Configu
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import java.io.IOException;
-import java.lang.reflect.Field;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.AccessControlContext;
@@ -196,11 +195,10 @@ public class KerberosAuthenticator imple
try {
GSSManager gssManager = GSSManager.getInstance();
String servicePrincipal = "HTTP/" +
KerberosAuthenticator.this.url.getHost();
-
+ Oid oid = KerberosUtil.getOidInstance("NT_GSS_KRB5_PRINCIPAL");
GSSName serviceName = gssManager.createName(servicePrincipal,
-
GSSName.NT_HOSTBASED_SERVICE);
- Oid oid = KerberosUtil.getOidClassInstance(servicePrincipal,
- gssManager);
+ oid);
+ oid = KerberosUtil.getOidInstance("GSS_KRB5_MECH_OID");
gssContext = gssManager.createContext(serviceName, oid, null,
GSSContext.DEFAULT_LIFETIME);
gssContext.requestCredDeleg(true);
Modified:
hadoop/common/branches/branch-1.0/src/core/org/apache/hadoop/security/authentication/util/KerberosUtil.java
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/branch-1.0/src/core/org/apache/hadoop/security/authentication/util/KerberosUtil.java?rev=1333567&r1=1333566&r2=1333567&view=diff
==============================================================================
---
hadoop/common/branches/branch-1.0/src/core/org/apache/hadoop/security/authentication/util/KerberosUtil.java
(original)
+++
hadoop/common/branches/branch-1.0/src/core/org/apache/hadoop/security/authentication/util/KerberosUtil.java
Thu May 3 17:32:52 2012
@@ -22,7 +22,6 @@ import java.lang.reflect.InvocationTarge
import java.lang.reflect.Method;
import org.ietf.jgss.GSSException;
-import org.ietf.jgss.GSSManager;
import org.ietf.jgss.Oid;
public class KerberosUtil {
@@ -34,8 +33,7 @@ public class KerberosUtil {
: "com.sun.security.auth.module.Krb5LoginModule";
}
- public static Oid getOidClassInstance(String servicePrincipal,
- GSSManager gssManager)
+ public static Oid getOidInstance(String oidName)
throws ClassNotFoundException, GSSException, NoSuchFieldException,
IllegalAccessException {
Class<?> oidClass;
@@ -44,7 +42,7 @@ public class KerberosUtil {
} else {
oidClass = Class.forName("sun.security.jgss.GSSUtil");
}
- Field oidField = oidClass.getDeclaredField("GSS_KRB5_MECH_OID");
+ Field oidField = oidClass.getDeclaredField(oidName);
return (Oid)oidField.get(oidClass);
}
Propchange: hadoop/common/branches/branch-1.0/src/mapred/
------------------------------------------------------------------------------
Merged /hadoop/common/branches/branch-1/src/mapred:r1333564
Modified:
hadoop/common/branches/branch-1.0/src/test/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
URL:
http://svn.apache.org/viewvc/hadoop/common/branches/branch-1.0/src/test/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java?rev=1333567&r1=1333566&r2=1333567&view=diff
==============================================================================
---
hadoop/common/branches/branch-1.0/src/test/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
(original)
+++
hadoop/common/branches/branch-1.0/src/test/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
Thu May 3 17:32:52 2012
@@ -118,10 +118,10 @@ public class TestKerberosAuthenticationH
GSSContext gssContext = null;
try {
String servicePrincipal = KerberosTestUtils.getServerPrincipal();
+ Oid oid = KerberosUtil.getOidInstance("NT_GSS_KRB5_PRINCIPAL");
GSSName serviceName = gssManager.createName(servicePrincipal,
- GSSName.NT_HOSTBASED_SERVICE);
- Oid oid = KerberosUtil.getOidClassInstance(servicePrincipal,
- gssManager);
+ oid);
+ oid = KerberosUtil.getOidInstance("GSS_KRB5_MECH_OID");
gssContext = gssManager.createContext(serviceName, oid, null,
GSSContext.DEFAULT_LIFETIME);
gssContext.requestCredDeleg(true);