hadoop git commit: HADOOP-12559. KMS connection failures should trigger TGT renewal. Contributed by Zhe Zhang.

Mon, 28 Dec 2015 10:47:45 -0800 

Repository: hadoop
Updated Branches:
  refs/heads/branch-2 babe025fb -> c664062fb


HADOOP-12559. KMS connection failures should trigger TGT renewal. Contributed 
by Zhe Zhang.

(cherry picked from commit 993311e547e6dd7757025d5ffc285019bd4fc1f6)


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/c664062f
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/c664062f
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/c664062f

Branch: refs/heads/branch-2
Commit: c664062fb32ad46bc3cbce76f8eb121059dbf4d1
Parents: babe025
Author: Xiaoyu Yao <x...@apache.org>
Authored: Mon Dec 28 10:41:26 2015 -0800
Committer: Xiaoyu Yao <x...@apache.org>
Committed: Mon Dec 28 10:42:15 2015 -0800

----------------------------------------------------------------------
 hadoop-common-project/hadoop-common/CHANGES.txt                   | 3 +++
 .../java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java  | 2 ++
 2 files changed, 5 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/c664062f/hadoop-common-project/hadoop-common/CHANGES.txt
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt 
b/hadoop-common-project/hadoop-common/CHANGES.txt
index 45d3f2c..6a3e711 100644
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@@ -905,6 +905,9 @@ Release 2.8.0 - UNRELEASED
     HADOOP-12681. start-build-env.sh fails in branch-2.
     (Kengo Seki via aajisaka)
 
+    HADOOP-12559. KMS connection failures should trigger TGT renewal.
+    (Zhe Zhang via xyao)
+
 Release 2.7.3 - UNRELEASED
 
   INCOMPATIBLE CHANGES

http://git-wip-us.apache.org/repos/asf/hadoop/blob/c664062f/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java
----------------------------------------------------------------------
diff --git 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java
 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java
index 4698a83..b113cec 100644
--- 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java
+++ 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java
@@ -474,6 +474,8 @@ public class KMSClientProvider extends KeyProvider 
implements CryptoExtension,
           UserGroupInformation.AuthenticationMethod.PROXY)
                               ? currentUgi.getShortUserName() : null;
 
+      // check and renew TGT to handle potential expiration
+      actualUgi.checkTGTAndReloginFromKeytab();
       // creating the HTTP connection using the current UGI at constructor time
       conn = actualUgi.doAs(new PrivilegedExceptionAction<HttpURLConnection>() 
{
         @Override

Reply via email to