hadoop git commit: HADOOP-12559. KMS connection failures should trigger TGT renewal. Contributed by Zhe Zhang.

Fri, 18 Mar 2016 21:18:41 -0700 

Repository: hadoop
Updated Branches:
  refs/heads/branch-2.6 c84b32bdd -> c3f24c635


HADOOP-12559. KMS connection failures should trigger TGT renewal. Contributed 
by Zhe Zhang.

Conflicts:
        hadoop-common-project/hadoop-common/CHANGES.txt


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/c3f24c63
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/c3f24c63
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/c3f24c63

Branch: refs/heads/branch-2.6
Commit: c3f24c6353abc918926dddcb49dfbc91b9294578
Parents: c84b32b
Author: Xiaoyu Yao <[email protected]>
Authored: Mon Dec 28 10:41:26 2015 -0800
Committer: Zhe Zhang <[email protected]>
Committed: Fri Mar 18 17:50:05 2016 -0700

----------------------------------------------------------------------
 .../java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java   | 2 ++
 1 file changed, 2 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/c3f24c63/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java
----------------------------------------------------------------------
diff --git 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java
 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java
index 11c0b1f..fb5d280 100644
--- 
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java
+++ 
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSClientProvider.java
@@ -409,6 +409,8 @@ public class KMSClientProvider extends KeyProvider 
implements CryptoExtension,
           UserGroupInformation.AuthenticationMethod.PROXY)
                               ? currentUgi.getShortUserName() : null;
 
+      // check and renew TGT to handle potential expiration
+      actualUgi.checkTGTAndReloginFromKeytab();
       // creating the HTTP connection using the current UGI at constructor time
       conn = actualUgi.doAs(new PrivilegedExceptionAction<HttpURLConnection>() 
{
         @Override

Reply via email to