[jira] [Commented] (KNOX-1959) HadoopAuthCookieStore should not read krb5 login config each time

Wed, 31 Jul 2019 11:45:46 -0700 


    [ 
https://issues.apache.org/jira/browse/KNOX-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16897443#comment-16897443
 ] 

ASF subversion and git services commented on KNOX-1959:
-------------------------------------------------------

Commit c7328c9e44d353f3d6ac949cdb193650186cf7c4 in knox's branch 
refs/heads/master from Kevin Risden
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=c7328c9 ]

KNOX-1959 - HadoopAuthCookieStore should not read krb5 login config each time

Signed-off-by: Kevin Risden <[email protected]>


> HadoopAuthCookieStore should not read krb5 login config each time
> -----------------------------------------------------------------
>
>                 Key: KNOX-1959
>                 URL: https://issues.apache.org/jira/browse/KNOX-1959
>             Project: Apache Knox
>          Issue Type: Improvement
>            Reporter: Kevin Risden
>            Assignee: Kevin Risden
>            Priority: Major
>             Fix For: 1.4.0
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Currently HadoopAuthCookieStore isKnoxCookie checks the configured principal 
> over and over again from krb5 login config file on each cookie. This is 
> unnecessary and can be improved.
> Specifically the following section doesn't need to read the krb5 login config 
> each time. We can do this once in the constructor. We should not expect krb5 
> config to change from underneath us.
> {code:java}
>         if (principal != null) {
>             String krb5Config = config.getKerberosLoginConfig();
>             if (krb5Config != null && !krb5Config.isEmpty()) {
>               Properties p = new Properties();
>               try (InputStream in = 
> Files.newInputStream(Paths.get(krb5Config))){
>                 p.load(in);
>                 String configuredPrincipal = p.getProperty("principal");
>                 // Strip off enclosing quotes, if present
>                 if (configuredPrincipal.startsWith("\"")) {
>                   configuredPrincipal = configuredPrincipal.substring(1, 
> configuredPrincipal.length() - 1);
>                 }
>                 // Check if they're the same principal
>                 result = principal.equals(configuredPrincipal);
>               } catch (IOException e) {
>                 LOG.errorReadingKerberosLoginConfig(krb5Config, e);
>               }
>             }
>           }
> {code}



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

Reply via email to