[
https://issues.apache.org/jira/browse/STORM-1485?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15109294#comment-15109294
]
ASF GitHub Bot commented on STORM-1485:
---------------------------------------
Github user ptgoetz commented on a diff in the pull request:
https://github.com/apache/storm/pull/1027#discussion_r50310048
--- Diff: storm-core/src/jvm/org/apache/storm/messaging/netty/Login.java ---
@@ -0,0 +1,411 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.storm.messaging.netty;
+
+/**
+ * This class is responsible for refreshing Kerberos credentials for
+ * logins for both Zookeeper client and server.
+ * See ZooKeeperSaslServer for server-side usage.
+ * See ZooKeeperSaslClient for client-side usage.
+ * This class is a copied from
https://github.com/apache/zookeeper/blob/branch-3.4/src/java/main/org/apache/zookeeper/Login.java
+ * with the difference that refresh thread does not die.
+ */
+
+import javax.security.auth.kerberos.KerberosPrincipal;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.callback.CallbackHandler;
+
+import org.apache.log4j.Logger;
+import org.apache.zookeeper.Shell;
+import org.apache.zookeeper.client.ZooKeeperSaslClient;
+import javax.security.auth.kerberos.KerberosTicket;
+import javax.security.auth.Subject;
+import java.util.Date;
+import java.util.Random;
+import java.util.Set;
+
+public class Login {
+ Logger LOG = Logger.getLogger(Login.class);
+ public CallbackHandler callbackHandler;
+
+ // LoginThread will sleep until 80% of time from last refresh to
+ // ticket's expiry has been reached, at which time it will wake
+ // and try to renew the ticket.
+ private static final float TICKET_RENEW_WINDOW = 0.80f;
+
+ /**
+ * Percentage of random jitter added to the renewal time
+ */
+ private static final float TICKET_RENEW_JITTER = 0.05f;
+
+ // Regardless of TICKET_RENEW_WINDOW setting above and the ticket
expiry time,
+ // thread will not sleep between refresh attempts any less than 1
minute (60*1000 milliseconds = 1 minute).
+ // Change the '1' to e.g. 5, to change this to 5 minutes.
+ private static final long MIN_TIME_BEFORE_RELOGIN = 1 * 60 * 1000L;
+
+ private Subject subject = null;
+ private Thread t = null;
+ private boolean isKrbTicket = false;
+ private boolean isUsingTicketCache = false;
+ private boolean isUsingKeytab = false;
+
+ /** Random number generator */
+ private static Random rng = new Random();
+
+ private LoginContext login = null;
+ private String loginContextName = null;
+ private String keytabFile = null;
+ private String principal = null;
+
+ private long lastLogin = 0;
+
+ /**
+ * LoginThread constructor. The constructor starts the thread used
--- End diff --
Minor nit: `LoginThread` --> `Login`
> DRPC Connectivity Issues
> ------------------------
>
> Key: STORM-1485
> URL: https://issues.apache.org/jira/browse/STORM-1485
> Project: Apache Storm
> Issue Type: Bug
> Components: storm-core
> Reporter: Kishor Patil
> Assignee: Kishor Patil
>
> We need fixing following issues for DRPC
> 1. DRPCClient should not stop trying to connect to DRPC after certain fixed
> number of retries - because DRPC server may be down for longer duration.
> 2. KerberosSaslTransportPlugin uses zookeeper Login session for creating
> Thread that dies if TGT has expired - which not recoverable state. In such
> scenario, JVM should be restarted gracefully.
> 3. DRPC ReturnResults bolt Should re-retry Connection to DRPC on
> ThriftException while sending results for particular request.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
