subject:"incubator\-omid git commit\: \[OMID\-67\] Avoid Kerberos logging multiple times"

incubator-omid git commit: [OMID-67] Avoid Kerberos logging multiple times

2018-06-10 Thread ohads

Repository: incubator-omid
Updated Branches:
  refs/heads/master 940c41ff2 -> 1afeb7dc5


[OMID-67] Avoid Kerberos logging multiple times

It may cause race conditions when done multiple times from the same JVM.
The Kerberos ticket is not properly renewed when this happens.

This closes #14

Change-Id: I07599f54bc9bead90a87d30a2f6b033de64b6470


Project: http://git-wip-us.apache.org/repos/asf/incubator-omid/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-omid/commit/1afeb7dc
Tree: http://git-wip-us.apache.org/repos/asf/incubator-omid/tree/1afeb7dc
Diff: http://git-wip-us.apache.org/repos/asf/incubator-omid/diff/1afeb7dc

Branch: refs/heads/master
Commit: 1afeb7dc58b82d504242db2954ac79238f8c4435
Parents: 940c41f
Author: Francisco Perez-Sorrosal 
Authored: Thu May 11 12:00:21 2017 -0700
Committer: Ohad Shacham 
Committed: Sun Jun 10 12:01:12 2018 +0300

--
 .../org/apache/omid/tools/hbase/HBaseLogin.java | 25 
 1 file changed, 21 insertions(+), 4 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-omid/blob/1afeb7dc/hbase-common/src/main/java/org/apache/omid/tools/hbase/HBaseLogin.java
--
diff --git 
a/hbase-common/src/main/java/org/apache/omid/tools/hbase/HBaseLogin.java 
b/hbase-common/src/main/java/org/apache/omid/tools/hbase/HBaseLogin.java
index 0994748..92b4904 100644
--- a/hbase-common/src/main/java/org/apache/omid/tools/hbase/HBaseLogin.java
+++ b/hbase-common/src/main/java/org/apache/omid/tools/hbase/HBaseLogin.java
@@ -21,18 +21,35 @@ import org.apache.hadoop.security.UserGroupInformation;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import javax.annotation.Nullable;
 import java.io.IOException;
 
 public final class HBaseLogin {
 
 private static final Logger LOG = 
LoggerFactory.getLogger(HBaseLogin.class);
 
+private static volatile UserGroupInformation ugi;
+
+@Nullable
 public static UserGroupInformation loginIfNeeded(SecureHBaseConfig config) 
throws IOException {
+
 if (UserGroupInformation.isSecurityEnabled()) {
-LOG.info("Security is enabled, logging in with principal={}, 
keytab={}",
-config.getPrincipal(), config.getKeytab());
-UserGroupInformation.loginUserFromKeytab(config.getPrincipal(), 
config.getKeytab());
+LOG.info("Security enabled when connecting to HBase");
+if (ugi == null) { // Use lazy initialization with double-checked 
locking
+synchronized (HBaseLogin.class) {
+if (ugi == null) {
+LOG.info("Login with Kerberos. User={}, keytab={}", 
config.getPrincipal(), config.getKeytab());
+
UserGroupInformation.loginUserFromKeytab(config.getPrincipal(), 
config.getKeytab());
+ugi = UserGroupInformation.getCurrentUser();
+}
+}
+} else {
+LOG.info("User {}, already trusted (Kerberos). Avoiding 2nd 
login as it causes problems", ugi.toString());
+}
+} else {
+LOG.warn("Security NOT enabled when connecting to HBase. Act at 
your own risk. NULL UGI returned");
 }
-return UserGroupInformation.getCurrentUser();
+return ugi;
 }
+
 }

[3/8] incubator-omid git commit: [OMID-67] Avoid Kerberos logging multiple times

2018-03-04 Thread ohads

[OMID-67] Avoid Kerberos logging multiple times

It may cause race conditions when done multiple times from the same JVM.
The Kerberos ticket is not properly renewed when this happens.

This closes #14

Change-Id: I07599f54bc9bead90a87d30a2f6b033de64b6470


Project: http://git-wip-us.apache.org/repos/asf/incubator-omid/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-omid/commit/97579d66
Tree: http://git-wip-us.apache.org/repos/asf/incubator-omid/tree/97579d66
Diff: http://git-wip-us.apache.org/repos/asf/incubator-omid/diff/97579d66

Branch: refs/heads/0.9.0
Commit: 97579d66a3f1f62eebca054495937f4f6f2666c2
Parents: 9f5474f
Author: Francisco Perez-Sorrosal 
Authored: Thu May 11 12:00:21 2017 -0700
Committer: Francisco Perez-Sorrosal 
Committed: Thu Aug 10 13:18:51 2017 -0700

--
 .../org/apache/omid/tools/hbase/HBaseLogin.java | 25 
 1 file changed, 21 insertions(+), 4 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-omid/blob/97579d66/hbase-common/src/main/java/org/apache/omid/tools/hbase/HBaseLogin.java
--
diff --git 
a/hbase-common/src/main/java/org/apache/omid/tools/hbase/HBaseLogin.java 
b/hbase-common/src/main/java/org/apache/omid/tools/hbase/HBaseLogin.java
index 0994748..92b4904 100644
--- a/hbase-common/src/main/java/org/apache/omid/tools/hbase/HBaseLogin.java
+++ b/hbase-common/src/main/java/org/apache/omid/tools/hbase/HBaseLogin.java
@@ -21,18 +21,35 @@ import org.apache.hadoop.security.UserGroupInformation;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import javax.annotation.Nullable;
 import java.io.IOException;
 
 public final class HBaseLogin {
 
 private static final Logger LOG = 
LoggerFactory.getLogger(HBaseLogin.class);
 
+private static volatile UserGroupInformation ugi;
+
+@Nullable
 public static UserGroupInformation loginIfNeeded(SecureHBaseConfig config) 
throws IOException {
+
 if (UserGroupInformation.isSecurityEnabled()) {
-LOG.info("Security is enabled, logging in with principal={}, 
keytab={}",
-config.getPrincipal(), config.getKeytab());
-UserGroupInformation.loginUserFromKeytab(config.getPrincipal(), 
config.getKeytab());
+LOG.info("Security enabled when connecting to HBase");
+if (ugi == null) { // Use lazy initialization with double-checked 
locking
+synchronized (HBaseLogin.class) {
+if (ugi == null) {
+LOG.info("Login with Kerberos. User={}, keytab={}", 
config.getPrincipal(), config.getKeytab());
+
UserGroupInformation.loginUserFromKeytab(config.getPrincipal(), 
config.getKeytab());
+ugi = UserGroupInformation.getCurrentUser();
+}
+}
+} else {
+LOG.info("User {}, already trusted (Kerberos). Avoiding 2nd 
login as it causes problems", ugi.toString());
+}
+} else {
+LOG.warn("Security NOT enabled when connecting to HBase. Act at 
your own risk. NULL UGI returned");
 }
-return UserGroupInformation.getCurrentUser();
+return ugi;
 }
+
 }

incubator-omid git commit: [OMID-67] Avoid Kerberos logging multiple times

2017-08-10 Thread fperezsorrosal

Repository: incubator-omid
Updated Branches:
  refs/heads/0.9.0.0 9f5474f91 -> 97579d66a


[OMID-67] Avoid Kerberos logging multiple times

It may cause race conditions when done multiple times from the same JVM.
The Kerberos ticket is not properly renewed when this happens.

This closes #14

Change-Id: I07599f54bc9bead90a87d30a2f6b033de64b6470


Project: http://git-wip-us.apache.org/repos/asf/incubator-omid/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-omid/commit/97579d66
Tree: http://git-wip-us.apache.org/repos/asf/incubator-omid/tree/97579d66
Diff: http://git-wip-us.apache.org/repos/asf/incubator-omid/diff/97579d66

Branch: refs/heads/0.9.0.0
Commit: 97579d66a3f1f62eebca054495937f4f6f2666c2
Parents: 9f5474f
Author: Francisco Perez-Sorrosal 
Authored: Thu May 11 12:00:21 2017 -0700
Committer: Francisco Perez-Sorrosal 
Committed: Thu Aug 10 13:18:51 2017 -0700

--
 .../org/apache/omid/tools/hbase/HBaseLogin.java | 25 
 1 file changed, 21 insertions(+), 4 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-omid/blob/97579d66/hbase-common/src/main/java/org/apache/omid/tools/hbase/HBaseLogin.java
--
diff --git 
a/hbase-common/src/main/java/org/apache/omid/tools/hbase/HBaseLogin.java 
b/hbase-common/src/main/java/org/apache/omid/tools/hbase/HBaseLogin.java
index 0994748..92b4904 100644
--- a/hbase-common/src/main/java/org/apache/omid/tools/hbase/HBaseLogin.java
+++ b/hbase-common/src/main/java/org/apache/omid/tools/hbase/HBaseLogin.java
@@ -21,18 +21,35 @@ import org.apache.hadoop.security.UserGroupInformation;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import javax.annotation.Nullable;
 import java.io.IOException;
 
 public final class HBaseLogin {
 
 private static final Logger LOG = 
LoggerFactory.getLogger(HBaseLogin.class);
 
+private static volatile UserGroupInformation ugi;
+
+@Nullable
 public static UserGroupInformation loginIfNeeded(SecureHBaseConfig config) 
throws IOException {
+
 if (UserGroupInformation.isSecurityEnabled()) {
-LOG.info("Security is enabled, logging in with principal={}, 
keytab={}",
-config.getPrincipal(), config.getKeytab());
-UserGroupInformation.loginUserFromKeytab(config.getPrincipal(), 
config.getKeytab());
+LOG.info("Security enabled when connecting to HBase");
+if (ugi == null) { // Use lazy initialization with double-checked 
locking
+synchronized (HBaseLogin.class) {
+if (ugi == null) {
+LOG.info("Login with Kerberos. User={}, keytab={}", 
config.getPrincipal(), config.getKeytab());
+
UserGroupInformation.loginUserFromKeytab(config.getPrincipal(), 
config.getKeytab());
+ugi = UserGroupInformation.getCurrentUser();
+}
+}
+} else {
+LOG.info("User {}, already trusted (Kerberos). Avoiding 2nd 
login as it causes problems", ugi.toString());
+}
+} else {
+LOG.warn("Security NOT enabled when connecting to HBase. Act at 
your own risk. NULL UGI returned");
 }
-return UserGroupInformation.getCurrentUser();
+return ugi;
 }
+
 }

incubator-omid git commit: [OMID-67] Avoid Kerberos logging multiple times

[3/8] incubator-omid git commit: [OMID-67] Avoid Kerberos logging multiple times

incubator-omid git commit: [OMID-67] Avoid Kerberos logging multiple times

3 matches

Site Navigation

Mail list logo

Footer information