[GitHub] storm pull request #2635: [STORM-3029] don't use keytab based login for hbas...

2018-04-29 Thread asfgit 
Github user asfgit closed the pull request at:

https://github.com/apache/storm/pull/2635


---

[GitHub] storm pull request #2635: [STORM-3029] don't use keytab based login for hbas...

2018-04-19 Thread revans2 
Github user revans2 commented on a diff in the pull request:

https://github.com/apache/storm/pull/2635#discussion_r182745958
  
--- Diff: 
external/storm-autocreds/src/main/java/org/apache/storm/hbase/security/HBaseSecurityUtil.java
 ---
@@ -52,24 +54,27 @@ private HBaseSecurityUtil() {
 
 public static UserProvider login(Map conf, 
Configuration hbaseConfig) throws IOException {
 //Allowing keytab based login for backward compatibility.
-if (UserGroupInformation.isSecurityEnabled() && 
(conf.get(TOPOLOGY_AUTO_CREDENTIALS) == null ||
-!(((List) 
conf.get(TOPOLOGY_AUTO_CREDENTIALS)).contains(AutoHBase.class.getName() {
-LOG.info("Logging in using keytab as AutoHBase is not 
specified for " + TOPOLOGY_AUTO_CREDENTIALS);
-//insure that if keytab is used only one login per process 
executed
-if(legacyProvider == null) {
-synchronized (HBaseSecurityUtil.class) {
-if(legacyProvider == null) {
-legacyProvider = 
UserProvider.instantiate(hbaseConfig);
-String keytab = (String) 
conf.get(STORM_KEYTAB_FILE_KEY);
-if (keytab != null) {
-hbaseConfig.set(STORM_KEYTAB_FILE_KEY, keytab);
-}
-String userName = (String) 
conf.get(STORM_USER_NAME_KEY);
-if (userName != null) {
-hbaseConfig.set(STORM_USER_NAME_KEY, userName);
+if (UserGroupInformation.isSecurityEnabled()) {
+List autoCredentials = (List) 
conf.get(TOPOLOGY_AUTO_CREDENTIALS);
+if ((autoCredentials == null)
+|| 
(!autoCredentials.contains(AutoHBase.class.getName()) && 
!autoCredentials.contains(AutoTGT.class.getName( {
+LOG.info("Logging in using keytab as either AutoHBase or 
AutoTGT is specified for " + TOPOLOGY_AUTO_CREDENTIALS);
--- End diff --

nit: I think it should be neither instead of either


---

[GitHub] storm pull request #2635: [STORM-3029] don't use keytab based login for hbas...

2018-04-16 Thread Ethanlm 
GitHub user Ethanlm opened a pull request:

https://github.com/apache/storm/pull/2635

[STORM-3029] don't use keytab based login for hbase if AutoTGT is used.

https://issues.apache.org/jira/browse/STORM-3029



You can merge this pull request into a Git repository by running:

$ git pull https://github.com/Ethanlm/storm STORM-3029

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/storm/pull/2635.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #2635


commit 1fda8e236c013cf47d15406ee2a94661da34069b
Author: Ethan Li 
Date:   2018-04-16T15:49:19Z

[STORM-3029] don't use keytab based login for hbase if AutoTGT is used.




---