Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HADOOP-11117 UGI HadoopLoginModule doesn't catch & wrap all kerberos-related exceptions (stevel)

This commit is contained in:
Steve Loughran 2014-09-30 17:28:56 -07:00
parent 489b4008df
commit 49be85005e
4 changed files with 23 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
hadoop-common-project/hadoop-common/CHANGES.txt
View File

@ -580,6 +580,9 @@ Release 2.6.0 - UNRELEASED
HADOOP-11145. TestFairCallQueue fails. (Akira AJISAKA via cnauroth) HADOOP-11145. TestFairCallQueue fails. (Akira AJISAKA via cnauroth)
HADOOP-11117 UGI HadoopLoginModule doesn't catch & wrap all
kerberos-related exceptions (stevel)
Release 2.5.1 - 2014-09-05 Release 2.5.1 - 2014-09-05
INCOMPATIBLE CHANGES INCOMPATIBLE CHANGES

3
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/User.java
View File

@ -47,7 +47,8 @@ public User(String name, AuthenticationMethod authMethod, LoginContext login) {
try { try {
shortName = new HadoopKerberosName(name).getShortName(); shortName = new HadoopKerberosName(name).getShortName();
} catch (IOException ioe) { } catch (IOException ioe) {
throw new IllegalArgumentException("Illegal principal name " + name, ioe); throw new IllegalArgumentException("Illegal principal name " + name
+": " + ioe.toString(), ioe);
} }
fullName = name; fullName = name;

18
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java
View File

@ -176,7 +176,21 @@ public boolean commit() throws LoginException {
} }
// if we found the user, add our principal // if we found the user, add our principal
if (user != null) { if (user != null) {
subject.getPrincipals().add(new User(user.getName())); if (LOG.isDebugEnabled()) {
LOG.debug("Using user: \"" + user + "\" with name " + user.getName());
}
User userEntry = null;
try {
userEntry = new User(user.getName());
} catch (Exception e) {
throw (LoginException)(new LoginException(e.toString()).initCause(e));
}
if (LOG.isDebugEnabled()) {
LOG.debug("User entry: \"" + userEntry.toString() + "\"" );
}
subject.getPrincipals().add(userEntry);
return true; return true;
} }
LOG.error("Can't find user in " + subject); LOG.error("Can't find user in " + subject);
@ -919,7 +933,7 @@ static void loginUserFromKeytab(String user,
metrics.loginFailure.add(Time.now() - start); metrics.loginFailure.add(Time.now() - start);
} }
throw new IOException("Login failure for " + user + " from keytab " + throw new IOException("Login failure for " + user + " from keytab " +
path, le); path+ ": " + le, le);
} }
LOG.info("Login successful for user " + keytabPrincipal LOG.info("Login successful for user " + keytabPrincipal
+ " using keytab file " + keytabFile); + " using keytab file " + keytabFile);

3
hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestUserGroupInformation.java
View File

@ -339,7 +339,8 @@ private void testConstructorFailures(String userName) {
} catch (IllegalArgumentException e) { } catch (IllegalArgumentException e) {
String expect = (userName == null || userName.isEmpty()) String expect = (userName == null || userName.isEmpty())
? "Null user" : "Illegal principal name "+userName; ? "Null user" : "Illegal principal name "+userName;
assertEquals(expect, e.getMessage()); assertTrue("Did not find "+ expect + " in " + e,
e.toString().contains(expect));
} }
} }