diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt b/hadoop-common-project/hadoop-common/CHANGES.txt index 50fb4d76aad..397161d2587 100644 --- a/hadoop-common-project/hadoop-common/CHANGES.txt +++ b/hadoop-common-project/hadoop-common/CHANGES.txt @@ -1222,7 +1222,10 @@ Release 2.7.0 - UNRELEASED HADOOP-11796. Skip TestShellBasedIdMapping.testStaticMapUpdate on Windows. (Xiaoyu Yao via cnauroth) - + + HADOOP-11815. HttpServer2 should destroy SignerSecretProvider when it + stops. (Rohith via wheat9) + Release 2.6.1 - UNRELEASED INCOMPATIBLE CHANGES diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java index 0f1c22287e2..6fd34d566af 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java @@ -140,6 +140,7 @@ public final class HttpServer2 implements FilterContainer { protected final List filterNames = new ArrayList<>(); static final String STATE_DESCRIPTION_ALIVE = " - alive"; static final String STATE_DESCRIPTION_NOT_LIVE = " - not live"; + private final SignerSecretProvider secretProvider; /** * Class to construct instances of HTTP server with specific options. @@ -335,7 +336,7 @@ public final class HttpServer2 implements FilterContainer { this.adminsAcl = b.adminsAcl; this.webAppContext = createWebAppContext(b.name, b.conf, adminsAcl, appDir); try { - SignerSecretProvider secretProvider = + this.secretProvider = constructSecretProvider(b, webAppContext.getServletContext()); this.webAppContext.getServletContext().setAttribute (AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE, @@ -913,6 +914,8 @@ public final class HttpServer2 implements FilterContainer { } try { + // explicitly destroy the secrete provider + secretProvider.destroy(); // clear & stop webAppContext attributes to avoid memory leaks. webAppContext.clearAttributes(); webAppContext.stop();