From 63c659ddd0641227501851dbcd1352064fa9348a Mon Sep 17 00:00:00 2001
From: Haohui Mai <wheat9@apache.org>
Date: Thu, 9 Apr 2015 10:58:12 -0700
Subject: [PATCH] HADOOP-11815. HttpServer2 should destroy SignerSecretProvider
 when it stops. Contributed by Rohith.

---
 hadoop-common-project/hadoop-common/CHANGES.txt              | 5 ++++-
 .../src/main/java/org/apache/hadoop/http/HttpServer2.java    | 5 ++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt b/hadoop-common-project/hadoop-common/CHANGES.txt
index 50fb4d76aad..397161d2587 100644
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@@ -1222,7 +1222,10 @@ Release 2.7.0 - UNRELEASED
 
     HADOOP-11796. Skip TestShellBasedIdMapping.testStaticMapUpdate on Windows.
     (Xiaoyu Yao via cnauroth)
-    
+
+    HADOOP-11815. HttpServer2 should destroy SignerSecretProvider when it
+    stops. (Rohith via wheat9)
+
 Release 2.6.1 - UNRELEASED
 
   INCOMPATIBLE CHANGES
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
index 0f1c22287e2..6fd34d566af 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/http/HttpServer2.java
@@ -140,6 +140,7 @@ public final class HttpServer2 implements FilterContainer {
   protected final List<String> filterNames = new ArrayList<>();
   static final String STATE_DESCRIPTION_ALIVE = " - alive";
   static final String STATE_DESCRIPTION_NOT_LIVE = " - not live";
+  private final SignerSecretProvider secretProvider;
 
   /**
    * Class to construct instances of HTTP server with specific options.
@@ -335,7 +336,7 @@ private HttpServer2(final Builder b) throws IOException {
     this.adminsAcl = b.adminsAcl;
     this.webAppContext = createWebAppContext(b.name, b.conf, adminsAcl, appDir);
     try {
-      SignerSecretProvider secretProvider =
+      this.secretProvider =
           constructSecretProvider(b, webAppContext.getServletContext());
       this.webAppContext.getServletContext().setAttribute
           (AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE,
@@ -913,6 +914,8 @@ public void stop() throws Exception {
     }
 
     try {
+      // explicitly destroy the secrete provider
+      secretProvider.destroy();
       // clear & stop webAppContext attributes to avoid memory leaks.
       webAppContext.clearAttributes();
       webAppContext.stop();