HADOOP-12076. Incomplete Cache Mechanism in CredentialProvider API. Contributed by Larry McCay.

(cherry picked from commit fbf55dcaf4)
2015-06-16 14:44:03 -07:00 · 2015-06-16 14:44:03 -07:00 · 63f3c24bb0
parent 4bfbc6b1d4
commit 63f3c24bb0
2 changed files with 4 additions and 14 deletions
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@ -374,6 +374,9 @@ Release 2.8.0 - UNRELEASED
    HADOOP-12095. org.apache.hadoop.fs.shell.TestCount fails.
    (Brahma Reddy Battula via aajisaka)
    HADOOP-12076. Incomplete Cache Mechanism in CredentialProvider API.
    (Larry McCay via cnauroth)
 Release 2.7.1 - UNRELEASED
  INCOMPATIBLE CHANGES
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/alias/AbstractJavaKeyStoreProvider.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/alias/AbstractJavaKeyStoreProvider.java
@ -41,9 +41,7 @@ import java.security.UnrecoverableKeyException;
 import java.security.cert.CertificateException;
 import java.util.ArrayList;
 import java.util.Enumeration;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.concurrent.locks.Lock;
 import java.util.concurrent.locks.ReadWriteLock;
 import java.util.concurrent.locks.ReentrantReadWriteLock;
@ -174,13 +172,6 @@ public abstract class AbstractJavaKeyStoreProvider extends CredentialProvider {
    return keyStore;
  }
  public Map<String, CredentialEntry> getCache() {
    return cache;
  }
  private final Map<String, CredentialEntry> cache =
      new HashMap<String, CredentialEntry>();
  protected final String getPathAsString() {
    return getPath().toString();
  }
@ -213,9 +204,6 @@ public abstract class AbstractJavaKeyStoreProvider extends CredentialProvider {
    try {
      SecretKeySpec key = null;
      try {
        if (cache.containsKey(alias)) {
          return cache.get(alias);
        }
        if (!keyStore.containsAlias(alias)) {
          return null;
        }
@ -269,7 +257,7 @@ public abstract class AbstractJavaKeyStoreProvider extends CredentialProvider {
      throws IOException {
    writeLock.lock();
    try {
-      if (keyStore.containsAlias(alias) || cache.containsKey(alias)) {
+      if (keyStore.containsAlias(alias)) {
        throw new IOException("Credential " + alias + " already exists in "
            + this);
      }
@ -296,7 +284,6 @@ public abstract class AbstractJavaKeyStoreProvider extends CredentialProvider {
      } catch (KeyStoreException e) {
        throw new IOException("Problem removing " + name + " from " + this, e);
      }
      cache.remove(name);
      changed = true;
    } finally {
      writeLock.unlock();