HADOOP-14959. DelegationTokenAuthenticator.authenticate() to wrap network exceptions. Contributed by Ajay Kumar.

This commit is contained in:
Arpit Agarwal 2018-02-27 08:48:13 -08:00
parent 4d1d1d7aec
commit a2e824f9c6
1 changed files with 12 additions and 5 deletions

View File

@ -21,6 +21,7 @@ import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.ObjectReader; import com.fasterxml.jackson.databind.ObjectReader;
import org.apache.hadoop.classification.InterfaceAudience; import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability; import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.net.NetUtils;
import org.apache.hadoop.security.SecurityUtil; import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.security.UserGroupInformation; import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authentication.client.AuthenticatedURL; import org.apache.hadoop.security.authentication.client.AuthenticatedURL;
@ -138,11 +139,17 @@ public abstract class DelegationTokenAuthenticator implements Authenticator {
public void authenticate(URL url, AuthenticatedURL.Token token) public void authenticate(URL url, AuthenticatedURL.Token token)
throws IOException, AuthenticationException { throws IOException, AuthenticationException {
if (!hasDelegationToken(url, token)) { if (!hasDelegationToken(url, token)) {
// check and renew TGT to handle potential expiration try {
UserGroupInformation.getCurrentUser().checkTGTAndReloginFromKeytab(); // check and renew TGT to handle potential expiration
LOG.debug("No delegation token found for url={}, token={}, authenticating" UserGroupInformation.getCurrentUser().checkTGTAndReloginFromKeytab();
+ " with {}", url, token, authenticator.getClass()); LOG.debug("No delegation token found for url={}, token={}, "
authenticator.authenticate(url, token); + "authenticating with {}", url, token, authenticator.getClass());
authenticator.authenticate(url, token);
} catch (IOException ex) {
throw NetUtils.wrapException(url.getHost(), url.getPort(),
null, 0, ex);
}
} else { } else {
LOG.debug("Authenticated from delegation token. url={}, token={}", LOG.debug("Authenticated from delegation token. url={}, token={}",
url, token); url, token);