hadoop-core-1.1.0/src/main/java/org/apache/hadoop/security/UserGroupInformation.java [696:735]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - public synchronized void reloginFromKeytab() throws IOException { if (!isSecurityEnabled() || user.getAuthenticationMethod() != AuthenticationMethod.KERBEROS || !isKeytab) return; LoginContext login = getLogin(); if (login == null || keytabFile == null) { throw new IOException("loginUserFromKeyTab must be done first"); } if (!hasSufficientTimeElapsed()) { return; } long start = 0; try { LOG.info("Initiating logout for " + getUserName()); synchronized (UserGroupInformation.class) { //clear up the kerberos state. But the tokens are not cleared! As per //the Java kerberos login module code, only the kerberos credentials //are cleared login.logout(); //login and also update the subject field of this instance to //have the new credentials (pass it to the LoginContext constructor) login = new LoginContext(HadoopConfiguration.KEYTAB_KERBEROS_CONFIG_NAME, getSubject()); LOG.info("Initiating re-login for " + keytabPrincipal); start = System.currentTimeMillis(); login.login(); metrics.addLoginSuccess(System.currentTimeMillis() - start); setLogin(login); } } catch (LoginException le) { if (start > 0) { metrics.addLoginFailure(System.currentTimeMillis() - start); } throw new IOException("Login failure for " + keytabPrincipal + " from keytab " + keytabFile, le); } } - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - hadoop-core-1.1.1/src/main/java/org/apache/hadoop/security/UserGroupInformation.java [696:735]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - public synchronized void reloginFromKeytab() throws IOException { if (!isSecurityEnabled() || user.getAuthenticationMethod() != AuthenticationMethod.KERBEROS || !isKeytab) return; LoginContext login = getLogin(); if (login == null || keytabFile == null) { throw new IOException("loginUserFromKeyTab must be done first"); } if (!hasSufficientTimeElapsed()) { return; } long start = 0; try { LOG.info("Initiating logout for " + getUserName()); synchronized (UserGroupInformation.class) { //clear up the kerberos state. But the tokens are not cleared! As per //the Java kerberos login module code, only the kerberos credentials //are cleared login.logout(); //login and also update the subject field of this instance to //have the new credentials (pass it to the LoginContext constructor) login = new LoginContext(HadoopConfiguration.KEYTAB_KERBEROS_CONFIG_NAME, getSubject()); LOG.info("Initiating re-login for " + keytabPrincipal); start = System.currentTimeMillis(); login.login(); metrics.addLoginSuccess(System.currentTimeMillis() - start); setLogin(login); } } catch (LoginException le) { if (start > 0) { metrics.addLoginFailure(System.currentTimeMillis() - start); } throw new IOException("Login failure for " + keytabPrincipal + " from keytab " + keytabFile, le); } } - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - hadoop-core-1.0.3/src/main/java/org/apache/hadoop/security/UserGroupInformation.java [696:735]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - public synchronized void reloginFromKeytab() throws IOException { if (!isSecurityEnabled() || user.getAuthenticationMethod() != AuthenticationMethod.KERBEROS || !isKeytab) return; LoginContext login = getLogin(); if (login == null || keytabFile == null) { throw new IOException("loginUserFromKeyTab must be done first"); } if (!hasSufficientTimeElapsed()) { return; } long start = 0; try { LOG.info("Initiating logout for " + getUserName()); synchronized (UserGroupInformation.class) { //clear up the kerberos state. But the tokens are not cleared! As per //the Java kerberos login module code, only the kerberos credentials //are cleared login.logout(); //login and also update the subject field of this instance to //have the new credentials (pass it to the LoginContext constructor) login = new LoginContext(HadoopConfiguration.KEYTAB_KERBEROS_CONFIG_NAME, getSubject()); LOG.info("Initiating re-login for " + keytabPrincipal); start = System.currentTimeMillis(); login.login(); metrics.addLoginSuccess(System.currentTimeMillis() - start); setLogin(login); } } catch (LoginException le) { if (start > 0) { metrics.addLoginFailure(System.currentTimeMillis() - start); } throw new IOException("Login failure for " + keytabPrincipal + " from keytab " + keytabFile, le); } } - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - hadoop-core-1.0.4/src/main/java/org/apache/hadoop/security/UserGroupInformation.java [696:735]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - public synchronized void reloginFromKeytab() throws IOException { if (!isSecurityEnabled() || user.getAuthenticationMethod() != AuthenticationMethod.KERBEROS || !isKeytab) return; LoginContext login = getLogin(); if (login == null || keytabFile == null) { throw new IOException("loginUserFromKeyTab must be done first"); } if (!hasSufficientTimeElapsed()) { return; } long start = 0; try { LOG.info("Initiating logout for " + getUserName()); synchronized (UserGroupInformation.class) { //clear up the kerberos state. But the tokens are not cleared! As per //the Java kerberos login module code, only the kerberos credentials //are cleared login.logout(); //login and also update the subject field of this instance to //have the new credentials (pass it to the LoginContext constructor) login = new LoginContext(HadoopConfiguration.KEYTAB_KERBEROS_CONFIG_NAME, getSubject()); LOG.info("Initiating re-login for " + keytabPrincipal); start = System.currentTimeMillis(); login.login(); metrics.addLoginSuccess(System.currentTimeMillis() - start); setLogin(login); } } catch (LoginException le) { if (start > 0) { metrics.addLoginFailure(System.currentTimeMillis() - start); } throw new IOException("Login failure for " + keytabPrincipal + " from keytab " + keytabFile, le); } } - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - hadoop-core-1.2.0/src/main/java/org/apache/hadoop/security/UserGroupInformation.java [696:735]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - public synchronized void reloginFromKeytab() throws IOException { if (!isSecurityEnabled() || user.getAuthenticationMethod() != AuthenticationMethod.KERBEROS || !isKeytab) return; LoginContext login = getLogin(); if (login == null || keytabFile == null) { throw new IOException("loginUserFromKeyTab must be done first"); } if (!hasSufficientTimeElapsed()) { return; } long start = 0; try { LOG.info("Initiating logout for " + getUserName()); synchronized (UserGroupInformation.class) { //clear up the kerberos state. But the tokens are not cleared! As per //the Java kerberos login module code, only the kerberos credentials //are cleared login.logout(); //login and also update the subject field of this instance to //have the new credentials (pass it to the LoginContext constructor) login = new LoginContext(HadoopConfiguration.KEYTAB_KERBEROS_CONFIG_NAME, getSubject()); LOG.info("Initiating re-login for " + keytabPrincipal); start = System.currentTimeMillis(); login.login(); metrics.addLoginSuccess(System.currentTimeMillis() - start); setLogin(login); } } catch (LoginException le) { if (start > 0) { metrics.addLoginFailure(System.currentTimeMillis() - start); } throw new IOException("Login failure for " + keytabPrincipal + " from keytab " + keytabFile, le); } } - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - hadoop-core-1.2.1/src/main/java/org/apache/hadoop/security/UserGroupInformation.java [696:735]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - public synchronized void reloginFromKeytab() throws IOException { if (!isSecurityEnabled() || user.getAuthenticationMethod() != AuthenticationMethod.KERBEROS || !isKeytab) return; LoginContext login = getLogin(); if (login == null || keytabFile == null) { throw new IOException("loginUserFromKeyTab must be done first"); } if (!hasSufficientTimeElapsed()) { return; } long start = 0; try { LOG.info("Initiating logout for " + getUserName()); synchronized (UserGroupInformation.class) { //clear up the kerberos state. But the tokens are not cleared! As per //the Java kerberos login module code, only the kerberos credentials //are cleared login.logout(); //login and also update the subject field of this instance to //have the new credentials (pass it to the LoginContext constructor) login = new LoginContext(HadoopConfiguration.KEYTAB_KERBEROS_CONFIG_NAME, getSubject()); LOG.info("Initiating re-login for " + keytabPrincipal); start = System.currentTimeMillis(); login.login(); metrics.addLoginSuccess(System.currentTimeMillis() - start); setLogin(login); } } catch (LoginException le) { if (start > 0) { metrics.addLoginFailure(System.currentTimeMillis() - start); } throw new IOException("Login failure for " + keytabPrincipal + " from keytab " + keytabFile, le); } } - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - hadoop-core-0.20.203.0/src/main/java/org/apache/hadoop/security/UserGroupInformation.java [696:735]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - public synchronized void reloginFromKeytab() throws IOException { if (!isSecurityEnabled() || user.getAuthenticationMethod() != AuthenticationMethod.KERBEROS || !isKeytab) return; LoginContext login = getLogin(); if (login == null || keytabFile == null) { throw new IOException("loginUserFromKeyTab must be done first"); } if (!hasSufficientTimeElapsed()) { return; } long start = 0; try { LOG.info("Initiating logout for " + getUserName()); synchronized (UserGroupInformation.class) { //clear up the kerberos state. But the tokens are not cleared! As per //the Java kerberos login module code, only the kerberos credentials //are cleared login.logout(); //login and also update the subject field of this instance to //have the new credentials (pass it to the LoginContext constructor) login = new LoginContext(HadoopConfiguration.KEYTAB_KERBEROS_CONFIG_NAME, getSubject()); LOG.info("Initiating re-login for " + keytabPrincipal); start = System.currentTimeMillis(); login.login(); metrics.addLoginSuccess(System.currentTimeMillis() - start); setLogin(login); } } catch (LoginException le) { if (start > 0) { metrics.addLoginFailure(System.currentTimeMillis() - start); } throw new IOException("Login failure for " + keytabPrincipal + " from keytab " + keytabFile, le); } } - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - hadoop-core-1.1.2/src/main/java/org/apache/hadoop/security/UserGroupInformation.java [696:735]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - public synchronized void reloginFromKeytab() throws IOException { if (!isSecurityEnabled() || user.getAuthenticationMethod() != AuthenticationMethod.KERBEROS || !isKeytab) return; LoginContext login = getLogin(); if (login == null || keytabFile == null) { throw new IOException("loginUserFromKeyTab must be done first"); } if (!hasSufficientTimeElapsed()) { return; } long start = 0; try { LOG.info("Initiating logout for " + getUserName()); synchronized (UserGroupInformation.class) { //clear up the kerberos state. But the tokens are not cleared! As per //the Java kerberos login module code, only the kerberos credentials //are cleared login.logout(); //login and also update the subject field of this instance to //have the new credentials (pass it to the LoginContext constructor) login = new LoginContext(HadoopConfiguration.KEYTAB_KERBEROS_CONFIG_NAME, getSubject()); LOG.info("Initiating re-login for " + keytabPrincipal); start = System.currentTimeMillis(); login.login(); metrics.addLoginSuccess(System.currentTimeMillis() - start); setLogin(login); } } catch (LoginException le) { if (start > 0) { metrics.addLoginFailure(System.currentTimeMillis() - start); } throw new IOException("Login failure for " + keytabPrincipal + " from keytab " + keytabFile, le); } } - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - hadoop-core-1.0.0/src/main/java/org/apache/hadoop/security/UserGroupInformation.java [696:735]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - public synchronized void reloginFromKeytab() throws IOException { if (!isSecurityEnabled() || user.getAuthenticationMethod() != AuthenticationMethod.KERBEROS || !isKeytab) return; LoginContext login = getLogin(); if (login == null || keytabFile == null) { throw new IOException("loginUserFromKeyTab must be done first"); } if (!hasSufficientTimeElapsed()) { return; } long start = 0; try { LOG.info("Initiating logout for " + getUserName()); synchronized (UserGroupInformation.class) { //clear up the kerberos state. But the tokens are not cleared! As per //the Java kerberos login module code, only the kerberos credentials //are cleared login.logout(); //login and also update the subject field of this instance to //have the new credentials (pass it to the LoginContext constructor) login = new LoginContext(HadoopConfiguration.KEYTAB_KERBEROS_CONFIG_NAME, getSubject()); LOG.info("Initiating re-login for " + keytabPrincipal); start = System.currentTimeMillis(); login.login(); metrics.addLoginSuccess(System.currentTimeMillis() - start); setLogin(login); } } catch (LoginException le) { if (start > 0) { metrics.addLoginFailure(System.currentTimeMillis() - start); } throw new IOException("Login failure for " + keytabPrincipal + " from keytab " + keytabFile, le); } } - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -