a7aacdc2d66c6f80704d5ff11fc600acb61c8bf2,src/java/org/apache/hadoop/ipc/Client.java,Connection,setupSaslConnection,#InputStream#OutputStream#,374
Before Change
if (authMethod == AuthMethod.KERBEROS &&
UserGroupInformation.isLoginKeytabBased()) {
//try re-login
UserGroupInformation.getCurrentUser().reloginFromKeytab();
//try setting up the connection again
try {
disposeSasl();
saslRpcClient = new SaslRpcClient(authMethod, token,
serverPrincipal);
return saslRpcClient.saslConnect(in2, out2);
} catch (javax.security.sasl.SaslException jee) {
UserGroupInformation.
setLastUnsuccessfulAuthenticationAttemptTime
(System.currentTimeMillis());
LOG.warn("Couldn't setup connection for " +
UserGroupInformation.getCurrentUser().getUserName() +
" to " + serverPrincipal + " even after relogin.");
throw jee;
}
After Change
return saslRpcClient.saslConnect(in2, out2);
} catch (javax.security.sasl.SaslException je) {
UserGroupInformation loginUser = UserGroupInformation.getLoginUser();
UserGroupInformation currentUser = UserGroupInformation.getCurrentUser();
UserGroupInformation realUser = currentUser.getRealUser();
if (authMethod == AuthMethod.KERBEROS &&
//try setting up the connection again
UserGroupInformation.isLoginKeytabBased() &&
// relogin only in case it is the login user (e.g. JT)
// or superuser (like oozie).
((currentUser != null && currentUser.equals(loginUser)) ||
(realUser != null && realUser.equals(loginUser)))) {
try {
//try re-login