a7aacdc2d66c6f80704d5ff11fc600acb61c8bf2,src/java/org/apache/hadoop/ipc/Client.java,Connection,setupSaslConnection,#InputStream#OutputStream#,374

Before Change


        if (authMethod == AuthMethod.KERBEROS && 
            UserGroupInformation.isLoginKeytabBased()) {
          //try re-login
          UserGroupInformation.getCurrentUser().reloginFromKeytab();
          //try setting up the connection again
          try {
            disposeSasl();
            saslRpcClient = new SaslRpcClient(authMethod, token,
                serverPrincipal);
            return saslRpcClient.saslConnect(in2, out2);
          } catch (javax.security.sasl.SaslException jee) {
            UserGroupInformation.
            setLastUnsuccessfulAuthenticationAttemptTime
            (System.currentTimeMillis());
            LOG.warn("Couldn't setup connection for " + 
                UserGroupInformation.getCurrentUser().getUserName() +
                " to " + serverPrincipal + " even after relogin.");
            throw jee;
          }

After Change


        return saslRpcClient.saslConnect(in2, out2);
      } catch (javax.security.sasl.SaslException je) {
        UserGroupInformation loginUser = UserGroupInformation.getLoginUser();
        UserGroupInformation currentUser = UserGroupInformation.getCurrentUser();
        UserGroupInformation realUser = currentUser.getRealUser();
        if (authMethod == AuthMethod.KERBEROS && 
          //try setting up the connection again
          UserGroupInformation.isLoginKeytabBased() &&
          // relogin only in case it is the login user (e.g. JT)
          // or superuser (like oozie).
          ((currentUser != null && currentUser.equals(loginUser)) ||
           (realUser != null && realUser.equals(loginUser)))) {
          try {
            //try re-login