Author: atm Date: Tue Mar 20 19:05:08 2012 New Revision: 1303099 URL: http://svn.apache.org/viewvc?rev=1303099&view=rev Log: HDFS-3083. Cannot run an MR job with HA and security enabled when second-listed NN active. Contributed by Aaron T. Myers.
Modified: hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/ipc/Server.java hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/SecretManager.java Modified: hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/ipc/Server.java URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/ipc/Server.java?rev=1303099&r1=1303098&r2=1303099&view=diff ============================================================================== --- hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/ipc/Server.java (original) +++ hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/ipc/Server.java Tue Mar 20 19:05:08 2012 @@ -1131,6 +1131,7 @@ public abstract class Server { throw new AccessControlException( "Server is not configured to do DIGEST authentication."); } + secretManager.checkAvailableForRead(); saslServer = Sasl.createSaslServer(AuthMethod.DIGEST .getMechanismName(), null, SaslRpcServer.SASL_DEFAULT_REALM, SaslRpcServer.SASL_PROPS, new SaslDigestCallbackHandler( Modified: hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/SecretManager.java URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/SecretManager.java?rev=1303099&r1=1303098&r2=1303099&view=diff ============================================================================== --- hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/SecretManager.java (original) +++ hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/token/SecretManager.java Tue Mar 20 19:05:08 2012 @@ -29,6 +29,7 @@ import javax.crypto.spec.SecretKeySpec; import org.apache.hadoop.classification.InterfaceAudience; import org.apache.hadoop.classification.InterfaceStability; +import org.apache.hadoop.ipc.StandbyException; /** @@ -72,6 +73,17 @@ public abstract class SecretManager<T ex * @return the newly created empty token identifier */ public abstract T createIdentifier(); + + /** + * No-op if the secret manager is available for reading tokens, throw a + * StandbyException otherwise. + * + * @throws StandbyException if the secret manager is not available to read + * tokens + */ + public void checkAvailableForRead() throws StandbyException { + // Default to being available for read. + } /** * The name of the hashing algorithm.