Github user benchristel commented on a diff in the pull request:
https://github.com/apache/incubator-hawq/pull/1379#discussion_r201875770
--- Diff:
pxf/pxf-service/src/main/java/org/apache/hawq/pxf/service/servlet/SecurityServletFilter.java
---
@@ -89,32 +106,49 @@ public Boolean run() throws IOException,
ServletException {
};
// create proxy user UGI from the UGI of the logged in user
and execute the servlet chain as that user
- UserGroupInformation proxyUGI = null;
+ UGICacheEntry timedProxyUGI = cache.getTimedProxyUGI(session);
try {
- LOG.debug("Creating proxy user = " + user);
- proxyUGI = UserGroupInformation.createProxyUser(user,
UserGroupInformation.getLoginUser());
- proxyUGI.doAs(action);
+ timedProxyUGI.getUGI().doAs(action);
} catch (UndeclaredThrowableException ute) {
// unwrap the real exception thrown by the action
throw new ServletException(ute.getCause());
} catch (InterruptedException ie) {
throw new ServletException(ie);
- } finally {
- try {
- if (proxyUGI != null) {
- LOG.debug("Closing FileSystem for proxy user = " +
proxyUGI.getUserName());
- FileSystem.closeAllForUGI(proxyUGI);
- }
- } catch (Throwable t) {
- LOG.warn("Error closing FileSystem for proxy user = "
+ proxyUGI.getUserName());
- }
+ }
+ finally {
+ // Optimization to cleanup the cache if it is the last
fragment
+ boolean forceClean = (fragmentIndex != null &&
fragmentCount.equals(fragmentIndex));
+ cache.release(timedProxyUGI, forceClean);
}
} else {
// no user impersonation is configured
chain.doFilter(request, response);
}
}
+
+ private Integer getHeaderValueInt(ServletRequest request, String
headerKey, boolean required)
+ throws IllegalArgumentException {
+ String value = getHeaderValue(request, headerKey, required);
+ return value != null ? Integer.valueOf(value) : null;
--- End diff --
which is a subclass of `IllegalArgumentException`. Should we handle the
`NumberFormatException` differently?
---
