tool
/
starrocks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[BugFix] Fix broker kerberos ticket expired bug (#12944) 

Set hadoop.kerberos.keytab.login.autorenewal.enabled to true to enable auth refresh ticket.
This commit is contained in:
gengjun-git 2022-11-14 19:03:46 +08:00 committed by GitHub
parent 6680e905d0
commit 401ced33b1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
fs_brokers/apache_hdfs_broker/src/main/java/com/starrocks/broker/hdfs/FileSystemManager.java
View File

@ -315,6 +315,8 @@ public class FileSystemManager {
if (authentication.equals(AUTHENTICATION_KERBEROS)) {
conf.set(CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION,
AUTHENTICATION_KERBEROS);
conf.set(CommonConfigurationKeysPublic.HADOOP_KERBEROS_KEYTAB_LOGIN_AUTORENEWAL_ENABLED,
"true");
String principal = preparePrincipal(properties.get(KERBEROS_PRINCIPAL));
String keytab = "";
@ -343,7 +345,7 @@ public class FileSystemManager {
ugi = UserGroupInformation.loginUserFromKeytabAndReturnUGI(principal, keytab);
if (!hasSetGlobalUGI) {
// set a global ugi so that other components(kms for example) can get the kerberos token.
UserGroupInformation.setLoginUser(ugi);
UserGroupInformation.loginUserFromKeytab(principal, keytab);
hasSetGlobalUGI = true;
}
if (properties.containsKey(KERBEROS_KEYTAB_CONTENT)) {