hawq-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lavjain <...@git.apache.org>
Subject [GitHub] incubator-hawq pull request #1379: WIP: Cache UGI objects and clean them per...
Date Wed, 04 Jul 2018 16:12:59 GMT
Github user lavjain commented on a diff in the pull request:

    https://github.com/apache/incubator-hawq/pull/1379#discussion_r200168483
  
    --- Diff: pxf/pxf-service/src/main/java/org/apache/hawq/pxf/service/servlet/SecurityServletFilter.java
---
    @@ -89,32 +182,98 @@ public Boolean run() throws IOException, ServletException {
                 };
     
                 // create proxy user UGI from the UGI of the logged in user and execute the
servlet chain as that user
    -            UserGroupInformation proxyUGI = null;
    +            TimedProxyUGI timedProxyUGI = getTimedProxyUGI(user, session);
                 try {
    -                LOG.debug("Creating proxy user = " + user);
    -                proxyUGI = UserGroupInformation.createProxyUser(user, UserGroupInformation.getLoginUser());
    -                proxyUGI.doAs(action);
    +                timedProxyUGI.proxyUGI.doAs(action);
                 } catch (UndeclaredThrowableException ute) {
                     // unwrap the real exception thrown by the action
                     throw new ServletException(ute.getCause());
                 } catch (InterruptedException ie) {
                     throw new ServletException(ie);
    -            } finally {
    -                try {
    -                    if (proxyUGI != null) {
    -                        LOG.debug("Closing FileSystem for proxy user = " + proxyUGI.getUserName());
    -                        FileSystem.closeAllForUGI(proxyUGI);
    -                    }
    -                } catch (Throwable t) {
    -                    LOG.warn("Error closing FileSystem for proxy user = " + proxyUGI.getUserName());
    -                }
    +            }
    +            finally {
    +                release(timedProxyUGI, fragmentIndex, fragmentCount);
                 }
             } else {
                 // no user impersonation is configured
                 chain.doFilter(request, response);
             }
         }
     
    +   private TimedProxyUGI getTimedProxyUGI(String user, SegmentTransactionId session)
throws IOException {
    +        synchronized (session.segmentTransactionId.intern()) {
    --- End diff --
    
    Agreed. Using the lock on interned string helped me to test the logic without any explicit
lock management.


---

Mime
View raw message