Skip to content

Commit

Permalink
Revert "Periodically re-materialize GSSCredential for KerberosAuthent…
Browse files Browse the repository at this point in the history 
…icator (#192)"

This reverts commit ea76111.
  • Loading branch information
@luohao
luohao committed Jun 25, 2019
1 parent 4e4eef2 commit cc135fc
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 282 deletions.
5 changes: 3 additions & 2 deletions presto-main/src/main/java/com/facebook/presto/server/security/KerberosAuthenticator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,8 +64,9 @@ public KerberosAuthenticator(KerberosConfig config)
System.setProperty("java.security.krb5.conf", config.getKerberosConfig().getAbsolutePath());

try {
boolean isCompleteServicePrinciple = config.getServiceName().contains("@");
String hostname = InetAddress.getLocalHost().getCanonicalHostName().toLowerCase(Locale.US);
String servicePrincipal = config.getServiceName() + "/" + hostname;
String servicePrincipal = isCompleteServicePrinciple ? config.getServiceName() : config.getServiceName() + "/" + hostname;
loginContext = new LoginContext("", null, null, new Configuration()
{
@Override
Expand All @@ -91,7 +92,7 @@ public AppConfigurationEntry[] getAppConfigurationEntry(String name)
loginContext.login();

serverCredential = doAs(loginContext.getSubject(), () -> gssManager.createCredential(
gssManager.createName(config.getServiceName() + "@" + hostname, GSSName.NT_HOSTBASED_SERVICE),
isCompleteServicePrinciple ? gssManager.createName(config.getServiceName(), GSSName.NT_USER_NAME) : gssManager.createName(config.getServiceName() + "@" + hostname, GSSName.NT_HOSTBASED_SERVICE),
INDEFINITE_LIFETIME,
new Oid[] {
new Oid("1.2.840.113554.1.2.2"), // kerberos 5
Expand Down
1 change: 0 additions & 1 deletion presto-main/src/main/java/com/facebook/presto/server/security/ServerSecurityModule.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@
import com.google.inject.Provides;
import com.google.inject.Scopes;
import com.google.inject.multibindings.Multibinder;
import com.twitter.presto.server.security.KerberosAuthenticator;
import io.airlift.configuration.AbstractConfigurationAwareModule;
import io.airlift.http.server.TheServlet;

Expand Down
279 changes: 0 additions & 279 deletions presto-main/src/main/java/com/twitter/presto/server/security/KerberosAuthenticator.java
View file

This file was deleted.

0 comments on commit cc135fc

Please sign in to comment.