From 00eda001f72d980e657344567bbfa75785bfe1a6 Mon Sep 17 00:00:00 2001
From: Jeff Zhang <zjffdu@apache.org>
Date: Thu, 12 Apr 2018 15:50:52 +0800
Subject: [PATCH] [ZEPPELIN-3356] Kerberos ticket still expire after 7 days

---
 .../zeppelin/notebook/FileSystemStorage.java  | 36 ++++++++++++-------
 1 file changed, 23 insertions(+), 13 deletions(-)

diff --git a/zeppelin-zengine/src/main/java/org/apache/zeppelin/notebook/FileSystemStorage.java b/zeppelin-zengine/src/main/java/org/apache/zeppelin/notebook/FileSystemStorage.java
index 24bab570d9b..4670e2081a4 100644
--- a/zeppelin-zengine/src/main/java/org/apache/zeppelin/notebook/FileSystemStorage.java
+++ b/zeppelin-zengine/src/main/java/org/apache/zeppelin/notebook/FileSystemStorage.java
@@ -30,9 +30,31 @@ public class FileSystemStorage {
 
   private static Logger LOGGER = LoggerFactory.getLogger(FileSystemStorage.class);
 
+  // only do UserGroupInformation.loginUserFromKeytab one time, otherwise you will still get
+  // your ticket expired.
+  static {
+    if (UserGroupInformation.isSecurityEnabled()) {
+      ZeppelinConfiguration zConf = ZeppelinConfiguration.create();
+      String keytab = zConf.getString(
+          ZeppelinConfiguration.ConfVars.ZEPPELIN_SERVER_KERBEROS_KEYTAB);
+      String principal = zConf.getString(
+          ZeppelinConfiguration.ConfVars.ZEPPELIN_SERVER_KERBEROS_PRINCIPAL);
+      if (StringUtils.isBlank(keytab) || StringUtils.isBlank(principal)) {
+        throw new RuntimeException("keytab and principal can not be empty, keytab: " + keytab
+            + ", principal: " + principal);
+      }
+      try {
+        UserGroupInformation.loginUserFromKeytab(principal, keytab);
+      } catch (IOException e) {
+        throw new RuntimeException("Fail to login via keytab:" + keytab +
+            ", principal:" + principal, e);
+      }
+    }
+  }
+
   private ZeppelinConfiguration zConf;
   private Configuration hadoopConf;
-  private boolean isSecurityEnabled = false;
+  private boolean isSecurityEnabled;
   private FileSystem fs;
 
   public FileSystemStorage(ZeppelinConfiguration zConf, String path) throws IOException {
@@ -43,18 +65,6 @@ public FileSystemStorage(ZeppelinConfiguration zConf, String path) throws IOExce
     this.hadoopConf.set("fs.file.impl", RawLocalFileSystem.class.getName());
     this.isSecurityEnabled = UserGroupInformation.isSecurityEnabled();
 
-    if (isSecurityEnabled) {
-      String keytab = zConf.getString(
-          ZeppelinConfiguration.ConfVars.ZEPPELIN_SERVER_KERBEROS_KEYTAB);
-      String principal = zConf.getString(
-          ZeppelinConfiguration.ConfVars.ZEPPELIN_SERVER_KERBEROS_PRINCIPAL);
-      if (StringUtils.isBlank(keytab) || StringUtils.isBlank(principal)) {
-        throw new IOException("keytab and principal can not be empty, keytab: " + keytab
-            + ", principal: " + principal);
-      }
-      UserGroupInformation.loginUserFromKeytab(principal, keytab);
-    }
-
     try {
       this.fs = FileSystem.get(new URI(path), this.hadoopConf);
     } catch (URISyntaxException e) {