[HADOOP-13127] Correctly cache delegation tokens in KMSClientProvider - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Invalid
Affects Version/s: 2.6.1
Fix Version/s: None
Component/s: security
Labels:
None

Target Version/s:

2.8.0

Description

In the initial implementation of ~~HADOOP-10770~~, the authToken is updated with delegation tokens during {{KMSClientProvider#addDelegationTokens }} in the following line:

Token<?> token = authUrl.getDelegationToken(url, authToken, renewer);

~~HADOOP-11482~~ is a good fix to handle UGI issue, but has a side effect in the following code:

public Token<?> run() throws Exception {
  // Not using the cached token here.. Creating a new token here
  // everytime.
  return authUrl.getDelegationToken(url,
    new DelegationTokenAuthenticatedURL.Token(), renewer, doAsUser);
}

IIUC, we should do setDelegationToken on the authToken here to cache it.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HADOOP-13127.01.patch
10/May/16 23:02
4 kB
Xiao Chen

Activity

People

Assignee:: Xiao Chen

Reporter:: Xiao Chen

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 10/May/16 22:54

Updated:: 16/Sep/16 05:47

Resolved:: 16/Sep/16 05:47