Affects Version/s: 2.7.1
Fix Version/s: None
Sometimes —apparently— some people cannot get kerberos to work.
The ability to diagnose problems here is hampered by some aspects of UGI
- the only way to turn on JAAS debug information is through an env var, not within the JVM
- failures are potentially underlogged
- exceptions raised are generic IOEs, so can't be trapped and filtered
- failure handling on the TGT renewer thread is nonexistent
- the code is barely-readable, underdocumented mess.