Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-12716

KerberosAuthenticator#doSpnegoSequence use incorrect class to determine isKeyTab in JDK8

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.7.1
    • Fix Version/s: 2.8.0, 3.0.0-alpha1
    • Component/s: security
    • Labels:
      None
    • Environment:

      Java 8

    • Hadoop Flags:
      Reviewed

      Description

      HADOOP-11287 and HADOOP-10786 has fixed the issue in UserGroupInformation class for JDK8.

      However, the logic in KerberosAuthenticator#doSpnegoSequence is not updated. The KerberosKey.class below should be KeyTab.class for JDK8.

      if (subject == null
                || (subject.getPrivateCredentials(KerberosKey.class).isEmpty()
                    && subject.getPrivateCredentials(KerberosTicket.class).isEmpty())) {
      

        Attachments

        1. HADOOP-12716.000.patch
          5 kB
          Xiaoyu Yao
        2. HADOOP-12716.001.patch
          5 kB
          Xiaoyu Yao
        3. HADOOP-12716.002.patch
          5 kB
          Xiaoyu Yao

          Activity

            People

            • Assignee:
              xyao Xiaoyu Yao
              Reporter:
              xyao Xiaoyu Yao
            • Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: