[HADOOP-17121] UGI Credentials#addToken silently overrides the token with same service name - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None

Description

UGI Credentials#addToken silently overrides the token with same service name.

public void addToken(Text alias, Token<? extends TokenIdentifier> t) {
  if (t == null) {
    LOG.warn("Null token ignored for " + alias);
  } else if (tokenMap.put(alias, t) != null) {
    // Update private tokens
    Map<Text, Token<? extends TokenIdentifier>> tokensToAdd =
        new HashMap<>();
    for (Map.Entry<Text, Token<? extends TokenIdentifier>> e :
        tokenMap.entrySet()) {
      Token<? extends TokenIdentifier> token = e.getValue();
      if (token.isPrivateCloneOf(alias)) {
        tokensToAdd.put(e.getKey(), t.privateClone(token.getService()));
      }
    }
    tokenMap.putAll(tokensToAdd);
  }
}

There are tokens which does not have service name like YARN_AM_RM_TOKEN, Localizer and these tokens gets overridden and causes access issues later which are tough to debug.

1. Need to check if they can be added with some random unique name.
2. Or at least a error message should be logged.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Prabhu Joseph

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 09/Jul/20 12:44

Updated:: 17/Jul/20 14:01