Hadoop Common
  1. Hadoop Common
  2. HADOOP-6545

Cached FileSystem objects can lead to wrong token being used in setting up connections

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 0.22.0
    • Fix Version/s: 0.21.0
    • Component/s: security
    • Labels:
      None

      Description

      The FileSystem class caches the filesystem objects that it creates for users. For some cases, e.g., if the filesystem object is actually a DistributedFileSystem, it also has an associated RPC client and hence an UGI for the respective user. This could lead to issues to do with using the right credentials when connecting with the namenode. The credentials in the UGI is never updated (even if the user in question now has new credentials) and in case the cached UGI's credentials have expired, this would lead to authentication error whenever there is a re-authentication (in the process of re-establishing connection to the namenode).

      1. 6545-bp20.patch
        5 kB
        Devaraj Das
      2. 6545-2.patch
        5 kB
        Devaraj Das
      3. 6545-1.patch
        2 kB
        Devaraj Das

        Issue Links

          Activity

            People

            • Assignee:
              Devaraj Das
              Reporter:
              Devaraj Das
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development