Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-6947

Kerberos relogin should set refreshKrb5Config to true

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.0.0, 0.22.0
    • 1.1.0, 0.22.0
    • security
    • None
    • Reviewed

    Description

      In working on securing a daemon that uses two different principals from different threads, I found that I wasn't able to login from a second keytab after I'd logged in from the first. This is because we don't set the refreshKrb5Config in the Configuration for the Krb5LoginModule - hence it won't switch over to the correct keytab file if it's different than the first.

      Attachments

        1. hadoop-6947.txt
          3 kB
          Todd Lipcon
        2. hadoop-6947-branch20.txt
          3 kB
          Todd Lipcon

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-10730 Login with kerberos should always set refreshKrb5Config to true

          • Critical - Crashes, loss of data, severe memory leak.
          • Open

          Activity

            People

              tlipcon Todd Lipcon
              tlipcon Todd Lipcon
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: