Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-6947

Kerberos relogin should set refreshKrb5Config to true

VotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.0.0, 0.22.0
    • Fix Version/s: 1.1.0, 0.22.0
    • Component/s: security
    • Labels:
      None
    • Hadoop Flags:
      Reviewed

      Description

      In working on securing a daemon that uses two different principals from different threads, I found that I wasn't able to login from a second keytab after I'd logged in from the first. This is because we don't set the refreshKrb5Config in the Configuration for the Krb5LoginModule - hence it won't switch over to the correct keytab file if it's different than the first.

        Attachments

        1. hadoop-6947.txt
          3 kB
          Todd Lipcon
        2. hadoop-6947-branch20.txt
          3 kB
          Todd Lipcon

        Issue Links

          Activity

            People

            • Assignee:
              tlipcon Todd Lipcon
              Reporter:
              tlipcon Todd Lipcon

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment