[HADOOP-7091] reloginFromKeytab() should happen even if TGT can't be found - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 0.22.0
Component/s: security
Labels:
None

Hadoop Flags:

Reviewed

Description

~~HADOOP-6965~~ introduced a getTGT() method and prevents reloginFromKeytab() from happening when TGT is not found. This results in the RPC layer not being able to refresh TGT after TGT expires. The reason is RPC layer only does relogin when the expired TGT is used and an exception is thrown. However, when that happens, the expired TGT will be removed from Subject. Therefore, getTGT() will return null and relogin will not be performed. We observed, for example, JT will not be able to re-connect to NN after TGT expires.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

c7091-01.patch
06/Jan/11 22:55
1 kB
Kan Zhang

Activity

People

Assignee:: Kan Zhang

Reporter:: Kan Zhang

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 06/Jan/11 22:38

Updated:: 12/Dec/11 06:19

Resolved:: 11/Jan/11 02:43