[HADOOP-9969] TGT expiration doesn't trigger Kerberos relogin - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Patch Available
Priority: Major
Resolution: Unresolved
Affects Version/s: 2.1.0-beta, 2.5.0, 2.5.2, 2.6.0, 2.6.1, 2.8.0, 2.7.1, 2.6.2, 2.6.3
Fix Version/s: None
Component/s: ipc, security
Labels:
None
Environment:

IBM JDK7

Description

In ~~HADOOP-9698~~ & ~~HADOOP-9850~~, RPC client and Sasl client have been changed to respect the auth method advertised from server, instead of blindly attempting the configured one at client side. However, when TGT has expired, an exception will be thrown from SaslRpcClient#createSaslClient(SaslAuth authType), and at this time the authMethod still holds the initial value which is SIMPLE and never has a chance to be updated with the expected one requested by server, so kerberos relogin will not happen.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

JobTracker.log
20/Sep/13 18:42
35 kB
Yu Gao
HADOOP-9969.patch
17/Sep/13 00:35
1.0 kB
Yu Gao

Activity

People

Assignee:: Unassigned

Reporter:: Yu Gao

Votes:: 3 Vote for this issue

Watchers:: 17 Start watching this issue

Dates

Created:: 17/Sep/13 00:22

Updated:: 13/Mar/18 09:22