Uploaded image for project: 'Hadoop HDFS'
  1. Hadoop HDFS
  2. HDFS-13951

HDFS DelegationTokenFetcher can't print non-HDFS tokens in a tokenfile

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.2.0
    • Fix Version/s: 3.3.0
    • Component/s: tools
    • Labels:
      None
    • Target Version/s:

      Description

      the fetchdt command can fetch tokens for filesystems other than hdfs (s3a, abfs, etc), but it can't print them, as it assumes all tokens in the file are subclasses of org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier & uses this fact in its decoding. It deserializes the token byte array without checking kind and so ends up with invalid data.

      Fix: ask the tokens to decode themselves; only call toStableString() if an HDFS token.

        Attachments

        1. HDFS-13951-001.patch
          6 kB
          Steve Loughran

          Issue Links

            Activity

              People

              • Assignee:
                stevel@apache.org Steve Loughran
                Reporter:
                stevel@apache.org Steve Loughran
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: