KUDU-2259 introduced a regression which causes Spark to not work properly on secure clusters. The issue is the following:
- the driver calls exportAuthenticationCredentials()
- the client hasn't yet talked to the master, so it doesn't have any credentials yet, despite having a keytab available
- the code is as follows:
- previously, authnData would be null in this case, and it would fall through to connect to the cluster and then export a proper token.
- with the new implementation, an authnData is returned which is devoid of real credentials but contains a realUser. So, it's non-null, and it gets returned immediately
- the tasks then get credentials with no tokens and can't connect