Uploaded image for project: 'Kudu'
  1. Kudu
  2. KUDU-2586

Refactor ConnectToClusterRpc to handle FATAL_INVALID_AUTHENTICATION_TOKEN


    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 1.8.0
    • Fix Version/s: None
    • Component/s: client, security
    • Labels:


      Current implementation of the ConnectToClusterRpc::SingleNodeCallback() method does not handle FATAL_INVALID_AUTHENTICATION_TOKEN error code, relying on handling that in KuduClient::Data::SyncLeaderMasterRpc(). As it turned out, that's not enough: see KUDU-2058.

      In short, current authn token should be removed from the messenger after upon receiving FATAL_INVALID_AUTHENTICATION_TOKEN error code in response from any master. A new token should be automatically acquired (if primary credentials are present) on next attempt to connect to the cluster.

      Also, it would be nice to refactor KuduClient::Data::SyncLeaderMasterRpc() regarding handling of various error codes. Additionally, it's necessary to revise the logic of setting/resetting the KuduClient::Data::master_proxy_ member upon receiving non-OK result status in KuduClient::Data::ConnectedToClusterCb(); e.g. whether it's worth keep the old proxy to the master server if receiving NOT_THE_LEADER error response code while trying to connect to it. Maybe, the latter approach would automatically straighten things up without necessity to handle FATAL_INVALID_AUTHENTICATION_TOKEN by ConnectToClusterRpc.


          Issue Links



              • Assignee:
                aserbin Alexey Serbin
                aserbin Alexey Serbin
              • Votes:
                0 Vote for this issue
                1 Start watching this issue


                • Created: