Uploaded image for project: 'Slider'
  1. Slider
  2. SLIDER-413

token renewal scheme misinterprets expiry time from Token.renew()

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • None
    • security
    • None

    Description

      The current HDFS delegation token renewal framework invokes Token.renew() and assumes the expiry time returned is the expiry time for the token. Further investigation appears to show that it is in fact the time at which the token should next be renewed, rather than the max time for the token. Given that, the current scheme may not be optimal since it will probably trigger the retrieval of new tokens much more often than necessary.

      Attachments

        Activity

          People

            jmaron Jonathan Maron
            jmaron Jonathan Maron
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: