[SLIDER-413] token renewal scheme misinterprets expiry time from Token.renew() - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: security
Labels:
None

Description

The current HDFS delegation token renewal framework invokes Token.renew() and assumes the expiry time returned is the expiry time for the token. Further investigation appears to show that it is in fact the time at which the token should next be renewed, rather than the max time for the token. Given that, the current scheme may not be optimal since it will probably trigger the retrieval of new tokens much more often than necessary.

Attachments

Activity

People

Assignee:: Jonathan Maron

Reporter:: Jonathan Maron

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 09/Sep/14 15:51

Updated:: 10/Sep/14 13:13

Resolved:: 10/Sep/14 13:13