Return-Path: Delivered-To: apmail-hadoop-common-issues-archive@minotaur.apache.org Received: (qmail 62826 invoked from network); 11 Jan 2011 18:45:07 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 11 Jan 2011 18:45:07 -0000 Received: (qmail 91055 invoked by uid 500); 11 Jan 2011 18:45:07 -0000 Delivered-To: apmail-hadoop-common-issues-archive@hadoop.apache.org Received: (qmail 90933 invoked by uid 500); 11 Jan 2011 18:45:07 -0000 Mailing-List: contact common-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: common-issues@hadoop.apache.org Delivered-To: mailing list common-issues@hadoop.apache.org Received: (qmail 90925 invoked by uid 99); 11 Jan 2011 18:45:07 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 11 Jan 2011 18:45:07 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.22] (HELO thor.apache.org) (140.211.11.22) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 11 Jan 2011 18:45:07 +0000 Received: from thor (localhost [127.0.0.1]) by thor.apache.org (8.13.8+Sun/8.13.8) with ESMTP id p0BIik8D010788 for ; Tue, 11 Jan 2011 18:44:46 GMT Message-ID: <7924727.290741294771486403.JavaMail.jira@thor> Date: Tue, 11 Jan 2011 13:44:46 -0500 (EST) From: "Kan Zhang (JIRA)" To: common-issues@hadoop.apache.org Subject: [jira] Commented: (HADOOP-7091) reloginFromKeytab() should happen even if TGT can't be found In-Reply-To: <1342179.200091294353645366.JavaMail.jira@thor> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HADOOP-7091?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12980245#action_12980245 ] Kan Zhang commented on HADOOP-7091: ----------------------------------- > Hi Kan, should this have gone in the 0.22 branch as well? Yes. Can you help me get it committed? Thanks! > reloginFromKeytab() should happen even if TGT can't be found > ------------------------------------------------------------ > > Key: HADOOP-7091 > URL: https://issues.apache.org/jira/browse/HADOOP-7091 > Project: Hadoop Common > Issue Type: Bug > Components: security > Reporter: Kan Zhang > Assignee: Kan Zhang > Fix For: 0.23.0 > > Attachments: c7091-01.patch > > > HADOOP-6965 introduced a getTGT() method and prevents reloginFromKeytab() from happening when TGT is not found. This results in the RPC layer not being able to refresh TGT after TGT expires. The reason is RPC layer only does relogin when the expired TGT is used and an exception is thrown. However, when that happens, the expired TGT will be removed from Subject. Therefore, getTGT() will return null and relogin will not be performed. We observed, for example, JT will not be able to re-connect to NN after TGT expires. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.