hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yu Gao (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HADOOP-9969) TGT expiration doesn't trigger Kerberos relogin
Date Tue, 17 Sep 2013 00:36:54 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-9969?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Yu Gao updated HADOOP-9969:
---------------------------

    Attachment: HADOOP-9969.patch
    
> TGT expiration doesn't trigger Kerberos relogin
> -----------------------------------------------
>
>                 Key: HADOOP-9969
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9969
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: ipc, security
>    Affects Versions: 2.1.0-beta
>            Reporter: Yu Gao
>         Attachments: HADOOP-9969.patch
>
>
> In HADOOP-9698 & HADOOP-9850, RPC client and Sasl client have been changed to respect
the auth method advertised from server, instead of blindly attempting the configured one at
client side. However, when TGT has expired, an exception will be thrown from SaslRpcClient#createSaslClient(SaslAuth
authType), and at this time the authMethod still holds the initial value which is SIMPLE and
never has a chance to be updated with the expected one requested by server, so kerberos relogin
will not happen.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message