Return-Path: 
 <common-issues-return-71021-apmail-hadoop-common-issues-archive=hadoop.apache.org@hadoop.apache.org>
X-Original-To: apmail-hadoop-common-issues-archive@minotaur.apache.org
Delivered-To: apmail-hadoop-common-issues-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 618F517399
	for <apmail-hadoop-common-issues-archive@minotaur.apache.org>;
 Tue, 21 Oct 2014 03:14:40 +0000 (UTC)
Received: (qmail 60732 invoked by uid 500); 21 Oct 2014 03:14:34 -0000
Delivered-To: apmail-hadoop-common-issues-archive@hadoop.apache.org
Received: (qmail 60554 invoked by uid 500); 21 Oct 2014 03:14:34 -0000
Mailing-List: contact common-issues-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:common-issues-help@hadoop.apache.org>
List-Unsubscribe: <mailto:common-issues-unsubscribe@hadoop.apache.org>
List-Post: <mailto:common-issues@hadoop.apache.org>
List-Id: <common-issues.hadoop.apache.org>
Reply-To: common-issues@hadoop.apache.org
Delivered-To: mailing list common-issues@hadoop.apache.org
Received: (qmail 60468 invoked by uid 99); 21 Oct 2014 03:14:33 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 21 Oct 2014 03:14:33 +0000
Date: Tue, 21 Oct 2014 03:14:33 +0000 (UTC)
From: "Zhijie Shen (JIRA)" <jira@apache.org>
To: common-issues@hadoop.apache.org
Message-ID: <JIRA.12749416.1413861240000.302339.1413861273880@Atlassian.JIRA>
In-Reply-To: <JIRA.12749416.1413861240000@Atlassian.JIRA>
References: <JIRA.12749416.1413861240000@Atlassian.JIRA>
 <JIRA.12749416.1413861240377@arcas>
Subject: [jira] [Created] (HADOOP-11215) DT management ops in
 DelegationTokenAuthenticatedURL assume the authenticator is
 KerberosDelegationTokenAuthenticator
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394

Zhijie Shen created HADOOP-11215:
------------------------------------

             Summary: DT management ops in DelegationTokenAuthenticatedURL assume the authenticator is KerberosDelegationTokenAuthenticator
                 Key: HADOOP-11215
                 URL: https://issues.apache.org/jira/browse/HADOOP-11215
             Project: Hadoop Common
          Issue Type: Bug
            Reporter: Zhijie Shen


Here's the code in get/renew/cancel DT:
{code}
      return ((KerberosDelegationTokenAuthenticator) getAuthenticator()).
          renewDelegationToken(url, token, token.delegationToken, doAsUser);
{code}

It seems not to be right because PseudoDelegationTokenAuthenticator should work here as well. At least, it is inconsistent in the context of delegation token authentication, as DelegationTokenAuthenticationHandler doesn't require the authentication must be Kerberos. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)