hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve Loughran (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HADOOP-9969) TGT expiration doesn't trigger Kerberos relogin
Date Mon, 18 Jan 2016 22:55:39 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-9969?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Steve Loughran updated HADOOP-9969:
-----------------------------------
    Status: Patch Available  (was: Open)

> TGT expiration doesn't trigger Kerberos relogin
> -----------------------------------------------
>
>                 Key: HADOOP-9969
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9969
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: ipc, security
>    Affects Versions: 2.1.0-beta
>         Environment: IBM JDK7
>            Reporter: Yu Gao
>         Attachments: HADOOP-9969.patch, JobTracker.log
>
>
> In HADOOP-9698 & HADOOP-9850, RPC client and Sasl client have been changed to respect
the auth method advertised from server, instead of blindly attempting the configured one at
client side. However, when TGT has expired, an exception will be thrown from SaslRpcClient#createSaslClient(SaslAuth
authType), and at this time the authMethod still holds the initial value which is SIMPLE and
never has a chance to be updated with the expected one requested by server, so kerberos relogin
will not happen.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message