[
https://issues.apache.org/jira/browse/HADOOP-6545?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12835655#action_12835655
]
Owen O'Malley commented on HADOOP-6545:
---------------------------------------
+1
> Cached FileSystem objects can lead to wrong token being used in setting up
> connections
> --------------------------------------------------------------------------------------
>
> Key: HADOOP-6545
> URL: https://issues.apache.org/jira/browse/HADOOP-6545
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Affects Versions: 0.22.0
> Reporter: Devaraj Das
> Assignee: Devaraj Das
> Fix For: 0.22.0
>
> Attachments: 6545-1.patch, 6545-2.patch
>
>
> The FileSystem class caches the filesystem objects that it creates for users.
> For some cases, e.g., if the filesystem object is actually a
> DistributedFileSystem, it also has an associated RPC client and hence an UGI
> for the respective user. This could lead to issues to do with using the right
> credentials when connecting with the namenode. The credentials in the UGI is
> never updated (even if the user in question now has new credentials) and in
> case the cached UGI's credentials have expired, this would lead to
> authentication error whenever there is a re-authentication (in the process of
> re-establishing connection to the namenode).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
