[
https://issues.apache.org/jira/browse/HADOOP-6545?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12836358#action_12836358
]
Hudson commented on HADOOP-6545:
--------------------------------
Integrated in Hadoop-Common-trunk #256 (See
[http://hudson.zones.apache.org/hudson/job/Hadoop-Common-trunk/256/])
. Changes the Key for the FileSystem cache to be UGI. Contributed by
Devaraj Das.
> Cached FileSystem objects can lead to wrong token being used in setting up
> connections
> --------------------------------------------------------------------------------------
>
> Key: HADOOP-6545
> URL: https://issues.apache.org/jira/browse/HADOOP-6545
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Affects Versions: 0.22.0
> Reporter: Devaraj Das
> Assignee: Devaraj Das
> Fix For: 0.22.0
>
> Attachments: 6545-1.patch, 6545-2.patch, 6545-bp20.patch
>
>
> The FileSystem class caches the filesystem objects that it creates for users.
> For some cases, e.g., if the filesystem object is actually a
> DistributedFileSystem, it also has an associated RPC client and hence an UGI
> for the respective user. This could lead to issues to do with using the right
> credentials when connecting with the namenode. The credentials in the UGI is
> never updated (even if the user in question now has new credentials) and in
> case the cached UGI's credentials have expired, this would lead to
> authentication error whenever there is a re-authentication (in the process of
> re-establishing connection to the namenode).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
