[
https://issues.apache.org/jira/browse/HADOOP-6656?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12892904#action_12892904
]
Kan Zhang commented on HADOOP-6656:
-----------------------------------
Sorry, I now see why you didn't use SecurityUtil.getTgtFromSubject() in the
first place. You already have a "subject" to work with. For this reason I think
it's better to use your original code, since I'm not sure what your
AccessControlContext is when you call getTgtFromSubject(). But I like your way
of figuring out whether a ticket is an original TGT. Is it possible to share
that logic with SecurityUtil.isOriginalTgt()?
Otherwise, +1 for the patch.
> Security framework needs to renew Kerberos tickets while the process is
> running
> -------------------------------------------------------------------------------
>
> Key: HADOOP-6656
> URL: https://issues.apache.org/jira/browse/HADOOP-6656
> Project: Hadoop Common
> Issue Type: Bug
> Reporter: Owen O'Malley
> Assignee: Devaraj Das
> Fix For: 0.22.0
>
> Attachments: 6656-trunk-1.patch, 6656-trunk-2.patch,
> 6656-trunk-3.patch, c-6656-y20-internal.patch, refresh.patch
>
>
> While a client process is running, there should be a thread that periodically
> renews the Kerberos credentials to ensure they don't expire.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
