[ https://issues.apache.org/jira/browse/HADOOP-12587?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15013658#comment-15013658 ]
Benoy Antony edited comment on HADOOP-12587 at 12/17/15 8:16 PM: ----------------------------------------------------------------- GitHub user steveloughran opened a pull request: apache/hadoop/pull/48 HADOOP-12587 Hadoop auth token refused to work without a maxinactive attribute in issued token This initial patch is not a fix. This is the patch to diagnose why I cannot submit work to a secure cluster and so identify the change that actually broke things. I would propose that the max-inactive value is considered optional, defaulting to -1 as the code itself appears to do elsewhere. You can merge this pull request into a Git repository by running: $ git pull https://github.com/steveloughran/hadoop stevel/HADOOP-12587-max-inactive-auth-token Alternatively you can review and apply these changes as the patch at: apache/hadoop/pull/48.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #48 ---- commit 6a92ebda2c1bcf5b1eacfd7ee1d687b08699aa92 Author: Steve Loughran <ste...@hortonworks.com> Date: 2015-11-19T15:01:21Z HADOOP-12587 Hadoop auth token refused to work without a maxinactive attribute in issued token ---- was (Author: githubbot): GitHub user steveloughran opened a pull request: apache/hadoop/pull/48 HADOOP-12587 Hadoop auth token refused to work without a maxinactive attribute in issued token This initial patch is not a fix. This is the patch to diagnose why I cannot submit work to a secure cluster and so identify the change that actually broke things. I would propose that the max-inactive value is considered optional, defaulting to -1 as the code itself appears to do elsewhere. You can merge this pull request into a Git repository by running: $ git pull https://github.com/steveloughran/hadoop stevel/HADOOP-12587-max-inactive-auth-token Alternatively you can review and apply these changes as the patch at: https://github.com/apache/hadoop/pull/48.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #48 ---- commit 6a92ebda2c1bcf5b1eacfd7ee1d687b08699aa92 Author: Steve Loughran <ste...@hortonworks.com> Date: 2015-11-19T15:01:21Z HADOOP-12587 Hadoop auth token refused to work without a maxinactive attribute in issued token ---- > Hadoop AuthToken refuses to work without a maxinactive attribute in issued > token > -------------------------------------------------------------------------------- > > Key: HADOOP-12587 > URL: https://issues.apache.org/jira/browse/HADOOP-12587 > Project: Hadoop Common > Issue Type: Bug > Components: security > Affects Versions: 2.8.0 > Environment: OSX heimdal kerberos client against Linux KDC -talking > to a Hadoop 2.6.0 cluster > Reporter: Steve Loughran > Assignee: Benoy Antony > Priority: Blocker > Attachments: HADOOP-12587-001.patch > > > If you don't have a max-inactive attribute in the auth token returned from > the web site, AuthToken will raise an exception. This stops callers without > this token being able to submit jobs to a secure Hadoop 2.6 YARN cluster with > timeline server enabled. -- This message was sent by Atlassian JIRA (v6.3.4#6332)