[
https://issues.apache.org/jira/browse/HADOOP-12587?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15013658#comment-15013658
]
Benoy Antony edited comment on HADOOP-12587 at 12/17/15 8:16 PM:
-----------------------------------------------------------------
GitHub user steveloughran opened a pull request:
apache/hadoop/pull/48
HADOOP-12587 Hadoop auth token refused to work without a maxinactive
attribute in issued token
This initial patch is not a fix. This is the patch to diagnose why I cannot
submit work to a secure cluster and so identify the change that actually broke
things.
I would propose that the max-inactive value is considered optional,
defaulting to -1 as the code itself appears to do elsewhere.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/steveloughran/hadoop
stevel/HADOOP-12587-max-inactive-auth-token
Alternatively you can review and apply these changes as the patch at:
apache/hadoop/pull/48.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #48
----
commit 6a92ebda2c1bcf5b1eacfd7ee1d687b08699aa92
Author: Steve Loughran <[email protected]>
Date: 2015-11-19T15:01:21Z
HADOOP-12587 Hadoop auth token refused to work without a maxinactive
attribute in issued token
----
was (Author: githubbot):
GitHub user steveloughran opened a pull request:
apache/hadoop/pull/48
HADOOP-12587 Hadoop auth token refused to work without a maxinactive
attribute in issued token
This initial patch is not a fix. This is the patch to diagnose why I cannot
submit work to a secure cluster and so identify the change that actually broke
things.
I would propose that the max-inactive value is considered optional,
defaulting to -1 as the code itself appears to do elsewhere.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/steveloughran/hadoop
stevel/HADOOP-12587-max-inactive-auth-token
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/hadoop/pull/48.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #48
----
commit 6a92ebda2c1bcf5b1eacfd7ee1d687b08699aa92
Author: Steve Loughran <[email protected]>
Date: 2015-11-19T15:01:21Z
HADOOP-12587 Hadoop auth token refused to work without a maxinactive
attribute in issued token
----
> Hadoop AuthToken refuses to work without a maxinactive attribute in issued
> token
> --------------------------------------------------------------------------------
>
> Key: HADOOP-12587
> URL: https://issues.apache.org/jira/browse/HADOOP-12587
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Affects Versions: 2.8.0
> Environment: OSX heimdal kerberos client against Linux KDC -talking
> to a Hadoop 2.6.0 cluster
> Reporter: Steve Loughran
> Assignee: Benoy Antony
> Priority: Blocker
> Attachments: HADOOP-12587-001.patch
>
>
> If you don't have a max-inactive attribute in the auth token returned from
> the web site, AuthToken will raise an exception. This stops callers without
> this token being able to submit jobs to a secure Hadoop 2.6 YARN cluster with
> timeline server enabled.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
