[
https://issues.apache.org/jira/browse/HADOOP-9969?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15143360#comment-15143360
]
Greg Senia commented on HADOOP-9969:
------------------------------------
[~acmurthy] can we have a quick discussion on this JIRA to find out what is
going on with it.. I think Dan or Beth will work to set something up..
> TGT expiration doesn't trigger Kerberos relogin
> -----------------------------------------------
>
> Key: HADOOP-9969
> URL: https://issues.apache.org/jira/browse/HADOOP-9969
> Project: Hadoop Common
> Issue Type: Bug
> Components: ipc, security
> Affects Versions: 2.1.0-beta, 2.5.0, 2.5.2, 2.6.0, 2.6.1, 2.8.0, 2.7.1,
> 2.6.2, 2.6.3
> Environment: IBM JDK7
> Reporter: Yu Gao
> Attachments: HADOOP-9969.patch, JobTracker.log
>
>
> In HADOOP-9698 & HADOOP-9850, RPC client and Sasl client have been changed to
> respect the auth method advertised from server, instead of blindly attempting
> the configured one at client side. However, when TGT has expired, an
> exception will be thrown from SaslRpcClient#createSaslClient(SaslAuth
> authType), and at this time the authMethod still holds the initial value
> which is SIMPLE and never has a chance to be updated with the expected one
> requested by server, so kerberos relogin will not happen.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
