[jira] Updated: (HADOOP-7091) reloginFromKeytab() should happen even if TGT can't be found

Thu, 06 Jan 2011 14:49:08 -0800 

     [ 
https://issues.apache.org/jira/browse/HADOOP-7091?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Kan Zhang updated HADOOP-7091:
------------------------------

    Description: HADOOP-6965 introduced a getTGT() method and prevents 
reloginFromKeytab() from happening when TGT is not found. This results in the 
RPC layer not being able to refresh TGT after TGT expires. The reason is RPC 
layer only does relogin when the expired TGT is used and an exception is 
thrown. However, when that happens, the expired TGT will be removed from 
Subject. Therefore, getTGT() will return null and relogin will not be 
performed. We observed, for example, JT will not be able to re-connect to NN 
after TGT expires.  (was: HADOOP-6965 introduced a getTGT() method and prevents 
reloginFromTGT() from happening when TGT is not found. This results in the RPC 
layer not being able to refresh TGT after TGT expires. The reason is RPC layer 
only does relogin when the expired TGT is used and an exception is thrown. 
However, when that happens, the expired TGT will be removed from Subject. 
Therefore, getTGT() will return null and relogin will not be performed. We 
observed that, for example, JT will not be able to re-connect to NN after TGT 
expires.)

> reloginFromKeytab() should happen even if TGT can't be found
> ------------------------------------------------------------
>
>                 Key: HADOOP-7091
>                 URL: https://issues.apache.org/jira/browse/HADOOP-7091
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>            Reporter: Kan Zhang
>            Assignee: Kan Zhang
>
> HADOOP-6965 introduced a getTGT() method and prevents reloginFromKeytab() 
> from happening when TGT is not found. This results in the RPC layer not being 
> able to refresh TGT after TGT expires. The reason is RPC layer only does 
> relogin when the expired TGT is used and an exception is thrown. However, 
> when that happens, the expired TGT will be removed from Subject. Therefore, 
> getTGT() will return null and relogin will not be performed. We observed, for 
> example, JT will not be able to re-connect to NN after TGT expires.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to