[
https://issues.apache.org/jira/browse/HADOOP-7541?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13084383#comment-13084383
]
Daryn Sharp commented on HADOOP-7541:
-------------------------------------
The problem is that token renewal is very error-prone and fails in a number of
cases, esp. involving hftp. Long running distcp jobs fail or hang when the
renewal goes bad. The crux of the problem is tokens lack traceability to their
origin, so the renewal code is based on assumptions, outright guesses, and
intimate knowledge it ought not have of filesystems.
Any filesystem token including hftp, will essentially be renewed by:
{code}
FileSystem.get(token.getIssuer(), conf, ugi).renewDelegationToken(token);
{code}
The other suggestion is changing token types for every filesystem, having a
static class with hardcoded conditionals(!) to do renewals. That will cause
entirely unnecessary coupling of filesystems and mapreduce, causing
recompilation of mapreduce to add a fs -- which leads to talk of service
loaders to hide/break the coupling. The alternate is the one line above.
I don't know enough about the wire compat. I thought that allowing the field
not to be present would avoid the problem. I suppose the alternative is to
hijack the service field to hold both the service and the issuer.
> Add issuer field to delegation tokens
> -------------------------------------
>
> Key: HADOOP-7541
> URL: https://issues.apache.org/jira/browse/HADOOP-7541
> Project: Hadoop Common
> Issue Type: New Feature
> Components: security
> Reporter: Daryn Sharp
> Assignee: Daryn Sharp
> Fix For: 0.20.205.0
>
> Attachments: HADOOP-7541.patch
>
>
> Tokens currently lack traceability to its issuer. This complicates the
> ability to reliably renew tokens. Tokens should have an optional issuer.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
