[
https://issues.apache.org/jira/browse/HADOOP-10850?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14078017#comment-14078017
]
Alejandro Abdelnur commented on HADOOP-10850:
---------------------------------------------
I've was running the testcases with a KA leveraging JDK SPNEGO and testcases
were failing when running all together and succeeding when running one at the
time. Debugging I've run into the host being blacklisted. This happens because
the NegotiatorImpl is being instantiated (in a negative testcase) without a
kerberos context and that throws an exception that makes the host to be
blacklisted (for the life of the JVM), then other tests (positive ones) fail.
> KerberosAuthenticator should not do the SPNEGO handshake
> --------------------------------------------------------
>
> Key: HADOOP-10850
> URL: https://issues.apache.org/jira/browse/HADOOP-10850
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Affects Versions: 2.4.1
> Reporter: Alejandro Abdelnur
> Assignee: Alejandro Abdelnur
>
> As mentioned in HADOOP-10453, the JDK automatically does a SPNEGO handshake
> when opening a connection with a URL within a Kerberos login context, there
> is no need to do the SPNEGO handshake in the {{KerberosAuthenticator}},
> simply extract the auth token (hadoop-auth cookie) and do the fallback if
> necessary.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
