Jonathan Maron created SLIDER-413:
-------------------------------------
Summary: token renewal scheme misinterprets expiry time from
Token.renew()
Key: SLIDER-413
URL: https://issues.apache.org/jira/browse/SLIDER-413
Project: Slider
Issue Type: Bug
Components: security
Reporter: Jonathan Maron
Assignee: Jonathan Maron
The current HDFS delegation token renewal framework invokes Token.renew() and
assumes the expiry time returned is the expiry time for the token. Further
investigation appears to show that it is in fact the time at which the token
should next be renewed, rather than the max time for the token. Given that,
the current scheme may not be optimal since it will probably trigger the
retrieval of new tokens much more often than necessary.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
