Robert Joseph Evans created STORM-427:
-----------------------------------------
Summary: (Security) AutoTGT with HBase can expose JVM kerberos
issue
Key: STORM-427
URL: https://issues.apache.org/jira/browse/STORM-427
Project: Apache Storm (Incubating)
Issue Type: Bug
Reporter: Robert Joseph Evans
Assignee: Robert Joseph Evans
The oracle JVM with in all versions I have looked at has a bug where it is
possible for the JVM to use a service ticket instead of a TGT when requesting
a service ticket from the KDC.
The way the JVM code works right now is that when it looks for the TGT to use
to connect to the KDC it will iterate over the all of the KerberosTickets in
the private credentials, but it will pull out and use the first ticket that is
for the current client. The private credentials set is actually backed by a
linked list, so the order they are scanned is insertion order. Because a TGT
is going to be inserted before any service tickets in the common case all is
fine, the issue only shows up when we insert in a new TGT after other still
valid service tickets.
This also only shows up when you are talking to more then one service, like we
do with hbase. If it were talking to just one service then the java code would
reuse the valid service ticket instead of trying to get a new service ticket.
I'll put up a pull request shortly.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
