[
https://issues.apache.org/jira/browse/HDFS-2956?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13287738#comment-13287738
]
Daryn Sharp commented on HDFS-2956:
-----------------------------------
It's potentially more than a 1-liner. The NN used to generate (apparently by
design) a non-renewable token if the renewer is null. The PB stuff broke the
ability to pass a null renewer. OTOH, the hftp servlet defaults the renewer to
the client's UGI when passed a null renewer.
The quick and dirty answer is for the token fetcher to default the renewer to
UGI's login user unless the renewer flag is explicitly provided. This breaks
the ability to request a non-renewable hdfs token, but as mentioned earlier, PB
broke that anyway.
Or should the PB code be fixed to allow a null renewer once again, and perhaps
for consistency change hftp to not default a null renewer to the client's UGI?
> calling fetchdt without a --renewer argument throws NPE
> -------------------------------------------------------
>
> Key: HDFS-2956
> URL: https://issues.apache.org/jira/browse/HDFS-2956
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: security
> Affects Versions: 0.24.0
> Reporter: Todd Lipcon
> Assignee: Daryn Sharp
>
> If I call "bin/hdfs fetchdt /tmp/mytoken" without a "--renewer foo" argument,
> then it will throw a NullPointerException:
> Exception in thread "main" java.lang.NullPointerException
> at
> org.apache.hadoop.hdfs.protocolPB.ClientNamenodeProtocolTranslatorPB.getDelegationToken(ClientNamenodeProtocolTranslatorPB.java:830)
> this is because getDelegationToken is being called with a null renewer
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
