[
https://issues.apache.org/jira/browse/HIVE-22033?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17036265#comment-17036265
]
Szehon Ho commented on HIVE-22033:
----------------------------------
Rebasing on behalf of Jon. This is an important patch that we have had in prod
for awhile at Criteo. It seems important to update the expiry date on the
store-side, maybe in our environment as the token is accessed via different
metastore instances.
> HiveServer2: fix delegation token renewal
> -----------------------------------------
>
> Key: HIVE-22033
> URL: https://issues.apache.org/jira/browse/HIVE-22033
> Project: Hive
> Issue Type: Bug
> Affects Versions: 2.3.5
> Reporter: Ion Alberdi
> Assignee: Ion Alberdi
> Priority: Major
> Attachments: HIVE-22033.2.patch, HIVE-22033.patch
>
>
> Hello, the issue we faced (and a proposal for a fix) in our hive instances is
> depicted at
> [https://github.com/criteo-forks/hive/pull/24]
> Reading the master branch of the project
>
> [https://github.com/apache/hive/blob/master/standalone-metastore/metastore-server/src/main/java/org/apache/hadoop/hive/metastore/security/TokenStoreDelegationTokenSecretManager.java#L147]
> I think the same behavior is replicated there.
> Long story short, *TokenStoreDelegationTokenSecretManager.renewToken*, does
> not update the expiry date of a given token (as it does not get the updated
> DelegationTokenInformation from *super.currentTokens*).
> This makes any call to renewToken ineffective (the expiry date of the token
> is not postponed).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
