[
https://issues.apache.org/jira/browse/SENTRY-1265?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sravya Tirukkovalur updated SENTRY-1265:
----------------------------------------
Description: Assuming only TGT needs renewal, we should run the renewThread
in Sentry given that Sentry never is a Kerberos Client to other Kerberos
Services. But one question I have is: While debugging this issue, I see that
Subject.getPrivateCredentials returns a KerberosTicket which also has an end
time (24 hours from start time). Does this mean even privateCredentials need to
be renewed?
> Sentry service should not require a TGT as it is not talking to other
> kerberos services as a client
> ---------------------------------------------------------------------------------------------------
>
> Key: SENTRY-1265
> URL: https://issues.apache.org/jira/browse/SENTRY-1265
> Project: Sentry
> Issue Type: Bug
> Reporter: Sravya Tirukkovalur
>
> Assuming only TGT needs renewal, we should run the renewThread in Sentry
> given that Sentry never is a Kerberos Client to other Kerberos Services. But
> one question I have is: While debugging this issue, I see that
> Subject.getPrivateCredentials returns a KerberosTicket which also has an end
> time (24 hours from start time). Does this mean even privateCredentials need
> to be renewed?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
