[
https://issues.apache.org/jira/browse/HADOOP-6545?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Devaraj Das updated HADOOP-6545:
--------------------------------
Assignee: Devaraj Das
Status: Patch Available (was: Open)
Oh I changed the toString in FileSystem.Cache.Key to have UGI.toString within
braces. This is because UGI's toString could be "effective-user via real-user",
and i wanted to associate the two together via the braces..
> Cached FileSystem objects can lead to wrong token being used in setting up
> connections
> --------------------------------------------------------------------------------------
>
> Key: HADOOP-6545
> URL: https://issues.apache.org/jira/browse/HADOOP-6545
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Affects Versions: 0.22.0
> Reporter: Devaraj Das
> Assignee: Devaraj Das
> Fix For: 0.22.0
>
> Attachments: 6545-1.patch
>
>
> The FileSystem class caches the filesystem objects that it creates for users.
> For some cases, e.g., if the filesystem object is actually a
> DistributedFileSystem, it also has an associated RPC client and hence an UGI
> for the respective user. This could lead to issues to do with using the right
> credentials when connecting with the namenode. The credentials in the UGI is
> never updated (even if the user in question now has new credentials) and in
> case the cached UGI's credentials have expired, this would lead to
> authentication error whenever there is a re-authentication (in the process of
> re-establishing connection to the namenode).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
