[ https://issues.apache.org/jira/browse/HADOOP-6545?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Devaraj Das updated HADOOP-6545: -------------------------------- Attachment: 6545-bp20.patch The backport for Y20. Not for commit here. > Cached FileSystem objects can lead to wrong token being used in setting up > connections > -------------------------------------------------------------------------------------- > > Key: HADOOP-6545 > URL: https://issues.apache.org/jira/browse/HADOOP-6545 > Project: Hadoop Common > Issue Type: Bug > Components: security > Affects Versions: 0.22.0 > Reporter: Devaraj Das > Assignee: Devaraj Das > Fix For: 0.22.0 > > Attachments: 6545-1.patch, 6545-2.patch, 6545-bp20.patch > > > The FileSystem class caches the filesystem objects that it creates for users. > For some cases, e.g., if the filesystem object is actually a > DistributedFileSystem, it also has an associated RPC client and hence an UGI > for the respective user. This could lead to issues to do with using the right > credentials when connecting with the namenode. The credentials in the UGI is > never updated (even if the user in question now has new credentials) and in > case the cached UGI's credentials have expired, this would lead to > authentication error whenever there is a re-authentication (in the process of > re-establishing connection to the namenode). -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.