[ https://issues.apache.org/jira/browse/HADOOP-9567?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16590932#comment-16590932 ]
Hrishikesh Gadre commented on HADOOP-9567: ------------------------------------------ [~ghelmling] Are you planning to work on this jira? If not, I would like to assign it to myself. I have attached a patch against trunk (File: HADOOP-9567-001.patch) using your patch as a reference. This patch implements * A property to enable/disable auto-renewal for keytab based logins. By default the auto renewal is disabled for backwards compatibility. * Changed the implementation to use ExecutorService (instead of Thread) so as to facilitate the shutdown when the user logs out. * The current implementation for ticket cache based renewal spawns the thread as part of the getLoginUser() API in UGI class. This doesn't work for keytab based logins since loginUser reference is already initialized as part of the earlier invocation of loginByKeytab API. Hence for keytab based logins, the logic to spawn auto-renewal thread is implemented in loginByKeytab API. * New unit tests are added for this functionality as well as updated existing tests whenever necessary. [~daryn] could you please review this patch as you have made changes in this area recently ? > Provide auto-renewal for keytab based logins > -------------------------------------------- > > Key: HADOOP-9567 > URL: https://issues.apache.org/jira/browse/HADOOP-9567 > Project: Hadoop Common > Issue Type: Improvement > Components: security > Affects Versions: 2.0.0-alpha > Reporter: Harsh J > Assignee: Gary Helmling > Priority: Minor > Attachments: HADOOP-9567-001.patch, HADOOP-9567.branch-2.7.001.patch > > > We do a renewal for cached tickets (obtained via kinit before using a Hadoop > application) but we explicitly seem to avoid doing a renewal for keytab based > logins (done from within the client code) when we could do that as well via a > similar thread. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org