Hi, According to the 'Hadoop - The Definitive Guide'
> In a distributed system like HDFS or MapReduce, there are many client-server interactions, each of which must be authenticated. For example, an HDFS read operation will involve multiple calls to the namenode and calls to one or more datanodes. Instead of using the three-step Kerberos ticket exchange protocol to authenticate each call, which would present a high load on the KDC on a busy cluster, Hadoop uses delegation tokens to allow later authenticated access without having to contact the KDC again. Once the authentication is established between the client and the NameNode, there is no need to contact the KDC (Key Distribution Center) till the ticket expires for any NameNode queries. So, I don't see how delegation tokens will lower the burden on the KDC by having to contact the KDC fewer times. Could someone please explain me how delegation tokens help? Praveen