[jira] [Commented] (APEXCORE-460) Token refresh mechanism not considering keytab specified in command line

Thu, 19 May 2016 14:02:59 -0700 

    [ 
https://issues.apache.org/jira/browse/APEXCORE-460?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15292128#comment-15292128
 ] 

ASF GitHub Bot commented on APEXCORE-460:
-----------------------------------------

Github user PramodSSImmaneni commented on a diff in the pull request:

    https://github.com/apache/incubator-apex-core/pull/337#discussion_r63954030
  
    --- Diff: 
engine/src/main/java/com/datatorrent/stram/client/StramAppLauncher.java ---
    @@ -577,17 +604,9 @@ public ApplicationId launchApp(AppFactory appConfig) 
throws Exception
         dag.setAttribute(LogicalPlan.HDFS_TOKEN_LIFE_TIME, 
hdfsTokenMaxLifeTime);
         long rmTokenMaxLifeTime = 
conf.getLong(StramClientUtils.DT_RM_TOKEN_MAX_LIFE_TIME, 
conf.getLong(YarnConfiguration.DELEGATION_TOKEN_MAX_LIFETIME_KEY, 
YarnConfiguration.DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT));
         dag.setAttribute(LogicalPlan.RM_TOKEN_LIFE_TIME, rmTokenMaxLifeTime);
    -    if (conf.get(StramClientUtils.KEY_TAB_FILE) != null) {
    -      dag.setAttribute(LogicalPlan.KEY_TAB_FILE, 
conf.get(StramClientUtils.KEY_TAB_FILE));
    -    } else if (conf.get(StramUserLogin.DT_AUTH_KEYTAB) != null) {
    -      Path localKeyTabPath = new 
Path(conf.get(StramUserLogin.DT_AUTH_KEYTAB));
    -      try (FileSystem fs = StramClientUtils.newFileSystemInstance(conf)) {
    -        Path destPath = new Path(StramClientUtils.getDTDFSRootDir(fs, 
conf), localKeyTabPath.getName());
    -        if (!fs.exists(destPath)) {
    -          fs.copyFromLocalFile(false, false, localKeyTabPath, destPath);
    -        }
    -        dag.setAttribute(LogicalPlan.KEY_TAB_FILE, destPath.toString());
    -      }
    +    // TODO:- Need to see if other token refresh attributes are needed if 
security is not enabled
    +    if (UserGroupInformation.isSecurityEnabled()) {
    +      setTokenRefreshKeytab(dag, conf);
    --- End diff --
    
    Also change is that it checks if the command line keytab from 
StramUserLogin.getKeytab() is available


> Token refresh mechanism not considering keytab specified in command line
> ------------------------------------------------------------------------
>
>                 Key: APEXCORE-460
>                 URL: https://issues.apache.org/jira/browse/APEXCORE-460
>             Project: Apache Apex Core
>          Issue Type: Bug
>    Affects Versions: 3.4.0
>            Reporter: Pramod Immaneni
>            Assignee: Pramod Immaneni
>
> When a separate keytab isn't specified for token refresh then the keytab 
> specified by dt.authentication.keytab property is used, however the keytab 
> passed in from command line isn't considered. It needs to be considered 
> before the looking at the property.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to