[
https://issues.apache.org/jira/browse/OOZIE-3379?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16710117#comment-16710117
]
Andras Piros commented on OOZIE-3379:
-------------------------------------
[~zuston] to address the one remaining FindBugs warning, can you please put
following annotation on the actual method (constructor) level
({{AuthOozieClient.java#L93-100}}):
{code:java}
@SuppressFBWarnings(value = "PATH_TRAVERSAL_IN", justification = "FilenameUtils
is used to filter user input. JDK8+ is used.")
{code}
Can you please also add following {{FilenameUtils#getName()}} call when
creating a new {{File}} given user input like this:
{code:java}
FilenameUtils.getFullPath(System.getProperty("user.home")) +
FilenameUtils.getName(filename)
{code}
> Auth token cache file name should include Oozie URL
> ---------------------------------------------------
>
> Key: OOZIE-3379
> URL: https://issues.apache.org/jira/browse/OOZIE-3379
> Project: Oozie
> Issue Type: Bug
> Components: client
> Affects Versions: 5.0.0
> Reporter: Junfan Zhang
> Assignee: Junfan Zhang
> Priority: Major
> Attachments: oozie-3379-1.patch, oozie-3379-2.patch,
> oozie-3379-3.patch, oozie-3379-4.patch, oozie-3379-5.patch,
> oozie-3379-6.patch, oozie-3379-7.patch
>
>
> We have a program that connects to multiple Oozie clusters with multiple
> {{AuthOozieClient}} instances, which frequently request the KDC server
> because the authentication token cache is invalid.
> After some investigation we found that the auth token cache file is
> incorrectly shared by all {{AuthOozieClient}} instances. Therefore, we
> propose that the auth token cache file name include Oozie URL as postfix.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
