[ https://issues.apache.org/jira/browse/KUDU-2379?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Todd Lipcon updated KUDU-2379: ------------------------------ Status: In Review (was: Open) > Spark generates a broken authentication credentials PB > ------------------------------------------------------ > > Key: KUDU-2379 > URL: https://issues.apache.org/jira/browse/KUDU-2379 > Project: Kudu > Issue Type: Bug > Components: java, spark > Affects Versions: 1.7.0 > Reporter: Todd Lipcon > Assignee: Todd Lipcon > Priority: Blocker > > KUDU-2259 introduced a regression which causes Spark to not work properly on > secure clusters. The issue is the following: > - the driver calls exportAuthenticationCredentials() > -- the client hasn't yet talked to the master, so it doesn't have any > credentials yet, despite having a keytab available > -- the code is as follows: > {code} > byte[] authnData = securityContext.exportAuthenticationCredentials(); > if (authnData != null) { > return Deferred.fromResult(authnData); > } > {code} > -- previously, authnData would be null in this case, and it would fall > through to connect to the cluster and then export a proper token. > -- with the new implementation, an authnData is returned which is devoid of > real credentials but contains a realUser. So, it's non-null, and it gets > returned immediately > - the tasks then get credentials with no tokens and can't connect -- This message was sent by Atlassian JIRA (v7.6.3#76005)