subject:"\[jira\] \[Updated\] \(KUDU\-2379\) Spark generates a broken authentication credentials PB"

[jira] [Updated] (KUDU-2379) Spark generates a broken authentication credentials PB

2018-03-26 Thread Todd Lipcon (JIRA)


 [ 
https://issues.apache.org/jira/browse/KUDU-2379?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Todd Lipcon updated KUDU-2379:
--
Status: In Review  (was: Open)

> Spark generates a broken authentication credentials PB
> --
>
> Key: KUDU-2379
> URL: https://issues.apache.org/jira/browse/KUDU-2379
> Project: Kudu
>  Issue Type: Bug
>  Components: java, spark
>Affects Versions: 1.7.0
>Reporter: Todd Lipcon
>Assignee: Todd Lipcon
>Priority: Blocker
>
> KUDU-2259 introduced a regression which causes Spark to not work properly on 
> secure clusters. The issue is the following:
> - the driver calls exportAuthenticationCredentials()
> -- the client hasn't yet talked to the master, so it doesn't have any 
> credentials yet, despite having a keytab available
> -- the code is as follows:
> {code}
> byte[] authnData = securityContext.exportAuthenticationCredentials();
> if (authnData != null) {
>   return Deferred.fromResult(authnData);
> }
> {code}
> -- previously, authnData would be null in this case, and it would fall 
> through to connect to the cluster and then export a proper token.
> -- with the new implementation, an authnData is returned which is devoid of 
> real credentials but contains a realUser. So, it's non-null, and it gets 
> returned immediately
> - the tasks then get credentials with no tokens and can't connect



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (KUDU-2379) Spark generates a broken authentication credentials PB

2018-03-26 Thread Todd Lipcon (JIRA)


 [ 
https://issues.apache.org/jira/browse/KUDU-2379?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Todd Lipcon updated KUDU-2379:
--
Code Review: https://gerrit.cloudera.org/#/c/9814/

> Spark generates a broken authentication credentials PB
> --
>
> Key: KUDU-2379
> URL: https://issues.apache.org/jira/browse/KUDU-2379
> Project: Kudu
>  Issue Type: Bug
>  Components: java, spark
>Affects Versions: 1.7.0
>Reporter: Todd Lipcon
>Assignee: Todd Lipcon
>Priority: Blocker
>
> KUDU-2259 introduced a regression which causes Spark to not work properly on 
> secure clusters. The issue is the following:
> - the driver calls exportAuthenticationCredentials()
> -- the client hasn't yet talked to the master, so it doesn't have any 
> credentials yet, despite having a keytab available
> -- the code is as follows:
> {code}
> byte[] authnData = securityContext.exportAuthenticationCredentials();
> if (authnData != null) {
>   return Deferred.fromResult(authnData);
> }
> {code}
> -- previously, authnData would be null in this case, and it would fall 
> through to connect to the cluster and then export a proper token.
> -- with the new implementation, an authnData is returned which is devoid of 
> real credentials but contains a realUser. So, it's non-null, and it gets 
> returned immediately
> - the tasks then get credentials with no tokens and can't connect



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (KUDU-2379) Spark generates a broken authentication credentials PB

2018-03-28 Thread Todd Lipcon (JIRA)


 [ 
https://issues.apache.org/jira/browse/KUDU-2379?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Todd Lipcon updated KUDU-2379:
--
   Resolution: Fixed
Fix Version/s: 1.7.1
   1.8.0
   Status: Resolved  (was: In Review)

> Spark generates a broken authentication credentials PB
> --
>
> Key: KUDU-2379
> URL: https://issues.apache.org/jira/browse/KUDU-2379
> Project: Kudu
>  Issue Type: Bug
>  Components: java, spark
>Affects Versions: 1.7.0
>Reporter: Todd Lipcon
>Assignee: Todd Lipcon
>Priority: Blocker
> Fix For: 1.8.0, 1.7.1
>
>
> KUDU-2259 introduced a regression which causes Spark to not work properly on 
> secure clusters. The issue is the following:
> - the driver calls exportAuthenticationCredentials()
> -- the client hasn't yet talked to the master, so it doesn't have any 
> credentials yet, despite having a keytab available
> -- the code is as follows:
> {code}
> byte[] authnData = securityContext.exportAuthenticationCredentials();
> if (authnData != null) {
>   return Deferred.fromResult(authnData);
> }
> {code}
> -- previously, authnData would be null in this case, and it would fall 
> through to connect to the cluster and then export a proper token.
> -- with the new implementation, an authnData is returned which is devoid of 
> real credentials but contains a realUser. So, it's non-null, and it gets 
> returned immediately
> - the tasks then get credentials with no tokens and can't connect



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (KUDU-2379) Spark generates a broken authentication credentials PB

[jira] [Updated] (KUDU-2379) Spark generates a broken authentication credentials PB

[jira] [Updated] (KUDU-2379) Spark generates a broken authentication credentials PB

3 matches

Site Navigation

Mail list logo

Footer information