>> Delegation tokens are serialized into the Job's "credentials" section and >> distributed securely that way. > Ah, that's my problem. Will probably have to update the GeoMesa code > to wok with Jobs rather than Configurations, so that the Credentials > aren't lost.
Hmm, not so easy it seems. My callstack which triggers the exception when the credentials are missing from the Job is this: java.lang.NullPointerException at org.apache.accumulo.core.client.mapreduce.lib.impl.ConfiguratorBase.unwrapAuthenticationToken(ConfiguratorBase.java:493) at org.apache.accumulo.core.client.mapreduce.AbstractInputFormat.validateOptions(AbstractInputFormat.java:390) at org.apache.accumulo.core.client.mapreduce.AbstractInputFormat.getSplits(AbstractInputFormat.java:668) at org.locationtech.geomesa.jobs.mapreduce.GeoMesaAccumuloInputFormat.getSplits(GeoMesaAccumuloInputFormat.scala:174) at org.apache.spark.rdd.NewHadoopRDD.getPartitions(NewHadoopRDD.scala:121) ... Now org.apache.spark.rdd.NewHadoopRDD.getPartitions does this: val jobContext = new JobContextImpl(_conf, jobId) So doesn't seem to support tokens (Jobs) being supplied, just Configurations. I can't call AccumuloInputFormat.setConnectorInfo again since it has already been called, and I presume adding the serialised token to the Configuration would be insecure? Yours in puzzlement, James
