Hey everyone, I was working with UserGroupInformation Class and Kerberos. Is there a proper example how to renew the Kerkebros Ticket from a keytab ?
For Example: assuming that I have the jaas.config set in the jvm I do: UserGroupInformation loginUser = UserGroupInformation.getLoginUser(); This will login the user but not using a keytab. Using this code it will login with Kerberos: UserGroupInformation.setConfiguration(conf); Krb5LoginModule context = new Krb5LoginModule(); Subject subject = new Subject(); javax.security.auth.login.Configuration jconf = javax.security.auth.login.Configuration.getConfiguration(); AppConfigurationEntry entries[] = jconf.getAppConfigurationEntry("Client"); context.initialize(subject,null, new HashMap<String, String>(),entries[0].getOptions()); context.login(); context.commit(); UserGroupInformation.loginUserFromSubject(subject); How Do I make sure that my Keytab get’s renewed ? I think Hadoop Libraries should take of this. I can count a lot of projects implementing their own TicketRewener… Any suggestions here ? Thanks Jorge Machado