Hello, I am using Knox in order to secure a Hadoop cluster.
More specifically, I have created a webpage where the user is able to login and submit an application which has to read and write from the HDFS. The application is not executed using spark or yarn and only gets data from hdfs and puts back the results. The user logins to my app using a jwt token obtained from an external SSO provider (e.g. keycloak). So when the user clicks the submit button I am able to read data from HDFS using the user's token. However, the application takes about 8 hours to finish, so by that time the user has logged out, thus making me unable to refresh the token and therefore write back to the HDFS using the user's token. In addition, there is no option to impersonate the user or have admin credentials to generate a new token for the user. So my question is, is there any way to securely write back the results of the application to the HDFS after the user's token has expired? Thanks in advance for your time!
