You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-dev@hadoop.apache.org by "Xiao Chen (JIRA)" <ji...@apache.org> on 2017/06/10 03:39:18 UTC
[jira] [Resolved] (HADOOP-14497) Logs for KMS delegation token
lifecycle
[ https://issues.apache.org/jira/browse/HADOOP-14497?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Xiao Chen resolved HADOOP-14497.
--------------------------------
Resolution: Done
Fix Version/s: 3.0.0-alpha4
2.9.0
All sub-tasks are done and the items mentioned in the description is complete. Specifically:
#1 is improved by subtask 4
#4 is added by subtask 2
#2 and #3 already exists.
So I'm closing this jira as done. Thank you for reporting, [~yzhangal], and feel free to reopen of comment if you think there's anything else we should do here!
> Logs for KMS delegation token lifecycle
> ---------------------------------------
>
> Key: HADOOP-14497
> URL: https://issues.apache.org/jira/browse/HADOOP-14497
> Project: Hadoop Common
> Issue Type: Improvement
> Reporter: Yongjun Zhang
> Assignee: Xiao Chen
> Fix For: 2.9.0, 3.0.0-alpha4
>
>
> We run into quite some customer cases about authentication failures related to KMS delegation token. It would be nice to see a log for each stage of the token:
> 1. creation
> 2. renewal
> 3. removal upon cancel
> 4. remove upon expiration
> So that when we correlate the logs for the same DT, we can have a good picture about what's going on, and what could have caused the authentication failure.
> The same is applicable to other delegation tokens.
> NOTE: When log info about delagation token, we don't want leak user's secret info.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-dev-help@hadoop.apache.org