You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-dev@hadoop.apache.org by "Steve Loughran (Jira)" <ji...@apache.org> on 2023/02/07 17:07:00 UTC

[jira] [Created] (HADOOP-18623) S3A delegation token implementations to be able to update tokens from the user credentials

Steve Loughran created HADOOP-18623:
---------------------------------------

             Summary: S3A delegation token implementations to be able to update tokens from the user credentials
                 Key: HADOOP-18623
                 URL: https://issues.apache.org/jira/browse/HADOOP-18623
             Project: Hadoop Common
          Issue Type: New Feature
          Components: fs/s3
    Affects Versions: 3.3.5
            Reporter: Steve Loughran



Spark never renews tokens, instead it can create new ones and attach them to the current users credentials.

This means long-running S3A instances which can pick up new tokens/credentials need a way to look for new tokens in the credential chain.

Proposed
* class AbstractDelegationTokenBinding adds a CallableRaisingIOE field which can be updated with a callback
* S3ADelegationTokens to add method boolean maybeUpdateTokenFromOwner() to look for any new token and switch to it if new
* S3ADelegationTokens serviceInit() to pass the method down to the instantiated DT binding as the callback

It is up to the token binding implementation to decide what to do about it; the standard implementations will do: nothing. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-dev-help@hadoop.apache.org