You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hive.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2022/09/09 00:18:00 UTC
[jira] [Work logged] (HIVE-22033) HiveServer2: fix delegation token renewal
[ https://issues.apache.org/jira/browse/HIVE-22033?focusedWorklogId=807231&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-807231 ]
ASF GitHub Bot logged work on HIVE-22033:
-----------------------------------------
Author: ASF GitHub Bot
Created on: 09/Sep/22 00:17
Start Date: 09/Sep/22 00:17
Worklog Time Spent: 10m
Work Description: pavibhai opened a new pull request, #3587:
URL: https://github.com/apache/hive/pull/3587
### What changes were proposed in this pull request?
Backport of HIVE-22033 and HIVE-26522 to branch-3.1
### Why are the changes needed?
To support delegation token renewal in 3.1 release
### Does this PR introduce _any_ user-facing change?
No
### How was this patch tested?
Unit test added
Issue Time Tracking
-------------------
Worklog Id: (was: 807231)
Remaining Estimate: 0h
Time Spent: 10m
> HiveServer2: fix delegation token renewal
> -----------------------------------------
>
> Key: HIVE-22033
> URL: https://issues.apache.org/jira/browse/HIVE-22033
> Project: Hive
> Issue Type: Bug
> Affects Versions: 2.3.5
> Reporter: Ion Alberdi
> Assignee: Ion Alberdi
> Priority: Major
> Fix For: 4.0.0, 4.0.0-alpha-1
>
> Attachments: HIVE-22033.2.patch, HIVE-22033.patch
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Hello, the issue we faced (and a proposal for a fix) in our hive instances is depicted at
> [https://github.com/criteo-forks/hive/pull/24]
> Reading the master branch of the project
> [https://github.com/apache/hive/blob/master/standalone-metastore/metastore-server/src/main/java/org/apache/hadoop/hive/metastore/security/TokenStoreDelegationTokenSecretManager.java#L147]
> I think the same behavior is replicated there.
> Long story short, *TokenStoreDelegationTokenSecretManager.renewToken*, does not update the expiry date of a given token (as it does not get the updated DelegationTokenInformation from *super.currentTokens*).
> This makes any call to renewToken ineffective (the expiry date of the token is not postponed).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)