I thought that it is normal because there is no description what is right Kerberos use in Hadoop applications.
However I found some rare articles where authors said Java has never supported Kerberos protocols except build-in authentication. So it is impossbile to use Java native module as optimized for Windows and Unix servers.
There was information that all existed Kerberos protocols work with own GSS libraries like SSPI in Windows environment and MIT Kerberos in Unix environment.
Unsupported Java native module always stuck in the caching because it cannot write tickets to cache and it tries to autheticate any new thread so it ignores on TGT and TGS is valid.
it means DDoS because KDC cannot serve too many of hdfs connections and it is risky to be down.
hadoop threads by one user generates many of re-logins.
It looks like stupid because when we login to Windows we do not inter password every time for any operation or service because it is SSO standard only to do it once and we work with service using service ticket in LSA cache.