Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

hi, kerberos ticket is expiring but still fetch data from hbase

Highlighted

hi, kerberos ticket is expiring but still fetch data from hbase

New Contributor

i have created a userPrincipal in kdc and set its max life 30 seconds using following command:

modprinc -maxlife 30seconds -maxrenewlife 1minutes +allow_renewable testUser/domain@REALM

when i create a ticket for this user in java program, its showing expiration time 30sec with help of sun.security.krb5.debug property, but strangely this user is able to fetch data for more than 30 sec, i tried for 5 minutes at max. Can anyone help me to understand from where that ticket is getting renewed.

The java program which I have written is created a ticket using

UserGroupInformation.loginUserFromKeytabAndReturnUGI(userPrinciPal, keyTab);

and then fetching data from hbase using scan object.

1 REPLY 1

Re: hi, kerberos ticket is expiring but still fetch data from hbase

Hi @priyanshu bindal,

Check your ticket cache to see if it is still valid. The other thing you can do is if you are done with a ticket just use kdestroy to clean up the ticket cache in your script.

[root@chupa1 ~]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: dav@CHUPA.COM

Valid starting     Expires            Service principal

01/03/17 23:46:33  01/04/17 23:46:33  krbtgt/CHUPA.COM@CHUPA.COM

	renew until 01/03/17 23:46:33
Don't have an account?
Coming from Hortonworks? Activate your account here