The_Loeki

Bug/Feature improvement req: SSO not picking up credentials cache on most Linux'es

Discussion created by The_Loeki on Nov 19, 2007
Latest reply on Nov 20, 2007 by slushpupie

 

Spark, by the graces of Sun's Kerberos plugins, will not pick up on the credentials cache on most Linux'es and possibly on all.

 

 

It'll error out, stating it can't find the principal name.

 

 

On a default Linux client which PAM-authenticated against a MIT Kerberos library, the created credentials cache isn't /tmp/krb5cc_

  • , but */tmp/krb5cc_
_{bunch of randoms}. The name of it is then written into the KRB5CCNAME variable.

 

 

 

There's a few possible ways around this:

 

  • I suggest Spark try to pick up this variable and use it's contents to correctly define the credentials' cache location.
         It is this I would kindly request be added as an issue in the tracker.

  • A quick hacky workaround would be to symlink $KRB5CCNAME to an expected location in the Spark script before Spark gets started.

 

Outcomes