Hi, Checking if you had come across the same problem while implementing security in Hadoop specifically auto ticket renewal.
I am using a Key tab file with the below JAAS configuration. com.sun.security.auth.module.Krb5LoginModule required useKeyTab = true useTicketCache = true keyTab="xyz.keytab" storeKey=true principal="user/xyz.com" The configuration works only if the Kinit is called before hand and the ticket is present in the cache. I am checking a condition for renewable ticket using JAAS API and it works. Now if I modify the JAAS configuration not to use ticket cache i.e., by setting the useTicketCache = false then without calling Kinit and just using the keyTab is failing to set the renewable flag although I am able to get the ticket authenticated from the kerberos using JAAS API. Below is the JAAS configuration. com.sun.security.auth.module.Krb5LoginModule required useKeyTab = true useTicketCache = false keyTab="xyz.keytab" storeKey=true principal="user/xyz.com" Please let me know how do we use keytab in JAAS API bypassing kinit command and the renewable ticket flag is set. Thanks, Raghav
