You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Issue #3427 reported a change in behavior of the shell, where the shell will not fail if started using invalid credentials. This is due to a change in AccumuloClient not performing the fast-failure that Connector used to (an intentional choice).
To restore expected behavior in the shell, the AccumuloClient should authenticate the current user every time a new AccumuloClient is constructed. This occurs when starting the shell initially, as well as when switching to another user.
The text was updated successfully, but these errors were encountered:
To authenticate the client, it should just be a simple matter of calling client.securityOperations().authenticate(username, token) immediately after it is constructed. However, this is made slightly complicated by the fact that the AccumuloClient can be constructed using the client config file. You can call .whoami() to get the username, but I'm not sure if there's an easy way to get the AuthenticationToken parameter that authenticate(username, token) requires.
A user also reported that when the shell is idle for too long, and it asks to re-authenticate, it doesn't matter what you enter, and it will still work. That is related to this issue. It should also authenticate the client object when that happens as well as startup and switching users.
There's a challenge that the credentials could be in the client config file, too. So, re-authenticating by asking the user to re-enter things, doesn't necessarily make sense... they might not know the credentials if it's sourced somewhere in the environment. So, we need to make sure that the re-authentication is working correctly for those cases, as well, and we're not pointlessly prompting.
Issue #3427 reported a change in behavior of the shell, where the shell will not fail if started using invalid credentials. This is due to a change in AccumuloClient not performing the fast-failure that Connector used to (an intentional choice).
To restore expected behavior in the shell, the AccumuloClient should authenticate the current user every time a new AccumuloClient is constructed. This occurs when starting the shell initially, as well as when switching to another user.
The text was updated successfully, but these errors were encountered: