Provide renewable tokens

[tionebsalocin]

Hello,

Tokens issued by this plugin are not renewable.
I see that it is by design but I would like to have a second thought on this.
For long-running applications, it would be much more effective to be able to renew vault tokens than going through the whole authentication process at every expiration.
Don't you think it would be a nice feature to be able to enable renewability?

[pmv]

I second this request. Java developers should be able to use spring-cloud-vault's lease lifecycle management (https://cloud.spring.io/spring-cloud-vault/multi/multi_vault-lease-renewal.html) to automatically handle token renewal / re-authentication. This feature does not currently work with Kerberos since the token is marked as not renewable.

In our environment, I am able to authenticate to vault with LDAP or Kerberos. If I authenticate with LDAP, I get a renewable token and the spring functionality works. If I authenticate with Kerberos, I'll get a non-renewable token and it is broken.

[fairclothjm]

Thank you for submitting this request! For others who are interested in this, please stick a 👍 on this issue. We’re currently developing an internal process to review and prioritize feature requests.