diff --git a/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java b/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
index a876a88ac8a..22be494e726 100644
--- a/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
+++ b/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
@@ -37,8 +37,13 @@ import org.mockito.Mockito;
 import org.mockito.invocation.InvocationOnMock;
 import org.mockito.stubbing.Answer;
 
+import static org.hamcrest.CoreMatchers.not;
+import static org.junit.Assert.assertThat;
+
 public class TestAuthenticationFilter {
 
+  private static final long TOKEN_VALIDITY_SEC = 1000;
+
   @Test
   public void testGetConfiguration() throws Exception {
     AuthenticationFilter filter = new AuthenticationFilter();
@@ -123,7 +128,7 @@ public class TestAuthenticationFilter {
       String param = request.getParameter("authenticated");
       if (param != null && param.equals("true")) {
         token = new AuthenticationToken("u", "p", "t");
-        token.setExpires((expired) ? 0 : System.currentTimeMillis() + 1000);
+        token.setExpires((expired) ? 0 : System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
       } else {
         response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
       }
@@ -139,7 +144,8 @@ public class TestAuthenticationFilter {
     try {
       FilterConfig config = Mockito.mock(FilterConfig.class);
       Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn("simple");
-      Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TOKEN_VALIDITY)).thenReturn("1000");
+      Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TOKEN_VALIDITY)).thenReturn(
+          (new Long(TOKEN_VALIDITY_SEC)).toString());
       Mockito.when(config.getInitParameterNames()).thenReturn(
         new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
                                  AuthenticationFilter.AUTH_TOKEN_VALIDITY)).elements());
@@ -148,7 +154,7 @@ public class TestAuthenticationFilter {
       Assert.assertTrue(filter.isRandomSecret());
       Assert.assertNull(filter.getCookieDomain());
       Assert.assertNull(filter.getCookiePath());
-      Assert.assertEquals(1000, filter.getValidity());
+      Assert.assertEquals(TOKEN_VALIDITY_SEC, filter.getValidity());
     } finally {
       filter.destroy();
     }
@@ -265,7 +271,7 @@ public class TestAuthenticationFilter {
       filter.init(config);
 
       AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
-      token.setExpires(System.currentTimeMillis() + 1000);
+      token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
       Signer signer = new Signer("secret".getBytes());
       String tokenSigned = signer.sign(token.toString());
 
@@ -298,7 +304,7 @@ public class TestAuthenticationFilter {
       filter.init(config);
 
       AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
-      token.setExpires(System.currentTimeMillis() - 1000);
+      token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC);
       Signer signer = new Signer("secret".getBytes());
       String tokenSigned = signer.sign(token.toString());
 
@@ -337,7 +343,7 @@ public class TestAuthenticationFilter {
       filter.init(config);
 
       AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
-      token.setExpires(System.currentTimeMillis() + 1000);
+      token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
       Signer signer = new Signer("secret".getBytes());
       String tokenSigned = signer.sign(token.toString());
 
@@ -410,7 +416,7 @@ public class TestAuthenticationFilter {
     Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE))
             .thenReturn(DummyAuthenticationHandler.class.getName());
     Mockito.when(config.getInitParameter(AuthenticationFilter
-            .AUTH_TOKEN_VALIDITY)).thenReturn("1000");
+            .AUTH_TOKEN_VALIDITY)).thenReturn(new Long(TOKEN_VALIDITY_SEC).toString());
     Mockito.when(config.getInitParameter(AuthenticationFilter
             .SIGNATURE_SECRET)).thenReturn("secret");
     Mockito.when(config.getInitParameterNames()).thenReturn(new
@@ -474,8 +480,7 @@ public class TestAuthenticationFilter {
         Signer signer = new Signer("secret".getBytes());
         String value = signer.verifyAndExtract(v);
         AuthenticationToken token = AuthenticationToken.parse(value);
-        Assert.assertEquals(System.currentTimeMillis() + 1000 * 1000,
-                     token.getExpires(), 100);
+        assertThat(token.getExpires(), not(0L));
 
         if (withDomainPath) {
           Assert.assertEquals(".foo.com", cookieMap.get("Domain"));
@@ -549,7 +554,7 @@ public class TestAuthenticationFilter {
       Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));
 
       AuthenticationToken token = new AuthenticationToken("u", "p", "t");
-      token.setExpires(System.currentTimeMillis() + 1000);
+      token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
       Signer signer = new Signer("secret".getBytes());
       String tokenSigned = signer.sign(token.toString());
 
@@ -599,7 +604,7 @@ public class TestAuthenticationFilter {
       Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));
 
       AuthenticationToken token = new AuthenticationToken("u", "p", DummyAuthenticationHandler.TYPE);
-      token.setExpires(System.currentTimeMillis() - 1000);
+      token.setExpires(System.currentTimeMillis() - TOKEN_VALIDITY_SEC);
       Signer signer = new Signer("secret".getBytes());
       String tokenSigned = signer.sign(token.toString());
 
@@ -661,7 +666,7 @@ public class TestAuthenticationFilter {
       Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));
 
       AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
-      token.setExpires(System.currentTimeMillis() + 1000);
+      token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
       Signer signer = new Signer("secret".getBytes());
       String tokenSigned = signer.sign(token.toString());
 
@@ -708,7 +713,7 @@ public class TestAuthenticationFilter {
       Mockito.reset(response);
 
       AuthenticationToken token = new AuthenticationToken("u", "p", "t");
-      token.setExpires(System.currentTimeMillis() + 1000);
+      token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
       Signer signer = new Signer("secret".getBytes());
       String tokenSigned = signer.sign(token.toString());
       Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt b/hadoop-common-project/hadoop-common/CHANGES.txt
index df5c549c599..bc11432ae3b 100644
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@@ -415,6 +415,8 @@ Release 2.4.0 - UNRELEASED
 
     HADOOP-10395. TestCallQueueManager is flaky. (Arpit Agarwal)
 
+    HADOOP-10394. TestAuthenticationFilter is flaky. (Arpit Agarwal)
+
   BREAKDOWN OF HADOOP-10184 SUBTASKS AND RELATED JIRAS
 
     HADOOP-10185. FileSystem API for ACLs. (cnauroth)