This is an automated email from the ASF dual-hosted git repository.
adoroszlai pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ozone.git
The following commit(s) were added to refs/heads/master by this push:
new d0ad8362f6 HDDS-11472. Avoid recreating external access authorizer on
OM state reload (#7238)
d0ad8362f6 is described below
commit d0ad8362f690e0e13b39fbe94d9445e2f0549281
Author: Abhishek Pal <[email protected]>
AuthorDate: Mon Sep 30 21:23:16 2024 +0530
HDDS-11472. Avoid recreating external access authorizer on OM state reload
(#7238)
---
.../apache/hadoop/ozone/security/acl/OzoneAccessAuthorizer.java | 9 +++++++--
.../src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java | 8 +++++++-
2 files changed, 14 insertions(+), 3 deletions(-)
diff --git
a/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/acl/OzoneAccessAuthorizer.java
b/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/acl/OzoneAccessAuthorizer.java
index 1f105a03ad..abd4cd6f6d 100644
---
a/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/acl/OzoneAccessAuthorizer.java
+++
b/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/acl/OzoneAccessAuthorizer.java
@@ -1,4 +1,4 @@
-/**
+/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with this
* work for additional information regarding copyright ownership. The ASF
@@ -19,7 +19,7 @@ package org.apache.hadoop.ozone.security.acl;
import org.apache.hadoop.ozone.om.exceptions.OMException;
/**
- * Default implementation for {@link IAccessAuthorizer}.
+ * No-op implementation for {@link IAccessAuthorizer}, allows everything.
* */
public class OzoneAccessAuthorizer implements IAccessAuthorizer {
@@ -35,4 +35,9 @@ public class OzoneAccessAuthorizer implements
IAccessAuthorizer {
throws OMException {
return true;
}
+
+ @Override
+ public boolean isNative() {
+ return true;
+ }
}
diff --git
a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
index c432230917..e2acafdd24 100644
---
a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
+++
b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
@@ -866,7 +866,13 @@ public final class OzoneManager extends
ServiceRuntimeInfoImpl
prefixManager = new PrefixManagerImpl(this, metadataManager,
isRatisEnabled);
keyManager = new KeyManagerImpl(this, scmClient, configuration,
perfMetrics);
- accessAuthorizer = OzoneAuthorizerFactory.forOM(this);
+ // If authorizer is not initialized or the authorizer is Native
+ // re-initialize the authorizer, else for non-native authorizer
+ // like ranger we can reuse previous value if it is initialized
+ if (null == accessAuthorizer || accessAuthorizer.isNative()) {
+ accessAuthorizer = OzoneAuthorizerFactory.forOM(this);
+ }
+
omMetadataReader = new OmMetadataReader(keyManager, prefixManager,
this, LOG, AUDIT, metrics, accessAuthorizer);
// Active DB's OmMetadataReader instance does not need to be reference
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
