[jira] [Commented] (HADOOP-15954) ABFS: Enable owner and group conversion for MSI and login user using OAuth

Mon, 17 Dec 2018 03:43:58 -0800 


    [ 
https://issues.apache.org/jira/browse/HADOOP-15954?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16722899#comment-16722899
 ] 

Steve Loughran commented on HADOOP-15954:
-----------------------------------------

h3. {{DefaultSPIdentityTransformer.transformAclEntries}}


I don't see this feature being needed at all when !isSecurityEnabled, but on my 
reading of the code it's going to log at error every time initialize() is 
called. This isn't appropriate there.

# only worry about name extraction when running secure
# Log @ warn

I'd worry about the logs being full of these error messages in any long-lived 
service,
Spark, Hive LLAP, where FS instances are not just created, they are destroyed 
afte work is done (especially LLAP). Is there a way to minimise the logging?


h3. {{getShortName}}

Is the case conversion going to work in all locales, or should the locale for 
the toLowerCase() call be set to LOCALE_EN? I ask as I don't know how 
AD/kerberos realms
with I in their name get converted in Turkey, but I suspect it's not what you 
want
across a global system.

Elsewhere (/HADOOP-15996) we're looking at how to handle more complex names,
e.g. cross realm problems and users who have an @ in their short name.
Is this code going to handle that? As a plug-in mechanism is underway, 
getting involved in that/designing the code for it (how?) is wise.


+ general, minor: Use the size of the incoming list to set the size of the 
output ArrayList; saves reallocation & GC


> ABFS: Enable owner and group conversion for MSI and login user using OAuth
> --------------------------------------------------------------------------
>
>                 Key: HADOOP-15954
>                 URL: https://issues.apache.org/jira/browse/HADOOP-15954
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: fs/azure
>    Affects Versions: 3.2.0
>            Reporter: junhua gu
>            Assignee: Da Zhou
>            Priority: Major
>         Attachments: HADOOP-15954-001.patch, HADOOP-15954-002.patch, 
> HADOOP-15954-003.patch, HADOOP-15954-004.patch, HADOOP-15954-005.patch, 
> HADOOP-15954-006.patch
>
>
> Add support for overwriting owner and group in set/get operations to be the 
> service principal id when OAuth is used. Add support for upn short name 
> format.
>  
> Add Standard Transformer for SharedKey / Service 
> Add interface provides an extensible model for customizing the acquisition of 
> Identity Transformer.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to