slfan1989 commented on PR #5443: URL: https://github.com/apache/hadoop/pull/5443#issuecomment-1450205098
@krishan1390 Thank you very much for your contribution, I will take time to look at this pr. I took a quick look at your description. > allKeys needs to be consistently updated across all router instances Multiple Routers will share and store the Delegation token, there is no updated across all router instances. > DB update exceptions are swallowed & returned as a success if just in memory variables are updated MemeoryStateStore is only used for verification and should not be used for production. SQLServerFederationStateStore will not swallow exceptions, and the client cannot complete verification with the old token. > Purging Delegation Token / Master key on expiry assumes all tokens are available in memory We only cache tokens in MemeoryStateStore, but MemeoryStateStore is not a distributed storage and can only be used for test verification. It is recommended to use ZKFederationStateStore Or SQLServerFederationStateStore. > APIs like get all tokens return only in memory data which is incorrect. getAllToken is only used for test verification. Sorry, I have been busy recently, I will add a design document, DB storage Delegation Token, I refer to the design of Hive storage Delegation Token, this is a stable capability. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
