[jira] [Comment Edited] (HDDS-1600) Add userName and IPAddress as part of OMRequest.

Fri, 25 Oct 2019 11:44:18 -0700 


    [ 
https://issues.apache.org/jira/browse/HDDS-1600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16959980#comment-16959980
 ] 

Bharat Viswanadham edited comment on HDDS-1600 at 10/25/19 6:43 PM:
--------------------------------------------------------------------

[~cxorm]

There is a UT in the patch which test UserInfo is set properly or not.

And to test this out you can use it to test NativeAuthorizer enable ACLS and 
test out acls functionality is properly working or not.  Right now only I 
believe the only username is used in acl validation in NativeAuthorizer.

 

Let me tell you the main reason behind this patch validateAndUpdateCache in HA 
runs under GrpcContext, so we will not have UGI object, so we are creating 
UserInfo in preExecute (where we can get UGI object) and use the UserInfo 
during acl validation.


was (Author: bharatviswa):
[~cxorm]

There is a UT in the patch which test UserInfo is set properly or not.

And to test this out you can use it to test NativeAuthorizer enable ACLS and 
test out acls functionality is properly working or not. 

 

Let me tell you the main reason behind this patch validateAndUpdateCache in HA 
runs under GrpcContext, so we will not have UGI object, so we are creating 
UserInfo in preExecute (where we can get UGI object) and use the UserInfo 
during acl validation.

> Add userName and IPAddress as part of OMRequest.
> ------------------------------------------------
>
>                 Key: HDDS-1600
>                 URL: https://issues.apache.org/jira/browse/HDDS-1600
>             Project: Hadoop Distributed Data Store
>          Issue Type: Sub-task
>            Reporter: Bharat Viswanadham
>            Assignee: Bharat Viswanadham
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 0.4.1, 0.5.0
>
>          Time Spent: 5.5h
>  Remaining Estimate: 0h
>
> In OM HA, the actual execution of request happens under GRPC context, so UGI 
> object which we retrieve from ProtobufRpcEngine.Server.getRemoteUser(); will 
> not be available.
> In similar manner ProtobufRpcEngine.Server.getRemoteIp().
>  
> So, during preExecute(which happens under RPC context) extract userName and 
> IPAddress and add it to the OMRequest, and then send the request to ratis 
> server.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to