[jira] [Commented] (HDDS-3429) Enable TestSecureOzoneRpcClient#testKeyOpFailureWithoutBlockToken

Sun, 14 Mar 2021 08:38:05 -0700 


    [ 
https://issues.apache.org/jira/browse/HDDS-3429?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17301175#comment-17301175
 ] 

Janus Chow commented on HDDS-3429:
----------------------------------

After checking the implementation of Block Token, I found that the token set in 
UGI doesn't work since the token is always created and used on server-side, the 
token set in UGI by clients is not used at all.

In TestSecureOzoneRpcClient, the original test also passes with the following 
lines removed.
{code:java}
Token<OzoneBlockTokenIdentifier> token = secretManager.generateToken(
    user, EnumSet.allOf(AccessModeProto.class), 60*60);
UserGroupInformation.getCurrentUser().addToken(token);
{code}
When we are trying to get exceptions with the following code, Ozone will 
encapsulate the token in the requests between OM, SCM, DN, which makes it a 
black box for the client. I think it's pretty hard to get exceptions by 
simulating user's operations.

For the BlockTokenVerifier, I saw there are already unit tests for this 
feature. And for BlockToken, as the official documents said, 
{code:java}
Unlike delegation tokens there is no client API to request block tokens. 
Instead, they are handed transparently to client along with key/block locations.
{code}
I think it should be enough to test the availability of the feature, and no 
need to test the situations without BlockToken.

[~nanda] Could you give more advice on this opinion?

> Enable TestSecureOzoneRpcClient#testKeyOpFailureWithoutBlockToken
> -----------------------------------------------------------------
>
>                 Key: HDDS-3429
>                 URL: https://issues.apache.org/jira/browse/HDDS-3429
>             Project: Apache Ozone
>          Issue Type: Sub-task
>          Components: test
>    Affects Versions: 0.5.0
>            Reporter: Nanda kumar
>            Priority: Major
>
> Fix and enable TestSecureOzoneRpcClient#testKeyOpFailureWithoutBlockToken



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to