[
https://issues.apache.org/jira/browse/HDDS-4729?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Xiaoyu Yao updated HDDS-4729:
-----------------------------
Fix Version/s: 1.2.0
Resolution: Fixed
Status: Resolved (was: Patch Available)
Thanks [~adoroszlai] for the contribution. PR has been merged.
> Add token support for container admin operations
> ------------------------------------------------
>
> Key: HDDS-4729
> URL: https://issues.apache.org/jira/browse/HDDS-4729
> Project: Apache Ozone
> Issue Type: New Feature
> Reporter: István Fajth
> Assignee: Attila Doroszlai
> Priority: Major
> Labels: pull-request-available
> Fix For: 1.2.0
>
>
> HDDS-2321 disabled token based authentication for container admin commands
> part of the DataNode admin protocol as that caused problems with requests
> that are not going through Ozone Manager, as token based auth support is
> present only there currently.
> Within this feature, the followings to be added:
> - a new SCM request to get a new kind of token issued by the SCM
> - the token would be short living, without renewal or cancellation signed by
> SCM
> - the token will be required for container admin commands inside DataNodes
> - the token will be supplied to container admin requests from command line
> client, and for commands arriving via DN heartbeat responses
> - the token is validated on the DN side for every container admin command,
> and in case a token is not supplied or invalid the DN should reject the
> request.
> Also it is part of the development to revisit all DN API requests and add the
> appropriate (OM or SCM) token based auth where applicable.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
