bharatviswa504 commented on a change in pull request #2817:
URL: https://github.com/apache/ozone/pull/2817#discussion_r746153098
##########
File path:
hadoop-ozone/s3gateway/src/main/java/org/apache/hadoop/ozone/s3/OzoneClientProducer.java
##########
@@ -112,6 +112,9 @@ public S3Auth getSignature() {
@NotNull
@VisibleForTesting
OzoneClient createOzoneClient() throws IOException {
+ // S3 Gateway should always set the S3 Auth. OM can choose to ignore it
+ // based on the security configuration.
Review comment:
Can you explain what this comment means?
OM can choose to ignore it
// based on the security configuration.
##########
File path:
hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/om/protocol/S3Auth.java
##########
@@ -24,6 +24,7 @@
private String stringToSign;
private String signature;
private String accessID;
+ public static final String S3_AUTH_CHECK = "ozone.s3.auth.check";
Review comment:
This will be S3Gateway config, but it is internal should not be exposed
to end users if i understand correctly.
##########
File path:
hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/rpc/RpcClient.java
##########
@@ -185,15 +185,21 @@ public RpcClient(ConfigurationSource conf, String
omServiceId)
this.clientConfig = conf.getObject(OzoneClientConfig.class);
OmTransport omTransport = createOmTransport(omServiceId);
- this.ozoneManagerClient = TracingUtil.createProxy(
+ OzoneManagerProtocolClientSideTranslatorPB
+ ozoneManagerProtocolClientSideTranslatorPB =
new OzoneManagerProtocolClientSideTranslatorPB(omTransport,
- clientId.toString()),
- OzoneManagerClientProtocol.class, conf
- );
+ clientId.toString());
+ this.ozoneManagerClient = TracingUtil.createProxy(
+ ozoneManagerProtocolClientSideTranslatorPB,
+ OzoneManagerClientProtocol.class, conf);
dtService = omTransport.getDelegationTokenService();
- ServiceInfoEx serviceInfoEx = ozoneManagerClient.getServiceInfo();
List<X509Certificate> x509Certificates = null;
if (OzoneSecurityUtil.isSecurityEnabled(conf)) {
+ ServiceInfoEx serviceInfoEx = ozoneManagerClient.getServiceInfo();
+ // If the client is authenticating using S3 style aut, all future
Review comment:
aut -> auth
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
