kerneltime commented on a change in pull request #2817:
URL: https://github.com/apache/ozone/pull/2817#discussion_r746158459
##########
File path:
hadoop-ozone/s3gateway/src/main/java/org/apache/hadoop/ozone/s3/OzoneClientProducer.java
##########
@@ -112,6 +112,9 @@ public S3Auth getSignature() {
@NotNull
@VisibleForTesting
OzoneClient createOzoneClient() throws IOException {
+ // S3 Gateway should always set the S3 Auth. OM can choose to ignore it
+ // based on the security configuration.
Review comment:
S3 Clients will always set the authentication information as S3 APIs do
not really have a contract for unauthenticated communication. Thus, it is best
for S3G to forward the signature to OM. OM can choose to validate the signature
or not based on how OM is configured.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
