neils-dev commented on code in PR #3382:
URL: https://github.com/apache/ozone/pull/3382#discussion_r871879139
##########
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/security/OzoneDelegationTokenSecretManager.java:
##########
@@ -404,6 +415,18 @@ public void removeToken(OzoneTokenIdentifier
ozoneTokenIdentifier) {
@Override
public byte[] retrievePassword(OzoneTokenIdentifier identifier)
throws InvalidToken {
+ // Tokens are a bit different in that a follower OM may be behind and
+ // thus not yet know of all tokens issued by the leader OM. the
+ // following check does not allow ANY token auth. In optimistic, it should
+ // allow known tokens in.
+ try {
+ ozoneManager.checkLeaderStatus();
+ } catch (OMNotLeaderException | OMLeaderNotReadyException e) {
+ InvalidToken wrappedStandby = new InvalidToken("IOException");
+ wrappedStandby.initCause(e);
+ throw wrappedStandby;
+ }
Review Comment:
Hi @ChenSammi. I see that `retrievePassword` method now not only throws an
exception when the s3 user cannot be authenticated but now also when the OM is
not the leader. With this new InvaidToken exception (OMNotLeader / NotReady
exception), the users of the retrievePassword may not accurately process the
error.
Do we need to change the `S3SecurityUtil.validateS3Credential` handling of
an exception thrown by its call to `retrievePassword`?
##########
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/protocolPB/OzoneManagerProtocolServerSideTranslatorPB.java:
##########
@@ -158,7 +158,7 @@ private OMResponse processRequest(OMRequest request) throws
// if current OM is leader and then proceed with processing the
request.
if (request.hasS3Authentication()) {
s3Auth = true;
- checkLeaderStatus();
+ OzoneManagerRatisUtils.checkLeaderStatus(ozoneManager);
S3SecurityUtil.validateS3Credential(request, ozoneManager);
}
Review Comment:
With `validateS3Credential()` checking the leader status when validating the
password (S3Token) from the `OMRequest`, is the
`OzoneManagerRatisUtils.checkStatus()` in the line above it unnecessary,
redundant?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
