kerneltime commented on code in PR #3911:
URL: https://github.com/apache/ozone/pull/3911#discussion_r1009049571
##########
hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/rpc/RpcClient.java:
##########
@@ -510,7 +511,23 @@ public OzoneVolume getVolumeDetails(String volumeName)
@Override
public S3VolumeContext getS3VolumeContext() throws IOException {
- return ozoneManagerClient.getS3VolumeContext();
+ S3VolumeContext resp = ozoneManagerClient.getS3VolumeContext();
+ String userPrincipal = resp.getUserPrincipal();
+ updateS3Principal(userPrincipal);
+ return resp;
+ }
+
+ private void updateS3Principal(String userPrincipal) {
+ S3Auth s3Auth = this.getThreadLocalS3Auth();
+ // Update user principal if needed to be used for KMS client
+ if (s3Auth != null) {
+ // Update userPrincipal field with the value returned from OM. So that
+ // in multi-tenancy, KMS client can use the correct identity
+ // (instead of using accessId) to communicate with KMS.
+ LOG.debug("Updating S3Auth.userPrincipal to {}", userPrincipal);
Review Comment:
I am wondering if we should audit this? Maybe we can file a Jira for the
future to add metrics for each user principal-based counts? cc @smengcl
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
