DaveTeng0 commented on code in PR #3911:
URL: https://github.com/apache/ozone/pull/3911#discussion_r1009967160
##########
hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/rpc/RpcClient.java:
##########
@@ -510,7 +511,23 @@ public OzoneVolume getVolumeDetails(String volumeName)
@Override
public S3VolumeContext getS3VolumeContext() throws IOException {
- return ozoneManagerClient.getS3VolumeContext();
+ S3VolumeContext resp = ozoneManagerClient.getS3VolumeContext();
+ String userPrincipal = resp.getUserPrincipal();
+ updateS3Principal(userPrincipal);
+ return resp;
+ }
+
+ private void updateS3Principal(String userPrincipal) {
+ S3Auth s3Auth = this.getThreadLocalS3Auth();
+ // Update user principal if needed to be used for KMS client
+ if (s3Auth != null) {
+ // Update userPrincipal field with the value returned from OM. So that
+ // in multi-tenancy, KMS client can use the correct identity
+ // (instead of using accessId) to communicate with KMS.
+ LOG.debug("Updating S3Auth.userPrincipal to {}", userPrincipal);
+ s3Auth.setUserPrincipal(userPrincipal);
+ this.setThreadLocalS3Auth(s3Auth);
Review Comment:
hmm.. just for myself learning.. so does that mean a same user always access
the same rpcClient instance so we use threadLocal variable?
and is it possible a rpcClient instance used by different users?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
