duongkame commented on code in PR #4417:
URL: https://github.com/apache/ozone/pull/4417#discussion_r1148113998
##########
hadoop-hdds/container-service/src/main/java/org/apache/hadoop/ozone/container/ec/reconstruction/TokenHelper.java:
##########
@@ -61,7 +61,7 @@ class TokenHelper {
// checking certClient != null instead of
securityConfig.isSecurityEnabled()
// to allow integration test without full kerberos etc. setup
- boolean securityEnabled = certClient != null;
+ boolean securityEnabled = secretKeyClient != null;
if (securityEnabled && (blockTokenEnabled || containerTokenEnabled)) {
user = UserGroupInformation.getCurrentUser().getShortUserName();
Review Comment:
Yup. I actually wanted to change the validation to `blockTokenPeriod <=
secretKeyExpiryPeriod - secretKeyRotationPeriod`. That will ensure that the
block token lifetime will not cross the secret key lifetime. Think I have to
put the validation somewhere else.
Removed the validation for now.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
