linyiqun edited a comment on pull request #1454: URL: https://github.com/apache/hadoop-ozone/pull/1454#issuecomment-701381759
>since it's a user token, suppose it has a much longer liveness than input and output stream object instance, right? A good point that @ChenSammi mentioned, there is a setting to decide the expired time of block token and it's a long time as 1 day. This should be an enough time for client to read/write block data. ```xml <property> <name>hdds.block.token.expiry.time</name> <value>1d</value> <tag>OZONE, HDDS, SECURITY, TOKEN</tag> <description> Default value for expiry time of block token. This setting supports multiple time unit suffixes as described in dfs.heartbeat.interval. If no suffix is specified, then milliseconds is assumed. </description> </property> ``` > No need to renew or revoke a block access token. when a cached block access token expires, the client simply get a new one. Block access token should be cached only in memory and never write to disk. From this comment of OzoneBlockTokenIdentifier, current change also looks safe. In additional, I'm +1 for current change. Thanks @adoroszlai for addressing the comment. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: ozone-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: ozone-issues-h...@hadoop.apache.org