[
https://issues.apache.org/jira/browse/HDFS-592?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12754445#action_12754445
]
Kan Zhang commented on HDFS-592:
--------------------------------
Namenode needs to verify that the requesting client is the client that has
previously been authorized to write to the Block. Otherwise, this can become a
security hole. This checking is missing in existing code (it was hard to do
since in existing code recovery is done at datanode). We probably need open a
new JIRA for this. For now you may want to let the client send the clientname
it used in the create() call and check that the DFSClient instance is the
leaseholder. However, this may not solve the problem since clientname may be
guessed. For security purposes, the checking should be based on an
authenticated username. Also, can we choose a method name other than
getNewGenerationStampAndAccessToken()? In my view, the namenode is not doing
this as a general service to any client that wants an access token. This is
done only in the context of pipeline recovery. How about using something like
pipelineRecovery()?
> Allow client to get a new generation stamp from NameNode
> --------------------------------------------------------
>
> Key: HDFS-592
> URL: https://issues.apache.org/jira/browse/HDFS-592
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Components: name-node
> Affects Versions: Append Branch
> Reporter: Hairong Kuang
> Assignee: Hairong Kuang
> Fix For: Append Branch
>
> Attachments: newGS.patch, newGS1.patch
>
>
> This issue aims to add an API to ClientProtocol that fetches a new
> generation stamp and an access token from NameNode to support append or
> pipeline recovery.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
