[ https://issues.apache.org/jira/browse/HDFS-592?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12754445#action_12754445 ]
Kan Zhang commented on HDFS-592: -------------------------------- Namenode needs to verify that the requesting client is the client that has previously been authorized to write to the Block. Otherwise, this can become a security hole. This checking is missing in existing code (it was hard to do since in existing code recovery is done at datanode). We probably need open a new JIRA for this. For now you may want to let the client send the clientname it used in the create() call and check that the DFSClient instance is the leaseholder. However, this may not solve the problem since clientname may be guessed. For security purposes, the checking should be based on an authenticated username. Also, can we choose a method name other than getNewGenerationStampAndAccessToken()? In my view, the namenode is not doing this as a general service to any client that wants an access token. This is done only in the context of pipeline recovery. How about using something like pipelineRecovery()? > Allow client to get a new generation stamp from NameNode > -------------------------------------------------------- > > Key: HDFS-592 > URL: https://issues.apache.org/jira/browse/HDFS-592 > Project: Hadoop HDFS > Issue Type: Sub-task > Components: name-node > Affects Versions: Append Branch > Reporter: Hairong Kuang > Assignee: Hairong Kuang > Fix For: Append Branch > > Attachments: newGS.patch, newGS1.patch > > > This issue aims to add an API to ClientProtocol that fetches a new > generation stamp and an access token from NameNode to support append or > pipeline recovery. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.