[ https://issues.apache.org/jira/browse/HDDS-1600?focusedWorklogId=253180&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-253180 ]
ASF GitHub Bot logged work on HDDS-1600: ---------------------------------------- Author: ASF GitHub Bot Created on: 03/Jun/19 16:18 Start Date: 03/Jun/19 16:18 Worklog Time Spent: 10m Work Description: bharatviswa504 commented on issue #857: HDDS-1600. Add userName and IPAddress as part of OMRequest. URL: https://github.com/apache/hadoop/pull/857#issuecomment-498325870 > @bharatviswa504 thanks for the patch. On a second thought i wonder why don't we complete authorization on the OM which receives the first request from client, this will save us the trouble of propagating credentials in rest of the call and simplify HA design. We can check Acl's on the leader OM, we cannot do checkAcls on any OM(which some times might not be leader), because think of a case like setAcl's is not applied on that OM(as it is a follower) but we are performing check Acl's. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org Issue Time Tracking ------------------- Worklog Id: (was: 253180) Time Spent: 2h 40m (was: 2.5h) > Add userName and IPAddress as part of OMRequest. > ------------------------------------------------ > > Key: HDDS-1600 > URL: https://issues.apache.org/jira/browse/HDDS-1600 > Project: Hadoop Distributed Data Store > Issue Type: Sub-task > Reporter: Bharat Viswanadham > Assignee: Bharat Viswanadham > Priority: Major > Labels: pull-request-available > Time Spent: 2h 40m > Remaining Estimate: 0h > > In OM HA, the actual execution of request happens under GRPC context, so UGI > object which we retrieve from ProtobufRpcEngine.Server.getRemoteUser(); will > not be available. > In similar manner ProtobufRpcEngine.Server.getRemoteIp(). > > So, during preExecute(which happens under RPC context) extract userName and > IPAddress and add it to the OMRequest, and then send the request to ratis > server. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org