[ https://issues.apache.org/jira/browse/HDFS-16979?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17714275#comment-17714275 ]
ASF GitHub Bot commented on HDFS-16979: --------------------------------------- virajjasani commented on code in PR #5552: URL: https://github.com/apache/hadoop/pull/5552#discussion_r1171753252 ########## hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java: ########## @@ -453,15 +453,15 @@ private void logAuditEvent(boolean succeeded, private void appendClientPortToCallerContextIfAbsent() { final CallerContext ctx = CallerContext.getCurrent(); - if (isClientPortInfoAbsent(ctx)) { - String origContext = ctx == null ? null : ctx.getContext(); - byte[] origSignature = ctx == null ? null : ctx.getSignature(); - CallerContext.setCurrent( - new CallerContext.Builder(origContext, contextFieldSeparator) - .append(CallerContext.CLIENT_PORT_STR, String.valueOf(Server.getRemotePort())) - .setSignature(origSignature) - .build()); - } + String origContext = ctx == null ? null : ctx.getContext(); + byte[] origSignature = ctx == null ? null : ctx.getSignature(); + String clientPort = isClientPortInfoAbsent(ctx) ? CallerContext.CLIENT_PORT_STR : Review Comment: > Are we even sure that if it is not a client, it is a router? This is exactly why I was suggesting to provide better protection for this very condition https://github.com/apache/hadoop/pull/5552#issuecomment-1507395844 Today, we know that if it is not a client, it is a router. But this is so _fragile_ and can be easily broken if someone other than router also starts using `clientPort` in the context. The better way is to have a check that only router would pass, something similar to the comment. > RBF: Add dfsrouter port in hdfsauditlog > --------------------------------------- > > Key: HDFS-16979 > URL: https://issues.apache.org/jira/browse/HDFS-16979 > Project: Hadoop HDFS > Issue Type: Improvement > Reporter: liuguanghua > Priority: Major > Labels: pull-request-available > > When remote client request through dfsrouter to namenode, the hdfsauditlog > record the remote client ip and port ,dfsrouter IP,but lack of dfsrouter port. > This patch is done for this scene. > -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org