hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] [hadoop] bharatviswa504 commented on a change in pull request #561: HDDS-1043. Enable token based authentication for S3 api.
Date Wed, 06 Mar 2019 19:08:44 GMT
bharatviswa504 commented on a change in pull request #561: HDDS-1043. Enable token based authentication
for S3 api.
URL: https://github.com/apache/hadoop/pull/561#discussion_r263090394
 
 

 ##########
 File path: hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/OzoneDelegationTokenSecretManager.java
 ##########
 @@ -327,6 +336,37 @@ public boolean verifySignature(OzoneTokenIdentifier identifier,
     }
   }
 
+  /**
+   * Validates if a S3 identifier is valid or not.
+   * */
+  private byte[] validateS3Token(OzoneTokenIdentifier identifier)
+      throws InvalidToken {
+    LOG.trace("Validating S3Token for identifier:{}", identifier);
+    String awsSecret;
+    try {
+      awsSecret = s3SecretManager.getS3UserSecretString(identifier
+          .getAwsAccessId());
+    } catch (IOException e) {
+      LOG.error("Error while validating S3 identifier:{}",
+          identifier, e);
+      throw new InvalidToken("No S3 secret found for S3 identifier:"
 
 Review comment:
   Now if InvalidToken is thrown as an exception during invalid/malformed header, then how
this will be thrown to the end user s3 request? I don't see any code for it.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org


Mime
View raw message