SkyGra commented on issue #35:
URL:
https://github.com/apache/doris-mcp-server/issues/35#issuecomment-3131604240
> Okay, the current authentication mechanism is not perfect. We will design
and refactor it in version 0.6. We will refer to your feedback to align
database permissions with MCP permissions. If you can provide more examples of
your expectations, we will be able to better meet your design requirements.
Ok, thanks.
By the way, I have make a brief test about these several functions, i found
**sql block**, **data masking** have effect, but the **authentication** does
not work, even though I made the settings in .env, the client can access the
mcp server smoothly without any **authentication**, my config in .env as
follows:
```
AUTH_TYPE=token
TOKEN_SECRET=secret_key
TOKEN_EXPIRY=3600
```
Refer to **authorization**, i can't found the config way.
After the optimization is completed, I hope a more detail usage
instructions can be supplied, thanks.
In our usage scenario, we use doris-mcp-servre as the bridge between AI
Agent and doris, so we focus on the security mechanism.
About the **authentication**, the token whether can be generated by mcp
server, but the agent how to update the token, i have no idea.
About the **authorization**, i think the RDBC stratage design which
described in Redme.md is ok, we also need the table level security control
mechanism, but how to use in client or in AI Agent, can give more example.
thanks.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
