CalvinKirs opened a new pull request, #61819:
URL: https://github.com/apache/doris/pull/61819
This PR integrates the Doris FE authentication extension modules and
delivers the end-to-end OIDC login path for MySQL clients.
The core changes are:
1. Add MySQL protocol-layer support for OIDC login
- bridge OIDC credentials carried in the MySQL authentication packet
into Doris authentication requests
- allow OIDC-based external login to enter the FE authentication
pipeline through the MySQL protocol path
2. Add ROLE MAPPING for built-in authorization
- support using external identity attributes/groups to drive internal
authorization decisions
3. Integrate the authentication feature modules into FE
- wire the authentication plugin/integration modules into the FE runtime
- connect external authentication, JIT/external login, and built-in
role authorization into one complete flow
With these changes, Doris can accept OIDC-based external logins from the
MySQL protocol entry, authenticate them through the integrated authentication
modules, and apply Doris-native authorization
through ROLE MAPPING.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
