jihoonson commented on issue #9351: Adding CredentialsProvider, deprecating PasswordProvider URL: https://github.com/apache/druid/issues/9351#issuecomment-586106053 @himanshug thank you for bring up #6666. That's a really good point. > Also, wouldn't > > ``` > public interface CredentialsProvider > { > String getPassword(String key); > } > ``` > > be more generic then which can handle more than two logically related secrets. Hmm, should one `CredentialsProvider` be able to handle multiple secrets? Would you tell me some examples? > For DB , In all the places I used druid, username was never a secret . Also I see some passwords in https://druid.apache.org/docs/latest/development/extensions-core/druid-basic-security.html which don't necessarily need an "account". I am not saying that we need to keep `PasswordProvider` but just noting down the different use cases. Good point. I think these are pretty rare cases and still can be handled by the `CredentialProvider`. For example, we can add a `PlainUsernameAndSecuredPasswordProvider` for people who really don't want to secure the username. Similarly, we can add `PasswordOnlyCredentialsProvider` for the use case where the username is not required.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
