yuqi1129 commented on code in PR #4075:
URL: https://github.com/apache/gravitino/pull/4075#discussion_r1670442393
##########
catalogs/catalog-lakehouse-paimon/src/main/java/com/datastrato/gravitino/catalog/lakehouse/paimon/utils/CatalogUtils.java:
##########
@@ -46,17 +56,55 @@ public static Catalog loadCatalogBackend(PaimonConfig
paimonConfig) {
String metastore = paimonConfig.get(CATALOG_BACKEND);
Preconditions.checkArgument(
StringUtils.isNotBlank(metastore), "Paimon Catalog metastore can not
be null or empty.");
+
String warehouse = paimonConfig.get(CATALOG_WAREHOUSE);
Preconditions.checkArgument(
StringUtils.isNotBlank(warehouse), "Paimon Catalog warehouse can not
be null or empty.");
+
if (!PaimonCatalogBackend.FILESYSTEM.name().equalsIgnoreCase(metastore)) {
String uri = paimonConfig.get(CATALOG_URI);
Preconditions.checkArgument(
- StringUtils.isNotBlank(uri),
- String.format("Paimon Catalog uri can not be null or empty for %s.",
metastore));
+ StringUtils.isNotBlank(uri), "Paimon Catalog uri can not be null or
empty.");
}
+
+ Map<String, String> allConfig = paimonConfig.getAllConfig();
+ Configuration configuration = new Configuration();
+ allConfig.forEach(configuration::set);
+
CatalogContext catalogContext =
- CatalogContext.create(Options.fromMap(paimonConfig.getAllConfig()));
- return CatalogFactory.createCatalog(catalogContext);
+ CatalogContext.create(Options.fromMap(paimonConfig.getAllConfig()),
configuration);
+
+ AuthenticationConfig authenticationConfig = new
AuthenticationConfig(allConfig);
+ if (authenticationConfig.isSimpleAuth()) {
+ return CatalogFactory.createCatalog(catalogContext);
+ } else if (authenticationConfig.isKerberosAuth()) {
+ configuration.set(HADOOP_SECURITY_AUTHORIZATION, "true");
+ configuration.set(HADOOP_SECURITY_AUTHENTICATION, "kerberos");
+
+ switch
(PaimonCatalogBackend.valueOf(metastore.toUpperCase(Locale.ROOT))) {
+ case FILESYSTEM:
+ initKerberosAndReturnRealm(allConfig, configuration);
Review Comment:
`initKerberosAndReturnRealm` will initialize the Kerberos user and make the
current user is the one that has just logged in, then the default user used in
the later steps is that one.
> Where does the ugi saved? thread local variable? should we remove it ?
It saves local variations in the thread. It's just initialized in the
catalog create procedure, so it's okay to keep it as is.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
