bharos commented on code in PR #9788:
URL: https://github.com/apache/gravitino/pull/9788#discussion_r2732910528
##########
server-common/src/main/java/org/apache/gravitino/server/authentication/KerberosConfig.java:
##########
@@ -42,4 +42,26 @@ public interface KerberosConfig {
.stringConf()
.checkValue(StringUtils::isNotBlank,
ConfigConstants.NOT_BLANK_ERROR_MSG)
.create();
+
+ ConfigEntry<String> PRINCIPAL_MAPPER_TYPE =
+ new ConfigBuilder(KERBEROS_CONFIG_PREFIX + "principalMapperType")
+ .doc(
+ "Type of principal mapper to use for Kerberos authentication. "
+ + "Built-in value: 'regex' (uses regex pattern to extract
username). "
+ + "Can also be a fully qualified class name implementing
PrincipalMapper for custom logic. "
+ + "Custom mappers can use KerberosPrincipal.parse() for
structured Kerberos principal parsing.")
+ .version(ConfigConstants.VERSION_1_2_0)
+ .stringConf()
+ .createWithDefault("regex");
+
+ ConfigEntry<String> PRINCIPAL_MAPPER_REGEX_PATTERN =
+ new ConfigBuilder(KERBEROS_CONFIG_PREFIX +
"principalMapper.regex.pattern")
+ .doc(
+ "Regex pattern to extract the username from the Kerberos
principal. "
+ + "Only used when principalMapperType is 'regex'. "
+ + "The pattern should contain at least one capturing group. "
+ + "Default pattern '([^@]+).*' extracts everything before
'@' (including instance if present).")
Review Comment:
I think this is already mentioned in the doc here
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
