diqiu50 opened a new pull request, #11628:
URL: https://github.com/apache/gravitino/pull/11628

   ### What changes were proposed in this pull request?
   
   For a REST backend, the Flink Iceberg connector builds a native Iceberg 
`RESTCatalog` that connects directly to the Iceberg REST service, bypassing the 
Gravitino server's auth proxy. This propagates the Gravitino client's auth 
config (OAuth2 / Basic) to the REST client's `rest.auth.*` properties, unless 
the user set them explicitly.
   
   `GravitinoCatalogManager` now strips auth keys from a copy instead of the 
shared client config, keeping them available for the REST backend.
   
   ### Why are the changes needed?
   
   The connector failed with `NotAuthorizedException` against an auth-enabled 
IRC because the REST client carried no credentials.
   
   Fix: #11601
   
   ### Does this PR introduce _any_ user-facing change?
   
   No. Auth is propagated transparently; no manual IRC auth config needed.
   
   ### How was this patch tested?
   
   Added `TestGravitinoIcebergCatalogFactory` covering the auth property 
mapping and injection guards.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to