cxing commented on code in PR #9636:
URL: https://github.com/apache/pinot/pull/9636#discussion_r1004679783
##########
pinot-core/src/main/java/org/apache/pinot/server/access/ZkBasicAuthAccessFactory.java:
##########
@@ -97,7 +97,8 @@ public boolean hasDataAccess(RequesterIdentity
requesterIdentity, String tableNa
Map<String, ZkBasicAuthPrincipal> password2principal =
name2password.keySet().stream()
.collect(Collectors.toMap(name2password::get,
_name2principal::get));
return password2principal.entrySet().stream()
- .filter(entry -> BcryptUtils.checkpw(entry.getKey(),
entry.getValue().getPassword()))
+ .filter(entry -> BcryptUtils.checkpwWithCache(entry.getKey(),
entry.getValue().getPassword(),
Review Comment:
Thx @walterddr But if we need to merge controller, broker, server
ZkBasicAuthAccessFactory,
Should we merge user and password for controller, broker, server nodes as
well?
In other words controller, broker and server nodes should use same user and
password for hole pinot cluster
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
