Currently we add UserCredentials to every PlanFragment we generate as part of the query. PlanFragments are distributed across the Drillbits in cluster. Adding password to UserCredentials will expose the password to all Drillbits beyond the Drillbit where the UserSession is. This is main reason I didn't want to add password to UserCredentials for now. In future if we want to securely identify PlanFragment, we can make use of other methods such as delegation token.
Adding the password to Properties list is not something Drill introduced. JDBC already gets the username and password are through Properties which become part of UserSession at connected Drillbit. We currently get username property in UserCredentials object from Properties we got from JDBC. Thanks Venki On Mon, Apr 6, 2015 at 10:02 PM, Jacques Nadeau <[email protected]> wrote: > Hey Venki et al, > > I just saw that DRILL-2674 went in. It looks like we're handling the > password field as a general property. The intention of the UserCredentials > object is that it would be expanded to support the other fields that were > required as part of user credentials (beyond just username). Was there a > reason that you decided to use a general property rather than expanding the > credential object to specifically hold the password? > > thx > Jacques >
