Github user vrozov commented on a diff in the pull request: https://github.com/apache/drill/pull/1013#discussion_r147466798 --- Diff: exec/java-exec/src/main/java/org/apache/drill/exec/rpc/security/ClientAuthenticatorProvider.java --- @@ -57,17 +57,17 @@ private ClientAuthenticatorProvider() { // then, custom factories if (customFactories != null) { - try { - final String[] factories = customFactories.split(","); - for (final String factory : factories) { + final String[] factories = customFactories.split(","); + for (final String factory : factories) { + try { final Class<?> clazz = Class.forName(factory); if (AuthenticatorFactory.class.isAssignableFrom(clazz)) { final AuthenticatorFactory instance = (AuthenticatorFactory) clazz.newInstance(); authFactories.put(instance.getSimpleName(), instance); } + } catch (final ClassNotFoundException | IllegalAccessException | InstantiationException e) { + throw new DrillRuntimeException(String.format("Failed to create auth factory '%s'", factory), e); --- End diff -- It will be good to explain why. In other systems (for example unix pam) usually, there is a best effort attempt to authenticate, meaning that if a provider can't be initialized or instantiated it is skipped, but the system is operational and users that authenticate against other providers can still use the system.
---