Github user vrozov commented on a diff in the pull request:
https://github.com/apache/drill/pull/1013#discussion_r147466798
--- Diff:
exec/java-exec/src/main/java/org/apache/drill/exec/rpc/security/ClientAuthenticatorProvider.java
---
@@ -57,17 +57,17 @@ private ClientAuthenticatorProvider() {
// then, custom factories
if (customFactories != null) {
- try {
- final String[] factories = customFactories.split(",");
- for (final String factory : factories) {
+ final String[] factories = customFactories.split(",");
+ for (final String factory : factories) {
+ try {
final Class<?> clazz = Class.forName(factory);
if (AuthenticatorFactory.class.isAssignableFrom(clazz)) {
final AuthenticatorFactory instance = (AuthenticatorFactory)
clazz.newInstance();
authFactories.put(instance.getSimpleName(), instance);
}
+ } catch (final ClassNotFoundException | IllegalAccessException |
InstantiationException e) {
+ throw new DrillRuntimeException(String.format("Failed to create
auth factory '%s'", factory), e);
--- End diff --
It will be good to explain why. In other systems (for example unix pam)
usually, there is a best effort attempt to authenticate, meaning that if a
provider can't be initialized or instantiated it is skipped, but the system is
operational and users that authenticate against other providers can still use
the system.
---
