James Turton created DRILL-8223:
-----------------------------------
Summary: Refactor auth modes dropping DRILL_PROCESS and allowing
credential providers everywhere
Key: DRILL-8223
URL: https://issues.apache.org/jira/browse/DRILL-8223
Project: Apache Drill
Issue Type: Improvement
Components: Security
Affects Versions: 2.0.0
Reporter: James Turton
Assignee: James Turton
Fix For: 2.0.0
Remove the abstract CredentialedStoragePluginConfig (formerly
AbstractSecuredStoragePluginConfig) class and promote the credential provider
members to the parent StoragePluginConfig. Since having a credential provider
provider is optional, there is no harm in giving the capability to every
plugin's config.
Drop the DRILL_PROCESS auth mode since this case is adequately covered by using
SHARED_USER with no credentials specified.
Bug fix. In storage-jdbc and when there are no JDBC credentials for the query
user, only forgo an attempt to connect if the auth mode is USER_TRANSLATION. If
it is SHARED_USER, proceed with an attempt to connect (examples of this case
are unsecured DBs and BigQuery which requires OAuth tokens in the JDBC URL
instead of a JDBC username and password).
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
