[ https://issues.apache.org/jira/browse/DRILL-4280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15856479#comment-15856479 ]
ASF GitHub Bot commented on DRILL-4280: --------------------------------------- Github user laurentgo commented on a diff in the pull request: https://github.com/apache/drill/pull/578#discussion_r99889252 --- Diff: exec/java-exec/src/main/java/org/apache/drill/exec/rpc/control/ControlServer.java --- @@ -84,23 +87,33 @@ public ControlConnection initRemoteConnection(SocketChannel channel) { public MessageLite getHandshakeResponse(BitControlHandshake inbound) throws Exception { // logger.debug("Handling handshake from other bit. {}", inbound); if (inbound.getRpcVersion() != ControlRpcConfig.RPC_VERSION) { - throw new RpcException(String.format("Invalid rpc version. Expected %d, actual %d.", inbound.getRpcVersion(), ControlRpcConfig.RPC_VERSION)); + throw new RpcException(String.format("Invalid rpc version. Expected %d, actual %d.", + inbound.getRpcVersion(), ControlRpcConfig.RPC_VERSION)); } - if (!inbound.hasEndpoint() || inbound.getEndpoint().getAddress().isEmpty() || inbound.getEndpoint().getControlPort() < 1) { - throw new RpcException(String.format("RPC didn't provide valid counter endpoint information. Received %s.", inbound.getEndpoint())); + if (!inbound.hasEndpoint() || + inbound.getEndpoint().getAddress().isEmpty() || + inbound.getEndpoint().getControlPort() < 1) { + throw new RpcException(String.format("RPC didn't provide valid counter endpoint information. Received %s.", + inbound.getEndpoint())); } connection.setEndpoint(inbound.getEndpoint()); // add the ControlConnectionManager manager = connectionRegistry.getConnectionManager(inbound.getEndpoint()); // update the close handler. - proxyCloseHandler.setHandler(manager.getCloseHandlerCreator().getHandler(connection, proxyCloseHandler.getHandler())); + proxyCloseHandler.setHandler(manager.getCloseHandlerCreator().getHandler(connection, + proxyCloseHandler.getHandler())); // add to the connection manager. manager.addExternalConnection(connection); - return BitControlHandshake.newBuilder().setRpcVersion(ControlRpcConfig.RPC_VERSION).build(); + final BitControlHandshake.Builder builder = BitControlHandshake.newBuilder(); + builder.setRpcVersion(ControlRpcConfig.RPC_VERSION); + if (config.getAuthProvider() != null) { --- End diff -- instead, maybe have a method to get all mechanisms. If empty, it means that authentication is disabled (should match protobuf behavior of returning empty list by default) > Kerberos Authentication > ----------------------- > > Key: DRILL-4280 > URL: https://issues.apache.org/jira/browse/DRILL-4280 > Project: Apache Drill > Issue Type: Improvement > Reporter: Keys Botzum > Assignee: Sudheesh Katkam > Labels: security > > Drill should support Kerberos based authentication from clients. This means > that both the ODBC and JDBC drivers as well as the web/REST interfaces should > support inbound Kerberos. For Web this would most likely be SPNEGO while for > ODBC and JDBC this will be more generic Kerberos. > Since Hive and much of Hadoop supports Kerberos there is a potential for a > lot of reuse of ideas if not implementation. > Note that this is related to but not the same as > https://issues.apache.org/jira/browse/DRILL-3584 -- This message was sent by Atlassian JIRA (v6.3.15#6346)