[
https://issues.apache.org/jira/browse/DRILL-4280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15858336#comment-15858336
]
ASF GitHub Bot commented on DRILL-4280:
---------------------------------------
Github user sudheeshkatkam commented on a diff in the pull request:
https://github.com/apache/drill/pull/578#discussion_r100131255
--- Diff:
exec/java-exec/src/main/java/org/apache/drill/exec/rpc/data/DataClient.java ---
@@ -75,27 +85,106 @@ public MessageLite getResponseDefaultInstance(int
rpcType) throws RpcException {
}
@Override
- protected Response handle(DataClientConnection connection, int rpcType,
ByteBuf pBody, ByteBuf dBody) throws RpcException {
+ protected void handle(DataClientConnection connection, int rpcType,
ByteBuf pBody, ByteBuf dBody,
+ ResponseSender sender) throws RpcException {
throw new UnsupportedOperationException("DataClient is unidirectional
by design.");
}
BufferAllocator getAllocator() {
- return allocator;
+ return config.getAllocator();
}
@Override
protected void validateHandshake(BitServerHandshake handshake) throws
RpcException {
if (handshake.getRpcVersion() != DataRpcConfig.RPC_VERSION) {
- throw new RpcException(String.format("Invalid rpc version. Expected
%d, actual %d.", handshake.getRpcVersion(), DataRpcConfig.RPC_VERSION));
+ throw new RpcException(String.format("Invalid rpc version. Expected
%d, actual %d.",
+ handshake.getRpcVersion(), DataRpcConfig.RPC_VERSION));
+ }
+
+ if (handshake.getAuthenticationMechanismsCount() != 0) { // remote
requires authentication
--- End diff --
Correct me if I am wrong, but both your intentions are different.
I've addressed Sorabh's comment, as in, "check for the case if
Authentication is enabled on this client and for some reason server is sending
empty list of mechanisms list (may be wrong config) then we should throw
exception"
But regarding Laurent's comment, the "code" is the "same as in
ControlClient", the objects are all different (handshake, connection, config).
That refactoring would require a lot more changes to BasicClient. I'll open a
ticket once this PR is merged.
> Kerberos Authentication
> -----------------------
>
> Key: DRILL-4280
> URL: https://issues.apache.org/jira/browse/DRILL-4280
> Project: Apache Drill
> Issue Type: Improvement
> Reporter: Keys Botzum
> Assignee: Sudheesh Katkam
> Labels: security
>
> Drill should support Kerberos based authentication from clients. This means
> that both the ODBC and JDBC drivers as well as the web/REST interfaces should
> support inbound Kerberos. For Web this would most likely be SPNEGO while for
> ODBC and JDBC this will be more generic Kerberos.
> Since Hive and much of Hadoop supports Kerberos there is a potential for a
> lot of reuse of ideas if not implementation.
> Note that this is related to but not the same as
> https://issues.apache.org/jira/browse/DRILL-3584
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
