[
https://issues.apache.org/jira/browse/DRILL-4335?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15957872#comment-15957872
]
ASF GitHub Bot commented on DRILL-4335:
---------------------------------------
Github user sudheeshkatkam commented on a diff in the pull request:
https://github.com/apache/drill/pull/773#discussion_r109960614
--- Diff:
exec/java-exec/src/main/java/org/apache/drill/exec/rpc/security/ServerAuthenticationHandler.java
---
@@ -208,8 +207,12 @@ void process(SaslResponseContext<S, T> context) throws
Exception {
handleSuccess(context, challenge, saslServer);
} else {
- logger.info("Failed to authenticate client from {}",
context.remoteAddress);
- throw new SaslException("Client allegedly succeeded
authentication, but server did not. Suspicious?");
+ final S connection = context.connection;
+ logger.info("Failed to authenticate client from {} with encryption
context:{}",
+ connection.getRemoteAddress().toString(),
--- End diff --
Leave the `context.remoteAddress` as is (here and below); I happened to
notice`.toString()` is expensive.
nit: why evaluate `getEncryptionString` every time, cache that too?
> Apache Drill should support network encryption
> ----------------------------------------------
>
> Key: DRILL-4335
> URL: https://issues.apache.org/jira/browse/DRILL-4335
> Project: Apache Drill
> Issue Type: New Feature
> Reporter: Keys Botzum
> Assignee: Sorabh Hamirwasia
> Labels: security
> Attachments: ApacheDrillEncryptionUsingSASLDesign.pdf
>
>
> This is clearly related to Drill-291 but wanted to make explicit that this
> needs to include network level encryption and not just authentication. This
> is particularly important for the client connection to Drill which will often
> be sending passwords in the clear until there is encryption.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
