[ https://issues.apache.org/jira/browse/DRILL-4335?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15984067#comment-15984067 ]
ASF GitHub Bot commented on DRILL-4335: --------------------------------------- Github user sudheeshkatkam commented on a diff in the pull request: https://github.com/apache/drill/pull/773#discussion_r113350599 --- Diff: exec/java-exec/src/main/java/org/apache/drill/exec/rpc/security/AuthenticationOutcomeListener.java --- @@ -243,4 +249,46 @@ public SaslMessage process(SaslChallengeContext context) throws Exception { } } } + + private static void handleSuccess(SaslChallengeContext context) throws SaslException { + final ClientConnection connection = context.connection; + final SaslClient saslClient = connection.getSaslClient(); + + try { + // Check if connection was marked for being secure then verify for negotiated QOP value for + // correctness. + final String negotiatedQOP = saslClient.getNegotiatedProperty(Sasl.QOP).toString(); --- End diff -- Could .toString() throw NPE, since null QOP is same as "auth"? > Apache Drill should support network encryption > ---------------------------------------------- > > Key: DRILL-4335 > URL: https://issues.apache.org/jira/browse/DRILL-4335 > Project: Apache Drill > Issue Type: New Feature > Reporter: Keys Botzum > Assignee: Sorabh Hamirwasia > Labels: security > Attachments: ApacheDrillEncryptionUsingSASLDesign.pdf > > > This is clearly related to Drill-291 but wanted to make explicit that this > needs to include network level encryption and not just authentication. This > is particularly important for the client connection to Drill which will often > be sending passwords in the clear until there is encryption. -- This message was sent by Atlassian JIRA (v6.3.15#6346)