joshelser commented on a change in pull request #884: HBASE-23347 Allowable custom authentication methods for RPCs URL: https://github.com/apache/hbase/pull/884#discussion_r366105224
########## File path: hbase-client/src/main/java/org/apache/hadoop/hbase/ipc/RpcConnection.java ########## @@ -81,115 +81,53 @@ // the last time we were picked up from connection pool. protected long lastTouched; + protected SaslClientAuthenticationProvider provider; + protected RpcConnection(Configuration conf, HashedWheelTimer timeoutTimer, ConnectionId remoteId, String clusterId, boolean isSecurityEnabled, Codec codec, CompressionCodec compressor) throws IOException { if (remoteId.getAddress().isUnresolved()) { throw new UnknownHostException("unknown host: " + remoteId.getAddress().getHostName()); } + this.serverAddress = remoteId.getAddress().getAddress(); this.timeoutTimer = timeoutTimer; this.codec = codec; this.compressor = compressor; this.conf = conf; UserGroupInformation ticket = remoteId.getTicket().getUGI(); - SecurityInfo securityInfo = SecurityInfo.getInfo(remoteId.getServiceName()); + this.securityInfo = SecurityInfo.getInfo(remoteId.getServiceName()); this.useSasl = isSecurityEnabled; - Token<? extends TokenIdentifier> token = null; - String serverPrincipal = null; + + // Choose the correct Token and AuthenticationProvider for this client to use + SaslClientAuthenticationProviders providers = + SaslClientAuthenticationProviders.getInstance(conf); + Pair<SaslClientAuthenticationProvider, Token<? extends TokenIdentifier>> pair; if (useSasl && securityInfo != null) { - AuthenticationProtos.TokenIdentifier.Kind tokenKind = securityInfo.getTokenKind(); - if (tokenKind != null) { - TokenSelector<? extends TokenIdentifier> tokenSelector = AbstractRpcClient.TOKEN_HANDLERS - .get(tokenKind); - if (tokenSelector != null) { - token = tokenSelector.selectToken(new Text(clusterId), ticket.getTokens()); - } else if (LOG.isDebugEnabled()) { - LOG.debug("No token selector found for type " + tokenKind); + pair = providers.selectProvider(new Text(clusterId), ticket); Review comment: 😂 let me change that. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services