dimas-b commented on PR #422: URL: https://github.com/apache/polaris/pull/422#issuecomment-2458025679
> So if you're just doing testing like this PR would address, you can just use passwordless auth. You normally don't need the root credentials. I could use `principal:root;realm:default-realm` as an access token, but I happen to need to use the client credentials auth flow, which currently uses random values for the root user. Discovering the random credentials currently involves scanning Polaris STDOUT, which is inconvenient. I'd like to have control over the inputs I provide to Polaris. So this PR proposes to make this an option for the user to define the root credential if the user so chooses. I think it could be convenient for other people too. As for the general bootstrapping case, the above discussion is interesting, but maybe we can continue that on the dev list or separate PR. As for this PR, do you think the idea of allowing user overrides for root credentials is reasonable give that it only applies to the "test" authentication implementation, which is already not "secret" given the fixed root _token_? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
