adutra commented on code in PR #3224:
URL: https://github.com/apache/polaris/pull/3224#discussion_r2599316218
##########
runtime/service/src/main/java/org/apache/polaris/service/catalog/io/StorageAccessConfigProvider.java:
##########
@@ -49,13 +50,16 @@ public class StorageAccessConfigProvider {
private final StorageCredentialCache storageCredentialCache;
private final StorageCredentialsVendor storageCredentialsVendor;
+ private final PolarisPrincipal polarisPrincipal;
@Inject
public StorageAccessConfigProvider(
StorageCredentialCache storageCredentialCache,
- StorageCredentialsVendor storageCredentialsVendor) {
+ StorageCredentialsVendor storageCredentialsVendor,
+ PolarisPrincipal polarisPrincipal) {
Review Comment:
@tokoko indeed it's tricky to inject `SecurityIdentity` or
`ContainerRequestContext` in some places. The former is tricky because we use
[lazy
authentication](https://quarkus.io/guides/security-proactive-authentication) so
it's safer to use `CurrentIdentityAssociation`; the latter is tricky because
it's not a normal CDI bean (it always appears resolvable, even when it's not).
I overcame both issues recently with some low-level trickery, feel free to
take a similar approach if it's helpful:
https://github.com/apache/polaris/blob/64b13a9915274a04e82a12c9fdcd095d12797ca0/runtime/service/src/main/java/org/apache/polaris/service/events/PolarisEventMetadataFactory.java
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
