ctubbsii commented on a change in pull request #870: Remove unused code in
master and server
URL: https://github.com/apache/accumulo/pull/870#discussion_r245406551
##########
File path:
server/base/src/main/java/org/apache/accumulo/server/security/handler/KerberosAuthenticator.java
##########
@@ -190,9 +188,4 @@ public synchronized boolean userExists(String user) {
return SUPPORTED_TOKENS;
}
- @Override
- public boolean validTokenClass(String tokenClass) {
- return SUPPORTED_TOKEN_NAMES.contains(tokenClass);
Review comment:
I think this was intended as part of the design to eventually support
multi-tiered authentication, just like the `passwd` entry in Linux's
`/etc/nsswitch.conf` can include an ordered list of authentication storage
mechanisms or (at a higher level) PAM can be configured to use multiple
authentication modules. In order to support this, it's necessary for modules to
be able to declare what kinds of tokens they are able to understand. This isn't
currently implemented, and can probably be done better, and may not be the best
design anyway, so probably okay to remove regardless, as long as it's really
not being used. Might want to double-check that callers aren't now getting the
parent class' implementation of this method instead, though.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
