[GitHub] [incubator-kyuubi] pan3793 commented on a diff in pull request #3235: [KYUUBI #3222] JDBC Authentication Provider for server

Tue, 16 Aug 2022 10:25:34 -0700 


pan3793 commented on code in PR #3235:
URL: https://github.com/apache/incubator-kyuubi/pull/3235#discussion_r947061360


##########
kyuubi-common/src/main/scala/org/apache/kyuubi/config/KyuubiConf.scala:
##########
@@ -645,6 +647,51 @@ object KyuubiConf {
       .stringConf
       .createWithDefault("uid")
 
+  val AUTHENTICATION_JDBC_DRIVER: OptionalConfigEntry[String] =
+    buildConf("kyuubi.authentication.jdbc.driver.class")
+      .doc("Driver class name for JDBC Authentication Provider.")
+      .version("1.6.0")
+      .stringConf
+      .createOptional
+
+  val AUTHENTICATION_JDBC_URL: OptionalConfigEntry[String] =
+    buildConf("kyuubi.authentication.jdbc.url")
+      .doc("JDBC URL for JDBC Authentication Provider.")
+      .version("1.6.0")
+      .stringConf
+      .createOptional
+
+  val AUTHENTICATION_JDBC_USERNAME: OptionalConfigEntry[String] =
+    buildConf("kyuubi.authentication.jdbc.username")
+      .doc("Database username for JDBC Authentication Provider.")
+      .version("1.6.0")
+      .stringConf
+      .createOptional
+
+  val AUTHENTICATION_JDBC_PASSWORD: OptionalConfigEntry[String] =
+    buildConf("kyuubi.authentication.jdbc.password")
+      .doc("Database password for JDBC Authentication Provider.")
+      .version("1.6.0")
+      .stringConf
+      .createOptional
+
+  val AUTHENTICATION_JDBC_QUERY: OptionalConfigEntry[String] =
+    buildConf("kyuubi.authentication.jdbc.query")
+      .doc("Query SQL template with placeholders " +
+        "for JDBC Authentication Provider to execute. " +
+        "Authentication passes if at least one row fetched in the result set." 
+
+        "Available placeholders are: <ul>" +
+        "<li>`${username}`</li>" +
+        "<li>`${password}`</li></ul>" +
+        "eg.: query sql `SELECT 1 FROM auth_table WHERE user=${username} AND " 
+
+        "passwd=MD5(CONCAT(salt,${password}));` " +
+        "will be prepared as: `SELECT 1 FROM auth_table " +
+        "WHERE user=? AND passwd=MD5(CONCAT(salt,?));`" +
+        " with value replacement of `username` and `password` in string type.")
+      .version("1.6.0")
+      .stringConf
+      .createOptional

Review Comment:
   Maybe a default SQL is better. cc @yaooqinn @turboFei WDYT?
   
   `SELECT 1 FROM kyuubi_user WHERE user=${username} AND 
passwd=MD5(${password})`



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to