[GitHub] [incubator-kyuubi] bowenliang123 commented on a diff in pull request #3235: [KYUUBI #3222] JDBC Authentication Provider for server

Tue, 16 Aug 2022 10:30:37 -0700 


bowenliang123 commented on code in PR #3235:
URL: https://github.com/apache/incubator-kyuubi/pull/3235#discussion_r947064029


##########
kyuubi-common/src/main/scala/org/apache/kyuubi/config/KyuubiConf.scala:
##########
@@ -645,6 +647,51 @@ object KyuubiConf {
       .stringConf
       .createWithDefault("uid")
 
+  val AUTHENTICATION_JDBC_DRIVER: OptionalConfigEntry[String] =
+    buildConf("kyuubi.authentication.jdbc.driver.class")
+      .doc("Driver class name for JDBC Authentication Provider.")
+      .version("1.6.0")
+      .stringConf
+      .createOptional
+
+  val AUTHENTICATION_JDBC_URL: OptionalConfigEntry[String] =
+    buildConf("kyuubi.authentication.jdbc.url")
+      .doc("JDBC URL for JDBC Authentication Provider.")
+      .version("1.6.0")
+      .stringConf
+      .createOptional
+
+  val AUTHENTICATION_JDBC_USERNAME: OptionalConfigEntry[String] =
+    buildConf("kyuubi.authentication.jdbc.username")
+      .doc("Database username for JDBC Authentication Provider.")
+      .version("1.6.0")
+      .stringConf
+      .createOptional
+
+  val AUTHENTICATION_JDBC_PASSWORD: OptionalConfigEntry[String] =
+    buildConf("kyuubi.authentication.jdbc.password")
+      .doc("Database password for JDBC Authentication Provider.")
+      .version("1.6.0")
+      .stringConf
+      .createOptional
+
+  val AUTHENTICATION_JDBC_QUERY: OptionalConfigEntry[String] =
+    buildConf("kyuubi.authentication.jdbc.query")
+      .doc("Query SQL template with placeholders " +
+        "for JDBC Authentication Provider to execute. " +
+        "Authentication passes if at least one row fetched in the result set." 
+
+        "Available placeholders are: <ul>" +
+        "<li>`${username}`</li>" +
+        "<li>`${password}`</li></ul>" +
+        "eg.: query sql `SELECT 1 FROM auth_table WHERE user=${username} AND " 
+
+        "passwd=MD5(CONCAT(salt,${password}));` " +
+        "will be prepared as: `SELECT 1 FROM auth_table " +
+        "WHERE user=? AND passwd=MD5(CONCAT(salt,?));`" +
+        " with value replacement of `username` and `password` in string type.")
+      .version("1.6.0")
+      .stringConf
+      .createOptional

Review Comment:
   A default sql may be not a proper way to suggest. Explict query sql is the 
key to make use of db , including the hash or encrypt/decrypt funcion, the 
table(s) for authentication.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to