tdg5 commented on a change in pull request #34745:
URL: https://github.com/apache/spark/pull/34745#discussion_r758587271
##########
File path:
sql/core/src/main/scala/org/apache/spark/sql/execution/datasources/jdbc/connection/BasicConnectionProvider.scala
##########
@@ -48,4 +48,12 @@ private[jdbc] class BasicConnectionProvider extends
JdbcConnectionProvider with
logDebug(s"JDBC connection initiated with URL: ${jdbcOptions.url} and
properties: $properties")
driver.connect(jdbcOptions.url, properties)
}
+
+ override def needsModifySecurityConfiguration(
+ driver: Driver,
+ options: Map[String, String]
+ ): Boolean = {
+ val jdbcOptions = new JDBCOptions(options)
+ jdbcOptions.keytab != null && jdbcOptions.principal != null
Review comment:
This could also just return `false` (based on the logic in `canHandle`),
but I'm kind of confused about what's going on here. [This
doc](https://github.com/apache/spark/blob/master/sql/core/src/main/scala/org/apache/spark/sql/jdbc/README.md#:~:text=Built%2Din%20CPs%20added%20which%20support%20kerberos%20authentication%20using%20keytab%20and%20principal)
suggests that built-in CPs support kerberos auth, but if I understand
correctly that should require a `keytab` and `principal`. I'm inclined to
believe that this `JdbcConnectionProvider` doesn't actually support kerberos
auth, but maybe I'm misunderstanding.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
