njnu-seafish commented on code in PR #18384:
URL:
https://github.com/apache/dolphinscheduler/pull/18384#discussion_r3526166079
##########
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java:
##########
@@ -101,6 +103,20 @@ public class UsersServiceImpl extends BaseServiceImpl
implements UsersService {
@Autowired
private SessionService sessionService;
+ @Value("${security.authentication.type:PASSWORD}")
+ private String securityAuthenticationType =
AuthenticationType.PASSWORD.name();
+
+ @Value("${security.authentication.oauth2.enable:false}")
+ private boolean oauth2Enabled;
+
+ private boolean isPasswordManagementDisabled() {
+ if (oauth2Enabled) {
+ return true;
+ }
+ return StringUtils.isNotBlank(securityAuthenticationType)
+ &&
!AuthenticationType.PASSWORD.name().equals(securityAuthenticationType);
+ }
Review Comment:
> This is an incompatible modification and needs to be added to the
document. `docs/docs/en/guide/upgrade/incompatible.md`
`docs/docs/zh/guide/upgrade/incompatible.md`
>
> When `security.authentication.type = password` and `oauth2.enable=true` at
the same time, it will lead to confusion for users, so we should add a unified
type for users to choose.
This is actually a separate issue. I plan to create a new issue to handle it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]