Akanksha-kedia commented on PR #17508: URL: https://github.com/apache/pinot/pull/17508#issuecomment-3853071332
Thank you for clarifying! I understand that: 1. Servers don't have AuthenticationFilter by design (internal components) 2. My implementation with @Authorize and validateDataAccess() is correct 3. Direct server testing shows no auth (expected - no filter present) The authorization code provides defense-in-depth and will enforce when authentication infrastructure is present (controller, integration tests, or if auth is added to servers in future). Implementation complete and follows Pinot's authorization patterns. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
