Github user chunhui-shi commented on a diff in the pull request:
https://github.com/apache/drill/pull/578#discussion_r78798093
--- Diff:
exec/java-exec/src/main/java/org/apache/drill/exec/rpc/user/UserServer.java ---
@@ -246,28 +154,80 @@ protected void handle(UserClientConnectionImpl
connection, int rpcType, ByteBuf
public class UserClientConnectionImpl extends RemoteConnection
implements UserClientConnection {
private UserSession session;
+ private SaslServer saslServer;
+ private RequestHandler<UserClientConnectionImpl> currentHandler;
+ private UserToBitHandshake inbound;
public UserClientConnectionImpl(SocketChannel channel) {
super(channel, "user client");
+ currentHandler = authFactory == null ? handler : new
UserServerAuthenticationHandler(handler);
}
void disableReadTimeout() {
getChannel().pipeline().remove(BasicServer.TIMEOUT_HANDLER);
}
- void setUser(final UserToBitHandshake inbound) throws IOException {
+ void setHandshake(final UserToBitHandshake inbound) throws IOException
{
+ this.inbound = inbound;
+ }
+
+ void initSaslServer(final String mechanismName, final Map<String, ?>
properties)
+ throws IllegalStateException, SaslException {
+ if (saslServer != null) {
+ throw new IllegalStateException("SASL server already
initialized.");
+ }
+ this.saslServer = authFactory.getMechanism(mechanismName)
--- End diff --
It should be the responsibility of class AuthenticationMechanismFactory to
decide what mechanism to provide. Right? So AuthenticationMechanismFactory may
also need 'properties' to decide what mechanism to ask for. E.g. Some company
may want connections from out of VPN or in VPN to use different mechanisms.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
