Github user laurentgo commented on a diff in the pull request: https://github.com/apache/drill/pull/578#discussion_r99887378 --- Diff: exec/java-exec/src/main/java/org/apache/drill/exec/rpc/control/ControlClient.java --- @@ -89,14 +90,48 @@ public MessageLite getResponseDefaultInstance(int rpcType) throws RpcException { } @Override - protected Response handle(ControlConnection connection, int rpcType, ByteBuf pBody, ByteBuf dBody) throws RpcException { - return handler.handle(connection, rpcType, pBody, dBody); + protected void handle(ControlConnection connection, int rpcType, ByteBuf pBody, ByteBuf dBody, + ResponseSender sender) throws RpcException { + connection.getCurrentHandler().handle(connection, rpcType, pBody, dBody, sender); } @Override protected void validateHandshake(BitControlHandshake handshake) throws RpcException { if (handshake.getRpcVersion() != ControlRpcConfig.RPC_VERSION) { - throw new RpcException(String.format("Invalid rpc version. Expected %d, actual %d.", handshake.getRpcVersion(), ControlRpcConfig.RPC_VERSION)); + throw new RpcException(String.format("Invalid rpc version. Expected %d, actual %d.", + handshake.getRpcVersion(), ControlRpcConfig.RPC_VERSION)); + } + + if (handshake.getAuthenticationMechanismsCount() != 0) { // remote requires authentication + if (config.getAuthProvider() == null) { + throw new RpcException(String.format("Drillbit (%s) requires auth, but auth is not configured.", + remoteEndpoint.getAddress())); + } + if (!handshake.getAuthenticationMechanismsList().contains(config.getAuthMechanismToUse())) { + throw new RpcException(String.format("Drillbit (%s) does not support %s", remoteEndpoint.getAddress(), + config.getAuthMechanismToUse())); + } + + final SaslClient saslClient; + try { + saslClient = config.getAuthProvider() + .getAuthenticatorFactory(config.getAuthMechanismToUse()) + .createSaslClient(UserGroupInformation.getLoginUser(), + config.getSaslClientProperties(remoteEndpoint)); + } catch (final SaslException e) { + throw new RpcException("Failed to create SaslClient.", e); + } catch (final IOException e) { + throw new RpcException("Unexpected failure trying to login.", e); + } + if (saslClient == null) { --- End diff -- is it even possible? I'm assuming that createSaslClient would throw in case of error...
--- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---