[ https://issues.apache.org/jira/browse/DRILL-4335?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15970806#comment-15970806 ]
ASF GitHub Bot commented on DRILL-4335: --------------------------------------- Github user sohami commented on a diff in the pull request: https://github.com/apache/drill/pull/773#discussion_r111710374 --- Diff: exec/java-exec/src/main/java/org/apache/drill/exec/rpc/user/UserConnectionConfig.java --- @@ -34,32 +39,81 @@ private final UserServerRequestHandler handler; + // Total number of external DrillClient connection's on this server. + private static final Counter secureUserConnections = DrillMetrics.getRegistry() + .counter("drill.user.encrypted.connections"); + + private static final Counter insecureUserConnections = DrillMetrics.getRegistry() + .counter("drill.user.unencrypted.connections"); + UserConnectionConfig(BufferAllocator allocator, BootStrapContext context, UserServerRequestHandler handler) - throws DrillbitStartupException { + throws DrillbitStartupException { super(allocator, context); this.handler = handler; - if (context.getConfig().getBoolean(ExecConstants.USER_AUTHENTICATION_ENABLED)) { - if (getAuthProvider().getAllFactoryNames().isEmpty()) { + final DrillConfig config = context.getConfig(); + final AuthenticatorProvider authProvider = getAuthProvider(); + + if (config.getBoolean(ExecConstants.USER_AUTHENTICATION_ENABLED)) { + if (authProvider.getAllFactoryNames().isEmpty()) { throw new DrillbitStartupException("Authentication enabled, but no mechanisms found. Please check " + - "authentication configuration."); + "authentication configuration."); --- End diff -- Thanks for the info. I have set the IDE settings and made the formatting changes in other places as well. > Apache Drill should support network encryption > ---------------------------------------------- > > Key: DRILL-4335 > URL: https://issues.apache.org/jira/browse/DRILL-4335 > Project: Apache Drill > Issue Type: New Feature > Reporter: Keys Botzum > Assignee: Sorabh Hamirwasia > Labels: security > Attachments: ApacheDrillEncryptionUsingSASLDesign.pdf > > > This is clearly related to Drill-291 but wanted to make explicit that this > needs to include network level encryption and not just authentication. This > is particularly important for the client connection to Drill which will often > be sending passwords in the clear until there is encryption. -- This message was sent by Atlassian JIRA (v6.3.15#6346)