[
https://issues.apache.org/jira/browse/DRILL-8223?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17537281#comment-17537281
]
ASF GitHub Bot commented on DRILL-8223:
---------------------------------------
cgivre commented on PR #2547:
URL: https://github.com/apache/drill/pull/2547#issuecomment-1127089235
@jnturton Thank you very much for this PR. Could we merge
[DRILL-8220](https://github.com/apache/drill/pull/2544) prior to merging this
PR? It has some modifications to the HTTP plugin that are relevant.
> Refactor auth modes dropping DRILL_PROCESS and allowing credential providers
> everywhere
> ---------------------------------------------------------------------------------------
>
> Key: DRILL-8223
> URL: https://issues.apache.org/jira/browse/DRILL-8223
> Project: Apache Drill
> Issue Type: Improvement
> Components: Security
> Affects Versions: 2.0.0
> Reporter: James Turton
> Assignee: James Turton
> Priority: Major
> Fix For: 2.0.0
>
>
> Remove the abstract CredentialedStoragePluginConfig (formerly
> AbstractSecuredStoragePluginConfig) class and promote the credential provider
> members to the parent StoragePluginConfig. Since having a credential provider
> provider is optional, there is no harm in giving the capability to every
> plugin's config.
> Drop the DRILL_PROCESS auth mode since this case is adequately covered by
> using SHARED_USER with no credentials specified.
> Bug fix. In storage-jdbc and when there are no JDBC credentials for the query
> user, only forgo an attempt to connect if the auth mode is USER_TRANSLATION.
> If it is SHARED_USER, proceed with an attempt to connect (examples of this
> case are unsecured DBs and BigQuery which requires OAuth tokens in the JDBC
> URL instead of a JDBC username and password).
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
