[jira] [Commented] (DRILL-8223) Refactor auth modes dropping DRILL_PROCESS and allowing credential providers everywhere

Mon, 23 May 2022 11:18:06 -0700 


    [ 
https://issues.apache.org/jira/browse/DRILL-8223?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17541081#comment-17541081
 ] 

ASF GitHub Bot commented on DRILL-8223:
---------------------------------------

jnturton opened a new pull request, #2559:
URL: https://github.com/apache/drill/pull/2559

   # [DRILL-8223](https://issues.apache.org/jira/browse/DRILL-8223): Change JDK 
17 Docker base image from Oracle Linux to Debian.
   
   ## Description
   
   The change is made in order to remain consistent with the OS in the base 
images for JDK 8 and 11 since users may have derived
   from the Drill Dockerfile or written other scripts that assume a Debian-like 
OS inside the Docker image.
   
   ## Documentation
   No changes.
   
   ## Testing
   Build a Docker image using the new base image in this PR, then start it and 
run some queries.  
   




> Refactor auth modes dropping DRILL_PROCESS and allowing credential providers 
> everywhere
> ---------------------------------------------------------------------------------------
>
>                 Key: DRILL-8223
>                 URL: https://issues.apache.org/jira/browse/DRILL-8223
>             Project: Apache Drill
>          Issue Type: Improvement
>          Components: Security
>    Affects Versions: 2.0.0
>            Reporter: James Turton
>            Assignee: James Turton
>            Priority: Major
>             Fix For: 2.0.0
>
>
> Remove the abstract CredentialedStoragePluginConfig (formerly 
> AbstractSecuredStoragePluginConfig) class and promote the credential provider 
> members to the parent StoragePluginConfig. Since having a credential provider 
> provider is optional, there is no harm in giving the capability to every 
> plugin's config.
> Drop the DRILL_PROCESS auth mode since this case is adequately covered by 
> using SHARED_USER with no credentials specified.
> Bug fix. In storage-jdbc and when there are no JDBC credentials for the query 
> user, only forgo an attempt to connect if the auth mode is USER_TRANSLATION. 
> If it is SHARED_USER, proceed with an attempt to connect (examples of this 
> case are unsecured DBs and BigQuery which requires OAuth tokens in the JDBC 
> URL instead of a JDBC username and password).



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

Reply via email to