You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@drill.apache.org by dz...@apache.org on 2022/01/03 08:09:11 UTC

[drill-site] 01/02: Remove unneeded Drill vault token from Vault auth doc page.

This is an automated email from the ASF dual-hosted git repository.

dzamo pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/drill-site.git

commit 4c1472f2162e5be1f15f1c1dff537c302056691e
Author: James Turton <ja...@somecomputer.xyz>
AuthorDate: Fri Dec 17 10:57:23 2021 +0200

    Remove unneeded Drill vault token from Vault auth doc page.
---
 .../securing-drill/085-configuring-vault-authentication.md             | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/_docs/en/configure-drill/securing-drill/085-configuring-vault-authentication.md b/_docs/en/configure-drill/securing-drill/085-configuring-vault-authentication.md
index 66eb11b..7c055f6 100644
--- a/_docs/en/configure-drill/securing-drill/085-configuring-vault-authentication.md
+++ b/_docs/en/configure-drill/securing-drill/085-configuring-vault-authentication.md
@@ -15,7 +15,7 @@ parent: "Securing Drill"
 | Username & Password | A built-in Vault method intended to authenticate users.                                                                                                                                                                                                                                               |
 | Token               | A built-in Vault method to validate a token created by an earlier Vault authentication. Drill uses the provided password as the Vault token. This is the only method for which Drill does not require its own Vault token to carry out authentication (see the security.user.auth.vault.token option) |
 
-To enable Drill's Vault authenticator, add the following configuration based on the example below to the `drill.exec` block in the `<DRILL_HOME>/conf/drill-override.conf` file and restart every Drillbit.
+Note that in the current implementation, Drill does not preserve the access token returned by Vault after a successful authentication.  It merely uses the success or failure status returned by Vault to decide whether user gets logged in.  To enable Drill's Vault authenticator, add the following configuration based on the example below to the `drill.exec` block in the `<DRILL_HOME>/conf/drill-override.conf` file and restart every Drillbit.
 
 ```hocon
 drill.exec: {
@@ -33,7 +33,6 @@ drill.exec: {
          packages += "org.apache.drill.exec.rpc.user.security",
          impl: "vault",
          vault.address: "http://localhost:8200",
-         vault.token: "drill_vault_token_123",
          vault.method: "USER_PASS" # supported values: APP_ROLE, LDAP, USER_PASS, VAULT_TOKEN
   }
 }