You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@linkis.apache.org by GitBox <gi...@apache.org> on 2021/11/26 07:33:29 UTC
[GitHub] [incubator-linkis] peacewong commented on a change in pull request #1117: add simple and kerberos auth type for linkis jdbc
peacewong commented on a change in pull request #1117:
URL: https://github.com/apache/incubator-linkis/pull/1117#discussion_r757279716
##########
File path: linkis-engineconn-plugins/engineconn-plugins/jdbc/src/main/java/org/apache/linkis/manager/engineplugin/jdbc/ConnectionManager.java
##########
@@ -160,18 +205,148 @@ public Connection getConnection(Map<String, String> properties) throws SQLExcept
return dataSource.getConnection();
}
- public void close() {
- for (DataSource dataSource: this.databaseToDataSources.values()) {
+ private String getJdbcUrl(Map<String, String> properties) throws SQLException {
+ String url = properties.get("jdbc.url");
+ if (StringUtils.isEmpty(url)) {
+ throw new SQLException("jdbc.url is not empty.");
+ }
+ url = clearUrl(url);
+ validateURL(url);
+ return url.trim();
+ }
+
+ private boolean isUsernameAuthType(Map<String, String> properties) {
+ return "USERNAME".equals(getJdbcAuthType(properties));
+ }
+
+ private boolean isKerberosAuthType(Map<String, String> properties) {
+ return "KERBEROS".equals(getJdbcAuthType(properties));
Review comment:
Can USERNAME/KERBEROS/SIMPLE be defined as a constant
##########
File path: linkis-engineconn-plugins/engineconn-plugins/jdbc/src/main/java/org/apache/linkis/manager/engineplugin/jdbc/ConnectionManager.java
##########
@@ -160,18 +205,148 @@ public Connection getConnection(Map<String, String> properties) throws SQLExcept
return dataSource.getConnection();
}
- public void close() {
- for (DataSource dataSource: this.databaseToDataSources.values()) {
+ private String getJdbcUrl(Map<String, String> properties) throws SQLException {
+ String url = properties.get("jdbc.url");
+ if (StringUtils.isEmpty(url)) {
+ throw new SQLException("jdbc.url is not empty.");
+ }
+ url = clearUrl(url);
+ validateURL(url);
+ return url.trim();
+ }
+
+ private boolean isUsernameAuthType(Map<String, String> properties) {
+ return "USERNAME".equals(getJdbcAuthType(properties));
+ }
+
+ private boolean isKerberosAuthType(Map<String, String> properties) {
+ return "KERBEROS".equals(getJdbcAuthType(properties));
+ }
+
+ private String getJdbcAuthType(Map<String, String> properties) {
+ return properties.getOrDefault("jdbc.auth.type", "USERNAME").trim().toUpperCase();
+ }
+
+ private void createKerberosSecureConfiguration(Map<String, String> properties) {
+ Configuration conf = new Configuration();
+ conf.set(HADOOP_SECURITY_AUTHENTICATION, KERBEROS.toString());
+ UserGroupInformation.setConfiguration(conf);
+ try {
+ if (!UserGroupInformation.isSecurityEnabled()
+ || UserGroupInformation.getCurrentUser().getAuthenticationMethod() != KERBEROS
Review comment:
It is better to define Kerberos-related refresh and creation as a separate interface, without modifying the previous code file
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscribe@linkis.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@linkis.apache.org
For additional commands, e-mail: dev-help@linkis.apache.org