jtuglu1 commented on PR #19236: URL: https://github.com/apache/druid/pull/19236#issuecomment-4208166528
> I reviewed the core changes only, focusing on trying to understand the security properties of the changes. > > I wonder what your thoughts are on an alternate design that keeps the vended credentials inside the input source itself: > > * Add a new method to `InputSource` like `scopeForUser(AuthenticationResult authResult)`. Default implementation is `return this` > * Whenever a task is submitted, call `scopeForUser` on all of its input sources at whichever service initially accepts the task (either Broker [for SQL DML] or Overlord [for anything else]). > * The `IcebergInputSource` would implement `scopeForUser` to fetch the vended credentials and transform itself into an input source that bakes in the vended credentials. It would use a `PasswordProvider` so it is redactable. > > The idea would be to avoid the need for a new credential vending system in core, putting most of the changes inside the Iceberg extension instead. Are you proposing pushing the vending of credentials using an identity to the broker/overlord prior to task submission? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
