granewang commented on code in PR #6778:
URL: https://github.com/apache/gravitino/pull/6778#discussion_r2020654532
##########
server-common/src/main/java/org/apache/gravitino/server/authentication/KerberosAuthenticator.java:
##########
@@ -168,7 +168,7 @@ private Principal retrievePrincipalFromToken(String
serverPrincipal, byte[] clie
throw new UnauthorizedException("GssContext isn't established",
challenge);
}
- // Usually principal names are in the form 'user/instance@REALM' or
'user@REALM'.
+ // Principal names include the realm suffix (e.g., 'user/instance@REALM'
or 'user@REALM')
Review Comment:
> You can also add the comment.
>
> ```
> Realm is optional, too. If you don't specify the realm, the realm is the
default realm.
> ```
Before the code modification, in the cluster environment I tested, the
default_realm was configured in the krb5.conf file. However, using the
principal in the format of user/instance@REALM resulted in the error, while the
format of user@REALM did not.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
