CalvinKirs opened a new pull request, #40113:
URL: https://github.com/apache/doris/pull/40113
## abstract
introduces the pluginization of the Authenticator component, enabling
greater flexibility and modularity within the authentication system. By
refactoring the Authenticator into a pluggable SPI (Service Provider
Interface), we allow for custom authentication mechanisms to be seamlessly
integrated and managed.
## Key Changes
AuthenticatorFactory Interface:
Defined a new AuthenticatorFactory interface to standardize the creation of
Authenticator instances. The interface includes methods to create Authenticator
instances based on configuration (ConfigBase) and to return a unique identifier
for each factory (e.g., "ldap", "default"). The interface also provides a
method getAuthenticatorConfig() to retrieve default configuration templates,
aiding in the initialization process. Factory Identifier:
Each AuthenticatorFactory implementation must provide a unique identifier.
This allows for easy registration and retrieval of specific Authenticator
implementations based on the factory identifier. Configuration Management:
The getAuthenticatorConfig() method returns a ConfigBase instance, providing
a default configuration that can be used or modified before creating an
Authenticator. Benefits
Modularity: Authentication logic is now decoupled from the core system,
making it easier to extend and maintain. Flexibility: Different authentication
strategies (e.g., LDAP, default, etc.) can be easily added or swapped without
altering the core codebase. Customization: Users can define custom
Authenticator implementations and configure them as needed, enabling a more
tailored authentication process.
## eg
In your Maven pom.xml, add the fe-core dependency:
```
<dependency>
<groupId>org.apache.doris</groupId>
<artifactId>fe-core</artifactId>
<version>1.2-SNAPSHOT</version>
<scope>provided</scope>
</dependency>
```
```
import org.apache.doris.common.ConfigBase;
public class LocalAuthenticatorFactory implements AuthenticatorFactory {
@Override
public Authenticator create(ConfigBase config) {
// No need to use config for this simple example
return new LocalAuthenticator();
}
@Override
public String factoryIdentifier() {
return "local";
}
@Override
public ConfigBase getAuthenticatorConfig() {
// Returning a new instance of LocalConfig, which could be
customized if needed
return new LocalConfig();
}
}
import java.util.HashMap;
import java.util.Map;
public class LocalAuthenticator implements Authenticator {
private Map<String, String> userStore = new HashMap<>();
public LocalAuthenticator() {
// Hardcoded usernames and passwords
userStore.put("user1", "password1");
userStore.put("user2", "password2");
userStore.put("admin", "adminpass");
}
@Override
public boolean authenticate(String username, String password) {
// Authenticate by checking the hardcoded user store
String storedPassword = userStore.get(username);
return storedPassword != null && storedPassword.equals(password);
}
}
import org.apache.doris.common.ConfigBase;
public class LocalConfig extends ConfigBase {
// Configuration options could be added here if needed
}
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org
For additional commands, e-mail: commits-h...@doris.apache.org
