apucher commented on a change in pull request #7653:
URL: https://github.com/apache/pinot/pull/7653#discussion_r745150036
##########
File path:
pinot-core/src/main/java/org/apache/pinot/server/access/AccessControl.java
##########
@@ -27,6 +28,13 @@
@InterfaceStability.Stable
public interface AccessControl {
+ /**
+ *
+ * @param channelHandlerContext netty tls context
+ * @return Whether the client has access to query server
+ */
+ boolean hasQueryServerAccess(ChannelHandlerContext channelHandlerContext);
+
Review comment:
there are two scenarios here:
* broker - server
* presto - server (afaik this is exposed throught grpc right now)
If we implement application-layer authentication on the server, then we have
to cover both cases. Right now, only transport layer security is supported via
SSL certs.
The "cert-based check" mingles transport-layer and application-layer
authentication. It also inverts the config dependency between servers and
brokers, i.e. the servers have to know about the brokers' identities. This
makes it tricky to handle dynamic reconfiguration, e.g. autoscaling. The
alternative to checking "who I am" is to check "what I have", i.e. a token of
some sort that can be pre-distributed.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org
For additional commands, e-mail: commits-h...@pinot.apache.org
