Return-Path: <issues-return-41073-archive-asf-public=cust-asf.ponee.io@drill.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 1C8BB200C7F
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Wed, 24 May 2017 09:09:10 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 1B9E5160B9C; Wed, 24 May 2017 07:09:10 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 6254B160BB4
	for <archive-asf-public@cust-asf.ponee.io>; Wed, 24 May 2017 09:09:09 +0200 (CEST)
Received: (qmail 78645 invoked by uid 500); 24 May 2017 07:09:08 -0000
Mailing-List: contact issues-help@drill.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:issues-help@drill.apache.org>
List-Unsubscribe: <mailto:issues-unsubscribe@drill.apache.org>
List-Post: <mailto:issues@drill.apache.org>
List-Id: <issues.drill.apache.org>
Reply-To: dev@drill.apache.org
Delivered-To: mailing list issues@drill.apache.org
Received: (qmail 78636 invoked by uid 99); 24 May 2017 07:09:08 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 24 May 2017 07:09:08 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id C830A1AFCDF
	for <issues@drill.apache.org>; Wed, 24 May 2017 07:09:07 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -100.002
X-Spam-Level: 
X-Spam-Status: No, score=-100.002 tagged_above=-999 required=6.31
	tests=[RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001,
	USER_IN_WHITELIST=-100] autolearn=disabled
Received: from mx1-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024)
	with ESMTP id Q0tIQorJhMa8 for <issues@drill.apache.org>;
	Wed, 24 May 2017 07:09:05 +0000 (UTC)
Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139])
	by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 63DD85F342
	for <issues@drill.apache.org>; Wed, 24 May 2017 07:09:05 +0000 (UTC)
Received: from jira-lw-us.apache.org (unknown [207.244.88.139])
	by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id A000CE0D2B
	for <issues@drill.apache.org>; Wed, 24 May 2017 07:09:04 +0000 (UTC)
Received: from jira-lw-us.apache.org (localhost [127.0.0.1])
	by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 585D521B59
	for <issues@drill.apache.org>; Wed, 24 May 2017 07:09:04 +0000 (UTC)
Date: Wed, 24 May 2017 07:09:04 +0000 (UTC)
From: "ASF GitHub Bot (JIRA)" <jira@apache.org>
To: issues@drill.apache.org
Message-ID: <JIRA.13069873.1494218642000.279896.1495609744360@Atlassian.JIRA>
In-Reply-To: <JIRA.13069873.1494218642000@Atlassian.JIRA>
References: <JIRA.13069873.1494218642000@Atlassian.JIRA> <JIRA.13069873.1494218642040@jira-lw-us.apache.org>
Subject: [jira] [Commented] (DRILL-5485) Remove WebServer dependency on
 DrillClient
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394
archived-at: Wed, 24 May 2017 07:09:10 -0000


    [ https://issues.apache.org/jira/browse/DRILL-5485?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16022422#comment-16022422 ] 

ASF GitHub Bot commented on DRILL-5485:
---------------------------------------

Github user sohami commented on a diff in the pull request:

    https://github.com/apache/drill/pull/829#discussion_r118177282
  
    --- Diff: exec/java-exec/src/main/java/org/apache/drill/exec/work/prepare/PreparedStatementProvider.java ---
    @@ -59,20 +43,29 @@
     import org.apache.drill.exec.proto.UserProtos.ResultColumnMetadata;
     import org.apache.drill.exec.proto.UserProtos.RpcType;
     import org.apache.drill.exec.proto.UserProtos.RunQuery;
    +import org.apache.drill.exec.rpc.AbstractUserClientConnectionWrapper;
     import org.apache.drill.exec.rpc.Acks;
     import org.apache.drill.exec.rpc.Response;
     import org.apache.drill.exec.rpc.ResponseSender;
     import org.apache.drill.exec.rpc.RpcOutcomeListener;
    -import org.apache.drill.exec.rpc.user.UserServer.UserClientConnection;
    +import org.apache.drill.exec.rpc.UserClientConnection;
     import org.apache.drill.exec.rpc.user.UserSession;
     import org.apache.drill.exec.store.ischema.InfoSchemaConstants;
     import org.apache.drill.exec.work.user.UserWorker;
     import org.joda.time.Period;
     
    -import com.google.common.collect.ImmutableMap;
    +import java.math.BigDecimal;
    +import java.net.SocketAddress;
    +import java.sql.Date;
    +import java.sql.ResultSetMetaData;
    +import java.sql.Time;
    +import java.sql.Timestamp;
    +import java.util.List;
    +import java.util.Map;
    +import java.util.UUID;
     
    -import io.netty.buffer.ByteBuf;
    -import io.netty.channel.ChannelFuture;
    +import static org.apache.drill.exec.ExecConstants.CREATE_PREPARE_STATEMENT_TIMEOUT_MILLIS;
    +import static org.apache.drill.exec.proto.UserProtos.RequestStatus.*;
    --- End diff --
    
    Fixed


> Remove WebServer dependency on DrillClient
> ------------------------------------------
>
>                 Key: DRILL-5485
>                 URL: https://issues.apache.org/jira/browse/DRILL-5485
>             Project: Apache Drill
>          Issue Type: Improvement
>          Components: Web Server
>            Reporter: Sorabh Hamirwasia
>             Fix For: 1.11.0
>
>
> With encryption support using SASL, client's won't be able to authenticate using PLAIN mechanism when encryption is enabled on the cluster. Today WebServer which is embedded inside Drillbit creates a DrillClient instance for each WebClient session. And the WebUser is authenticated as part of authentication between DrillClient instance and Drillbit using PLAIN mechanism. But with encryption enabled this will fail since encryption doesn't support authentication using PLAN mechanism, hence no WebClient can connect to a Drillbit. There are below issues as well with this approach:
> 1) Since DrillClient is used per WebUser session this is expensive as it has heavyweight RPC layer for DrillClient and all it's dependencies. 
> 2) If the Foreman for a WebUser is also selected to be a different node then there will be extra hop of transferring data back to WebClient.
> To resolve all the above issue it would be better to authenticate the WebUser locally using the Drillbit on which WebServer is running without creating DrillClient instance. We can use the local PAMAuthenticator to authenticate the user. After authentication is successful the local Drillbit can also serve as the Foreman for all the queries submitted by WebUser. This can be achieved by submitting the query to the local Drillbit Foreman work queue. This will also remove the requirement to encrypt the channel opened between WebServer (DrillClient) and selected Drillbit since with this approach there won't be any physical channel opened between them.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)