@@ -29,7 +29,20 @@ import scala.collection.JavaConverters._
2929
3030object FlussLakeUtils {
3131
32- private val SPARK_CATALOG_PREFIX = " spark.sql.catalog."
32+ /**
33+ * Paimon DLF supports multiple authentication schemes (see
34+ * https://paimon.apache.org/docs/1.3/concepts/rest/dlf/), allowing clients to freely choose the
35+ * appropriate method based on their runtime environment. However, the Fluss server does not
36+ * propagate auth configs for all scenarios. These keys are therefore overridden with the values
37+ * from the Catalog configuration, replacing whatever the Fluss server provides, so that clients
38+ * can use their preferred authentication method.
39+ */
40+ private val REMOVAL_KEYS = Set (
41+ " dlf.access-key-id" ,
42+ " dlf.access-key-secret" ,
43+ " dlf.security-token" ,
44+ " dlf.token-path" ,
45+ " dlf.token-loader" )
3346
3447 def createLakeSource (
3548 catalogProperties : util.Map [String , String ],
@@ -39,11 +52,14 @@ object FlussLakeUtils {
3952 val datalakeFormat = tableConfig.get(ConfigOptions .TABLE_DATALAKE_FORMAT )
4053 val dataLakePrefix = " table.datalake." + datalakeFormat + " ."
4154
55+ val rewriteProperties =
56+ PropertiesUtils .extractAndRemovePrefix(tableProperties, dataLakePrefix).asScala.filterNot {
57+ case (k, _) => REMOVAL_KEYS (k)
58+ } ++
59+ catalogProperties.asScala.filter { case (k, _) => REMOVAL_KEYS (k) }
60+
4261 val lakeConfig =
43- Configuration .fromMap(PropertiesUtils .extractAndRemovePrefix(tableProperties, dataLakePrefix))
44- catalogProperties.asScala.foreach {
45- case (k, v) => lakeConfig.setString(s " $SPARK_CATALOG_PREFIX$k" , v)
46- }
62+ Configuration .fromMap(rewriteProperties.asJava)
4763 val lakeStoragePlugin =
4864 LakeStoragePluginSetUp .fromDataLakeFormat(datalakeFormat.toString, null )
4965 val lakeStorage = lakeStoragePlugin.createLakeStorage(lakeConfig)
0 commit comments