Comments (13)
/unresolved this timeout improvement is good news, but doesnt address the real problem i have with running in avd's that have identity assigned out of my control or give no opportunity to opt out of their implementation of deafaultazurecredentialoptions. still think this should be considered
from azure-sdk-for-net.
@christothes as i linked originally https://github.com/dotnet/SqlClient/blob/9811c657db1cd1ddc270addc9221579df32af6ba/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/ActiveDirectoryAuthenticationProvider.cs#L152 is a library from MS that gives me NO opportunity to configure the DefaultAzureCredentialOptions in the way you have suggested....there are MANY cases like this as people have built their own libraries and utilities on top of Azure.Identity that hide/encapsulate any ability to modify DefaultAzureCredentialOptions as youve have suggested.
Again this is really best made available in ALL the runtimes .net java etc, but .net is the most pressing for me, java a close second.
so please take a moment to fully understand the problem, then consider the suggestion fully.
from azure-sdk-for-net.
DefaultAzureCredential is configurable via the AccessTokenCallback feature. Does that not work for your scenario?
by reducing my broader set of scenarios down to this one specific case i can answer your misleading question (not far from "have you stopped beating your wife yet?") with a yes but that is because you limited my scenarios to a single case where i have access to change the code up to an including changing the Sql Data Client to a version that includes the AccessTokenCallabck which was only made available very recently. Prior to that 5.2 version it served as a great example of why not having an environment variable control is so limiting, prior to this recent addition i could not answer yes.
other library authors have encapsulated their use of Azure Identity libs the same as Sql Data Client did prior to 5.2 with no direct way to adjust their behaviour.
Further as mentioned initially specific runtime environments (like an azure virtual desktop where managed identity has been defined) make it so running compiled code based on azure-identity forces the use of the managed identity token.
the AccessTokenCallback feature CAN NOT address the breadth of scenarios that an environment variable could, and it's that breadth that i'm after with this feature request.
from azure-sdk-for-net.
we can't control scenarios where other libraries encapsulate the use of this credential without exposing any way to configure it
if you supported an environment variable, you could. also you continue to reduce my scenarios to serve your viewpoint. It's not just libraries...it's apps running in environments where managed identity is present but NOT the desired identity to leverage.
I get the desire to decrease complexity, but wish you'd reconsider given the quick ubiquity this lib is achieving across multiple runtimes. I'm likely just ahead of the curve here.
from azure-sdk-for-net.
Thank you for your feedback. Tagging and routing to the team member best able to assist.
from azure-sdk-for-net.
This change will ship tomorrow and should mitigate the long timeout.
from azure-sdk-for-net.
Hi @drdamour. Thank you for opening this issue and giving us the opportunity to assist. We believe that this has been addressed. If you feel that further discussion is needed, please add a comment with the text "/unresolve" to remove the "issue-addressed" label and continue the conversation.
from azure-sdk-for-net.
Hi @drdamour
If you want a to disable managed identity credential even when deployed, then set the ExcludeManagedIdentityCredential
property in the DefaultAzureCredentialOptions
.
from azure-sdk-for-net.
Hi @drdamour. Thank you for opening this issue and giving us the opportunity to assist. To help our team better understand your issue and the details of your scenario please provide a response to the question asked above or the information requested above. This will help us more accurately address your issue.
from azure-sdk-for-net.
@christothes as i linked originally https://github.com/dotnet/SqlClient/blob/9811c657db1cd1ddc270addc9221579df32af6ba/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/ActiveDirectoryAuthenticationProvider.cs#L152 is a library from MS that gives me NO opportunity to configure the DefaultAzureCredentialOptions in the way you have suggested....there are MANY cases like this as people have built their own libraries and utilities on top of Azure.Identity that hide/encapsulate any ability to modify DefaultAzureCredentialOptions as youve have suggested.
Again this is really best made available in ALL the runtimes .net java etc, but .net is the most pressing for me, java a close second.
so please take a moment to fully understand the problem, then consider the suggestion fully.
DefaultAzureCredential is configurable via the AccessTokenCallback feature. Does that not work for your scenario?
from azure-sdk-for-net.
Hi @drdamour. Thank you for opening this issue and giving us the opportunity to assist. To help our team better understand your issue and the details of your scenario please provide a response to the question asked above or the information requested above. This will help us more accurately address your issue.
from azure-sdk-for-net.
Hi @drdamour, we're sending this friendly reminder because we haven't heard back from you in 7 days. We need more information about this issue to help address it. Please be sure to give us your input. If we don't hear back from you within 14 days of this comment the issue will be automatically closed. Thank you!
from azure-sdk-for-net.
Thanks for confirming the new feature in SQLClient does allow configuration.
As for other scenarios, I'm hesitant to add another way to configure DefaultAzureCredential
as the options are already quite complicated. Unfortunately, we can't control scenarios where other libraries encapsulate the use of this credential without exposing any way to configure it.
from azure-sdk-for-net.
Related Issues (20)
- Exception Information Missing HOT 1
- [QUERY] Is there a way to specify the api version in SAS Token? HOT 1
- [FEATURE REQ]Add List and Put functions in EncryptionScopeResource HOT 1
- [QUERY] How to mock SubscriptionCollection resources. HOT 2
- [QUERY] Why is ShareAccessTier Premium missing from the .NET SDK HOT 1
- [QUERY] How to add new access policy to key vault without deleting all existing access policies? HOT 2
- [BUG]: Upgrade Azure.Identity Microsoft.Identity.Client to latest version to resolve security vulnerability HOT 2
- [QUERY] Azure.Identity 1.11.4: how to use WebView2 control? HOT 12
- [QUERY] What is happening with EventGridClient class? HOT 1
- How can we Enable/Disable APIs and Operations in Azure API Management Using .NET SDK and or in Portal HOT 1
- [BUG] Azure Service Bus Timeout instead of correct response: MessagingEntityNotFound HOT 7
- [AppConfig] Update Live Tests for Filter By Tags Feature
- [BUG] Azure.Search.Documents performs vector search successfully, but results are "null" HOT 1
- [QUERY] OpenAI Assistants V2 on Azure - Activate File search on assistant + specify file_ids in message's attachments HOT 4
- infinite lease via break? HOT 2
- [FEATURE REQ] Open Telemetry Sample Request HOT 2
- [BUG] API consistency issue, ManagedIdentityCredential() does not read default values from environment variables, like other Credentials. HOT 1
- [BUG] [OpenAI] ClientResultException 400 Bad Request calling `AzureChatClient.CompleteChatAsync` with PineconeChatDataSource HOT 1
- [FEATURE REQ] Support IsStored for any string field in Azure AI Search HOT 1
- [BUG]Failed to download PEM certificate from azure.keyvault with failure "The provided key does not match the public key for this certificate" HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azure-sdk-for-net.