[ldap] update ldap ssl

docs/admin-manual/auth/authentication/ldap.md

@@ -84,34 +84,44 @@ You can enable the cleartext authentication plugin using either method:
 
 **JDBC Client**
 
-When connecting via JDBC, you need a custom authentication plugin to bypass SSL restrictions:
+1. Doris SSL Not Enabled
 
-1. Create a custom plugin class that extends `MysqlClearPasswordPlugin` and overrides the `requiresConfidentiality()` method:
+  When Doris SSL is not enabled, you need to create a custom authentication plugin to bypass SSL restrictions when using JDBC connections:
 
-   ```java
-   public class MysqlClearPasswordPluginWithoutSSL extends MysqlClearPasswordPlugin {
-     @Override
-     public boolean requiresConfidentiality() {
-       return false;
-     }
-   }
-   ```
+  1. Create a custom plugin class that extends `MysqlClearPasswordPlugin` and overrides the `requiresConfidentiality()` method:
 
-   Refer to the examples in [this repository](https://github.com/morningman/doris-debug-tools/tree/main/jdbc-test). Or execute `build-auth-plugin.sh` to directly generate the plugin jar file. Then place it in the specified client location.
+    ```java
+    public class MysqlClearPasswordPluginWithoutSSL extends MysqlClearPasswordPlugin {
+      @Override
+      public boolean requiresConfidentiality() {
+        return false;
+      }
+    }
+    ```
 
-2. Configure the custom plugin in the JDBC connection URL (replace `xxx` with the actual package name):
+  2. Configure the custom plugin in the JDBC connection URL (replace `xxx` with your actual package name):
 
-   ```sql
-   jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase?authenticationPlugins=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&defaultAuthenticationPlugin=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&disabledAuthenticationPlugins=com.mysql.jdbc.authentication.MysqlClearPasswordPlugin";
-   ```
+    ```sql
+    jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase?authenticationPlugins=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&defaultAuthenticationPlugin=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&disabledAuthenticationPlugins=com.mysql.jdbc.authentication.MysqlClearPasswordPlugin";
+    ```
+
+    Description of the three required properties:
 
-   Three properties to configure:
+    | Property | Description |
+    | --- | --- |
+    | `authenticationPlugins` | Register the custom cleartext authentication plugin |
+    | `defaultAuthenticationPlugin` | Set the custom plugin as the default authentication plugin |
+    | `disabledAuthenticationPlugins` | Disable the original cleartext authentication plugin (which mandates SSL) |
 
-   | Property | Description |
-   | --- | --- |
-   | `authenticationPlugins` | Register the custom cleartext authentication plugin |
-   | `defaultAuthenticationPlugin` | Set the custom plugin as the default authentication plugin |
-   | `disabledAuthenticationPlugins` | Disable the original cleartext authentication plugin (which mandates SSL) |
+  > You can refer to the examples in [this code repository](https://github.com/morningman/doris-debug-tools/tree/main/jdbc-test). Or execute `build-auth-plugin.sh` to directly generate the plugin JAR file, then place it in the client's specified location.
+
+2. Doris SSL Enabled
+
+  When Doris SSL is enabled (`enable_ssl=true` added in `fe.conf`), the JDBC URL requires no additional parameters and can connect directly:
+
+  ```sql
+  jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase
+  ```
 
 ## Authentication
 

i18n/zh-CN/docusaurus-plugin-content-docs/current/admin-manual/auth/authentication/ldap.md

@@ -84,34 +84,44 @@ LDAP 认证要求客户端以明文方式发送密码，因此需要启用明文
 
 **JDBC Client**
 
-使用 JDBC 连接时，需要自定义认证插件以绕过 SSL 限制：
+1. Doris 未开启 SSL
 
-1. 创建自定义插件类，继承 `MysqlClearPasswordPlugin` 并重写 `requiresConfidentiality()` 方法：
+  Doris 未开启 SSL 的情况下，使用 JDBC 连接时，需要自定义认证插件以绕过 SSL 限制：
 
-   ```java
-   public class MysqlClearPasswordPluginWithoutSSL extends MysqlClearPasswordPlugin {
-     @Override
-     public boolean requiresConfidentiality() {
-       return false;
-     }
-   }
-   ```
+  1. 创建自定义插件类，继承 `MysqlClearPasswordPlugin` 并重写 `requiresConfidentiality()` 方法：
 
-   可以参考[该代码库](https://github.com/morningman/doris-debug-tools/tree/main/jdbc-test) 中的相关示例。或执行 `build-auth-plugin.sh` 可直接生成上述插件 jar 包。然后放置到客户端指定位置。
+    ```java
+    public class MysqlClearPasswordPluginWithoutSSL extends MysqlClearPasswordPlugin {
+      @Override
+      public boolean requiresConfidentiality() {
+        return false;
+      }
+    }
+    ```
 
-2. 在 JDBC 连接 URL 中配置自定义插件（将 `xxx` 替换为实际的包名）：
+  2. 在 JDBC 连接 URL 中配置自定义插件（将 `xxx` 替换为实际的包名）：
 
-   ```sql
-   jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase?authenticationPlugins=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&defaultAuthenticationPlugin=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&disabledAuthenticationPlugins=com.mysql.jdbc.authentication.MysqlClearPasswordPlugin";
-   ```
+    ```sql
+    jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase?authenticationPlugins=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&defaultAuthenticationPlugin=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&disabledAuthenticationPlugins=com.mysql.jdbc.authentication.MysqlClearPasswordPlugin";
+    ```
+
+    需要配置的三个属性说明：
 
-   需要配置的三个属性说明：
+    | 属性 | 说明 |
+    | --- | --- |
+    | `authenticationPlugins` | 注册自定义的明文认证插件 |
+    | `defaultAuthenticationPlugin` | 将自定义插件设为默认认证插件 |
+    | `disabledAuthenticationPlugins` | 禁用原始的明文认证插件（该插件强制要求 SSL） |
 
-   | 属性 | 说明 |
-   | --- | --- |
-   | `authenticationPlugins` | 注册自定义的明文认证插件 |
-   | `defaultAuthenticationPlugin` | 将自定义插件设为默认认证插件 |
-   | `disabledAuthenticationPlugins` | 禁用原始的明文认证插件（该插件强制要求 SSL） |
+  > 可以参考[该代码库](https://github.com/morningman/doris-debug-tools/tree/main/jdbc-test) 中的相关示例。或执行 `build-auth-plugin.sh` 可直接生成上述插件 jar 包。然后放置到客户端指定位置。
+
+2. Doris 开启 SSL
+
+  Doris 开启 SSL 的情况下（`fe.conf` 中添加 `enable_ssl=true`），JDBC URL 无需添加额外参数，直接连接即可：
+
+  ```sql
+  jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase
+  ```
 
 ## 验证登录
 

i18n/zh-CN/docusaurus-plugin-content-docs/version-3.x/admin-manual/auth/authentication/ldap.md

@@ -84,34 +84,44 @@ LDAP 认证要求客户端以明文方式发送密码，因此需要启用明文
 
 **JDBC Client**
 
-使用 JDBC 连接时，需要自定义认证插件以绕过 SSL 限制：
+1. Doris 未开启 SSL
 
-1. 创建自定义插件类，继承 `MysqlClearPasswordPlugin` 并重写 `requiresConfidentiality()` 方法：
+  Doris 未开启 SSL 的情况下，使用 JDBC 连接时，需要自定义认证插件以绕过 SSL 限制：
 
-   ```java
-   public class MysqlClearPasswordPluginWithoutSSL extends MysqlClearPasswordPlugin {
-     @Override
-     public boolean requiresConfidentiality() {
-       return false;
-     }
-   }
-   ```
+  1. 创建自定义插件类，继承 `MysqlClearPasswordPlugin` 并重写 `requiresConfidentiality()` 方法：
 
-   可以参考[该代码库](https://github.com/morningman/doris-debug-tools/tree/main/jdbc-test) 中的相关示例。或执行 `build-auth-plugin.sh` 可直接生成上述插件 jar 包。然后放置到客户端指定位置。
+    ```java
+    public class MysqlClearPasswordPluginWithoutSSL extends MysqlClearPasswordPlugin {
+      @Override
+      public boolean requiresConfidentiality() {
+        return false;
+      }
+    }
+    ```
 
-2. 在 JDBC 连接 URL 中配置自定义插件（将 `xxx` 替换为实际的包名）：
+  2. 在 JDBC 连接 URL 中配置自定义插件（将 `xxx` 替换为实际的包名）：
 
-   ```sql
-   jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase?authenticationPlugins=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&defaultAuthenticationPlugin=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&disabledAuthenticationPlugins=com.mysql.jdbc.authentication.MysqlClearPasswordPlugin";
-   ```
+    ```sql
+    jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase?authenticationPlugins=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&defaultAuthenticationPlugin=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&disabledAuthenticationPlugins=com.mysql.jdbc.authentication.MysqlClearPasswordPlugin";
+    ```
+
+    需要配置的三个属性说明：
 
-   需要配置的三个属性说明：
+    | 属性 | 说明 |
+    | --- | --- |
+    | `authenticationPlugins` | 注册自定义的明文认证插件 |
+    | `defaultAuthenticationPlugin` | 将自定义插件设为默认认证插件 |
+    | `disabledAuthenticationPlugins` | 禁用原始的明文认证插件（该插件强制要求 SSL） |
 
-   | 属性 | 说明 |
-   | --- | --- |
-   | `authenticationPlugins` | 注册自定义的明文认证插件 |
-   | `defaultAuthenticationPlugin` | 将自定义插件设为默认认证插件 |
-   | `disabledAuthenticationPlugins` | 禁用原始的明文认证插件（该插件强制要求 SSL） |
+  > 可以参考[该代码库](https://github.com/morningman/doris-debug-tools/tree/main/jdbc-test) 中的相关示例。或执行 `build-auth-plugin.sh` 可直接生成上述插件 jar 包。然后放置到客户端指定位置。
+
+2. Doris 开启 SSL
+
+  Doris 开启 SSL 的情况下（`fe.conf` 中添加 `enable_ssl=true`），JDBC URL 无需添加额外参数，直接连接即可：
+
+  ```sql
+  jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase
+  ```
 
 ## 验证登录
 

i18n/zh-CN/docusaurus-plugin-content-docs/version-4.x/admin-manual/auth/authentication/ldap.md

@@ -84,34 +84,44 @@ LDAP 认证要求客户端以明文方式发送密码，因此需要启用明文
 
 **JDBC Client**
 
-使用 JDBC 连接时，需要自定义认证插件以绕过 SSL 限制：
+1. Doris 未开启 SSL
 
-1. 创建自定义插件类，继承 `MysqlClearPasswordPlugin` 并重写 `requiresConfidentiality()` 方法：
+  Doris 未开启 SSL 的情况下，使用 JDBC 连接时，需要自定义认证插件以绕过 SSL 限制：
 
-   ```java
-   public class MysqlClearPasswordPluginWithoutSSL extends MysqlClearPasswordPlugin {
-     @Override
-     public boolean requiresConfidentiality() {
-       return false;
-     }
-   }
-   ```
+  1. 创建自定义插件类，继承 `MysqlClearPasswordPlugin` 并重写 `requiresConfidentiality()` 方法：
 
-   可以参考[该代码库](https://github.com/morningman/doris-debug-tools/tree/main/jdbc-test) 中的相关示例。或执行 `build-auth-plugin.sh` 可直接生成上述插件 jar 包。然后放置到客户端指定位置。
+    ```java
+    public class MysqlClearPasswordPluginWithoutSSL extends MysqlClearPasswordPlugin {
+      @Override
+      public boolean requiresConfidentiality() {
+        return false;
+      }
+    }
+    ```
 
-2. 在 JDBC 连接 URL 中配置自定义插件（将 `xxx` 替换为实际的包名）：
+  2. 在 JDBC 连接 URL 中配置自定义插件（将 `xxx` 替换为实际的包名）：
 
-   ```sql
-   jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase?authenticationPlugins=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&defaultAuthenticationPlugin=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&disabledAuthenticationPlugins=com.mysql.jdbc.authentication.MysqlClearPasswordPlugin";
-   ```
+    ```sql
+    jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase?authenticationPlugins=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&defaultAuthenticationPlugin=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&disabledAuthenticationPlugins=com.mysql.jdbc.authentication.MysqlClearPasswordPlugin";
+    ```
+
+    需要配置的三个属性说明：
 
-   需要配置的三个属性说明：
+    | 属性 | 说明 |
+    | --- | --- |
+    | `authenticationPlugins` | 注册自定义的明文认证插件 |
+    | `defaultAuthenticationPlugin` | 将自定义插件设为默认认证插件 |
+    | `disabledAuthenticationPlugins` | 禁用原始的明文认证插件（该插件强制要求 SSL） |
 
-   | 属性 | 说明 |
-   | --- | --- |
-   | `authenticationPlugins` | 注册自定义的明文认证插件 |
-   | `defaultAuthenticationPlugin` | 将自定义插件设为默认认证插件 |
-   | `disabledAuthenticationPlugins` | 禁用原始的明文认证插件（该插件强制要求 SSL） |
+  > 可以参考[该代码库](https://github.com/morningman/doris-debug-tools/tree/main/jdbc-test) 中的相关示例。或执行 `build-auth-plugin.sh` 可直接生成上述插件 jar 包。然后放置到客户端指定位置。
+
+2. Doris 开启 SSL
+
+  Doris 开启 SSL 的情况下（`fe.conf` 中添加 `enable_ssl=true`），JDBC URL 无需添加额外参数，直接连接即可：
+
+  ```sql
+  jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase
+  ```
 
 ## 验证登录
 

versioned_docs/version-3.x/admin-manual/auth/authentication/ldap.md

@@ -84,34 +84,44 @@ You can enable the cleartext authentication plugin using either method:
 
 **JDBC Client**
 
-When connecting via JDBC, you need a custom authentication plugin to bypass SSL restrictions:
+1. Doris SSL Not Enabled
 
-1. Create a custom plugin class that extends `MysqlClearPasswordPlugin` and overrides the `requiresConfidentiality()` method:
+  When Doris SSL is not enabled, you need to create a custom authentication plugin to bypass SSL restrictions when using JDBC connections:
 
-   ```java
-   public class MysqlClearPasswordPluginWithoutSSL extends MysqlClearPasswordPlugin {
-     @Override
-     public boolean requiresConfidentiality() {
-       return false;
-     }
-   }
-   ```
+  1. Create a custom plugin class that extends `MysqlClearPasswordPlugin` and overrides the `requiresConfidentiality()` method:
 
-   Refer to the examples in [this repository](https://github.com/morningman/doris-debug-tools/tree/main/jdbc-test). Or execute `build-auth-plugin.sh` to directly generate the plugin jar file. Then place it in the specified client location.
+    ```java
+    public class MysqlClearPasswordPluginWithoutSSL extends MysqlClearPasswordPlugin {
+      @Override
+      public boolean requiresConfidentiality() {
+        return false;
+      }
+    }
+    ```
 
-2. Configure the custom plugin in the JDBC connection URL (replace `xxx` with the actual package name):
+  2. Configure the custom plugin in the JDBC connection URL (replace `xxx` with your actual package name):
 
-   ```sql
-   jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase?authenticationPlugins=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&defaultAuthenticationPlugin=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&disabledAuthenticationPlugins=com.mysql.jdbc.authentication.MysqlClearPasswordPlugin";
-   ```
+    ```sql
+    jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase?authenticationPlugins=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&defaultAuthenticationPlugin=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&disabledAuthenticationPlugins=com.mysql.jdbc.authentication.MysqlClearPasswordPlugin";
+    ```
+
+    Description of the three required properties:
 
-   Three properties to configure:
+    | Property | Description |
+    | --- | --- |
+    | `authenticationPlugins` | Register the custom cleartext authentication plugin |
+    | `defaultAuthenticationPlugin` | Set the custom plugin as the default authentication plugin |
+    | `disabledAuthenticationPlugins` | Disable the original cleartext authentication plugin (which mandates SSL) |
 
-   | Property | Description |
-   | --- | --- |
-   | `authenticationPlugins` | Register the custom cleartext authentication plugin |
-   | `defaultAuthenticationPlugin` | Set the custom plugin as the default authentication plugin |
-   | `disabledAuthenticationPlugins` | Disable the original cleartext authentication plugin (which mandates SSL) |
+  > You can refer to the examples in [this code repository](https://github.com/morningman/doris-debug-tools/tree/main/jdbc-test). Or execute `build-auth-plugin.sh` to directly generate the plugin JAR file, then place it in the client's specified location.
+
+2. Doris SSL Enabled
+
+  When Doris SSL is enabled (`enable_ssl=true` added in `fe.conf`), the JDBC URL requires no additional parameters and can connect directly:
+
+  ```sql
+  jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase
+  ```
 
 ## Authentication
 

versioned_docs/version-4.x/admin-manual/auth/authentication/ldap.md

@@ -84,34 +84,44 @@ You can enable the cleartext authentication plugin using either method:
 
 **JDBC Client**
 
-When connecting via JDBC, you need a custom authentication plugin to bypass SSL restrictions:
+1. Doris SSL Not Enabled
 
-1. Create a custom plugin class that extends `MysqlClearPasswordPlugin` and overrides the `requiresConfidentiality()` method:
+  When Doris SSL is not enabled, you need to create a custom authentication plugin to bypass SSL restrictions when using JDBC connections:
 
-   ```java
-   public class MysqlClearPasswordPluginWithoutSSL extends MysqlClearPasswordPlugin {
-     @Override
-     public boolean requiresConfidentiality() {
-       return false;
-     }
-   }
-   ```
+  1. Create a custom plugin class that extends `MysqlClearPasswordPlugin` and overrides the `requiresConfidentiality()` method:
 
-   Refer to the examples in [this repository](https://github.com/morningman/doris-debug-tools/tree/main/jdbc-test). Or execute `build-auth-plugin.sh` to directly generate the plugin jar file. Then place it in the specified client location.
+    ```java
+    public class MysqlClearPasswordPluginWithoutSSL extends MysqlClearPasswordPlugin {
+      @Override
+      public boolean requiresConfidentiality() {
+        return false;
+      }
+    }
+    ```
 
-2. Configure the custom plugin in the JDBC connection URL (replace `xxx` with the actual package name):
+  2. Configure the custom plugin in the JDBC connection URL (replace `xxx` with your actual package name):
 
-   ```sql
-   jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase?authenticationPlugins=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&defaultAuthenticationPlugin=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&disabledAuthenticationPlugins=com.mysql.jdbc.authentication.MysqlClearPasswordPlugin";
-   ```
+    ```sql
+    jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase?authenticationPlugins=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&defaultAuthenticationPlugin=xxx.xxx.xxx.MysqlClearPasswordPluginWithoutSSL&disabledAuthenticationPlugins=com.mysql.jdbc.authentication.MysqlClearPasswordPlugin";
+    ```
+
+    Description of the three required properties:
 
-   Three properties to configure:
+    | Property | Description |
+    | --- | --- |
+    | `authenticationPlugins` | Register the custom cleartext authentication plugin |
+    | `defaultAuthenticationPlugin` | Set the custom plugin as the default authentication plugin |
+    | `disabledAuthenticationPlugins` | Disable the original cleartext authentication plugin (which mandates SSL) |
 
-   | Property | Description |
-   | --- | --- |
-   | `authenticationPlugins` | Register the custom cleartext authentication plugin |
-   | `defaultAuthenticationPlugin` | Set the custom plugin as the default authentication plugin |
-   | `disabledAuthenticationPlugins` | Disable the original cleartext authentication plugin (which mandates SSL) |
+  > You can refer to the examples in [this code repository](https://github.com/morningman/doris-debug-tools/tree/main/jdbc-test). Or execute `build-auth-plugin.sh` to directly generate the plugin JAR file, then place it in the client's specified location.
+
+2. Doris SSL Enabled
+
+  When Doris SSL is enabled (`enable_ssl=true` added in `fe.conf`), the JDBC URL requires no additional parameters and can connect directly:
+
+  ```sql
+  jdbcUrl = "jdbc:mysql://localhost:9030/mydatabase
+  ```
 
 ## Authentication