You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kylin.apache.org by sh...@apache.org on 2015/12/28 08:05:50 UTC
[1/2] kylin git commit: KYLIN-1219 redirect user to login page if he is authenticated by SSO but doesn’t belong to LDAP group
Repository: kylin
Updated Branches:
refs/heads/2.0-rc 72ec98695 -> 82e258b69
KYLIN-1219 redirect user to login page if he is authenticated by SSO but doesn’t belong to LDAP group
Project: http://git-wip-us.apache.org/repos/asf/kylin/repo
Commit: http://git-wip-us.apache.org/repos/asf/kylin/commit/56e1a1d0
Tree: http://git-wip-us.apache.org/repos/asf/kylin/tree/56e1a1d0
Diff: http://git-wip-us.apache.org/repos/asf/kylin/diff/56e1a1d0
Branch: refs/heads/2.0-rc
Commit: 56e1a1d028f216ce79b2e9e0d887468a24e6ed3d
Parents: 72ec986
Author: shaofengshi <sh...@apache.org>
Authored: Mon Dec 28 15:04:09 2015 +0800
Committer: shaofengshi <sh...@apache.org>
Committed: Mon Dec 28 15:04:09 2015 +0800
----------------------------------------------------------------------
.../kylin/rest/security/KylinAuthenticationProvider.java | 7 +++++++
.../apache/kylin/rest/security/SAMLUserDetailsService.java | 8 +++++++-
server/src/main/resources/kylinSecurity.xml | 3 +++
3 files changed, 17 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/kylin/blob/56e1a1d0/server/src/main/java/org/apache/kylin/rest/security/KylinAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/kylin/rest/security/KylinAuthenticationProvider.java b/server/src/main/java/org/apache/kylin/rest/security/KylinAuthenticationProvider.java
index 681fe5a..1f147ef 100644
--- a/server/src/main/java/org/apache/kylin/rest/security/KylinAuthenticationProvider.java
+++ b/server/src/main/java/org/apache/kylin/rest/security/KylinAuthenticationProvider.java
@@ -14,6 +14,7 @@ import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.saml.SAMLAuthenticationProvider;
import org.springframework.util.Assert;
@@ -73,6 +74,12 @@ public class KylinAuthenticationProvider implements AuthenticationProvider {
logger.debug("Authenticated user " + authed.toString());
UserDetails user;
+
+ if (authed.getDetails() == null) {
+ //authed.setAuthenticated(false);
+ throw new UsernameNotFoundException("User not found in LDAP, check whether he/she has been added to the groups.");
+ }
+
if (authed.getDetails() instanceof UserDetails) {
user = (UserDetails) authed.getDetails();
} else {
http://git-wip-us.apache.org/repos/asf/kylin/blob/56e1a1d0/server/src/main/java/org/apache/kylin/rest/security/SAMLUserDetailsService.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/kylin/rest/security/SAMLUserDetailsService.java b/server/src/main/java/org/apache/kylin/rest/security/SAMLUserDetailsService.java
index 8d13805..c747e66 100644
--- a/server/src/main/java/org/apache/kylin/rest/security/SAMLUserDetailsService.java
+++ b/server/src/main/java/org/apache/kylin/rest/security/SAMLUserDetailsService.java
@@ -25,7 +25,13 @@ public class SAMLUserDetailsService implements org.springframework.security.saml
logger.debug("samlCredential.email:" + userEmail);
final String userName = userEmail.substring(0, userEmail.indexOf("@"));
- UserDetails userDetails = ldapUserDetailsService.loadUserByUsername(userName);
+
+ UserDetails userDetails = null;
+ try {
+ userDetails = ldapUserDetailsService.loadUserByUsername(userName);
+ } catch (org.springframework.security.core.userdetails.UsernameNotFoundException e) {
+ logger.error("User not found in LDAP, check whether he/she has been added to the groups.", e);
+ }
logger.debug("userDeail by search ldap with '" + userName + "' is: " + userDetails);
return userDetails;
}
http://git-wip-us.apache.org/repos/asf/kylin/blob/56e1a1d0/server/src/main/resources/kylinSecurity.xml
----------------------------------------------------------------------
diff --git a/server/src/main/resources/kylinSecurity.xml b/server/src/main/resources/kylinSecurity.xml
index 3bd27f3..51dd601 100644
--- a/server/src/main/resources/kylinSecurity.xml
+++ b/server/src/main/resources/kylinSecurity.xml
@@ -175,7 +175,10 @@
<scr:http security="none" pattern="/fonts/**"/>
<scr:http security="none" pattern="/js/**"/>
<scr:http security="none" pattern="/login/**"/>
+ <scr:http security="none" pattern="/routes.json"/>
<scr:http security="none" pattern="/api/projects" />
+ <scr:http security="none" pattern="/api/admin/config" />
+ <scr:http security="none" pattern="/api/admin/env" />
<!-- Secured Rest API urls with LDAP basic authentication -->
<scr:http pattern="/api/**" use-expressions="true" authentication-manager-ref="apiAccessAuthenticationManager">
[2/2] kylin git commit: KYLIN-1119 enhance find-hive-dependency.sh
Posted by sh...@apache.org.
KYLIN-1119 enhance find-hive-dependency.sh
Project: http://git-wip-us.apache.org/repos/asf/kylin/repo
Commit: http://git-wip-us.apache.org/repos/asf/kylin/commit/82e258b6
Tree: http://git-wip-us.apache.org/repos/asf/kylin/tree/82e258b6
Diff: http://git-wip-us.apache.org/repos/asf/kylin/diff/82e258b6
Branch: refs/heads/2.0-rc
Commit: 82e258b69f4d74e29795c2035e2fd24b845fd1a7
Parents: 56e1a1d
Author: shaofengshi <sh...@apache.org>
Authored: Mon Dec 28 15:05:16 2015 +0800
Committer: shaofengshi <sh...@apache.org>
Committed: Mon Dec 28 15:05:16 2015 +0800
----------------------------------------------------------------------
build/bin/find-hive-dependency.sh | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/kylin/blob/82e258b6/build/bin/find-hive-dependency.sh
----------------------------------------------------------------------
diff --git a/build/bin/find-hive-dependency.sh b/build/bin/find-hive-dependency.sh
index ee36fc3..47f0fbc 100644
--- a/build/bin/find-hive-dependency.sh
+++ b/build/bin/find-hive-dependency.sh
@@ -40,10 +40,12 @@ done
# in some versions of hive hcatalog is not in hive's classpath, find it separately
if [ -z "$HCAT_HOME" ]
then
- echo "HCAT_HOME not found, try to find hcatalog path from hive home"
- hive_home=`echo $hive_exec_path | awk -F '/hive.*/lib/' '{print $1}'`
- if [ -d "${hive_home}/hive-hcatalog" ]; then
- hcatalog_home=${hive_home}/hive-hcatalog
+ echo "HCAT_HOME not found, try to find hcatalog path from hadoop home"
+ hadoop_home=`echo $hive_exec_path | awk -F '/hive.*/lib/' '{print $1}'`
+ if [ -d "${hadoop_home}/hive-hcatalog" ]; then
+ hcatalog_home=${hadoop_home}/hive-hcatalog
+ elif [ -d "${hadoop_home}/hive/hcatalog" ]; then
+ hcatalog_home=${hadoop_home}/hive/hcatalog
else
echo "Couldn't locate hcatalog installation, please make sure it is installed and set HCAT_HOME to the path."
exit 1