You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@drill.apache.org by Venki Korukanti <ve...@gmail.com> on 2016/01/11 18:03:30 UTC
Re: Review Request 38359: DRILL-3201: Add authentication and
authorization to Drill Web client
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/38359/
-----------------------------------------------------------
(Updated Jan. 11, 2016, 9:03 a.m.)
Review request for drill, Jacques Nadeau and Jason Altekruse.
Changes
-------
Added AuthDynamicFeature (implementation of DynamicFeature) to attach Auth check filters for resources that require user to be authenticated. Filter checks if the user is authentication, if not forwarded to the login page. Now only resource annotations define whether the resource needs user authentication or not along with privileges.
Also:
1) removed the SecurityConstraints in jetty layer.
2) renamed log/{in, out} resources to /login and /logout.
Repository: drill-git
Description
-------
Use jetty's SecurityHandler (with FormAuthenticator and LoginService) to enforce authentication. Use jersey's annotations to enforece authorizations.
Diffs (updated)
-----
distribution/src/resources/drill-override-example.conf 6dbab3d
exec/java-exec/src/main/java/org/apache/drill/exec/ExecConstants.java 0198da8
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/DrillRestServer.java 7d2dfe8
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/DrillRoot.java 3e972b4
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/LogInLogOutResources.java PRE-CREATION
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/MetricsResources.java 28a292b
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/QueryResources.java 1978cd8
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/QueryWrapper.java 0ca8e74
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/StatusResources.java c99c49b
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/StorageResources.java 1cff961
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/ThreadsResources.java def5acb
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/ViewableWithPermissions.java PRE-CREATION
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/WebServer.java 802d5cd
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/auth/AbstractDrillLoginService.java PRE-CREATION
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/auth/AnonymousAuthenticator.java PRE-CREATION
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/auth/AnonymousLoginService.java PRE-CREATION
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/auth/AuthDynamicFeature.java PRE-CREATION
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/auth/DrillRestLoginService.java PRE-CREATION
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/auth/DrillUserPrincipal.java PRE-CREATION
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/profile/ProfileResources.java 6656bf6
exec/java-exec/src/main/resources/drill-module.conf 6b5d9fe
exec/java-exec/src/main/resources/rest/generic.ftl 9df2424
exec/java-exec/src/main/resources/rest/login.ftl PRE-CREATION
exec/java-exec/src/main/resources/rest/static/img/apache-drill-logo.png PRE-CREATION
Diff: https://reviews.apache.org/r/38359/diff/
Testing
-------
Currently testing is manual. Rest based unittests are coming in DRILL-2965.
Thanks,
Venki Korukanti
Re: Review Request 38359: DRILL-3201: Add authentication and
authorization to Drill Web client
Posted by Jacques Nadeau <ja...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/38359/#review113850
-----------------------------------------------------------
Ship it!
Ship It!
- Jacques Nadeau
On Jan. 11, 2016, 5:03 p.m., Venki Korukanti wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/38359/
> -----------------------------------------------------------
>
> (Updated Jan. 11, 2016, 5:03 p.m.)
>
>
> Review request for drill, Jacques Nadeau and Jason Altekruse.
>
>
> Repository: drill-git
>
>
> Description
> -------
>
> Use jetty's SecurityHandler (with FormAuthenticator and LoginService) to enforce authentication. Use jersey's annotations to enforece authorizations.
>
>
> Diffs
> -----
>
> distribution/src/resources/drill-override-example.conf 6dbab3d
> exec/java-exec/src/main/java/org/apache/drill/exec/ExecConstants.java 0198da8
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/DrillRestServer.java 7d2dfe8
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/DrillRoot.java 3e972b4
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/LogInLogOutResources.java PRE-CREATION
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/MetricsResources.java 28a292b
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/QueryResources.java 1978cd8
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/QueryWrapper.java 0ca8e74
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/StatusResources.java c99c49b
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/StorageResources.java 1cff961
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/ThreadsResources.java def5acb
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/ViewableWithPermissions.java PRE-CREATION
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/WebServer.java 802d5cd
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/auth/AbstractDrillLoginService.java PRE-CREATION
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/auth/AnonymousAuthenticator.java PRE-CREATION
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/auth/AnonymousLoginService.java PRE-CREATION
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/auth/AuthDynamicFeature.java PRE-CREATION
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/auth/DrillRestLoginService.java PRE-CREATION
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/auth/DrillUserPrincipal.java PRE-CREATION
> exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/profile/ProfileResources.java 6656bf6
> exec/java-exec/src/main/resources/drill-module.conf 6b5d9fe
> exec/java-exec/src/main/resources/rest/generic.ftl 9df2424
> exec/java-exec/src/main/resources/rest/login.ftl PRE-CREATION
> exec/java-exec/src/main/resources/rest/static/img/apache-drill-logo.png PRE-CREATION
>
> Diff: https://reviews.apache.org/r/38359/diff/
>
>
> Testing
> -------
>
> Currently testing is manual. Rest based unittests are coming in DRILL-2965.
>
>
> Thanks,
>
> Venki Korukanti
>
>