You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@drill.apache.org by vo...@apache.org on 2019/07/29 09:20:18 UTC
[drill] 01/02: DRILL-7205: Drill fails to start when authentication
is disabled
This is an automated email from the ASF dual-hosted git repository.
volodymyr pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/drill.git
commit 275fb27126b35fe3229f6ef6dd5296f4138670fc
Author: Anton Gozhiy <an...@gmail.com>
AuthorDate: Fri Jul 5 18:51:32 2019 +0300
DRILL-7205: Drill fails to start when authentication is disabled
closes #1824
---
.../rpc/security/AuthenticatorProviderImpl.java | 5 +
.../user/security/TestCustomUserAuthenticator.java | 115 +++++++++++----------
2 files changed, 67 insertions(+), 53 deletions(-)
diff --git a/exec/java-exec/src/main/java/org/apache/drill/exec/rpc/security/AuthenticatorProviderImpl.java b/exec/java-exec/src/main/java/org/apache/drill/exec/rpc/security/AuthenticatorProviderImpl.java
index 4ed688b..60ffdec 100644
--- a/exec/java-exec/src/main/java/org/apache/drill/exec/rpc/security/AuthenticatorProviderImpl.java
+++ b/exec/java-exec/src/main/java/org/apache/drill/exec/rpc/security/AuthenticatorProviderImpl.java
@@ -45,6 +45,11 @@ public class AuthenticatorProviderImpl implements AuthenticatorProvider {
@SuppressWarnings("unchecked")
public AuthenticatorProviderImpl(final DrillConfig config, final ScanResult scan) throws DrillbitStartupException {
+ // Skip auth mechanisms setup if user authentication is disabled
+ if (!config.getBoolean(ExecConstants.USER_AUTHENTICATION_ENABLED)) {
+ return;
+ }
+
List<String> configuredFactories = Lists.newArrayList();
if (config.hasPath(ExecConstants.AUTHENTICATION_MECHANISMS)) {
configuredFactories = config.getStringList(ExecConstants.AUTHENTICATION_MECHANISMS);
diff --git a/exec/java-exec/src/test/java/org/apache/drill/exec/rpc/user/security/TestCustomUserAuthenticator.java b/exec/java-exec/src/test/java/org/apache/drill/exec/rpc/user/security/TestCustomUserAuthenticator.java
index b4d44ef..93d11cb 100644
--- a/exec/java-exec/src/test/java/org/apache/drill/exec/rpc/user/security/TestCustomUserAuthenticator.java
+++ b/exec/java-exec/src/test/java/org/apache/drill/exec/rpc/user/security/TestCustomUserAuthenticator.java
@@ -17,47 +17,46 @@
*/
package org.apache.drill.exec.rpc.user.security;
-import com.typesafe.config.ConfigValueFactory;
-import org.apache.drill.test.BaseTestQuery;
import org.apache.drill.categories.SecurityTest;
import org.apache.drill.common.config.DrillProperties;
-import org.apache.drill.common.config.DrillConfig;
import org.apache.drill.exec.ExecConstants;
import org.apache.drill.exec.rpc.RpcException;
import org.apache.drill.exec.rpc.user.security.testing.UserAuthenticatorTestImpl;
+import org.apache.drill.test.ClientFixture;
+import org.apache.drill.test.ClusterFixture;
+import org.apache.drill.test.ClusterFixtureBuilder;
+import org.apache.drill.test.ClusterTest;
+import org.apache.drill.test.QueryTestUtil;
import org.junit.BeforeClass;
+import org.junit.Rule;
import org.junit.Test;
import org.junit.experimental.categories.Category;
+import org.junit.rules.ExpectedException;
-import java.util.Properties;
+import java.util.Arrays;
+import java.util.List;
import static org.apache.drill.exec.rpc.user.security.testing.UserAuthenticatorTestImpl.TEST_USER_1;
import static org.apache.drill.exec.rpc.user.security.testing.UserAuthenticatorTestImpl.TEST_USER_1_PASSWORD;
import static org.apache.drill.exec.rpc.user.security.testing.UserAuthenticatorTestImpl.TEST_USER_2;
import static org.apache.drill.exec.rpc.user.security.testing.UserAuthenticatorTestImpl.TEST_USER_2_PASSWORD;
+import static org.hamcrest.CoreMatchers.isA;
import static org.hamcrest.core.StringContains.containsString;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertThat;
-import static org.junit.Assert.fail;
@Category(SecurityTest.class)
-public class TestCustomUserAuthenticator extends BaseTestQuery {
+public class TestCustomUserAuthenticator extends ClusterTest {
+
+ @Rule
+ public ExpectedException thrown = ExpectedException.none();
@BeforeClass
public static void setupCluster() {
- // Create a new DrillConfig which has user authentication enabled and authenticator set to
- // UserAuthenticatorTestImpl.
- final Properties props = cloneDefaultTestConfigProperties();
- final DrillConfig newConfig = new DrillConfig(DrillConfig.create(props)
- .withValue(ExecConstants.USER_AUTHENTICATION_ENABLED,
- ConfigValueFactory.fromAnyRef("true"))
- .withValue(ExecConstants.USER_AUTHENTICATOR_IMPL,
- ConfigValueFactory.fromAnyRef(UserAuthenticatorTestImpl.TYPE)));
-
- final Properties connectionProps = new Properties();
- connectionProps.setProperty(DrillProperties.USER, "anonymous");
- connectionProps.setProperty(DrillProperties.PASSWORD, "anything works!");
- updateTestCluster(3, newConfig, connectionProps);
+ cluster = ClusterFixture.bareBuilder(dirTestWatcher)
+ .clusterSize(3)
+ .configProperty(ExecConstants.ALLOW_LOOPBACK_ADDRESS_BINDING, true)
+ .configProperty(ExecConstants.USER_AUTHENTICATION_ENABLED, true)
+ .configProperty(ExecConstants.USER_AUTHENTICATOR_IMPL, UserAuthenticatorTestImpl.TYPE)
+ .build();
}
@Test
@@ -67,6 +66,22 @@ public class TestCustomUserAuthenticator extends BaseTestQuery {
}
@Test
+ public void positiveAuthDisabled() throws Exception {
+ // Setup a separate cluster
+ ClusterFixtureBuilder builder = ClusterFixture.bareBuilder(dirTestWatcher)
+ .configProperty(ExecConstants.ALLOW_LOOPBACK_ADDRESS_BINDING, true)
+ .configProperty(ExecConstants.INITIAL_USER_PORT, QueryTestUtil.getFreePortNumber(31170, 300))
+ .configProperty(ExecConstants.INITIAL_BIT_PORT, QueryTestUtil.getFreePortNumber(31180, 300));
+
+ // Setup specific auth settings
+ ClusterFixture cluster = builder.configProperty(ExecConstants.USER_AUTHENTICATION_ENABLED, false)
+ .configProperty(ExecConstants.USER_AUTHENTICATOR_IMPL, "NonExistingImpl")
+ .build();
+
+ runTest(TEST_USER_1, TEST_USER_1_PASSWORD, cluster);
+ }
+
+ @Test
public void negativeUserAuth() throws Exception {
negativeAuthHelper(TEST_USER_1, "blah.. blah..");
negativeAuthHelper(TEST_USER_2, "blah.. blah..");
@@ -75,15 +90,9 @@ public class TestCustomUserAuthenticator extends BaseTestQuery {
@Test
public void emptyPassword() throws Exception {
- try {
- runTest(TEST_USER_2, "");
- fail("Expected an exception.");
- } catch (RpcException e) {
- final String exMsg = e.getMessage();
- assertThat(exMsg, containsString("Insufficient credentials"));
- } catch (Exception e) {
- fail("Expected an RpcException.");
- }
+ thrown.expectCause(isA(RpcException.class));
+ thrown.expectMessage(containsString("Insufficient credentials"));
+ runTest(TEST_USER_2, "");
}
@Test
@@ -92,33 +101,33 @@ public class TestCustomUserAuthenticator extends BaseTestQuery {
runTest(TEST_USER_2, TEST_USER_2_PASSWORD);
}
- private static void negativeAuthHelper(final String user, final String password) throws Exception {
- RpcException negativeAuthEx = null;
- try {
- runTest(user, password);
- } catch (RpcException e) {
- negativeAuthEx = e;
- }
-
- assertNotNull("Expected RpcException.", negativeAuthEx);
- final String exMsg = negativeAuthEx.getMessage();
- assertThat(exMsg, containsString("Authentication failed"));
- assertThat(exMsg, containsString("Incorrect credentials"));
+ private void negativeAuthHelper(final String user, final String password) throws Exception {
+ thrown.expectCause(isA(RpcException.class));
+ thrown.expectMessage(containsString("Authentication failed"));
+ thrown.expectMessage(containsString("Incorrect credentials"));
+ runTest(user, password);
}
- private static void runTest(final String user, final String password) throws Exception {
- final Properties connectionProps = new Properties();
-
- connectionProps.setProperty(DrillProperties.USER, user);
- connectionProps.setProperty(DrillProperties.PASSWORD, password);
+ private static void runTest(String user, String password) throws Exception {
+ runTest(user, password, cluster);
+ }
- updateClient(connectionProps);
+ private static void runTest(String user, String password, ClusterFixture cluster) throws Exception {
+ ClientFixture client = cluster.clientBuilder()
+ .property(DrillProperties.USER, user)
+ .property(DrillProperties.PASSWORD, password)
+ .build();
// Run few queries using the new client
- test("SHOW SCHEMAS");
- test("USE INFORMATION_SCHEMA");
- test("SHOW TABLES");
- test("SELECT * FROM INFORMATION_SCHEMA.`TABLES` WHERE TABLE_NAME LIKE 'COLUMNS'");
- test("SELECT * FROM cp.`region.json` LIMIT 5");
+ List<String> queries = Arrays.asList(
+ "SHOW SCHEMAS",
+ "USE INFORMATION_SCHEMA",
+ "SHOW TABLES",
+ "SELECT * FROM INFORMATION_SCHEMA.`TABLES` WHERE TABLE_NAME LIKE 'COLUMNS'",
+ "SELECT * FROM cp.`region.json` LIMIT 5");
+
+ for (String query : queries) {
+ client.queryBuilder().sql(query).run();
+ }
}
}