You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zeppelin.apache.org by pr...@apache.org on 2017/04/12 09:28:57 UTC
zeppelin git commit: ZEPPELIN-2366 In zeppelin SystemUser fails to
authenticate with AD, using the password set in hadoop credential store.
Repository: zeppelin
Updated Branches:
refs/heads/master b55231464 -> 35fa9d287
ZEPPELIN-2366 In zeppelin SystemUser fails to authenticate with AD, using the password set in hadoop credential store.
### What is this PR for?
In zeppelin SystemUser fails to authenticate with AD, using the password set in hadoop credential store.
### What type of PR is it?
Bug Fix
### Todos
* [ ] - Task
### What is the Jira issue?
[ZEPPELIN-2366](https://issues.apache.org/jira/browse/ZEPPELIN-2366)
### How should this be tested?
Configure AD system user password using hadoop credential in shiro.ini. _(sample config in JIRA ticket)_
### Screenshots (if appropriate)
### Questions:
* Does the licenses files need update? n/a
* Is there breaking changes for older versions? n/a
* Does this needs documentation? n/a
Author: Renjith Kamath <re...@gmail.com>
Closes #2230 from r-kamath/ZEPPELIN-2366 and squashes the following commits:
11a8ab43d [Renjith Kamath] ZEPPELIN-2366 In zeppelin SystemUser fails to authenticate with AD, using the password set in hadoop credential store.
Project: http://git-wip-us.apache.org/repos/asf/zeppelin/repo
Commit: http://git-wip-us.apache.org/repos/asf/zeppelin/commit/35fa9d28
Tree: http://git-wip-us.apache.org/repos/asf/zeppelin/tree/35fa9d28
Diff: http://git-wip-us.apache.org/repos/asf/zeppelin/diff/35fa9d28
Branch: refs/heads/master
Commit: 35fa9d287fd7535dc9fed9ca8cc84e7851b045b5
Parents: b552314
Author: Renjith Kamath <re...@gmail.com>
Authored: Thu Apr 6 20:55:38 2017 +0530
Committer: Prabhjyot Singh <pr...@gmail.com>
Committed: Wed Apr 12 14:58:50 2017 +0530
----------------------------------------------------------------------
.../realm/ActiveDirectoryGroupRealm.java | 33 ++++++++++++++++++++
1 file changed, 33 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/zeppelin/blob/35fa9d28/zeppelin-server/src/main/java/org/apache/zeppelin/realm/ActiveDirectoryGroupRealm.java
----------------------------------------------------------------------
diff --git a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/ActiveDirectoryGroupRealm.java b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/ActiveDirectoryGroupRealm.java
index 7990d5f..8a9d66b 100644
--- a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/ActiveDirectoryGroupRealm.java
+++ b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/ActiveDirectoryGroupRealm.java
@@ -24,6 +24,8 @@ import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.Realm;
@@ -91,6 +93,11 @@ public class ActiveDirectoryGroupRealm extends AbstractLdapRealm {
LdapContextFactory ldapContextFactory;
+ protected void onInit() {
+ super.onInit();
+ this.getLdapContextFactory();
+ }
+
public LdapContextFactory getLdapContextFactory() {
if (this.ldapContextFactory == null) {
if (log.isDebugEnabled()) {
@@ -109,6 +116,32 @@ public class ActiveDirectoryGroupRealm extends AbstractLdapRealm {
return this.ldapContextFactory;
}
+ protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
+ throws AuthenticationException {
+ try {
+ AuthenticationInfo info = this.queryForAuthenticationInfo(token,
+ this.getLdapContextFactory());
+ return info;
+ } catch (javax.naming.AuthenticationException var5) {
+ throw new AuthenticationException("LDAP authentication failed.", var5);
+ } catch (NamingException var6) {
+ String msg = "LDAP naming error while attempting to authenticate user.";
+ throw new AuthenticationException(msg, var6);
+ }
+ }
+
+ protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
+ try {
+ AuthorizationInfo info = this.queryForAuthorizationInfo(principals,
+ this.getLdapContextFactory());
+ return info;
+ } catch (NamingException var5) {
+ String msg = "LDAP naming error while attempting to " +
+ "retrieve authorization for user [" + principals + "].";
+ throw new AuthorizationException(msg, var5);
+ }
+ }
+
private String getSystemPassword() {
String password = "";
if (StringUtils.isEmpty(this.hadoopSecurityCredentialPath)) {