You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@drill.apache.org by sohami <gi...@git.apache.org> on 2017/12/21 22:10:11 UTC

[GitHub] drill pull request #1040: DRILL-5425: Support HTTP Kerberos auth using SPNEG...

Github user sohami commented on a diff in the pull request:

    https://github.com/apache/drill/pull/1040#discussion_r158099736
  
    --- Diff: exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/LogInLogOutResources.java ---
    @@ -69,23 +79,94 @@ public Viewable getLoginPage(@Context HttpServletRequest request, @Context HttpS
         return ViewableWithPermissions.createLoginPage(null);
       }
     
    +  @GET
    +  @Path(WebServerConstants.SPENGO_LOGIN_RESOURCE_PATH)
    +  @Produces(MediaType.TEXT_HTML)
    +  public Viewable getSpnegologin(@Context HttpServletRequest request, @Context HttpServletResponse response,
    +                                 @Context SecurityContext sc, @Context UriInfo uriInfo,
    +                                 @QueryParam(WebServerConstants.REDIRECT_QUERY_PARM) String redirect) throws Exception {
    +    if (AuthDynamicFeature.isUserLoggedIn(sc)) {
    +      request.getRequestDispatcher("/").forward(request, response);
    +      return null;
    +    }
    +
    +    final String errorString = "Invalid SPNEGO credentials or SPNEGO is not configured";
    +    MainLoginPageModel model = new MainLoginPageModel(errorString);
    +    return ViewableWithPermissions.createMainLoginPage(model);
    +  }
    +
       // Request type is POST because POST request which contains the login credentials are invalid and the request is
       // dispatched here directly.
       @POST
    -  @Path("/login")
    +  @Path(WebServerConstants.FORM_LOGIN_RESOURCE_PATH)
       @Produces(MediaType.TEXT_HTML)
       public Viewable getLoginPageAfterValidationError() {
         return ViewableWithPermissions.createLoginPage("Invalid username/password credentials.");
       }
     
       @GET
    -  @Path("/logout")
    +  @Path(WebServerConstants.LOGOUT_RESOURCE_PATH)
       public void logout(@Context HttpServletRequest req, @Context HttpServletResponse resp) throws Exception {
         final HttpSession session = req.getSession();
         if (session != null) {
           session.invalidate();
         }
     
    -    req.getRequestDispatcher("/").forward(req, resp);
    +    req.getRequestDispatcher(WebServerConstants.WEBSERVER_ROOT_PATH).forward(req, resp);
    +  }
    +
    +  @GET
    +  @Path(WebServerConstants.MAIN_LOGIN_RESOURCE_PATH)
    +  @Produces(MediaType.TEXT_HTML)
    +  public Viewable getMainLoginPage(@Context HttpServletRequest request, @Context HttpServletResponse response,
    +                                   @Context SecurityContext sc, @Context UriInfo uriInfo,
    +                                   @QueryParam(WebServerConstants.REDIRECT_QUERY_PARM) String redirect) throws Exception {
    +    if (!StringUtils.isEmpty(redirect)) {
    +      // If the URL has redirect in it, set the redirect URI in session, so that after the login is successful, request
    +      // is forwarded to the redirect page.
    +      final HttpSession session = request.getSession(true);
    +      final URI destURI = UriBuilder.fromUri(URLDecoder.decode(redirect, "UTF-8")).build();
    +      session.setAttribute(FormAuthenticator.__J_URI, destURI.toString());
    +    }
    --- End diff --
    
    Done. Added private method `updateSessionRedirectInfo`


---