You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@drill.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2017/12/21 22:11:03 UTC
[jira] [Commented] (DRILL-5425) Support HTTP Kerberos auth using
SPNEGO
[ https://issues.apache.org/jira/browse/DRILL-5425?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16300624#comment-16300624 ]
ASF GitHub Bot commented on DRILL-5425:
---------------------------------------
Github user sohami commented on a diff in the pull request:
https://github.com/apache/drill/pull/1040#discussion_r158113700
--- Diff: exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/auth/DrillSpnegoAuthenticator.java ---
@@ -0,0 +1,150 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+package org.apache.drill.exec.server.rest.auth;
+
+
+import org.apache.drill.exec.server.rest.WebServerConstants;
+import org.apache.parquet.Strings;
+import org.eclipse.jetty.http.HttpHeader;
+import org.eclipse.jetty.http.HttpVersion;
+import org.eclipse.jetty.security.ServerAuthException;
+import org.eclipse.jetty.security.UserAuthentication;
+import org.eclipse.jetty.security.authentication.DeferredAuthentication;
+import org.eclipse.jetty.security.authentication.SessionAuthentication;
+import org.eclipse.jetty.security.authentication.SpnegoAuthenticator;
+import org.eclipse.jetty.server.Authentication;
+import org.eclipse.jetty.server.HttpChannel;
+import org.eclipse.jetty.server.Request;
+import org.eclipse.jetty.server.Response;
+import org.eclipse.jetty.server.UserIdentity;
+
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+
+/**
+ * Custom SpnegoAuthenticator for Drill which provides following:
+ * 1) Perform SPNEGO authentication only when spnegoLogin resource is requested. This helps to avoid authentication
+ * for each and every resource which the JETTY provided authenticator does.
+ * 2) Helps to redirect to the target URL after authentication is done successfully.
+ * 3) Clear-Up in memory session information once LogOut is triggered. Such that any future request also trigger the
--- End diff --
Done
> Support HTTP Kerberos auth using SPNEGO
> ---------------------------------------
>
> Key: DRILL-5425
> URL: https://issues.apache.org/jira/browse/DRILL-5425
> Project: Apache Drill
> Issue Type: New Feature
> Components: Web Server
> Affects Versions: 1.12.0
> Reporter: Sudheesh Katkam
> Assignee: Sorabh Hamirwasia
> Fix For: 1.13.0
>
>
> DRILL-4280 supports Kerberos through JDBC and ODBC API. This ticket requests to add Kerberos (using [SPENGO|https://en.wikipedia.org/wiki/SPNEGO]) for HTTP connections.
> This requires creating "direct" web sessions; currently web sessions are sessions over Java client sessions.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)