org.apache.drill.exec.server.rest.auth

Class DrillSpnegoAuthenticator

java.lang.Object

org.eclipse.jetty.security.authentication.LoginAuthenticator

org.eclipse.jetty.security.authentication.SpnegoAuthenticator

org.apache.drill.exec.server.rest.auth.DrillSpnegoAuthenticator

All Implemented Interfaces:

org.eclipse.jetty.security.Authenticator

public class DrillSpnegoAuthenticator
extends org.eclipse.jetty.security.authentication.SpnegoAuthenticator

Custom SpnegoAuthenticator for Drill

Nested Class Summary

Nested classes/interfaces inherited from interface org.eclipse.jetty.security.Authenticator

org.eclipse.jetty.security.Authenticator.AuthConfiguration, org.eclipse.jetty.security.Authenticator.Factory

Field Summary

Fields inherited from class org.eclipse.jetty.security.authentication.LoginAuthenticator

_identityService, _loginService

Constructor Summary

Constructors

Constructor and Description
DrillSpnegoAuthenticator(String authMethod)

Method Summary

Modifier and Type	Method and Description
org.eclipse.jetty.server.UserIdentity	login(String username, Object password, javax.servlet.ServletRequest request)
org.eclipse.jetty.server.Authentication	validateRequest(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, boolean mandatoryAuth) Updated logic as compared to default implementation in SpnegoAuthenticator.validateRequest(ServletRequest, ServletResponse, boolean) to handle below cases: 1) Perform SPNEGO authentication only when spnegoLogin resource is requested.

Methods inherited from class org.eclipse.jetty.security.authentication.SpnegoAuthenticator

getAuthMethod, secureResponse

Methods inherited from class org.eclipse.jetty.security.authentication.LoginAuthenticator

getLoginService, logout, prepareRequest, renewSession, setConfiguration

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

DrillSpnegoAuthenticator

public DrillSpnegoAuthenticator(String authMethod)

Method Detail

validateRequest

public org.eclipse.jetty.server.Authentication validateRequest(javax.servlet.ServletRequest request,
                                                               javax.servlet.ServletResponse response,
                                                               boolean mandatoryAuth)
                                                        throws org.eclipse.jetty.security.ServerAuthException

Updated logic as compared to default implementation in SpnegoAuthenticator.validateRequest(ServletRequest, ServletResponse, boolean) to handle below cases: 1) Perform SPNEGO authentication only when spnegoLogin resource is requested. This helps to avoid authentication for each and every resource which the JETTY provided authenticator does. 2) Helps to redirect to the target URL after authentication is done successfully. 3) Clear-Up in memory session information once LogOut is triggered such that any future request also triggers SPNEGO authentication.

Specified by:

validateRequest in interface org.eclipse.jetty.security.Authenticator

Overrides:

validateRequest in class org.eclipse.jetty.security.authentication.SpnegoAuthenticator

Parameters:

request -

response -

mandatoryAuth -

Returns:

Throws:

org.eclipse.jetty.security.ServerAuthException

login

public org.eclipse.jetty.server.UserIdentity login(String username,
                                                   Object password,
                                                   javax.servlet.ServletRequest request)

Overrides:

login in class org.eclipse.jetty.security.authentication.LoginAuthenticator