[CELEBORN-1521][FOLLOWUP] Using AuthenticationException instead of SecurityException

### What changes were proposed in this pull request? As title. ### Why are the changes needed? Have to use AuthenticationException to return status code 401 on auth failure, otherwise, it is `500`. 9fefa66318/service/src/main/scala/org/apache/celeborn/server/common/http/authentication/AuthenticationFilter.scala (L159-L160) ### Does this PR introduce _any_ user-facing change? No, this interface has not been released. ### How was this patch tested? Existing GA. Closes #2703 from turboFei/auth_exception. Authored-by: Wang, Fei <fwang12@ebay.com> Signed-off-by: Shuang <lvshuang.xjs@alibaba-inc.com>
2024-10-09 23:04:36 +08:00 · 2024-10-09 23:04:36 +08:00 · 954bb3ca5a
commit 954bb3ca5a
parent df8a9a6149
2 changed files with 9 additions and 4 deletions
--- a/spi/src/main/java/org/apache/celeborn/spi/authentication/PasswdAuthenticationProvider.java
+++ b/spi/src/main/java/org/apache/celeborn/spi/authentication/PasswdAuthenticationProvider.java
@ -19,6 +19,8 @@ package org.apache.celeborn.spi.authentication;

 import java.security.Principal;

+import javax.security.sasl.AuthenticationException;
+
 public interface PasswdAuthenticationProvider {
  /**
   * The authenticate method is called by the celeborn authentication layer to authenticate password
@ -27,7 +29,7 @@ public interface PasswdAuthenticationProvider {
   *
   * @param credential The credential received over the connection request
   * @return The identifier associated with the credential
-   * @throws SecurityException When a user is found to be invalid by the implementation
+   * @throws AuthenticationException When a user is found to be invalid by the implementation
   */
-  Principal authenticate(PasswordCredential credential);
+  Principal authenticate(PasswordCredential credential) throws AuthenticationException;
 }
--- a/spi/src/main/java/org/apache/celeborn/spi/authentication/TokenAuthenticationProvider.java
+++ b/spi/src/main/java/org/apache/celeborn/spi/authentication/TokenAuthenticationProvider.java
@ -19,6 +19,8 @@ package org.apache.celeborn.spi.authentication;

 import java.security.Principal;

+import javax.security.sasl.AuthenticationException;
+
 public interface TokenAuthenticationProvider {
  /**
   * The authenticate method is called by the celeborn authentication layer to authenticate
@ -27,7 +29,8 @@ public interface TokenAuthenticationProvider {
   *
   * @param credential The credential received over the connection request
   * @return The identifier associated with the token
-   * @throws SecurityException When the credential is found to be invalid by the implementation
+   * @throws AuthenticationException When the credential is found to be invalid by the
+   *     implementation
   */
-  Principal authenticate(TokenCredential credential);
+  Principal authenticate(TokenCredential credential) throws AuthenticationException;
 }