diff --git a/kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/PlainSASLHelper.scala b/kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/PlainSASLHelper.scala index ee4a34b57..18569db4e 100644 --- a/kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/PlainSASLHelper.scala +++ b/kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/PlainSASLHelper.scala @@ -79,8 +79,9 @@ object PlainSASLHelper { val props = new java.util.HashMap[String, String] saslFactory.addServerDefinition("PLAIN", authTypeStr, null, props, handler) } catch { - case e: AuthenticationException => - throw new LoginException("Error setting callback handler" + e); + case e: NoSuchElementException => + throw new IllegalArgumentException( + s"Illegal authentication type $authTypeStr for plain transport", e) } saslFactory } diff --git a/kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/PlainSASLServer.scala b/kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/PlainSASLServer.scala index e15d7bc0f..43b815696 100644 --- a/kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/PlainSASLServer.scala +++ b/kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/PlainSASLServer.scala @@ -22,6 +22,9 @@ import java.security.Provider import javax.security.auth.callback.{Callback, CallbackHandler, NameCallback, PasswordCallback, UnsupportedCallbackException} import javax.security.sasl.{AuthorizeCallback, SaslException, SaslServer, SaslServerFactory} +import org.apache.kyuubi.KYUUBI_VERSION +import org.apache.kyuubi.Utils + class PlainSASLServer( handler: CallbackHandler, method: AuthMethods.AuthMethod) extends SaslServer { @@ -123,7 +126,13 @@ object PlainSASLServer { } } - class SaslPlainProvider extends Provider("KyuubiSaslPlain", 1.0, "Kyuubi Plain SASL provider") { + private final val version: Double = { + val (major, minor) = Utils.majorMinorVersion(KYUUBI_VERSION) + major + minor.toDouble / 10 + } + + class SaslPlainProvider + extends Provider("KyuubiSaslPlain", version, "Kyuubi Plain SASL provider") { put("SaslServerFactory.PLAIN", classOf[SaslPlainServerFactory].getName) } } diff --git a/kyuubi-common/src/test/scala/org/apache/kyuubi/service/authentication/PlainSASLHelperSuite.scala b/kyuubi-common/src/test/scala/org/apache/kyuubi/service/authentication/PlainSASLHelperSuite.scala new file mode 100644 index 000000000..23f8cef24 --- /dev/null +++ b/kyuubi-common/src/test/scala/org/apache/kyuubi/service/authentication/PlainSASLHelperSuite.scala @@ -0,0 +1,70 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.kyuubi.service.authentication + +import java.security.Security + +import org.apache.thrift.transport.{TSaslServerTransport, TSocket} + +import org.apache.kyuubi.{KYUUBI_VERSION, KyuubiFunSuite, Utils} +import org.apache.kyuubi.config.KyuubiConf +import org.apache.kyuubi.service.{FrontendService, NoopServer} +import org.apache.kyuubi.service.authentication.PlainSASLServer.SaslPlainProvider + +class PlainSASLHelperSuite extends KyuubiFunSuite { + + test("PlainSASLHelper") { + val server = new NoopServer() + val conf = KyuubiConf().set(KyuubiConf.FRONTEND_BIND_PORT, 0) + server.initialize(conf) + val service = server.getServices(1).asInstanceOf[FrontendService] + val tProcessorFactory = PlainSASLHelper.getProcessFactory(service) + val tSocket = new TSocket("0.0.0.0", 0) + + val tProcessor = tProcessorFactory.getProcessor(tSocket) + assert(tProcessor.isInstanceOf[TSetIpAddressProcessor[_]]) + val e = intercept[IllegalArgumentException] { + PlainSASLHelper.getTransportFactory("KERBEROS", conf) + } + assert(e.getMessage === "Illegal authentication type KERBEROS for plain transport") + val e2 = intercept[IllegalArgumentException] { + PlainSASLHelper.getTransportFactory("NOSASL", conf) + } + assert(e2.getMessage === "Illegal authentication type NOSASL for plain transport") + + val e3 = intercept[IllegalArgumentException] { + PlainSASLHelper.getTransportFactory("ELSE", conf) + } + assert(e3.getMessage === "Illegal authentication type ELSE for plain transport") + + val tTransportFactory = PlainSASLHelper.getTransportFactory("NONE", conf) + assert(tTransportFactory.isInstanceOf[TSaslServerTransport.Factory]) + Security.getProviders.exists(_.isInstanceOf[SaslPlainProvider]) + } + + test("Sasl Plain Provider") { + val saslPlainProvider = new SaslPlainProvider() + assert(saslPlainProvider.containsKey("SaslServerFactory.PLAIN")) + assert(saslPlainProvider.getName === "KyuubiSaslPlain") + val version: Double = { + val (major, minor) = Utils.majorMinorVersion(KYUUBI_VERSION) + major + minor.toDouble / 10 + } + assert(saslPlainProvider.getVersion === version) + } +} diff --git a/kyuubi-server/src/test/scala/yaooqinn/kyuubi/auth/PlainSaslHelperSuite.scala b/kyuubi-server/src/test/scala/yaooqinn/kyuubi/auth/PlainSaslHelperSuite.scala deleted file mode 100644 index 265628e57..000000000 --- a/kyuubi-server/src/test/scala/yaooqinn/kyuubi/auth/PlainSaslHelperSuite.scala +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package yaooqinn.kyuubi.auth - -import java.security.Security -import javax.security.auth.login.LoginException - -import org.apache.spark.{KyuubiSparkUtil, SparkConf, SparkFunSuite} -import org.apache.thrift.transport.{TSaslServerTransport, TSocket} - -import yaooqinn.kyuubi.auth.PlainSaslServer.SaslPlainProvider -import yaooqinn.kyuubi.server.KyuubiServer - -class PlainSaslHelperSuite extends SparkFunSuite { - - test("Plain Sasl Helper") { - val conf = new SparkConf(loadDefaults = true) - KyuubiSparkUtil.setupCommonConfig(conf) - val server = new KyuubiServer() - val fe = server.feService - val tProcessorFactory = PlainSaslHelper.getProcessFactory(fe) - assert(!tProcessorFactory.isAsyncProcessor) - val tSocket = new TSocket("0.0.0.0", 0) - val tProcessor = tProcessorFactory.getProcessor(tSocket) - assert(tProcessor.isInstanceOf[TSetIpAddressProcessor[_]]) - intercept[LoginException](PlainSaslHelper.getTransportFactory("KERBEROS", conf)) - intercept[LoginException](PlainSaslHelper.getTransportFactory("NOSASL", conf)) - intercept[LoginException](PlainSaslHelper.getTransportFactory("ELSE", conf)) - val tTransportFactory = PlainSaslHelper.getTransportFactory("NONE", conf) - assert(tTransportFactory.isInstanceOf[TSaslServerTransport.Factory]) - Security.getProviders.exists(_.isInstanceOf[SaslPlainProvider]) - } - - test("Sasl Plain Provider") { - val saslPlainProvider = new SaslPlainProvider() - assert(saslPlainProvider.containsKey("SaslServerFactory.PLAIN")) - assert(saslPlainProvider.getName === "KyuubiSaslPlain") - - } - - -}