apache/kyuubi
1
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity

PlainSASLHelperSuite

Browse Source
This commit is contained in:
Kent Yao 2020-10-26 15:17:53 +08:00
parent e59a751b04
commit 11fd6f9263
4 changed files with 83 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/PlainSASLHelper.scala
View File

@ -79,8 +79,9 @@ object PlainSASLHelper {
val props = new java.util.HashMap[String, String] val props = new java.util.HashMap[String, String]
saslFactory.addServerDefinition("PLAIN", authTypeStr, null, props, handler) saslFactory.addServerDefinition("PLAIN", authTypeStr, null, props, handler)
} catch { } catch {
case e: AuthenticationException => case e: NoSuchElementException =>
throw new LoginException("Error setting callback handler" + e); throw new IllegalArgumentException(
s"Illegal authentication type $authTypeStr for plain transport", e)
} }
saslFactory saslFactory
} }

11
kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/PlainSASLServer.scala
View File

@ -22,6 +22,9 @@ import java.security.Provider
import javax.security.auth.callback.{Callback, CallbackHandler, NameCallback, PasswordCallback, UnsupportedCallbackException} import javax.security.auth.callback.{Callback, CallbackHandler, NameCallback, PasswordCallback, UnsupportedCallbackException}
import javax.security.sasl.{AuthorizeCallback, SaslException, SaslServer, SaslServerFactory} import javax.security.sasl.{AuthorizeCallback, SaslException, SaslServer, SaslServerFactory}
import org.apache.kyuubi.KYUUBI_VERSION
import org.apache.kyuubi.Utils
class PlainSASLServer( class PlainSASLServer(
handler: CallbackHandler, handler: CallbackHandler,
method: AuthMethods.AuthMethod) extends SaslServer { method: AuthMethods.AuthMethod) extends SaslServer {
@ -123,7 +126,13 @@ object PlainSASLServer {
} }
} }
class SaslPlainProvider extends Provider("KyuubiSaslPlain", 1.0, "Kyuubi Plain SASL provider") { private final val version: Double = {
val (major, minor) = Utils.majorMinorVersion(KYUUBI_VERSION)
major + minor.toDouble / 10
}
class SaslPlainProvider
extends Provider("KyuubiSaslPlain", version, "Kyuubi Plain SASL provider") {
put("SaslServerFactory.PLAIN", classOf[SaslPlainServerFactory].getName) put("SaslServerFactory.PLAIN", classOf[SaslPlainServerFactory].getName)
} }
} }

70
kyuubi-common/src/test/scala/org/apache/kyuubi/service/authentication/PlainSASLHelperSuite.scala Normal file
View File

@ -0,0 +1,70 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.kyuubi.service.authentication
import java.security.Security
import org.apache.thrift.transport.{TSaslServerTransport, TSocket}
import org.apache.kyuubi.{KYUUBI_VERSION, KyuubiFunSuite, Utils}
import org.apache.kyuubi.config.KyuubiConf
import org.apache.kyuubi.service.{FrontendService, NoopServer}
import org.apache.kyuubi.service.authentication.PlainSASLServer.SaslPlainProvider
class PlainSASLHelperSuite extends KyuubiFunSuite {
test("PlainSASLHelper") {
val server = new NoopServer()
val conf = KyuubiConf().set(KyuubiConf.FRONTEND_BIND_PORT, 0)
server.initialize(conf)
val service = server.getServices(1).asInstanceOf[FrontendService]
val tProcessorFactory = PlainSASLHelper.getProcessFactory(service)
val tSocket = new TSocket("0.0.0.0", 0)
val tProcessor = tProcessorFactory.getProcessor(tSocket)
assert(tProcessor.isInstanceOf[TSetIpAddressProcessor[_]])
val e = intercept[IllegalArgumentException] {
PlainSASLHelper.getTransportFactory("KERBEROS", conf)
}
assert(e.getMessage === "Illegal authentication type KERBEROS for plain transport")
val e2 = intercept[IllegalArgumentException] {
PlainSASLHelper.getTransportFactory("NOSASL", conf)
}
assert(e2.getMessage === "Illegal authentication type NOSASL for plain transport")
val e3 = intercept[IllegalArgumentException] {
PlainSASLHelper.getTransportFactory("ELSE", conf)
}
assert(e3.getMessage === "Illegal authentication type ELSE for plain transport")
val tTransportFactory = PlainSASLHelper.getTransportFactory("NONE", conf)
assert(tTransportFactory.isInstanceOf[TSaslServerTransport.Factory])
Security.getProviders.exists(_.isInstanceOf[SaslPlainProvider])
}
test("Sasl Plain Provider") {
val saslPlainProvider = new SaslPlainProvider()
assert(saslPlainProvider.containsKey("SaslServerFactory.PLAIN"))
assert(saslPlainProvider.getName === "KyuubiSaslPlain")
val version: Double = {
val (major, minor) = Utils.majorMinorVersion(KYUUBI_VERSION)
major + minor.toDouble / 10
}
assert(saslPlainProvider.getVersion === version)
}
}

57
kyuubi-server/src/test/scala/yaooqinn/kyuubi/auth/PlainSaslHelperSuite.scala
View File

@ -1,57 +0,0 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package yaooqinn.kyuubi.auth
import java.security.Security
import javax.security.auth.login.LoginException
import org.apache.spark.{KyuubiSparkUtil, SparkConf, SparkFunSuite}
import org.apache.thrift.transport.{TSaslServerTransport, TSocket}
import yaooqinn.kyuubi.auth.PlainSaslServer.SaslPlainProvider
import yaooqinn.kyuubi.server.KyuubiServer
class PlainSaslHelperSuite extends SparkFunSuite {
test("Plain Sasl Helper") {
val conf = new SparkConf(loadDefaults = true)
KyuubiSparkUtil.setupCommonConfig(conf)
val server = new KyuubiServer()
val fe = server.feService
val tProcessorFactory = PlainSaslHelper.getProcessFactory(fe)
assert(!tProcessorFactory.isAsyncProcessor)
val tSocket = new TSocket("0.0.0.0", 0)
val tProcessor = tProcessorFactory.getProcessor(tSocket)
assert(tProcessor.isInstanceOf[TSetIpAddressProcessor[_]])
intercept[LoginException](PlainSaslHelper.getTransportFactory("KERBEROS", conf))
intercept[LoginException](PlainSaslHelper.getTransportFactory("NOSASL", conf))
intercept[LoginException](PlainSaslHelper.getTransportFactory("ELSE", conf))
val tTransportFactory = PlainSaslHelper.getTransportFactory("NONE", conf)
assert(tTransportFactory.isInstanceOf[TSaslServerTransport.Factory])
Security.getProviders.exists(_.isInstanceOf[SaslPlainProvider])
}
test("Sasl Plain Provider") {
val saslPlainProvider = new SaslPlainProvider()
assert(saslPlainProvider.containsKey("SaslServerFactory.PLAIN"))
assert(saslPlainProvider.getName === "KyuubiSaslPlain")
}
}