eb1b11cd17
### _Why are the changes needed?_ This PR proposes to enhance the LDAP support, which mainly referring the code introduced in HIVE-14713. Currently, Kyuubi has very limited LDAP support, and the implementation is from the early Hive codebase. Hive enhanced the LDAP support in later versions, considering the Hive ecosystem is quite mature, I think we'd better to porting this functionality and keep the same behavior w/ Hive first, and we can improve it if meet certain requirements/issues in the future. Basically, this PR introduces the following configurations ``` kyuubi.authentication.ldap.url (since 1.0.0) kyuubi.authentication.ldap.domain (since 1.0.0) kyuubi.authentication.ldap.guidKey (since 1.2.0) kyuubi.authentication.ldap.base.dn (since 1.0.0 deprecated) kyuubi.authentication.ldap.baseDN kyuubi.authentication.ldap.groupMembershipKey kyuubi.authentication.ldap.userMembershipKey kyuubi.authentication.ldap.groupClassKey kyuubi.authentication.ldap.groupDNPattern kyuubi.authentication.ldap.userDNPattern kyuubi.authentication.ldap.groupFilter kyuubi.authentication.ldap.userFilter kyuubi.authentication.ldap.customLDAPQuery kyuubi.authentication.ldap.binddn kyuubi.authentication.ldap.bindpw ``` ### _How was this patch tested?_ - [x] Add some test cases that check the changes thoroughly including negative and positive cases if possible This PR ports all LDAP-related UT&IT from Hive codebase - [ ] Add screenshots for manual tests if appropriate - [x] [Run test](https://kyuubi.apache.org/docs/latest/develop_tools/testing.html#running-tests) locally before make a pull request Closes #4152 from pan3793/ldap. Closes #4152 d251c959 [Cheng Pan] nit 6d14f44b [Cheng Pan] nit 6b3d116c [Cheng Pan] nit ab47d822 [Cheng Pan] nit a56e8702 [Cheng Pan] nit 4624619a [Cheng Pan] nit b82c0c05 [Cheng Pan] LDAP test password uses alphanumeric 86a01cca [Cheng Pan] Enhance LDAP authentication Authored-by: Cheng Pan <chengpan@apache.org> Signed-off-by: Cheng Pan <chengpan@apache.org>
26 lines
1.5 KiB
Plaintext
26 lines
1.5 KiB
Plaintext
[The "BSD 3-clause license"]
|
|
Copyright (c) 2012-2017 The ANTLR Project. All rights reserved.
|
|
|
|
Redistribution and use in source and binary forms, with or without
|
|
modification, are permitted provided that the following conditions
|
|
are met:
|
|
|
|
1. Redistributions of source code must retain the above copyright
|
|
notice, this list of conditions and the following disclaimer.
|
|
2. Redistributions in binary form must reproduce the above copyright
|
|
notice, this list of conditions and the following disclaimer in the
|
|
documentation and/or other materials provided with the distribution.
|
|
3. Neither the name of the copyright holder nor the names of its contributors
|
|
may be used to endorse or promote products derived from this software
|
|
without specific prior written permission.
|
|
|
|
THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |