This is an automated email from the ASF dual-hosted git repository. justinchen pushed a commit to branch fix-login in repository https://gitbox.apache.org/repos/asf/iotdb.git
commit bc9ec6e25ba41350d5ac6f16c0bad66e3f3fb403 Author: Caideyipi <[email protected]> AuthorDate: Sat Mar 21 23:02:03 2026 +0800 fix --- .../persistence/auth/AuthorPlanExecutor.java | 19 +++++++------------ .../apache/iotdb/db/auth/ClusterAuthorityFetcher.java | 1 + .../pipe/source/dataregion/IoTDBDataRegionSource.java | 5 +++-- .../db/auth/authorizer/LocalFileAuthorizerTest.java | 6 +++--- .../commons/auth/authorizer/BasicAuthorizer.java | 8 ++++---- .../iotdb/commons/auth/authorizer/IAuthorizer.java | 3 +-- 6 files changed, 19 insertions(+), 23 deletions(-) diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/auth/AuthorPlanExecutor.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/auth/AuthorPlanExecutor.java index 3c0095c9155..e1a0dde846a 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/auth/AuthorPlanExecutor.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/auth/AuthorPlanExecutor.java @@ -74,20 +74,15 @@ public class AuthorPlanExecutor implements IAuthorPlanExecutor { @Override public TPermissionInfoResp login( - String username, final String password, final boolean useEncryptedPassword) { - boolean status; - String loginMessage = null; - TSStatus tsStatus = new TSStatus(); + final String username, final String password, final boolean useEncryptedPassword) { + final String loginMessage; + final TSStatus tsStatus = new TSStatus(); TPermissionInfoResp result = new TPermissionInfoResp(); try { - status = authorizer.login(username, password, useEncryptedPassword); - if (status) { - result = getUserPermissionInfo(username, ModelType.ALL); - result.setStatus(RpcUtils.getStatus(TSStatusCode.SUCCESS_STATUS, "Login successfully")); - } else { - result = AuthUtils.generateEmptyPermissionInfoResp(); - } - } catch (AuthException e) { + authorizer.login(username, password, useEncryptedPassword); + result = getUserPermissionInfo(username, ModelType.ALL); + result.setStatus(RpcUtils.getStatus(TSStatusCode.SUCCESS_STATUS, "Login successfully")); + } catch (final AuthException e) { LOGGER.error("meet error while logging in.", e); loginMessage = e.getMessage(); tsStatus.setCode(e.getCode().getStatusCode()); diff --git a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/ClusterAuthorityFetcher.java b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/ClusterAuthorityFetcher.java index 325476174c6..799607b953e 100644 --- a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/ClusterAuthorityFetcher.java +++ b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/ClusterAuthorityFetcher.java @@ -580,6 +580,7 @@ public class ClusterAuthorityFetcher implements IAuthorityFetcher { } finally { if (status == null) { status = new TPermissionInfoResp(); + status.setStatus(RpcUtils.getStatus(TSStatusCode.EXECUTE_STATEMENT_ERROR)); } } if (status.getStatus().getCode() == TSStatusCode.SUCCESS_STATUS.getStatusCode()) { diff --git a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/pipe/source/dataregion/IoTDBDataRegionSource.java b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/pipe/source/dataregion/IoTDBDataRegionSource.java index 32e5c300f7d..a6d47bc1975 100644 --- a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/pipe/source/dataregion/IoTDBDataRegionSource.java +++ b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/pipe/source/dataregion/IoTDBDataRegionSource.java @@ -561,6 +561,7 @@ public class IoTDBDataRegionSource extends IoTDBSource { @Override protected void login(final @Nonnull String password) { if (!pipeName.startsWith(PipeStaticMeta.CONSENSUS_PIPE_PREFIX)) { + final boolean useEncryptedPassword = regionId >= 0; if (SessionManager.getInstance() .login( new InternalClientSession("Source_login_session_" + regionId), @@ -570,11 +571,11 @@ public class IoTDBDataRegionSource extends IoTDBSource { SessionManager.CURRENT_RPC_VERSION, IoTDBConstant.ClientVersion.V_1_0, IClientSession.SqlDialect.TREE, - regionId >= 0) + useEncryptedPassword) .getCode() != TSStatusCode.SUCCESS_STATUS.getStatusCode()) { throw new PipePasswordCheckException( - String.format("Failed to check password for pipe %s.", pipeName)); + String.format("Failed to check password for pipe %s, useEncryptedPassword: %s", pipeName, useEncryptedPassword)); } } } diff --git a/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/authorizer/LocalFileAuthorizerTest.java b/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/authorizer/LocalFileAuthorizerTest.java index 194f33e8d67..88decde4e21 100644 --- a/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/authorizer/LocalFileAuthorizerTest.java +++ b/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/authorizer/LocalFileAuthorizerTest.java @@ -64,7 +64,7 @@ public class LocalFileAuthorizerTest { @Test public void testLogin() throws AuthException { - Assert.assertTrue(authorizer.login("root", "root", false)); + authorizer.login("root", "root", false); Assert.assertThrows(AuthException.class, () -> authorizer.login("root", "error", false)); } @@ -76,7 +76,7 @@ public class LocalFileAuthorizerTest { } catch (AuthException e) { assertEquals("User user already exists", e.getMessage()); } - Assert.assertTrue(authorizer.login(userName, password, false)); + authorizer.login(userName, password, false); authorizer.deleteUser(userName); try { authorizer.deleteUser(userName); @@ -230,7 +230,7 @@ public class LocalFileAuthorizerTest { public void testUpdatePassword() throws AuthException { authorizer.createUser(userName, password); authorizer.updateUserPassword(userName, "newPassword123456"); - Assert.assertTrue(authorizer.login(userName, "newPassword123456", false)); + authorizer.login(userName, "newPassword123456", false); } @Test diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/BasicAuthorizer.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/BasicAuthorizer.java index 948feb8b250..8cb569bfc82 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/BasicAuthorizer.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/BasicAuthorizer.java @@ -107,7 +107,7 @@ public abstract class BasicAuthorizer implements IAuthorizer, IService { } @Override - public boolean login( + public void login( final String username, final String password, final boolean useEncryptedPassword) throws AuthException { User user = userManager.getEntity(username); @@ -117,13 +117,13 @@ public abstract class BasicAuthorizer implements IAuthorizer, IService { } if (useEncryptedPassword) { if (password.equals(user.getPassword())) { - return true; + return; } throw new AuthException(TSStatusCode.WRONG_LOGIN_PASSWORD, "Incorrect password."); } if (AuthUtils.validatePassword( password, user.getPassword(), AsymmetricEncrypt.DigestAlgorithm.SHA_256)) { - return true; + return; } if (AuthUtils.validatePassword( password, user.getPassword(), AsymmetricEncrypt.DigestAlgorithm.MD5)) { @@ -131,7 +131,7 @@ public abstract class BasicAuthorizer implements IAuthorizer, IService { forceUpdateUserPassword(username, password); } catch (AuthException ignore) { } - return true; + return; } throw new AuthException(TSStatusCode.WRONG_LOGIN_PASSWORD, "Incorrect password."); } diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/IAuthorizer.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/IAuthorizer.java index 3ac33dbeddd..d0baf07b667 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/IAuthorizer.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/IAuthorizer.java @@ -40,9 +40,8 @@ public interface IAuthorizer extends SnapshotProcessor { * * @param username The username of the user. * @param password The password of the user. - * @return True if such user exists and the given password is correct, else return false. */ - boolean login(String username, String password, final boolean useEncryptedPassword) + void login(String username, String password, final boolean useEncryptedPassword) throws AuthException; /**
