Re: Review Request 48130: ATLAS-820- Kerberized env: Authentication failing

Thu, 02 Jun 2016 02:00:01 -0700 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/48130/
-----------------------------------------------------------

(Updated June 2, 2016, 8:59 a.m.)


Review request for atlas, Gautam Borad, Madhan Neethiraj, Mehul Parikh, Shwetha 
GS, and Hemanth Yamijala.


Changes
-------

Change includes.

Added Request Context related code, which was missed in earlier version.
Optimized the import statements AtlasAuthenticationFilter class.


Bugs: ATLAS-820
    https://issues.apache.org/jira/browse/ATLAS-820


Repository: atlas


Description
-------

Kerberos-Authentication-related-changes.

Changes includes.

* Adding/Configaration of AtlasAuthentication fitler into spring's filter.
* Refactoring of authentication related properties.


Diffs (updated)
-----

  common/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java f8e22f0 
  distro/src/conf/atlas-application.properties bfa40e8 
  distro/src/conf/policy-store.txt 339f014 
  webapp/src/main/java/org/apache/atlas/web/dao/UserDao.java f1ceee2 
  
webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java
 2d84b10 
  
webapp/src/main/java/org/apache/atlas/web/filters/KerberosAuthenticationFilter.java
 PRE-CREATION 
  webapp/src/main/java/org/apache/atlas/web/filters/MockServletContext.java 
PRE-CREATION 
  webapp/src/main/java/org/apache/atlas/web/listeners/GuiceServletConfig.java 
010fa2a 
  webapp/src/main/java/org/apache/atlas/web/listeners/LoginProcessor.java 
b7943e7 
  
webapp/src/main/java/org/apache/atlas/web/security/AtlasAuthenticationProvider.java
 389a609 
  webapp/src/main/resources/spring-security.xml bba054d 
  
webapp/src/test/java/org/apache/atlas/web/security/FileAuthenticationTest.java 
a07874a 

Diff: https://reviews.apache.org/r/48130/diff/


Testing
-------

* Tested Quick Started in both kerberos and normal env.
* mvn clean install.
* Tested atlas UI in kerberized and non kerberized browser.
* Executed curl commands with and without kinit.

kinit -kt /etc/security/keytabs/atlas.service.keytab 
atlas/[email protected]

curl url        curl -v -u admin:admin 
http://mp-atls-495-1.openstacklocal:21000/api/atlas/types
curl with –negotiate    curl -k -v  --negotiate -u :  
http://mp-atls-495-1.openstacklocal:21000/api/atlas/types
curl with without negotiate     curl -k -v   -u :  
http://mp-atls-495-1.openstacklocal:21000/api/atlas/types
curl with -u admin:admin        curl -v -u admin:admin 
http://mp-atls-495-1.openstacklocal:21000/api/atlas/types
with browser    google-chrome 
–auth-server-whitelist="mp-atls-495-1.openstacklocal"


Thanks,

Nixon Rodrigues

Reply via email to