> On June 2, 2016, 2:04 p.m., Hemanth Yamijala wrote: > > webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java, > > line 269 > > <https://reviews.apache.org/r/48130/diff/2/?file=1404597#file1404597line269> > > > > Is this a valid case? Does this not mean if no authentication is > > provided, we would still allow it?
If the kerberos authentication is true & then the request will be sent to kerberos authentication. If the request has basic or form based authentication headers the authentication will be taken care by this filters below in chain and if the request is not authenticated it will be redirected to login page entry point or basic entry point with code 401. > On June 2, 2016, 2:04 p.m., Hemanth Yamijala wrote: > > webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java, > > line 246 > > <https://reviews.apache.org/r/48130/diff/2/?file=1404597#file1404597line246> > > > > Why this check. I think it can never be null given how > > RequestContext.get is implemented. As per RequestContext design it should not be null, but while testing i got NPE for RequestContext being null. I will find the exact cause and update the NPE check accordingly. - Nixon ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/48130/#review135927 ----------------------------------------------------------- On June 2, 2016, 8:59 a.m., Nixon Rodrigues wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/48130/ > ----------------------------------------------------------- > > (Updated June 2, 2016, 8:59 a.m.) > > > Review request for atlas, Gautam Borad, Madhan Neethiraj, Mehul Parikh, > Shwetha GS, and Hemanth Yamijala. > > > Bugs: ATLAS-820 > https://issues.apache.org/jira/browse/ATLAS-820 > > > Repository: atlas > > > Description > ------- > > Kerberos-Authentication-related-changes. > > Changes includes. > > * Adding/Configaration of AtlasAuthentication fitler into spring's filter. > * Refactoring of authentication related properties. > > > Diffs > ----- > > common/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java f8e22f0 > distro/src/conf/atlas-application.properties bfa40e8 > distro/src/conf/policy-store.txt 339f014 > webapp/src/main/java/org/apache/atlas/web/dao/UserDao.java f1ceee2 > > webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java > 2d84b10 > > webapp/src/main/java/org/apache/atlas/web/filters/KerberosAuthenticationFilter.java > PRE-CREATION > webapp/src/main/java/org/apache/atlas/web/filters/MockServletContext.java > PRE-CREATION > webapp/src/main/java/org/apache/atlas/web/listeners/GuiceServletConfig.java > 010fa2a > webapp/src/main/java/org/apache/atlas/web/listeners/LoginProcessor.java > b7943e7 > > webapp/src/main/java/org/apache/atlas/web/security/AtlasAuthenticationProvider.java > 389a609 > webapp/src/main/resources/spring-security.xml bba054d > > webapp/src/test/java/org/apache/atlas/web/security/FileAuthenticationTest.java > a07874a > > Diff: https://reviews.apache.org/r/48130/diff/ > > > Testing > ------- > > * Tested Quick Started in both kerberos and normal env. > * mvn clean install. > * Tested atlas UI in kerberized and non kerberized browser. > * Executed curl commands with and without kinit. > > kinit -kt /etc/security/keytabs/atlas.service.keytab > atlas/[email protected] > > curl url curl -v -u admin:admin > http://mp-atls-495-1.openstacklocal:21000/api/atlas/types > curl with –negotiate curl -k -v --negotiate -u : > http://mp-atls-495-1.openstacklocal:21000/api/atlas/types > curl with without negotiate curl -k -v -u : > http://mp-atls-495-1.openstacklocal:21000/api/atlas/types > curl with -u admin:admin curl -v -u admin:admin > http://mp-atls-495-1.openstacklocal:21000/api/atlas/types > with browser google-chrome > –auth-server-whitelist="mp-atls-495-1.openstacklocal" > > > Thanks, > > Nixon Rodrigues > >
