Github user sudheeshkatkam commented on a diff in the pull request:
https://github.com/apache/drill/pull/829#discussion_r118035903
--- Diff:
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/DrillRestServer.java
---
@@ -91,13 +102,140 @@ protected void configure() {
bind(new UserAuthEnabled(isAuthEnabled)).to(UserAuthEnabled.class);
if (isAuthEnabled) {
bindFactory(DrillUserPrincipalProvider.class).to(DrillUserPrincipal.class);
+
bindFactory(AuthWebUserConnectionProvider.class).to(WebUserConnection.class);
} else {
bindFactory(AnonDrillUserPrincipalProvider.class).to(DrillUserPrincipal.class);
+
bindFactory(AnonWebUserConnectionProvider.class).to(WebUserConnection.class);
}
}
});
}
+ public static class AuthWebUserConnectionProvider implements
Factory<WebUserConnection> {
+
+ @Inject
+ HttpServletRequest request;
+
+ @Inject
+ WorkManager workManager;
+
+ @Override
+ public WebUserConnection provide() {
+ final HttpSession session = request.getSession();
+ final Principal sessionUserPrincipal = request.getUserPrincipal();
+
+ // If there is no valid principal this means user is not logged in
yet.
+ if (sessionUserPrincipal == null) {
+ return null;
+ }
+
+ // User is logged in, let's check if we already have a valid
UserSession.
+ UserSession drillUserSession = (UserSession)
session.getAttribute(UserSession.class.getSimpleName());
+
+ // Get the close future and remote address. If user is logging in
first time then these will be null and set
+ // below. Otherwise these will be valid instances which is re-used
for the session lifetime.
+ ChannelPromise closeFuture = (ChannelPromise)
session.getAttribute(ChannelPromise.class.getSimpleName());
+ SocketAddress remoteAddress = (SocketAddress)
session.getAttribute(SocketAddress.class.getSimpleName());
+
+ // User is login in for the first time
+ if (drillUserSession == null) {
+ final DrillbitContext drillbitContext = workManager.getContext();
+ drillUserSession = UserSession.Builder.newBuilder()
+ .withCredentials(UserBitShared.UserCredentials.newBuilder()
+ .setUserName(sessionUserPrincipal.getName())
+ .build())
+ .withOptionManager(drillbitContext.getOptionManager())
+
.setSupportComplexTypes(drillbitContext.getConfig().getBoolean(ExecConstants.CLIENT_SUPPORT_COMPLEX_TYPES))
+ .build();
+
+ // Store this UserSession for all future request on this
HttpSession.
+ session.setAttribute(UserSession.class.getSimpleName(),
drillUserSession);
+
+ // Only try getting remote address in first login since it's a
costly operation.
+ try {
+ // This can be slow as the underlying library will try to
resolve the address
+ remoteAddress = new
InetSocketAddress(InetAddress.getByName(request.getRemoteAddr()),
request.getRemotePort());
+ session.setAttribute(SocketAddress.class.getSimpleName(),
remoteAddress);
--- End diff --
Attributes names too generic. Maybe use: "drill-user-session",
"drill-socket-address", ...?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
