> On May 7, 2018, 12:10 p.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/BaseLensService.java > > Line 164 (original), 169 (patched) > > <https://reviews.apache.org/r/66549/diff/2/?file=2016759#file2016759line169> > > > > Why are we passing a negate value here? If auth scheme is set, > > shouldn't this be sent as true?
the last argument is to do the old auth. if auth scheme is present then we are not doing old auth. > On May 7, 2018, 12:10 p.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/LensApplication.java > > Lines 79 (patched) > > <https://reviews.apache.org/r/66549/diff/2/?file=2016760#file2016760line79> > > > > The purpose of NotAuthorizedExceptionMapper isn't clear. Can existing > > GenericeExceptionMapper not serve the purpose? THe purpose of this class is to handle NotAuthorizedException and return proper error to client. Yew we can use GenericeExceptionMapper instead but it does a lot of thing which could be avoided by having specific exception mapper for exception rather than having one for "Exception" class. > On May 7, 2018, 12:10 p.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java > > Lines 66 (patched) > > <https://reviews.apache.org/r/66549/diff/2/?file=2016763#file2016763line66> > > > > Can't see this property defined anywhere in the patch. This is an existing property. We will have to add this filter in that. > On May 7, 2018, 12:10 p.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java > > Lines 272 (patched) > > <https://reviews.apache.org/r/66549/diff/2/?file=2016763#file2016763line272> > > > > I dont still recommend this. Please go through other exceptions in lens > > (check lens-error.conf). We should handle this one similar to others to > > have some consistency in the code lens-error.conf contains error code specific to lens-server. I think authentication is orthogonal to it and we should deal with standard HTTP level error code and JAX-RS API. NotAuthorizedException is standard exception defined in JAX-RS API for authentication failure. > On May 7, 2018, 12:10 p.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/session/SessionResource.java > > Lines 128 (patched) > > <https://reviews.apache.org/r/66549/diff/2/?file=2016766#file2016766line128> > > > > Since this flow is only valid for Negotiate scheme, can we have the > > additional check if the scheme is only negotiate? This can be valid for any auth scheme. The validation for Negotiate is happening in SpnegoAuthenticationFilter. - Barun ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/66549/#review202544 ----------------------------------------------------------- On May 14, 2018, 2 p.m., Barun Kumar wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/66549/ > ----------------------------------------------------------- > > (Updated May 14, 2018, 2 p.m.) > > > Review request for lens, Ankit Kailaswar, Puneet Gupta, and Rajitha R. > > > Bugs: LENS-1509 > https://issues.apache.org/jira/browse/LENS-1509 > > > Repository: lens > > > Description > ------- > > Currently authentication in lens works by taking username/password while > opening a session and validating it. > > This change will add support of SPNEGO support in lens server and clinet so > that it can negotiate the authentication scheme. Currently only > Negotiate(Kerberos) scheme is implemented but others like Basic/Digest etc > can be added as well later. > > > Diffs > ----- > > contrib/clients/python/lens/client/auth.py PRE-CREATION > contrib/clients/python/lens/client/session.py a1ccc4ba3 > contrib/clients/python/setup.py de59d32a9 > lens-api/src/main/java/org/apache/lens/api/auth/AuthScheme.java > PRE-CREATION > lens-client/src/main/java/org/apache/lens/client/LensClientConfig.java > b703e132d > lens-client/src/main/java/org/apache/lens/client/LensConnectionParams.java > 3a5dcdb82 > lens-client/src/main/java/org/apache/lens/client/SpnegoClientFilter.java > PRE-CREATION > > lens-server-api/src/main/java/org/apache/lens/server/api/LensConfConstants.java > f14ae44af > lens-server/src/main/java/org/apache/lens/server/BaseLensService.java > b5248f3d5 > lens-server/src/main/java/org/apache/lens/server/LensApplication.java > c3f99529a > lens-server/src/main/java/org/apache/lens/server/auth/Authenticate.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/auth/LensSecurityContext.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/error/NotAuthorizedExceptionMapper.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/session/LensSessionImpl.java > 08a5cff4f > > lens-server/src/main/java/org/apache/lens/server/session/SessionResource.java > 63eea6313 > > > Diff: https://reviews.apache.org/r/66549/diff/3/ > > > Testing > ------- > > [INFO] Reactor Summary: > [INFO] > [INFO] Lens Checkstyle Rules ............................. SUCCESS [1.458s] > [INFO] Lens .............................................. SUCCESS [3.567s] > [INFO] Lens API .......................................... SUCCESS [19.185s] > [INFO] Lens API for server and extensions ................ SUCCESS [17.395s] > [INFO] Lens Cube ......................................... SUCCESS [3:00.221s] > [INFO] Lens DB storage ................................... SUCCESS [13.920s] > [INFO] Lens Query Library ................................ SUCCESS [11.039s] > [INFO] Lens Hive Driver .................................. SUCCESS [1:06.122s] > [INFO] Lens Driver for JDBC .............................. SUCCESS [42.723s] > [INFO] Lens Elastic Search Driver ........................ SUCCESS [17.640s] > [INFO] Lens Server ....................................... SUCCESS > [10:18.231s] > [INFO] Lens client ....................................... SUCCESS [1:27.686s] > [INFO] Lens CLI .......................................... SUCCESS [1:32.599s] > [INFO] Lens Examples ..................................... SUCCESS [8.707s] > [INFO] Lens Ship Jars to Distributed Cache ............... SUCCESS [0.691s] > [INFO] Lens Distribution ................................. SUCCESS [8.002s] > [INFO] Lens ML Lib ....................................... SUCCESS [1:06.984s] > [INFO] Lens ML Ext Distribution .......................... SUCCESS [2.084s] > [INFO] Lens Regression ................................... SUCCESS [12.962s] > [INFO] Lens UI ........................................... SUCCESS [35.012s] > [INFO] Lens Contrib ...................................... SUCCESS [0.263s] > [INFO] Lens Contributed Clients .......................... SUCCESS [0.266s] > [INFO] Lens Python Client ................................ SUCCESS [0.247s] > [INFO] > ------------------------------------------------------------------------ > > > Thanks, > > Barun Kumar > >
