Jason Fehr created IMPALA-14009:
-----------------------------------
Summary: JwtWebserverTest Has Invalid Assertions
Key: IMPALA-14009
URL: https://issues.apache.org/jira/browse/IMPALA-14009
Project: IMPALA
Issue Type: Improvement
Affects Versions: Impala 5.0.0
Reporter: Jason Fehr
Assignee: gaurav singh
The
[JwtWebserverTests|https://github.com/apache/impala/blob/master/fe/src/test/java/org/apache/impala/customcluster/JwtWebserverTest.java]
unit tests cover both JWT and OAuth authentication. These tests call the
endpoint 'http://localhost:25000/?json', but since the Impala cluster set up by
this test does not have any authentication on the Impala web ui, this test is
not actually asserting anything since the web ui can be accessed without any
credentials.
Possible solutions:
1. Configure the web ui to require JWT/OAuth tokens.
2. Modify the tests to access the hs2-http port 28000 which already is
configured to access JWT/OAuth tokens.
Additional assertions are needed to assert the HTTP response code,
WWW-Authenticate http header, and the Impala server logs to be absolutely
certain that the expected authentication method was used and that method failed
in the expected way.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
