[
https://issues.apache.org/jira/browse/DRILL-4280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15856470#comment-15856470
]
ASF GitHub Bot commented on DRILL-4280:
---------------------------------------
Github user laurentgo commented on a diff in the pull request:
https://github.com/apache/drill/pull/578#discussion_r99873776
--- Diff: contrib/native/client/src/clientlib/drillClientImpl.cpp ---
@@ -407,37 +422,155 @@ connectionStatus_t
DrillClientImpl::validateHandshake(DrillUserProperties* prope
if(ret!=CONN_SUCCESS){
return ret;
}
- if(this->m_handshakeStatus != exec::user::SUCCESS){
- switch(this->m_handshakeStatus){
- case exec::user::RPC_VERSION_MISMATCH:
- DRILL_MT_LOG(DRILL_LOG(LOG_TRACE) << "Invalid rpc version.
Expected "
- << DRILL_RPC_VERSION << ", actual "<<
m_handshakeVersion << "." << std::endl;)
- return handleConnError(CONN_BAD_RPC_VER,
- getMessage(ERR_CONN_BAD_RPC_VER, DRILL_RPC_VERSION,
- m_handshakeVersion,
- this->m_handshakeErrorId.c_str(),
- this->m_handshakeErrorMsg.c_str()));
- case exec::user::AUTH_FAILED:
- DRILL_MT_LOG(DRILL_LOG(LOG_TRACE) << "Authentication
failed." << std::endl;)
- return handleConnError(CONN_AUTH_FAILED,
- getMessage(ERR_CONN_AUTHFAIL,
- this->m_handshakeErrorId.c_str(),
- this->m_handshakeErrorMsg.c_str()));
- case exec::user::UNKNOWN_FAILURE:
- DRILL_MT_LOG(DRILL_LOG(LOG_TRACE) << "Unknown error during
handshake." << std::endl;)
- return handleConnError(CONN_HANDSHAKE_FAILED,
- getMessage(ERR_CONN_UNKNOWN_ERR,
- this->m_handshakeErrorId.c_str(),
- this->m_handshakeErrorMsg.c_str()));
- default:
- break;
+
+ switch(this->m_handshakeStatus) {
+ case exec::user::SUCCESS:
+ // reset io_service after handshake is validated before
running queries
+ m_io_service.reset();
+ return CONN_SUCCESS;
+ case exec::user::RPC_VERSION_MISMATCH:
+ DRILL_MT_LOG(DRILL_LOG(LOG_TRACE) << "Invalid rpc version.
Expected "
+ << DRILL_RPC_VERSION << ", actual "<< m_handshakeVersion
<< "." << std::endl;)
+ return handleConnError(CONN_BAD_RPC_VER,
getMessage(ERR_CONN_BAD_RPC_VER, DRILL_RPC_VERSION,
+
m_handshakeVersion,
+
this->m_handshakeErrorId.c_str(),
+
this->m_handshakeErrorMsg.c_str()));
+ case exec::user::AUTH_FAILED:
+ DRILL_MT_LOG(DRILL_LOG(LOG_TRACE) << "Authentication failed."
<< std::endl;)
+ return handleConnError(CONN_AUTH_FAILED,
getMessage(ERR_CONN_AUTHFAIL,
+
this->m_handshakeErrorId.c_str(),
+
this->m_handshakeErrorMsg.c_str()));
+ case exec::user::UNKNOWN_FAILURE:
+ DRILL_MT_LOG(DRILL_LOG(LOG_TRACE) << "Unknown error during
handshake." << std::endl;)
+ return handleConnError(CONN_HANDSHAKE_FAILED,
getMessage(ERR_CONN_UNKNOWN_ERR,
+
this->m_handshakeErrorId.c_str(),
+
this->m_handshakeErrorMsg.c_str()));
+ case exec::user::AUTH_REQUIRED:
+ DRILL_MT_LOG(DRILL_LOG(LOG_TRACE) << "Server requires SASL
authentication." << std::endl;)
+ return authenticate(properties);
+ default:
+ DRILL_MT_LOG(DRILL_LOG(LOG_TRACE) << "Unknown return status."
<< std::endl;)
+ return handleConnError(CONN_HANDSHAKE_FAILED,
getMessage(ERR_CONN_UNKNOWN_ERR,
+
this->m_handshakeErrorId.c_str(),
+
this->m_handshakeErrorMsg.c_str()));
+ }
+}
+
+connectionStatus_t DrillClientImpl::authenticate(const
DrillUserProperties* userProperties) {
--- End diff --
let's keep the convention of using handleXXX: handleAuthentication(...)
> Kerberos Authentication
> -----------------------
>
> Key: DRILL-4280
> URL: https://issues.apache.org/jira/browse/DRILL-4280
> Project: Apache Drill
> Issue Type: Improvement
> Reporter: Keys Botzum
> Assignee: Sudheesh Katkam
> Labels: security
>
> Drill should support Kerberos based authentication from clients. This means
> that both the ODBC and JDBC drivers as well as the web/REST interfaces should
> support inbound Kerberos. For Web this would most likely be SPNEGO while for
> ODBC and JDBC this will be more generic Kerberos.
> Since Hive and much of Hadoop supports Kerberos there is a potential for a
> lot of reuse of ideas if not implementation.
> Note that this is related to but not the same as
> https://issues.apache.org/jira/browse/DRILL-3584
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
