[
https://issues.apache.org/jira/browse/DRILL-5820?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16182948#comment-16182948
]
ASF GitHub Bot commented on DRILL-5820:
---------------------------------------
Github user sohami commented on a diff in the pull request:
https://github.com/apache/drill/pull/962#discussion_r141406449
--- Diff:
exec/java-exec/src/main/java/org/apache/drill/exec/rpc/user/security/Pam4jUserAuthenticator.java
---
@@ -0,0 +1,81 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.drill.exec.rpc.user.security;
+
+import org.apache.drill.common.config.DrillConfig;
+import org.apache.drill.exec.ExecConstants;
+import org.apache.drill.exec.exception.DrillbitStartupException;
+import org.jvnet.libpam.PAM;
+import org.jvnet.libpam.PAMException;
+import org.jvnet.libpam.UnixUser;
+
+import java.io.IOException;
+import java.util.List;
+
+/**
+ * Implement {@link
org.apache.drill.exec.rpc.user.security.UserAuthenticator} based on Pluggable
Authentication
+ * Module (PAM) configuration. Configure the PAM profiles using
"drill.exec.security.user.auth.pam_profiles" BOOT
+ * option. Ex. value <i>[ "login", "sudo" ]</i> (value is an array of
strings).
+ */
+@UserAuthenticatorTemplate(type = "pam4j")
+public class Pam4jUserAuthenticator implements UserAuthenticator {
+ private static final org.slf4j.Logger logger =
org.slf4j.LoggerFactory.getLogger(Pam4jUserAuthenticator.class);
+
+ private List<String> profiles;
--- End diff --
cannot be final since it is initialized in `setup(..)` method
> Add support for libpam4j Pam Authenticator
> ------------------------------------------
>
> Key: DRILL-5820
> URL: https://issues.apache.org/jira/browse/DRILL-5820
> Project: Apache Drill
> Issue Type: Task
> Reporter: Sorabh Hamirwasia
> Assignee: Sorabh Hamirwasia
> Labels: doc-impacting
> Fix For: 1.12.0
>
>
> Drill uses JPAM as the PAM authenticator module for username/password
> verification for PLAIN mechanism. There are some known issues with JPAM which
> leads to JVM crash and memory leaks. JPAM also requires a manual step in
> copying the native library.
> Also based on the
> [HIVE-16529|https://issues.apache.org/jira/browse/HIVE-16529] there have been
> mention of these issues with JPAM which is resolved in the libpam4j. Also
> libpam4j avoids the need to install native library explicitly. It would be
> good to provide support for libpam4j in Drill to avoid these issues.
> Some other reported problems with JPAM:
> * https://wiki.dlib.indiana.edu/display/V3/Pam+Authentication+through+JPam
> * https://bugzilla.redhat.com/show_bug.cgi?id=860119#c12
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
