[
https://issues.apache.org/jira/browse/DRILL-7562?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17035454#comment-17035454
]
ASF GitHub Bot commented on DRILL-7562:
---------------------------------------
ihuzenko commented on pull request #1972: DRILL-7562: Support HTTP Basic
authentication for REST API calls
URL: https://github.com/apache/drill/pull/1972#discussion_r378329489
##########
File path:
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/auth/HttpBasicAuthSecurityHandler.java
##########
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.drill.exec.server.rest.auth;
+
+import org.apache.drill.common.exceptions.DrillException;
+import org.apache.drill.exec.rpc.security.plain.PlainFactory;
+import org.apache.drill.exec.server.DrillbitContext;
+import org.eclipse.jetty.security.authentication.BasicAuthenticator;
+import org.eclipse.jetty.util.security.Constraint;
+
+/**
+ * Implement HTTP Basic authentication for REST API access
+ */
+public class HttpBasicAuthSecurityHandler extends
DrillHttpConstraintSecurityHandler {
+ @Override
+ public String getImplName() {
+ return Constraint.__BASIC_AUTH;
+ }
+
+ @Override
+ public void doSetup(DrillbitContext dbContext) throws DrillException {
+
+ // Check if PAMAuthenticator is available or not which is required for
FORM authentication
+ if
(!dbContext.getAuthProvider().containsFactory(PlainFactory.SIMPLE_NAME)) {
+ throw new DrillException("BASIC auth mechanism was configured but PLAIN
mechanism is not enabled to provide an " +
+ "authenticator. Please configure user authentication with PLAIN
mechanism and authenticator to use " +
+ "BASIC authentication");
+ }
Review comment:
this is very similar to check done in ```FormSecurityHanlder``` , maybe
makes sense to create protected method in base class and use it for both cases?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
> Support HTTP Basic authentication
> ---------------------------------
>
> Key: DRILL-7562
> URL: https://issues.apache.org/jira/browse/DRILL-7562
> Project: Apache Drill
> Issue Type: Improvement
> Components: Web Server
> Affects Versions: 1.17.0
> Reporter: Dobes Vandermeer
> Priority: Major
>
> Current it appears that using the REST API requires you to login and get a
> session cookie. This is not ideal for use cases like "redash" where it just
> wants to operate mainly as a stateless client.
> Ideally credentials could simply be provided along with the request.
> Using HTTP Basic authentication would be an OK way to achieve that.
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
