[GitHub] incubator-eagle pull request #468: [EAGLE-582] add simple Basic Authenticati...
Github user asfgit closed the pull request at: https://github.com/apache/incubator-eagle/pull/468 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-eagle pull request #468: [EAGLE-582] add simple Basic Authenticati...
Github user anyway1021 commented on a diff in the pull request: https://github.com/apache/incubator-eagle/pull/468#discussion_r83355134 --- Diff: eagle-server/src/main/java/org/apache/eagle/server/authentication/authenticator/LdapBasicAuthenticator.java --- @@ -0,0 +1,40 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.eagle.server.authentication.authenticator; + +import com.google.common.base.Optional; +import io.dropwizard.auth.AuthenticationException; +import io.dropwizard.auth.basic.BasicCredentials; +import org.apache.eagle.common.authentication.User; +import org.apache.eagle.server.authentication.config.AuthenticationSettings; + +public class LdapBasicAuthenticator extends AbstractSwitchableAuthenticator{ +private AuthenticationSettings config = null; + +public LdapBasicAuthenticator(AuthenticationSettings settings) { +super(settings, User.class); +} + +public Optional authenticate(BasicCredentials credentials) throws AuthenticationException { +// TODO need to implement ldap authentication logic +boolean pass = true; +if (pass) { --- End diff -- it's no more than a fake placeholder, will be removed by real logic soon --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-eagle pull request #468: [EAGLE-582] add simple Basic Authenticati...
Github user haoch commented on a diff in the pull request: https://github.com/apache/incubator-eagle/pull/468#discussion_r83352374 --- Diff: eagle-server/src/main/java/org/apache/eagle/server/authentication/authenticator/LdapBasicAuthenticator.java --- @@ -0,0 +1,40 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.eagle.server.authentication.authenticator; + +import com.google.common.base.Optional; +import io.dropwizard.auth.AuthenticationException; +import io.dropwizard.auth.basic.BasicCredentials; +import org.apache.eagle.common.authentication.User; +import org.apache.eagle.server.authentication.config.AuthenticationSettings; + +public class LdapBasicAuthenticator extends AbstractSwitchableAuthenticator{ +private AuthenticationSettings config = null; + +public LdapBasicAuthenticator(AuthenticationSettings settings) { +super(settings, User.class); +} + +public Optional authenticate(BasicCredentials credentials) throws AuthenticationException { +// TODO need to implement ldap authentication logic +boolean pass = true; +if (pass) { --- End diff -- pass is always true? --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-eagle pull request #468: [EAGLE-582] add simple Basic Authenticati...
Github user anyway1021 closed the pull request at: https://github.com/apache/incubator-eagle/pull/468 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-eagle pull request #468: [EAGLE-582] add simple Basic Authenticati...
GitHub user anyway1021 reopened a pull request: https://github.com/apache/incubator-eagle/pull/468 [EAGLE-582] add simple Basic Authentication registration to server appl⦠This is one of the sub-tasks of ticket EAGLE-433, to successfully register a simple Basic Authentication authenticator to the server application. With this check-in, when the server is up, any access to rest api method that has a @Auth annotation on it's User field will require correct credentials. You can merge this pull request into a Git repository by running: $ git pull https://github.com/anyway1021/incubator-eagle EAGLE-582 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/incubator-eagle/pull/468.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #468 commit df9e2b4d9cb2a10fda03b7fe9eb790026d95de30 Author: anyway1021Date: 2016-10-01T08:18:48Z EAGLE-582 add simple Basic Authentication registration to server application commit 95b5feb68214bf3d18ae6224681d069ebcc564ef Author: anyway1021 Date: 2016-10-01T08:40:56Z modify config key from auth.basic to auth.simple commit e899d55de7aa8e1c87cbfec26aebe32530cc24f9 Author: anyway1021 Date: 2016-10-10T03:48:18Z remove specific info for ldap commit 40078531f2ccc96defa78ffddc34563e2b1e7c57 Author: anyway1021 Date: 2016-10-10T03:58:40Z remove useless commented code commit 3774c436cfbefddcd27be2a305ab025aa6f0cda5 Author: anyway1021 Date: 2016-10-11T02:34:32Z move authentication settings from application.conf to configuration.yml, and modify impacted classes commit 4fbc41dbba39ed3d684334dcddabd79f39cf8f5f Author: anyway1021 Date: 2016-10-11T02:44:25Z remove glassfish-jersey-server dependency for it's useless --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-eagle pull request #468: [EAGLE-582] add simple Basic Authenticati...
Github user anyway1021 commented on a diff in the pull request: https://github.com/apache/incubator-eagle/pull/468#discussion_r82739733 --- Diff: eagle-server/src/main/java/org/apache/eagle/server/authentication/AuthenticationRegister.java --- @@ -0,0 +1,68 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.eagle.server.authentication; + +import io.dropwizard.auth.basic.BasicAuthProvider; +import io.dropwizard.setup.Environment; +import org.apache.eagle.server.ServerConfig; +import org.apache.eagle.server.authentication.principal.User; + +import java.security.Principal; + +public class AuthenticationRegister { +private ServerConfig serverConfig = null; +private Environment environment = null; +private Class principalClass = null; + +public AuthenticationRegister(ServerConfig serverConfig, Environment environment, Class principalClass) { +this.serverConfig = serverConfig; +this.environment = environment; +this.principalClass = principalClass; +} + +public void register() { +AuthenticationMode mode = AuthenticationModeIdentifier.initiate(serverConfig.getConfig(), environment).identify(); + +// the registration way in the following single statement is just for dropwizard 0.7.1 --- End diff -- done --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-eagle pull request #468: [EAGLE-582] add simple Basic Authenticati...
Github user anyway1021 commented on a diff in the pull request: https://github.com/apache/incubator-eagle/pull/468#discussion_r82716204 --- Diff: eagle-server/pom.xml --- @@ -129,6 +129,14 @@ org.wso2.orbit.com.lmax disruptor + +org.slf4j +slf4j-log4j12 + + +org.slf4j +slf4j-simple + --- End diff -- sure, the fragment is to exclude it --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-eagle pull request #468: [EAGLE-582] add simple Basic Authenticati...
Github user anyway1021 commented on a diff in the pull request: https://github.com/apache/incubator-eagle/pull/468#discussion_r82542185 --- Diff: eagle-server/src/main/resources/application.conf --- @@ -115,4 +115,49 @@ coordinator { initDelayMillis = 1000 delayMillis = 3 } +} + +# - +# Eagle Authentication Configuration +# - + +auth { + # indicating authentication mode, "simple" or "ldap" + mode = simple + + # indicating whether to use cache: cache is usually used for authentications that may + # not handle high throughput (an RDBMS or LDAP server, for example) + cache = false + + # indicating the cache policy, containing maximumSize and expireAfterWrite, e.g. maximumSize=1, expireAfterWrite=10m + cachePolicy = "maximumSize=1, expireAfterWrite=1m" + + # indicating whether authorization is needed + authorize = false + + # indicating whether @Auth annotation on parameters is needed + parameter.annotation = true + + # for basic authentication, effective only when auth.mode=simple + simple { +# username for basic authentication, effective only when auth.mode=simple +username = "admin" + +# password for basic authentication, effective only when auth.mode=simple +password = "secret" + } + + # for ldap authentication, effective only when auth.mode=ldap + ldap { +uri = "ldaps://ldap.ebay.corp.com:636" --- End diff -- forget to erase these text before checkin, will modify it, thanks. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-eagle pull request #468: [EAGLE-582] add simple Basic Authenticati...
Github user anyway1021 commented on a diff in the pull request: https://github.com/apache/incubator-eagle/pull/468#discussion_r82541902 --- Diff: eagle-server/src/main/resources/application.conf --- @@ -115,4 +115,49 @@ coordinator { initDelayMillis = 1000 delayMillis = 3 } +} + +# - +# Eagle Authentication Configuration +# - + +auth { + # indicating authentication mode, "simple" or "ldap" + mode = simple + + # indicating whether to use cache: cache is usually used for authentications that may + # not handle high throughput (an RDBMS or LDAP server, for example) + cache = false + + # indicating the cache policy, containing maximumSize and expireAfterWrite, e.g. maximumSize=1, expireAfterWrite=10m + cachePolicy = "maximumSize=1, expireAfterWrite=1m" + + # indicating whether authorization is needed + authorize = false + + # indicating whether @Auth annotation on parameters is needed + parameter.annotation = true + + # for basic authentication, effective only when auth.mode=simple + simple { +# username for basic authentication, effective only when auth.mode=simple +username = "admin" + +# password for basic authentication, effective only when auth.mode=simple +password = "secret" + } + + # for ldap authentication, effective only when auth.mode=ldap + ldap { +uri = "ldaps://ldap.ebay.corp.com:636" +userFilter = "ou=ziwu,dc=ebay,dc=com" --- End diff -- forget to erase these text before checkin, will modify it, thanks. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-eagle pull request #468: [EAGLE-582] add simple Basic Authenticati...
Github user haoch commented on a diff in the pull request: https://github.com/apache/incubator-eagle/pull/468#discussion_r82497231 --- Diff: pom.xml --- @@ -857,6 +861,21 @@ + +io.dropwizard +dropwizard-auth +${dropwizard.version} + + +javax.ws.rs +javax.ws.rs-api +${javax-ws-rs.rs-api.version} + + +org.glassfish.jersey.core +jersey-server +${glassfish-jersey.version} --- End diff -- I think jersey-server is unnecessary? --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-eagle pull request #468: [EAGLE-582] add simple Basic Authenticati...
Github user haoch commented on a diff in the pull request: https://github.com/apache/incubator-eagle/pull/468#discussion_r82497181 --- Diff: eagle-server/src/main/resources/application.conf --- @@ -115,4 +115,49 @@ coordinator { initDelayMillis = 1000 delayMillis = 3 } +} + +# - +# Eagle Authentication Configuration +# - + +auth { --- End diff -- It's better to keep reading configuration from `configuration.yml` in dropwizard stack. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-eagle pull request #468: [EAGLE-582] add simple Basic Authenticati...
Github user haoch commented on a diff in the pull request: https://github.com/apache/incubator-eagle/pull/468#discussion_r82497099 --- Diff: eagle-server/src/main/java/org/apache/eagle/server/authentication/AuthenticationRegister.java --- @@ -0,0 +1,68 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.eagle.server.authentication; + +import io.dropwizard.auth.basic.BasicAuthProvider; +import io.dropwizard.setup.Environment; +import org.apache.eagle.server.ServerConfig; +import org.apache.eagle.server.authentication.principal.User; + +import java.security.Principal; + +public class AuthenticationRegister { +private ServerConfig serverConfig = null; +private Environment environment = null; +private Class principalClass = null; + +public AuthenticationRegister(ServerConfig serverConfig, Environment environment, Class principalClass) { +this.serverConfig = serverConfig; +this.environment = environment; +this.principalClass = principalClass; +} + +public void register() { +AuthenticationMode mode = AuthenticationModeIdentifier.initiate(serverConfig.getConfig(), environment).identify(); + +// the registration way in the following single statement is just for dropwizard 0.7.1 --- End diff -- Not very good to have too many useless commented code :-) We could leave this details in JIRA as single source of truth. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-eagle pull request #468: [EAGLE-582] add simple Basic Authenticati...
GitHub user anyway1021 opened a pull request: https://github.com/apache/incubator-eagle/pull/468 [EAGLE-582] add simple Basic Authentication registration to server appl⦠This is one of the sub-tasks of ticket EAGLE-433, to successfully register a simple Basic Authentication authenticator to the server application. With this check-in, when the server is up, any access to rest api method that has a @Auth annotation on it's User field will require correct credentials. You can merge this pull request into a Git repository by running: $ git pull https://github.com/anyway1021/incubator-eagle EAGLE-582 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/incubator-eagle/pull/468.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #468 commit df9e2b4d9cb2a10fda03b7fe9eb790026d95de30 Author: anyway1021Date: 2016-10-01T08:18:48Z EAGLE-582 add simple Basic Authentication registration to server application --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---