Repository: knox Updated Branches: refs/heads/master ee3a15212 -> e59366faf
KNOX-355: Support Knox authentication provider based on hadoop.security.authentication.server.AuthenticationHandler Project: http://git-wip-us.apache.org/repos/asf/knox/repo Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/e59366fa Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/e59366fa Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/e59366fa Branch: refs/heads/master Commit: e59366faf9e43fb79d4da44a7f4d0d10dcd7200a Parents: ee3a152 Author: Dilli Dorai Arumugam <[email protected]> Authored: Sun Jul 27 22:39:18 2014 -0700 Committer: Dilli Dorai Arumugam <[email protected]> Committed: Sun Jul 27 22:39:18 2014 -0700 ---------------------------------------------------------------------- gateway-provider-security-hadoopauth/pom.xml | 77 +++++++++++ .../gateway/hadoopauth/HadoopAuthMessages.java | 33 +++++ .../deploy/HadoopAuthDeploymentContributor.java | 70 ++++++++++ .../hadoopauth/filter/HadoopAuthFilter.java | 68 ++++++++++ .../hadoopauth/filter/HadoopAuthPostFilter.java | 95 +++++++++++++ ...gateway.deploy.ProviderDeploymentContributor | 19 +++ gateway-release/home/templates/hada.xml | 134 +++++++++++++++++++ gateway-release/pom.xml | 4 + pom.xml | 6 + 9 files changed, 506 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/knox/blob/e59366fa/gateway-provider-security-hadoopauth/pom.xml ---------------------------------------------------------------------- diff --git a/gateway-provider-security-hadoopauth/pom.xml b/gateway-provider-security-hadoopauth/pom.xml new file mode 100755 index 0000000..9721253 --- /dev/null +++ b/gateway-provider-security-hadoopauth/pom.xml @@ -0,0 +1,77 @@ +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd";> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>org.apache.hadoop</groupId> + <artifactId>gateway</artifactId> + <version>0.5.0-SNAPSHOT</version> + </parent> + <artifactId>gateway-provider-security-hadoopauth</artifactId> + + <name>gateway-provider-security-hadoop-auth</name> + <description>An extension of the gateway introducing based on org.apache.hadoop.security.auth package</description> + + <licenses> + <license> + <name>The Apache Software License, Version 2.0</name> + <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url> + <distribution>repo</distribution> + </license> + </licenses> + + <dependencies> + <dependency> + <groupId>${gateway-group}</groupId> + <artifactId>gateway-spi</artifactId> + </dependency> + <dependency> + <groupId>${gateway-group}</groupId> + <artifactId>gateway-util-common</artifactId> + </dependency> + + <dependency> + <groupId>org.eclipse.jetty.orbit</groupId> + <artifactId>javax.servlet</artifactId> + </dependency> + + <dependency> + <groupId>org.apache.hadoop</groupId> + <artifactId>hadoop-auth</artifactId> + </dependency> + + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.easymock</groupId> + <artifactId>easymock</artifactId> + <scope>test</scope> + </dependency> + + <dependency> + <groupId>org.apache.hadoop</groupId> + <artifactId>gateway-test-utils</artifactId> + <scope>test</scope> + </dependency> + + </dependencies> + +</project> http://git-wip-us.apache.org/repos/asf/knox/blob/e59366fa/gateway-provider-security-hadoopauth/src/main/java/org/apache/hadoop/gateway/hadoopauth/HadoopAuthMessages.java ---------------------------------------------------------------------- diff --git a/gateway-provider-security-hadoopauth/src/main/java/org/apache/hadoop/gateway/hadoopauth/HadoopAuthMessages.java b/gateway-provider-security-hadoopauth/src/main/java/org/apache/hadoop/gateway/hadoopauth/HadoopAuthMessages.java new file mode 100755 index 0000000..b7609c8 --- /dev/null +++ b/gateway-provider-security-hadoopauth/src/main/java/org/apache/hadoop/gateway/hadoopauth/HadoopAuthMessages.java @@ -0,0 +1,33 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.hadoop.gateway.hadoopauth; + +import org.apache.hadoop.gateway.i18n.messages.Message; +import org.apache.hadoop.gateway.i18n.messages.MessageLevel; +import org.apache.hadoop.gateway.i18n.messages.Messages; + +@Messages(logger="org.apache.hadoop.gateway.provider.global.hadoopauth") +public interface HadoopAuthMessages { + + @Message( level = MessageLevel.INFO, text = "Initializing Hadoop Auth Property, name: {0}, value: {1}" ) + void initializingHadoopAuthProperty(String name, String value); + + @Message( level = MessageLevel.DEBUG, text = "Hadoop Authentication Asserted Principal: {0}" ) + void hadoopAuthAssertedPrincipal(String name); + +} http://git-wip-us.apache.org/repos/asf/knox/blob/e59366fa/gateway-provider-security-hadoopauth/src/main/java/org/apache/hadoop/gateway/hadoopauth/deploy/HadoopAuthDeploymentContributor.java ---------------------------------------------------------------------- diff --git a/gateway-provider-security-hadoopauth/src/main/java/org/apache/hadoop/gateway/hadoopauth/deploy/HadoopAuthDeploymentContributor.java b/gateway-provider-security-hadoopauth/src/main/java/org/apache/hadoop/gateway/hadoopauth/deploy/HadoopAuthDeploymentContributor.java new file mode 100755 index 0000000..8404853 --- /dev/null +++ b/gateway-provider-security-hadoopauth/src/main/java/org/apache/hadoop/gateway/hadoopauth/deploy/HadoopAuthDeploymentContributor.java @@ -0,0 +1,70 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.hadoop.gateway.hadoopauth.deploy; + +import java.util.ArrayList; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; + +import org.apache.hadoop.gateway.deploy.DeploymentContext; +import org.apache.hadoop.gateway.deploy.ProviderDeploymentContributorBase; +import org.apache.hadoop.gateway.descriptor.FilterParamDescriptor; +import org.apache.hadoop.gateway.descriptor.ResourceDescriptor; +import org.apache.hadoop.gateway.topology.Provider; +import org.apache.hadoop.gateway.topology.Service; + +public class HadoopAuthDeploymentContributor extends + ProviderDeploymentContributorBase { + + private static final String ROLE = "authentication"; + private static final String NAME = "HadoopAuth"; + + private static final String HADOOPAUTH_FILTER_CLASSNAME = "org.apache.hadoop.gateway.hadoopauth.filter.HadoopAuthFilter"; + private static final String HADOOPAUTH_POSTFILTER_CLASSNAME = "org.apache.hadoop.gateway.hadoopauth.filter.HadoopAuthPostFilter"; + + @Override + public String getRole() { + return ROLE; + } + + @Override + public String getName() { + return NAME; + } + + @Override + public void initializeContribution(DeploymentContext context) { + super.initializeContribution(context); + } + + @Override + public void contributeFilter(DeploymentContext context, Provider provider, Service service, + ResourceDescriptor resource, List<FilterParamDescriptor> params) { + // blindly add all the provider params as filter init params + if (params == null) { + params = new ArrayList<FilterParamDescriptor>(); + } + Map<String, String> providerParams = provider.getParams(); + for(Entry<String, String> entry : providerParams.entrySet()) { + params.add( resource.createFilterParam().name( entry.getKey().toLowerCase() ).value( entry.getValue() ) ); + } + resource.addFilter().name( getName() ).role( getRole() ).impl( HADOOPAUTH_FILTER_CLASSNAME ).params( params ); + resource.addFilter().name( "Post" + getName() ).role( getRole() ).impl( HADOOPAUTH_POSTFILTER_CLASSNAME ).params( params ); + } +} http://git-wip-us.apache.org/repos/asf/knox/blob/e59366fa/gateway-provider-security-hadoopauth/src/main/java/org/apache/hadoop/gateway/hadoopauth/filter/HadoopAuthFilter.java ---------------------------------------------------------------------- diff --git a/gateway-provider-security-hadoopauth/src/main/java/org/apache/hadoop/gateway/hadoopauth/filter/HadoopAuthFilter.java b/gateway-provider-security-hadoopauth/src/main/java/org/apache/hadoop/gateway/hadoopauth/filter/HadoopAuthFilter.java new file mode 100755 index 0000000..649601f --- /dev/null +++ b/gateway-provider-security-hadoopauth/src/main/java/org/apache/hadoop/gateway/hadoopauth/filter/HadoopAuthFilter.java @@ -0,0 +1,68 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.hadoop.gateway.hadoopauth.filter; + +import java.util.Enumeration; +import java.util.Properties; + +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; + +import org.apache.hadoop.gateway.hadoopauth.HadoopAuthMessages; +import org.apache.hadoop.gateway.i18n.messages.MessagesFactory; + +/* + * see http://hadoop.apache.org/docs/current/hadoop-auth/Configuration.html + * + * CONFIG_PREFIX = "config.prefix + * AUTH_TYPE = "type", AUTH_TOKEN_VALIDITY = "token.validity" + * COOKIE_DOMAIN = "cookie.domain", COOKIE_PATH = "cookie.path" + * SIGNATURE_SECRET = "signature.secret + * TYPE = "kerberos", PRINCIPAL = TYPE + ".principal", KEYTAB = TYPE + ".keytab" + + * config.prefix=hadoop.auth.config (default: null) + * hadoop.auth.config.signature.secret=SECRET (default: a simple random number) + * hadoop.auth.config.type=simple|kerberos|CLASS (default: none, would throw exception) + * hadoop.auth.config.token.validity=SECONDS (default: 3600 seconds) + * hadoop.auth.config.cookie.domain=DOMAIN(default: null) + * hadoop.auth.config.cookie.path=PATH (default: null) + * hadoop.auth.config.kerberos.principal=HTTP/localhost@LOCALHOST (default: null) + * hadoop.auth.config.kerberos.keytab=/etc/knox/conf/knox.service.keytab (default: null) + */ + +public class HadoopAuthFilter extends + org.apache.hadoop.security.authentication.server.AuthenticationFilter { + + private static HadoopAuthMessages log = MessagesFactory.get( HadoopAuthMessages.class ); + + @Override + protected Properties getConfiguration(String configPrefix, FilterConfig filterConfig) throws ServletException { + Properties props = new Properties(); + Enumeration<?> names = filterConfig.getInitParameterNames(); + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + if (name.startsWith(configPrefix)) { + String value = filterConfig.getInitParameter(name); + log.initializingHadoopAuthProperty(name, value); + props.put(name.substring(configPrefix.length()), value); + } + } + return props; + } + +} http://git-wip-us.apache.org/repos/asf/knox/blob/e59366fa/gateway-provider-security-hadoopauth/src/main/java/org/apache/hadoop/gateway/hadoopauth/filter/HadoopAuthPostFilter.java ---------------------------------------------------------------------- diff --git a/gateway-provider-security-hadoopauth/src/main/java/org/apache/hadoop/gateway/hadoopauth/filter/HadoopAuthPostFilter.java b/gateway-provider-security-hadoopauth/src/main/java/org/apache/hadoop/gateway/hadoopauth/filter/HadoopAuthPostFilter.java new file mode 100755 index 0000000..ba74667 --- /dev/null +++ b/gateway-provider-security-hadoopauth/src/main/java/org/apache/hadoop/gateway/hadoopauth/filter/HadoopAuthPostFilter.java @@ -0,0 +1,95 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.hadoop.gateway.hadoopauth.filter; + +import java.io.IOException; +import java.security.AccessController; +import java.security.Principal; +import java.security.PrivilegedActionException; +import java.security.PrivilegedExceptionAction; + +import javax.security.auth.Subject; +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.hadoop.gateway.security.PrimaryPrincipal; +import org.apache.hadoop.gateway.i18n.messages.MessagesFactory; +import org.apache.hadoop.gateway.hadoopauth.HadoopAuthMessages; + +public class HadoopAuthPostFilter implements Filter { + + private static HadoopAuthMessages log = MessagesFactory.get( HadoopAuthMessages.class ); + + @Override + public void init( FilterConfig filterConfig ) throws ServletException { + } + + @Override + public void destroy() { + } + + @Override + public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) + throws IOException, ServletException { + HttpServletRequest httpRequest = (HttpServletRequest)request; + String principal = httpRequest.getRemoteUser(); + if (principal != null) { + Subject subject = new Subject(); + subject.getPrincipals().add(new PrimaryPrincipal(principal)); + log.hadoopAuthAssertedPrincipal(principal); + doAs(httpRequest, response, chain, subject); + } + else { + ((HttpServletResponse)response).sendError(HttpServletResponse.SC_FORBIDDEN, "User not authenticated"); + } + } + + private void doAs(final ServletRequest request, final ServletResponse response, final FilterChain chain, Subject subject) + throws IOException, ServletException { + try { + Subject.doAs( + subject, + new PrivilegedExceptionAction<Object>() { + public Object run() throws Exception { + chain.doFilter(request, response); + return null; + } + } + ); + } + catch (PrivilegedActionException e) { + Throwable t = e.getCause(); + if (t instanceof IOException) { + throw (IOException) t; + } + else if (t instanceof ServletException) { + throw (ServletException) t; + } + else { + throw new ServletException(t); + } + } + } + +} http://git-wip-us.apache.org/repos/asf/knox/blob/e59366fa/gateway-provider-security-hadoopauth/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor ---------------------------------------------------------------------- diff --git a/gateway-provider-security-hadoopauth/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor b/gateway-provider-security-hadoopauth/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor new file mode 100755 index 0000000..7e247eb --- /dev/null +++ b/gateway-provider-security-hadoopauth/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor @@ -0,0 +1,19 @@ +########################################################################## +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +########################################################################## + +org.apache.hadoop.gateway.hadoopauth.deploy.HadoopAuthDeploymentContributor http://git-wip-us.apache.org/repos/asf/knox/blob/e59366fa/gateway-release/home/templates/hada.xml ---------------------------------------------------------------------- diff --git a/gateway-release/home/templates/hada.xml b/gateway-release/home/templates/hada.xml new file mode 100755 index 0000000..1f7246d --- /dev/null +++ b/gateway-release/home/templates/hada.xml @@ -0,0 +1,134 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<topology> + + <gateway> + + <provider> + <role>authentication</role> + <name>HadoopAuth</name> + <enabled>true</enabled> + + <param> + <name>config.prefix</name> + <value>hadoop.auth.config</value> + </param> + <param> + <name>hadoop.auth.config.signature.secret</name> + <value>78hdkjaka</value> + </param> + <param> + <name>hadoop.auth.config.type</name> + <value>simple</value> + </param> + <param> + <name>hadoop.auth.config.simple.anonymous.allowed</name> + <value>false</value> <!-- default: false --> + </param> + <param> + <name>hadoop.auth.config.token.validity</name> + <value>1800</value> + </param> + <param> + <name>hadoop.auth.config.cookie.domain</name> + <value>hdp.example.com</value> + </param> + <param> + <name>hadoop.auth.config.cookie.path</name> + <value>gateway/hada</value> + </param> + + </provider> + + <provider> + <role>identity-assertion</role> + <name>Pseudo</name> + <enabled>true</enabled> + <!-- param> + <name>principal.mapping</name> + <value>sam=god;</value> + </param --> + + </provider> + + <!-- + Defines rules for mapping host names internal to a Hadoop cluster to externally accessible host names. + For example, a hadoop service running in AWS may return a response that includes URLs containing the + some AWS internal host name. If the client needs to make a subsequent request to the host identified + in those URLs they need to be mapped to external host names that the client Knox can use to connect. + + If the external hostname and internal host names are same turn of this provider by setting the value of + enabled parameter as false. + + The name parameter specifies the external host names in a comma separated list. + The value parameter specifies corresponding internal host names in a comma separated list. + + Note that when you are using Sandbox, the external hostname needs to be localhost, as seen in out + of box sandbox.xml. This is because Sandbox uses port mapping to allow clients to connect to the + Hadoop services using localhost. In real clusters, external host names would almost never be localhost. + --> + <provider> + <role>hostmap</role> + <name>static</name> + <enabled>false</enabled> + <param><name>localhost</name><value>sandbox,sandbox.hortonworks.com</value></param> + </provider> + + </gateway> + + <service> + <role>NAMENODE</role> + <url>hdfs://hdp.example.com:8020</url> + </service> + + <service> + <role>JOBTRACKER</role> + <url>rpc://hdp.example.com:8050</url> + </service> + + <service> + <role>WEBHDFS</role> + <url>http://hdp.example.com:50070/webhdfs</url> + </service> + + <service> + <role>WEBHCAT</role> + <url>http://hdp.example.com:50111/templeton</url> + </service> + + <service> + <role>OOZIE</role> + <url>http://hdp.example.com:11000/oozie</url> + </service> + + <service> + <role>WEBHBASE</role> + <url>http://hdp.example.com:60080</url> + </service> + + <service> + <role>HIVE</role> + <url>http://hdp.example.com:10001/cliservice</url> + </service> + + <service> + <role>RESOURCEMANAGER</role> + <url>http://localhost:8088/ws</url> + </service> + +</topology> http://git-wip-us.apache.org/repos/asf/knox/blob/e59366fa/gateway-release/pom.xml ---------------------------------------------------------------------- diff --git a/gateway-release/pom.xml b/gateway-release/pom.xml index a449497..579a5c6 100644 --- a/gateway-release/pom.xml +++ b/gateway-release/pom.xml @@ -187,6 +187,10 @@ </dependency> <dependency> <groupId>${gateway-group}</groupId> + <artifactId>gateway-provider-security-hadoopauth</artifactId> + </dependency> + <dependency> + <groupId>${gateway-group}</groupId> <artifactId>gateway-provider-security-authz-acls</artifactId> </dependency> <dependency> http://git-wip-us.apache.org/repos/asf/knox/blob/e59366fa/pom.xml ---------------------------------------------------------------------- diff --git a/pom.xml b/pom.xml index f5ec03d..9e768e0 100644 --- a/pom.xml +++ b/pom.xml @@ -49,6 +49,7 @@ <module>gateway-provider-security-jwt</module> <module>gateway-provider-security-webappsec</module> <module>gateway-provider-security-preauth</module> + <module>gateway-provider-security-hadoopauth</module> <module>gateway-provider-security-shiro</module> <module>gateway-provider-security-authz-acls</module> <module>gateway-provider-identity-assertion-pseudo</module> @@ -384,6 +385,11 @@ </dependency> <dependency> <groupId>${gateway-group}</groupId> + <artifactId>gateway-provider-security-hadoopauth</artifactId> + <version>${gateway-version}</version> + </dependency> + <dependency> + <groupId>${gateway-group}</groupId> <artifactId>gateway-provider-security-shiro</artifactId> <version>${gateway-version}</version> </dependency>
