Github user sohami commented on a diff in the pull request:
https://github.com/apache/drill/pull/1040#discussion_r158099938
--- Diff:
exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/LogInLogOutResources.java
---
@@ -69,23 +79,94 @@ public Viewable getLoginPage(@Context
HttpServletRequest request, @Context HttpS
return ViewableWithPermissions.createLoginPage(null);
}
+ @GET
+ @Path(WebServerConstants.SPENGO_LOGIN_RESOURCE_PATH)
+ @Produces(MediaType.TEXT_HTML)
+ public Viewable getSpnegologin(@Context HttpServletRequest request,
@Context HttpServletResponse response,
+ @Context SecurityContext sc, @Context
UriInfo uriInfo,
+
@QueryParam(WebServerConstants.REDIRECT_QUERY_PARM) String redirect) throws
Exception {
+ if (AuthDynamicFeature.isUserLoggedIn(sc)) {
+ request.getRequestDispatcher("/").forward(request, response);
+ return null;
+ }
+
+ final String errorString = "Invalid SPNEGO credentials or SPNEGO is
not configured";
+ MainLoginPageModel model = new MainLoginPageModel(errorString);
+ return ViewableWithPermissions.createMainLoginPage(model);
+ }
+
// Request type is POST because POST request which contains the login
credentials are invalid and the request is
// dispatched here directly.
@POST
- @Path("/login")
+ @Path(WebServerConstants.FORM_LOGIN_RESOURCE_PATH)
@Produces(MediaType.TEXT_HTML)
public Viewable getLoginPageAfterValidationError() {
return ViewableWithPermissions.createLoginPage("Invalid
username/password credentials.");
}
@GET
- @Path("/logout")
+ @Path(WebServerConstants.LOGOUT_RESOURCE_PATH)
public void logout(@Context HttpServletRequest req, @Context
HttpServletResponse resp) throws Exception {
final HttpSession session = req.getSession();
if (session != null) {
session.invalidate();
}
- req.getRequestDispatcher("/").forward(req, resp);
+
req.getRequestDispatcher(WebServerConstants.WEBSERVER_ROOT_PATH).forward(req,
resp);
+ }
+
+ @GET
+ @Path(WebServerConstants.MAIN_LOGIN_RESOURCE_PATH)
+ @Produces(MediaType.TEXT_HTML)
+ public Viewable getMainLoginPage(@Context HttpServletRequest request,
@Context HttpServletResponse response,
+ @Context SecurityContext sc, @Context
UriInfo uriInfo,
+
@QueryParam(WebServerConstants.REDIRECT_QUERY_PARM) String redirect) throws
Exception {
+ if (!StringUtils.isEmpty(redirect)) {
+ // If the URL has redirect in it, set the redirect URI in session,
so that after the login is successful, request
+ // is forwarded to the redirect page.
+ final HttpSession session = request.getSession(true);
+ final URI destURI = UriBuilder.fromUri(URLDecoder.decode(redirect,
"UTF-8")).build();
+ session.setAttribute(FormAuthenticator.__J_URI, destURI.toString());
+ }
+
+ MainLoginPageModel model = new MainLoginPageModel(null);
+ return ViewableWithPermissions.createMainLoginPage(model);
+ }
+
+ public class MainLoginPageModel {
+
+ public String error;
+
+ MainLoginPageModel(String error) {
--- End diff --
Since the class is used only by `LogInLogOutResources` I have made it
private and left constructor as package-private
---
