[ https://issues.apache.org/jira/browse/DRILL-5425?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16300610#comment-16300610 ]
ASF GitHub Bot commented on DRILL-5425: --------------------------------------- Github user sohami commented on a diff in the pull request: https://github.com/apache/drill/pull/1040#discussion_r158099889 --- Diff: exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/LogInLogOutResources.java --- @@ -69,23 +79,94 @@ public Viewable getLoginPage(@Context HttpServletRequest request, @Context HttpS return ViewableWithPermissions.createLoginPage(null); } + @GET + @Path(WebServerConstants.SPENGO_LOGIN_RESOURCE_PATH) + @Produces(MediaType.TEXT_HTML) + public Viewable getSpnegologin(@Context HttpServletRequest request, @Context HttpServletResponse response, + @Context SecurityContext sc, @Context UriInfo uriInfo, + @QueryParam(WebServerConstants.REDIRECT_QUERY_PARM) String redirect) throws Exception { + if (AuthDynamicFeature.isUserLoggedIn(sc)) { + request.getRequestDispatcher("/").forward(request, response); + return null; + } + + final String errorString = "Invalid SPNEGO credentials or SPNEGO is not configured"; + MainLoginPageModel model = new MainLoginPageModel(errorString); + return ViewableWithPermissions.createMainLoginPage(model); + } + // Request type is POST because POST request which contains the login credentials are invalid and the request is // dispatched here directly. @POST - @Path("/login") + @Path(WebServerConstants.FORM_LOGIN_RESOURCE_PATH) @Produces(MediaType.TEXT_HTML) public Viewable getLoginPageAfterValidationError() { return ViewableWithPermissions.createLoginPage("Invalid username/password credentials."); } @GET - @Path("/logout") + @Path(WebServerConstants.LOGOUT_RESOURCE_PATH) public void logout(@Context HttpServletRequest req, @Context HttpServletResponse resp) throws Exception { final HttpSession session = req.getSession(); if (session != null) { session.invalidate(); } - req.getRequestDispatcher("/").forward(req, resp); + req.getRequestDispatcher(WebServerConstants.WEBSERVER_ROOT_PATH).forward(req, resp); + } + + @GET + @Path(WebServerConstants.MAIN_LOGIN_RESOURCE_PATH) + @Produces(MediaType.TEXT_HTML) + public Viewable getMainLoginPage(@Context HttpServletRequest request, @Context HttpServletResponse response, + @Context SecurityContext sc, @Context UriInfo uriInfo, + @QueryParam(WebServerConstants.REDIRECT_QUERY_PARM) String redirect) throws Exception { + if (!StringUtils.isEmpty(redirect)) { + // If the URL has redirect in it, set the redirect URI in session, so that after the login is successful, request + // is forwarded to the redirect page. + final HttpSession session = request.getSession(true); + final URI destURI = UriBuilder.fromUri(URLDecoder.decode(redirect, "UTF-8")).build(); + session.setAttribute(FormAuthenticator.__J_URI, destURI.toString()); + } + + MainLoginPageModel model = new MainLoginPageModel(null); + return ViewableWithPermissions.createMainLoginPage(model); + } + + public class MainLoginPageModel { + + public String error; --- End diff -- Done > Support HTTP Kerberos auth using SPNEGO > --------------------------------------- > > Key: DRILL-5425 > URL: https://issues.apache.org/jira/browse/DRILL-5425 > Project: Apache Drill > Issue Type: New Feature > Components: Web Server > Affects Versions: 1.12.0 > Reporter: Sudheesh Katkam > Assignee: Sorabh Hamirwasia > Fix For: 1.13.0 > > > DRILL-4280 supports Kerberos through JDBC and ODBC API. This ticket requests > to add Kerberos (using [SPENGO|https://en.wikipedia.org/wiki/SPNEGO]) for > HTTP connections. > This requires creating "direct" web sessions; currently web sessions are > sessions over Java client sessions. -- This message was sent by Atlassian JIRA (v6.4.14#64029)