Hi Bob, thanks a lot! Works like a charm.
Best Benedikt -- Dr. Benedikt Köhler Mail: [email protected] 2017-02-25 12:48 GMT+01:00 Bob Rudis <[email protected]>: > You have to hit the auth check endpoint first and save off the session > cookies: > > curl -X POST \ > -H "Content-Type: application/x-www-form-urlencoded" \ > -k \ > -c cookies.txt \ > -s \ > -d "j_username=USERNAME" \ > -d "j_password=PASSWORD" \ > http://localhost:8047/j_security_check > > Then you can use those cookies with regular requests: > > curl -k \ > -b cookies.txt \ > -v \ > -X POST \ > -H "Content-Type: application/json" \ > -d '{"queryType":"SQL", "query": "select * from sys.version"}' \ > http://localhost:8047/query.json > > NOTE That you should also use SSL/TLS when enabling this since it's > trivial to sniff those values over the wire or on-system. I grok that > you're just on your local system and this is prbly for testing but > credentials without encryption are pretty much not credentials. > > On Sat, Feb 25, 2017 at 5:32 AM, Benedikt Koehler <[email protected]> > wrote: >> Hi, >> >> I have managed to enable PAM authorization for Drill on my Ubuntu >> machine. The login via the web interface is working great. >> Configuration in drill-override.conf is just the minimal example from >> the documentation: >> >> security.user.auth { >> enabled: true, >> packages += "org.apache.drill.exec.rpc.user.security", >> impl: "pam", >> pam_profiles: ["sudo", "login"] >> } >> >> But I couldn't get the REST queries to work. They work well when >> security is disable. E.g. >> >> curl -X POST -H "Content-Type: application/json" -d '{"queryType": >> "SQL", "query":"SHOW DATABASES"}' http://localhost:8047/query.json >> >> gives me a list of the databases. >> >> But if PAM security is enabled, the same request does not create any >> response. And it also doesn't show an error in the drill logs. >> >> Thanks! >> >> Best >> Benedikt >> >> -- >> Dr. Benedikt Köhler >> Mail: [email protected]
