Search in sources :

Example 1 with RpcOutcomeListener

use of org.apache.drill.exec.rpc.RpcOutcomeListener in project drill by apache.

the class UserClient method authenticate.

private CheckedFuture<Void, SaslException> authenticate(final DrillProperties properties) {
    final Map<String, String> propertiesMap = properties.stringPropertiesAsMap();
    // Set correct QOP property and Strength based on server needs encryption or not.
    // If ChunkMode is enabled then negotiate for buffer size equal to wrapChunkSize,
    // If ChunkMode is disabled then negotiate for MAX_WRAPPED_SIZE buffer size.
    propertiesMap.putAll(SaslProperties.getSaslProperties(connection.isEncryptionEnabled(), connection.getMaxWrappedSize()));
    // use handleAuthFailure to setException
    final SettableFuture<Void> authSettable = SettableFuture.create();
    final CheckedFuture<Void, SaslException> authFuture = new AbstractCheckedFuture<Void, SaslException>(authSettable) {

        @Override
        protected SaslException mapException(Exception e) {
            if (e instanceof ExecutionException) {
                final Throwable cause = Throwables.getRootCause(e);
                if (cause instanceof SaslException) {
                    return new SaslException(String.format("Authentication failed. [Details: %s, Error %s]", connection.getEncryptionCtxtString(), cause.getMessage()), cause);
                }
            }
            return new SaslException(String.format("Authentication failed unexpectedly. [Details: %s, Error %s]", connection.getEncryptionCtxtString(), e.getMessage()), e);
        }
    };
    final AuthenticatorFactory factory;
    final String mechanismName;
    final UserGroupInformation ugi;
    final SaslClient saslClient;
    try {
        factory = getAuthenticatorFactory(properties);
        mechanismName = factory.getSimpleName();
        logger.trace("Will try to authenticate to server using {} mechanism with encryption context {}", mechanismName, connection.getEncryptionCtxtString());
        ugi = factory.createAndLoginUser(propertiesMap);
        saslClient = factory.createSaslClient(ugi, propertiesMap);
        if (saslClient == null) {
            throw new SaslException(String.format("Cannot initiate authentication using %s mechanism. Insufficient " + "credentials or selected mechanism doesn't support configured security layers?", factory.getSimpleName()));
        }
        connection.setSaslClient(saslClient);
    } catch (final IOException e) {
        authSettable.setException(e);
        return authFuture;
    }
    logger.trace("Initiating SASL exchange.");
    new AuthenticationOutcomeListener<>(this, connection, RpcType.SASL_MESSAGE, ugi, new RpcOutcomeListener<Void>() {

        @Override
        public void failed(RpcException ex) {
            authSettable.setException(ex);
        }

        @Override
        public void success(Void value, ByteBuf buffer) {
            authComplete = true;
            authSettable.set(null);
        }

        @Override
        public void interrupted(InterruptedException e) {
            authSettable.setException(e);
        }
    }).initiate(mechanismName);
    return authFuture;
}
Also used : IOException(java.io.IOException) AbstractCheckedFuture(com.google.common.util.concurrent.AbstractCheckedFuture) SaslException(javax.security.sasl.SaslException) AuthenticatorFactory(org.apache.drill.exec.rpc.security.AuthenticatorFactory) ByteBuf(io.netty.buffer.ByteBuf) RpcException(org.apache.drill.exec.rpc.RpcException) SaslException(javax.security.sasl.SaslException) NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException) IOException(java.io.IOException) ExecutionException(java.util.concurrent.ExecutionException) SaslClient(javax.security.sasl.SaslClient) RpcException(org.apache.drill.exec.rpc.RpcException) NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException) ExecutionException(java.util.concurrent.ExecutionException) UserGroupInformation(org.apache.hadoop.security.UserGroupInformation) RpcOutcomeListener(org.apache.drill.exec.rpc.RpcOutcomeListener)

Aggregations

AbstractCheckedFuture (com.google.common.util.concurrent.AbstractCheckedFuture)1 ByteBuf (io.netty.buffer.ByteBuf)1 IOException (java.io.IOException)1 ExecutionException (java.util.concurrent.ExecutionException)1 SaslClient (javax.security.sasl.SaslClient)1 SaslException (javax.security.sasl.SaslException)1 NonTransientRpcException (org.apache.drill.exec.rpc.NonTransientRpcException)1 RpcException (org.apache.drill.exec.rpc.RpcException)1 RpcOutcomeListener (org.apache.drill.exec.rpc.RpcOutcomeListener)1 AuthenticatorFactory (org.apache.drill.exec.rpc.security.AuthenticatorFactory)1 UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)1