use of org.apache.drill.exec.rpc.user.security.UserAuthenticator in project drill by apache.
the class DrillRestLoginService method login.
@Override
public UserIdentity login(String username, Object credentials) {
if (!(credentials instanceof String)) {
return null;
}
try {
// Authenticate WebUser locally using UserAuthenticator. If WebServer is started that guarantees the PLAIN
// mechanism is configured and authenticator is also available
final AuthenticatorFactory plainFactory = drillbitContext.getAuthProvider().getAuthenticatorFactory(PlainFactory.SIMPLE_NAME);
final UserAuthenticator userAuthenticator = ((PlainFactory) plainFactory).getAuthenticator();
// Authenticate the user with configured Authenticator
userAuthenticator.authenticate(username, credentials.toString());
logger.debug("WebUser {} is successfully authenticated", username);
final SystemOptionManager sysOptions = drillbitContext.getOptionManager();
final boolean isAdmin = ImpersonationUtil.hasAdminPrivileges(username, sysOptions.getOption(ExecConstants.ADMIN_USERS_KEY).string_val, sysOptions.getOption(ExecConstants.ADMIN_USER_GROUPS_KEY).string_val);
// Create the UserPrincipal corresponding to logged in user.
final Principal userPrincipal = new DrillUserPrincipal(username, isAdmin);
final Subject subject = new Subject();
subject.getPrincipals().add(userPrincipal);
subject.getPrivateCredentials().add(credentials);
if (isAdmin) {
subject.getPrincipals().addAll(DrillUserPrincipal.ADMIN_PRINCIPALS);
return identityService.newUserIdentity(subject, userPrincipal, DrillUserPrincipal.ADMIN_USER_ROLES);
} else {
subject.getPrincipals().addAll(DrillUserPrincipal.NON_ADMIN_PRINCIPALS);
return identityService.newUserIdentity(subject, userPrincipal, DrillUserPrincipal.NON_ADMIN_USER_ROLES);
}
} catch (final Exception e) {
if (e instanceof UserAuthenticationException) {
logger.debug("Authentication failed for WebUser '{}'", username, e);
} else {
logger.error("UnExpected failure occurred for WebUser {} during login.", username, e);
}
return null;
}
}
Aggregations