Examples with AuthenticationResult org.apache.druid.server.security.AuthenticationResult used on opensource projects

Example 56 with AuthenticationResult

use of org.apache.druid.server.security.AuthenticationResult in project druid by druid-io.

the class DruidMeta method authenticateConnection.

@Nullable
private AuthenticationResult authenticateConnection(final DruidConnection connection) {
    Map<String, Object> context = connection.context();
    for (Authenticator authenticator : authenticators) {
        LOG.debug("Attempting authentication with authenticator[%s]", authenticator.getClass());
        AuthenticationResult authenticationResult = authenticator.authenticateJDBCContext(context);
        if (authenticationResult != null) {
            LOG.debug("Authenticated identity[%s] for connection[%s]", authenticationResult.getIdentity(), connection.getConnectionId());
            return authenticationResult;
        }
    }
    LOG.debug("No successful authentication");
    return null;
}

Example 57 with AuthenticationResult

use of org.apache.druid.server.security.AuthenticationResult in project druid by druid-io.

the class DruidMeta method prepareAndExecute.

@Override
public ExecuteResult prepareAndExecute(final StatementHandle statement, final String sql, final long maxRowCount, final int maxRowsInFirstFrame, final PrepareCallback callback) throws NoSuchStatementException {
    try {
        // Ignore "callback", this class is designed for use with LocalService which doesn't use it.
        final DruidStatement druidStatement = getDruidStatement(statement);
        final DruidConnection druidConnection = getDruidConnection(statement.connectionId);
        AuthenticationResult authenticationResult = authenticateConnection(druidConnection);
        if (authenticationResult == null) {
            throw logFailure(new ForbiddenException("Authentication failed."), "Authentication failed for statement[%s]", druidStatement.getStatementId());
        }
        druidStatement.prepare(sql, maxRowCount, authenticationResult);
        final Frame firstFrame = druidStatement.execute(Collections.emptyList()).nextFrame(DruidStatement.START_OFFSET, getEffectiveMaxRowsPerFrame(maxRowsInFirstFrame));
        final Signature signature = druidStatement.getSignature();
        LOG.debug("Successfully prepared statement[%s] and started execution", druidStatement.getStatementId());
        return new ExecuteResult(ImmutableList.of(MetaResultSet.create(statement.connectionId, statement.id, false, signature, firstFrame)));
    }// cannot affect these exceptions as avatica handles them
     catch (NoSuchConnectionException | NoSuchStatementException e) {
        throw e;
    } catch (Throwable t) {
        throw errorHandler.sanitize(t);
    }
}

Example 58 with AuthenticationResult

use of org.apache.druid.server.security.AuthenticationResult in project druid by druid-io.

the class SqlLifecycle method validateAndAuthorize.

/**
 * Validate SQL query and authorize against any datasources or views which the query. Like
 * {@link #validateAndAuthorize(AuthenticationResult)} but for a {@link HttpServletRequest}.
 *
 * If successful, the lifecycle will first transition from {@link State#INITIALIZED} first to
 * {@link State#AUTHORIZING} and then to either {@link State#AUTHORIZED} or {@link State#UNAUTHORIZED}.
 */
public void validateAndAuthorize(HttpServletRequest req) {
    transition(State.INITIALIZED, State.AUTHORIZING);
    AuthenticationResult authResult = AuthorizationUtils.authenticationResultFromRequest(req);
    validate(authResult);
    Access access = doAuthorize(AuthorizationUtils.authorizeAllResourceActions(req, validationResult.getResourceActions(), plannerFactory.getAuthorizerMapper()));
    checkAccess(access);
}