Skip to content

Commit

Permalink
[KYUUBI #6041] doc update
Browse files Browse the repository at this point in the history
  • Loading branch information
wangjunbo committed Feb 4, 2024
1 parent e0bc999 commit 017894d
Show file tree
Hide file tree
Showing 5 changed files with 13 additions and 25 deletions.
1 change: 1 addition & 0 deletions docs/configuration/settings.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -249,6 +249,7 @@ You can configure the Kyuubi properties in `$KYUUBI_HOME/conf/kyuubi-defaults.co
| kyuubi.frontend.rest.bind.host | <undefined> | Hostname or IP of the machine on which to run the REST frontend service. | string | 1.4.0 |
| kyuubi.frontend.rest.bind.port | 10099 | Port of the machine on which to run the REST frontend service. | int | 1.4.0 |
| kyuubi.frontend.rest.max.worker.threads | 999 | Maximum number of threads in the frontend worker thread pool for the rest frontend service | int | 1.6.2 |
| kyuubi.frontend.rest.security.enabled | true | Whether to enable kyuubi server restful api secure access. | boolean | 1.9.0 |
| kyuubi.frontend.ssl.keystore.algorithm | <undefined> | SSL certificate keystore algorithm. | string | 1.7.0 |
| kyuubi.frontend.ssl.keystore.password | <undefined> | SSL certificate keystore password. | string | 1.7.0 |
| kyuubi.frontend.ssl.keystore.path | <undefined> | SSL certificate keystore location. | string | 1.7.0 |
Expand Down
16 changes: 8 additions & 8 deletions kyuubi-common/src/main/scala/org/apache/kyuubi/config/KyuubiConf.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -797,14 +797,6 @@ object KyuubiConf {
.checkValues(AuthTypes)
.createWithDefault(Seq(AuthTypes.NONE.toString))

val RESTFUL_AUTHENTICATION: ConfigEntry[Boolean] =
buildConf("kyuubi.restful.security.enabled")
.doc("Whether to enable kyuubi server restful api secure access.")
.version("1.9.0")
.serverOnly
.booleanConf
.createWithDefault(true)

val AUTHENTICATION_CUSTOM_CLASS: OptionalConfigEntry[String] =
buildConf("kyuubi.authentication.custom.class")
.doc("User-defined authentication implementation of " +
Expand Down Expand Up @@ -1053,6 +1045,14 @@ object KyuubiConf {
.checkValue(p => p == 0 || (p > 1024 && p < 65535), "Invalid Port number")
.createWithDefault(10099)

val RESTFUL_AUTHENTICATION: ConfigEntry[Boolean] =
buildConf("kyuubi.frontend.rest.security.enabled")
.doc("Whether to enable kyuubi server restful api secure access.")
.version("1.9.0")
.serverOnly
.booleanConf
.createWithDefault(true)

val FRONTEND_MYSQL_BIND_HOST: ConfigEntry[Option[String]] =
buildConf("kyuubi.frontend.mysql.bind.host")
.doc("Hostname or IP of the machine on which to run the MySQL frontend service.")
Expand Down
2 changes: 1 addition & 1 deletion kyuubi-server/src/test/scala/org/apache/kyuubi/RestClientTestHelper.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ trait RestClientTestHelper extends RestFrontendTestHelper with KerberizedTestHel
super.afterAll()
}

protected val otherConfigs: Map[String, String] = Map.empty
protected def otherConfigs: Map[String, String] = Map.empty

override protected lazy val conf: KyuubiConf = {
val config = new Configuration()
Expand Down
2 changes: 1 addition & 1 deletion kyuubi-server/src/test/scala/org/apache/kyuubi/operation/KyuubiRestAuthenticationSuite.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ import org.apache.kyuubi.session.KyuubiSession

class KyuubiRestAuthenticationSuite extends RestClientTestHelper {

override protected val otherConfigs: Map[String, String] = {
override protected def otherConfigs: Map[String, String] = {
Map(
KyuubiConf.ENGINE_SECURITY_ENABLED.key -> "true",
KyuubiConf.ENGINE_SECURITY_SECRET_PROVIDER.key -> "simple",
Expand Down
17 changes: 2 additions & 15 deletions ...ver/src/test/scala/org/apache/kyuubi/operation/KyuubiRestDisableAuthenticationSuite.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,27 +20,14 @@ package org.apache.kyuubi.operation
import javax.servlet.http.HttpServletResponse

import org.apache.kyuubi.config.KyuubiConf
import org.apache.kyuubi.service.authentication.InternalSecurityAccessor

class KyuubiRestDisableAuthenticationSuite extends KyuubiRestAuthenticationSuite {

override protected val otherConfigs: Map[String, String] = {
Map(
KyuubiConf.RESTFUL_AUTHENTICATION.key -> "false",
KyuubiConf.ENGINE_SECURITY_ENABLED.key -> "true",
KyuubiConf.ENGINE_SECURITY_SECRET_PROVIDER.key -> "simple",
KyuubiConf.SIMPLE_SECURITY_SECRET_PROVIDER_PROVIDER_SECRET.key -> "_KYUUBI_REST_",
// allow to impersonate other users with spnego authentication
s"hadoop.proxyuser.$clientPrincipalUser.groups" -> "*",
s"hadoop.proxyuser.$clientPrincipalUser.hosts" -> "*")
super.otherConfigs + (KyuubiConf.RESTFUL_AUTHENTICATION.key -> "false")
}

override def beforeAll(): Unit = {
super.beforeAll()
InternalSecurityAccessor.initialize(conf, true)
}

test("test without authorization when disable kyuubi.restful.security.enabled") {
test("test without authorization when disable restful api authentication") {
val response = webTarget.path("api/v1/sessions/count")
.request()
.get()
Expand Down

0 comments on commit 017894d

Please sign in to comment.