-
Notifications
You must be signed in to change notification settings - Fork 902
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[FEATURE] JDBC Authentication Provider for server #3222
Labels
Comments
bowenliang123
changed the title
[FEATURE] Provide JDBC Authentication Provider
[FEATURE] JDBC source Authentication Provider for server
Aug 12, 2022
bowenliang123
changed the title
[FEATURE] JDBC source Authentication Provider for server
[FEATURE] JDBC Authentication Provider for server
Aug 12, 2022
3 tasks
This was referenced Aug 18, 2022
pan3793
added a commit
to pan3793/kyuubi
that referenced
this issue
Aug 19, 2022
yaooqinn
pushed a commit
that referenced
this issue
Aug 19, 2022
### _Why are the changes needed?_ fix #3269 Add docs for JDBC auth provider from #3222 shipping within 1.6.0, add jdbc.rst in /docs/security path simplify the config docs for kyuubi.authentication.jdbc.query in /docs/deployment/settings.md by moving examples to the docs of jdbc auth provider. ### _How was this patch tested?_ - [ ] Add some test cases that check the changes thoroughly including negative and positive cases if possible - [ ] Add screenshots for manual tests if appropriate - [x] [Run test](https://kyuubi.apache.org/docs/latest/develop_tools/testing.html#running-tests) locally before make a pull request Closes #3275 from bowenliang123/doc-jdbc-auth. Closes #3275 e393f6d [liangbowen] fix config example mistakes ab70cc8 [liangbowen] update doc for auth query sql ebd5e19 [liangbowen] update doc description 0b15af5 [liangbowen] typo 953000f [liangbowen] typo ab944e7 [liangbowen] typo e3c3d25 [liangbowen] regenerate conf docs. udpate jdbc.md. 45429ad [liangbowen] typo 3b05338 [liangbowen] add docs for jdbc authentication provider Authored-by: liangbowen <liangbowen@gf.com.cn> Signed-off-by: Kent Yao <yao@apache.org>
pan3793
added a commit
to pan3793/kyuubi
that referenced
this issue
Aug 19, 2022
pan3793
added a commit
that referenced
this issue
Aug 20, 2022
### _Why are the changes needed?_ This is the followup of #3235, the main change is introdude `JdbcUtils` to simplify code, and allow empty password for Jdbc auth. Jdbc connection pool has been removed because `JdbcAuthenticationProviderImpl` will be created on each connection, we can improve to use singleton in the future ### _How was this patch tested?_ - [ ] Add some test cases that check the changes thoroughly including negative and positive cases if possible - [ ] Add screenshots for manual tests if appropriate - [x] [Run test](https://kyuubi.apache.org/docs/latest/develop_tools/testing.html#running-tests) locally before make a pull request Closes #3278 from pan3793/jdbc-followup. Closes #3222 2863cae [Cheng Pan] Update kyuubi-common/src/test/scala/org/apache/kyuubi/service/authentication/JdbcAuthenticationProviderImplSuite.scala 51a9c45 [Cheng Pan] Update kyuubi-common/src/test/scala/org/apache/kyuubi/service/authentication/JdbcAuthenticationProviderImplSuite.scala eee3c55 [Cheng Pan] Update kyuubi-common/src/test/scala/org/apache/kyuubi/util/JdbcUtilsSuite.scala d02bb99 [Cheng Pan] nit e001b5b [Cheng Pan] nit 8cf5cd6 [Cheng Pan] nit 032f2df [Cheng Pan] nit 8a42f18 [Cheng Pan] nit c7893fd [Cheng Pan] JdbcUtilsSuite f97f2d9 [Cheng Pan] remove pool a8812d0 [Cheng Pan] move render result set to test 83d7d4c [Cheng Pan] fix ut db787a4 [Cheng Pan] nit 864f9dd [Cheng Pan] nit b60decf [Cheng Pan] nit 8c66e0b [Cheng Pan] nit 2063c43 [Cheng Pan] [KYUUBI #3222][FOLLOWUP] Introdude JdbcUtils to simplify code Authored-by: Cheng Pan <chengpan@apache.org> Signed-off-by: Cheng Pan <chengpan@apache.org>
pan3793
added a commit
that referenced
this issue
Aug 20, 2022
### _Why are the changes needed?_ This is the followup of #3235, the main change is introdude `JdbcUtils` to simplify code, and allow empty password for Jdbc auth. Jdbc connection pool has been removed because `JdbcAuthenticationProviderImpl` will be created on each connection, we can improve to use singleton in the future ### _How was this patch tested?_ - [ ] Add some test cases that check the changes thoroughly including negative and positive cases if possible - [ ] Add screenshots for manual tests if appropriate - [x] [Run test](https://kyuubi.apache.org/docs/latest/develop_tools/testing.html#running-tests) locally before make a pull request Closes #3278 from pan3793/jdbc-followup. Closes #3222 2863cae [Cheng Pan] Update kyuubi-common/src/test/scala/org/apache/kyuubi/service/authentication/JdbcAuthenticationProviderImplSuite.scala 51a9c45 [Cheng Pan] Update kyuubi-common/src/test/scala/org/apache/kyuubi/service/authentication/JdbcAuthenticationProviderImplSuite.scala eee3c55 [Cheng Pan] Update kyuubi-common/src/test/scala/org/apache/kyuubi/util/JdbcUtilsSuite.scala d02bb99 [Cheng Pan] nit e001b5b [Cheng Pan] nit 8cf5cd6 [Cheng Pan] nit 032f2df [Cheng Pan] nit 8a42f18 [Cheng Pan] nit c7893fd [Cheng Pan] JdbcUtilsSuite f97f2d9 [Cheng Pan] remove pool a8812d0 [Cheng Pan] move render result set to test 83d7d4c [Cheng Pan] fix ut db787a4 [Cheng Pan] nit 864f9dd [Cheng Pan] nit b60decf [Cheng Pan] nit 8c66e0b [Cheng Pan] nit 2063c43 [Cheng Pan] [KYUUBI #3222][FOLLOWUP] Introdude JdbcUtils to simplify code Authored-by: Cheng Pan <chengpan@apache.org> Signed-off-by: Cheng Pan <chengpan@apache.org> (cherry picked from commit d0f75e8) Signed-off-by: Cheng Pan <chengpan@apache.org>
pan3793
pushed a commit
that referenced
this issue
Aug 22, 2022
…C Authentication Provider ### _Why are the changes needed?_ To fix the config name and placeholder with `username` introduced in #3235 violate this convention as in JDBC driver use `user` keyword used for connection user rather than `username`, 1. change config name from `kyuubi.authentication.jdbc.username` to `kyuubi.authentication.jdbc.user` 2. change placeholder from `${username}` to `${user}` 3. update docs and config description related to above changes, and sync the update in jdbc auth docs statement details to config docs. 4. fix error in throwing AuthenticationException with auth db password. ut added for the fix. 5. other minor update in docs of custom auth ### _How was this patch tested?_ - [x] Add some test cases that check the changes thoroughly including negative and positive cases if possible - [ ] Add screenshots for manual tests if appropriate - [x] [Run test](https://kyuubi.apache.org/docs/latest/develop_tools/testing.html#running-tests) locally before make a pull request Closes #3288 from bowenliang123/jdbc-auth-config-update. Closes #3222 502703f [Bowen Liang] skip map for placeholder value lookup 3733be4 [liangbowen] nit ab00525 [liangbowen] nit 2301c4f [liangbowen] fix ut of jdbc auth with wrong_password 06f0c1b [liangbowen] remove redundant docs ec4565b [liangbowen] remove redundant docs ae1cce2 [liangbowen] fix compilation error of configLog 5d14103 [liangbowen] simplify configLog 6678e65 [liangbowen] reformat 52c1038 [liangbowen] simplify placeholder checking 21c2d5e [liangbowen] check whether placeholders in supported list before conn establishment or authenticate 7db0adf [liangbowen] ut for unknown placeholder 657de6a [liangbowen] nit 736b3f2 [liangbowen] refactoring placeholder value lookup, for preventing setString multiple times with "i+1" 86c8912 [liangbowen] setMaxRows after prepare placeholder, to postpone operation on jdbc conn 115fae5 [liangbowen] increase test code coverage b45b28c [liangbowen] resultSet returned by executeQuery is never null e1c0727 [liangbowen] update ut for redactPassword in JdbcUtils b4a52e2 [liangbowen] fix typo in docs of custom auth 371c2c6 [liangbowen] move redactPassword method to JdbcUtils and add ut. a4973c5 [liangbowen] reformat code 486e150 [liangbowen] fix error in throwing AuthenticationException with auth db password. add ut for the fix. efced90 [liangbowen] update settings.md ef97e35 [liangbowen] add SELECT prefix hint for doc of kyuubi.authentication.jdbc.query 025f94c [liangbowen] fix username to user in JdbcAuthenticationProviderImpl by 1. use config name `kyuubi.authentication.jdbc.user`, 2. use ${user} placeholder instead of ${username} Lead-authored-by: liangbowen <liangbowen@gf.com.cn> Co-authored-by: Bowen Liang <liangbowen@gf.com.cn> Signed-off-by: Cheng Pan <chengpan@apache.org>
pan3793
pushed a commit
that referenced
this issue
Aug 22, 2022
### _Why are the changes needed?_ fix #3269 Add docs for JDBC auth provider from #3222 shipping within 1.6.0, add jdbc.rst in /docs/security path simplify the config docs for kyuubi.authentication.jdbc.query in /docs/deployment/settings.md by moving examples to the docs of jdbc auth provider. ### _How was this patch tested?_ - [ ] Add some test cases that check the changes thoroughly including negative and positive cases if possible - [ ] Add screenshots for manual tests if appropriate - [x] [Run test](https://kyuubi.apache.org/docs/latest/develop_tools/testing.html#running-tests) locally before make a pull request Closes #3275 from bowenliang123/doc-jdbc-auth. Closes #3275 e393f6d [liangbowen] fix config example mistakes ab70cc8 [liangbowen] update doc for auth query sql ebd5e19 [liangbowen] update doc description 0b15af5 [liangbowen] typo 953000f [liangbowen] typo ab944e7 [liangbowen] typo e3c3d25 [liangbowen] regenerate conf docs. udpate jdbc.md. 45429ad [liangbowen] typo 3b05338 [liangbowen] add docs for jdbc authentication provider Authored-by: liangbowen <liangbowen@gf.com.cn> Signed-off-by: Kent Yao <yao@apache.org>
pan3793
pushed a commit
that referenced
this issue
Aug 22, 2022
…C Authentication Provider ### _Why are the changes needed?_ To fix the config name and placeholder with `username` introduced in #3235 violate this convention as in JDBC driver use `user` keyword used for connection user rather than `username`, 1. change config name from `kyuubi.authentication.jdbc.username` to `kyuubi.authentication.jdbc.user` 2. change placeholder from `${username}` to `${user}` 3. update docs and config description related to above changes, and sync the update in jdbc auth docs statement details to config docs. 4. fix error in throwing AuthenticationException with auth db password. ut added for the fix. 5. other minor update in docs of custom auth ### _How was this patch tested?_ - [x] Add some test cases that check the changes thoroughly including negative and positive cases if possible - [ ] Add screenshots for manual tests if appropriate - [x] [Run test](https://kyuubi.apache.org/docs/latest/develop_tools/testing.html#running-tests) locally before make a pull request Closes #3288 from bowenliang123/jdbc-auth-config-update. Closes #3222 502703f [Bowen Liang] skip map for placeholder value lookup 3733be4 [liangbowen] nit ab00525 [liangbowen] nit 2301c4f [liangbowen] fix ut of jdbc auth with wrong_password 06f0c1b [liangbowen] remove redundant docs ec4565b [liangbowen] remove redundant docs ae1cce2 [liangbowen] fix compilation error of configLog 5d14103 [liangbowen] simplify configLog 6678e65 [liangbowen] reformat 52c1038 [liangbowen] simplify placeholder checking 21c2d5e [liangbowen] check whether placeholders in supported list before conn establishment or authenticate 7db0adf [liangbowen] ut for unknown placeholder 657de6a [liangbowen] nit 736b3f2 [liangbowen] refactoring placeholder value lookup, for preventing setString multiple times with "i+1" 86c8912 [liangbowen] setMaxRows after prepare placeholder, to postpone operation on jdbc conn 115fae5 [liangbowen] increase test code coverage b45b28c [liangbowen] resultSet returned by executeQuery is never null e1c0727 [liangbowen] update ut for redactPassword in JdbcUtils b4a52e2 [liangbowen] fix typo in docs of custom auth 371c2c6 [liangbowen] move redactPassword method to JdbcUtils and add ut. a4973c5 [liangbowen] reformat code 486e150 [liangbowen] fix error in throwing AuthenticationException with auth db password. add ut for the fix. efced90 [liangbowen] update settings.md ef97e35 [liangbowen] add SELECT prefix hint for doc of kyuubi.authentication.jdbc.query 025f94c [liangbowen] fix username to user in JdbcAuthenticationProviderImpl by 1. use config name `kyuubi.authentication.jdbc.user`, 2. use ${user} placeholder instead of ${username} Lead-authored-by: liangbowen <liangbowen@gf.com.cn> Co-authored-by: Bowen Liang <liangbowen@gf.com.cn> Signed-off-by: Cheng Pan <chengpan@apache.org>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Code of Conduct
Search before asking
Describe the feature
Add JDBC authentication provider as implementation of PasswdAuthenticationProvider out of box.
Compared to currently support authentication methods like Kerberos and LDAP, JDBC source is a much easy and stable source for practical deployment.
The solution should provide:
Motivation
No response
Describe the solution
Add
JDBC
toAuthMethods
enum andJDBCPasswdAuthenticationProvider
into packageorg.apache.kyuubi.service.authentication
with listed features:SELECT * from user_pass_hash where username = ${user} and password = MD5(${password})
Additional context
No response
Are you willing to submit PR?
The text was updated successfully, but these errors were encountered: