datahub/datahub-frontend/app/security/AuthenticationManager.java

package security;

import com.google.common.base.Preconditions;
import java.util.Collections;
import javax.annotation.Nonnull;
import javax.naming.AuthenticationException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.apache.commons.lang3.StringUtils;
import org.eclipse.jetty.jaas.JAASLoginService;
import org.eclipse.jetty.jaas.PropertyUserStoreManager;
import play.Logger;


public class AuthenticationManager {

  private AuthenticationManager(boolean verbose) {
  }

  public static void authenticateJaasUser(@Nonnull String userName, @Nonnull String password) throws Exception {
    Preconditions.checkArgument(!StringUtils.isAnyEmpty(userName), "Username cannot be empty");
    JAASLoginService jaasLoginService = new JAASLoginService("WHZ-Authentication");
    PropertyUserStoreManager propertyUserStoreManager = new PropertyUserStoreManager();
    propertyUserStoreManager.start();
    jaasLoginService.setBeans(Collections.singletonList(propertyUserStoreManager));
    JAASLoginService.INSTANCE.set(jaasLoginService);
    try {
      LoginContext lc = new LoginContext("WHZ-Authentication", new WHZCallbackHandler(userName, password));
      lc.login();
    } catch (LoginException le) {
      AuthenticationException authenticationException = new AuthenticationException(le.getMessage());
      authenticationException.setRootCause(le);
      throw authenticationException;
    }
  }

  private static class WHZCallbackHandler implements CallbackHandler {
    private String password;
    private String username;

    private WHZCallbackHandler(@Nonnull String username, @Nonnull String password) {
      this.username = username;
      this.password = password;
    }

    @Override
    public void handle(@Nonnull Callback[] callbacks) {
      NameCallback nc = null;
      PasswordCallback pc = null;
      for (Callback callback : callbacks) {
        Logger.debug("The submitted callback is of type: " + callback.getClass() + " : " + callback);
        if (callback instanceof NameCallback) {
          nc = (NameCallback) callback;
          nc.setName(this.username);
        } else if (callback instanceof PasswordCallback) {
          pc = (PasswordCallback) callback;
          pc.setPassword(this.password.toCharArray());
        }
      }
    }
  }
}
Initial commit 2015-11-19 14:39:21 -08:00			`package security;`

address more reviewer comments 2018-07-31 13:22:18 -07:00			`import com.google.common.base.Preconditions;`
chore(jetty): upgrade jetty to 9.4.46 for CVE (#4857) 2022-05-06 16:18:20 -05:00			`import java.util.Collections;`
Initial commit for Data Hub 2019-08-31 20:51:14 -07:00			`import javax.annotation.Nonnull;`
Fix Hive Extract job file writing issues, add more authentication log (#419) 2017-04-06 22:01:29 -07:00			`import javax.naming.AuthenticationException;`
Initial commit for Data Hub 2019-08-31 20:51:14 -07:00			`import javax.security.auth.callback.Callback;`
			`import javax.security.auth.callback.CallbackHandler;`
			`import javax.security.auth.callback.NameCallback;`
			`import javax.security.auth.callback.PasswordCallback;`
Add authentication using jaas config 2018-07-27 16:33:52 -07:00			`import javax.security.auth.login.LoginContext;`
			`import javax.security.auth.login.LoginException;`
chore(jetty): upgrade jetty to 9.4.46 for CVE (#4857) 2022-05-06 16:18:20 -05:00			`import org.apache.commons.lang3.StringUtils;`
			`import org.eclipse.jetty.jaas.JAASLoginService;`
			`import org.eclipse.jetty.jaas.PropertyUserStoreManager;`
			`import play.Logger;`

address reviewer comments 2018-07-31 10:10:52 -07:00
Initial commit 2015-11-19 14:39:21 -08:00			`public class AuthenticationManager {`

fix(vulnerabilities)/vulnerabilities_fixes_datahub (#8075) (#8189) Co-authored-by: Sejal-NucleusTeq <109514187+Sejal-NucleusTeq@users.noreply.github.com> 2023-06-07 18:42:19 -05:00			`private AuthenticationManager(boolean verbose) {`
Initial commit for Data Hub 2019-08-31 20:51:14 -07:00			`}`

refactor(frontend): Addressing minor issues (#6012) 2022-09-21 14:21:55 -07:00			`public static void authenticateJaasUser(@Nonnull String userName, @Nonnull String password) throws Exception {`
Initial commit for Data Hub 2019-08-31 20:51:14 -07:00			`Preconditions.checkArgument(!StringUtils.isAnyEmpty(userName), "Username cannot be empty");`
refactor(frontend): Addressing minor issues (#6012) 2022-09-21 14:21:55 -07:00			`JAASLoginService jaasLoginService = new JAASLoginService("WHZ-Authentication");`
			`PropertyUserStoreManager propertyUserStoreManager = new PropertyUserStoreManager();`
			`propertyUserStoreManager.start();`
			`jaasLoginService.setBeans(Collections.singletonList(propertyUserStoreManager));`
			`JAASLoginService.INSTANCE.set(jaasLoginService);`
Add authentication using jaas config 2018-07-27 16:33:52 -07:00			`try {`
address reviewer comments 2018-07-31 10:10:52 -07:00			`LoginContext lc = new LoginContext("WHZ-Authentication", new WHZCallbackHandler(userName, password));`
Add authentication using jaas config 2018-07-27 16:33:52 -07:00			`lc.login();`
			`} catch (LoginException le) {`
fix(vulnerabilities)/vulnerabilities_fixes_datahub (#8075) (#8189) Co-authored-by: Sejal-NucleusTeq <109514187+Sejal-NucleusTeq@users.noreply.github.com> 2023-06-07 18:42:19 -05:00			`AuthenticationException authenticationException = new AuthenticationException(le.getMessage());`
			`authenticationException.setRootCause(le);`
			`throw authenticationException;`
Fix Hive Extract job file writing issues, add more authentication log (#419) 2017-04-06 22:01:29 -07:00			`}`
Login authentication support multiple LDAP servers, add login history 2016-10-13 14:27:02 -07:00			`}`

add jaas config 2018-07-30 15:39:24 -07:00			`private static class WHZCallbackHandler implements CallbackHandler {`
feat(datahub-frontend): Adding basic file-based authentication to datahub-frontend (#2818) 2021-07-02 06:31:01 -07:00			`private String password;`
			`private String username;`
Initial commit for Data Hub 2019-08-31 20:51:14 -07:00
			`private WHZCallbackHandler(@Nonnull String username, @Nonnull String password) {`
Add authentication using jaas config 2018-07-27 16:33:52 -07:00			`this.username = username;`
			`this.password = password;`
Login authentication support multiple LDAP servers, add login history 2016-10-13 14:27:02 -07:00			`}`
address reviewer comments 2018-07-31 10:10:52 -07:00
			`@Override`
Initial commit for Data Hub 2019-08-31 20:51:14 -07:00			`public void handle(@Nonnull Callback[] callbacks) {`
Add authentication using jaas config 2018-07-27 16:33:52 -07:00			`NameCallback nc = null;`
			`PasswordCallback pc = null;`
			`for (Callback callback : callbacks) {`
fix(tests): Misc updates for tests, auth log level, and quickstart (#6491) 2022-11-29 10:44:55 -06:00			`Logger.debug("The submitted callback is of type: " + callback.getClass() + " : " + callback);`
Add authentication using jaas config 2018-07-27 16:33:52 -07:00			`if (callback instanceof NameCallback) {`
			`nc = (NameCallback) callback;`
			`nc.setName(this.username);`
			`} else if (callback instanceof PasswordCallback) {`
			`pc = (PasswordCallback) callback;`
			`pc.setPassword(this.password.toCharArray());`
			`}`
Login authentication support multiple LDAP servers, add login history 2016-10-13 14:27:02 -07:00			`}`
SNA-24784, fix the user watch issue when the user is not in users table 2016-03-10 16:32:37 -08:00			`}`
Login authentication support multiple LDAP servers, add login history 2016-10-13 14:27:02 -07:00			`}`
			`}`