From 819700cbc51da74c9b390e8ea46e86ca76ec4eca Mon Sep 17 00:00:00 2001 From: Jonathan Wei Date: Mon, 13 Nov 2017 13:12:31 -0800 Subject: [PATCH] Automatically insert authenticator/authorizer names into config properties (#5071) --- docs/content/configuration/auth.md | 12 ++++++++++++ .../initialization/AuthenticatorMapperModule.java | 9 ++++++++- .../initialization/AuthorizerMapperModule.java | 10 +++++++++- 3 files changed, 29 insertions(+), 2 deletions(-) diff --git a/docs/content/configuration/auth.md b/docs/content/configuration/auth.md index d498d217f4f..254bfb8221f 100644 --- a/docs/content/configuration/auth.md +++ b/docs/content/configuration/auth.md @@ -100,3 +100,15 @@ Authenticators must implement three methods related to the internal system user: `createEscalatedJettyClient` is similar to `createEscalatedClient`, except that it operates on a Jetty HttpClient. `createEscalatedAuthenticationResult` returns an AuthenticationResult containing the identity of the "internal system user". + +## Reserved Name Configuration Property + +For extension implementers, please note that the following configuration properties are reserved for the names of Authenticators and Authorizers: + +``` +druid.auth.authenticator..name= +druid.auth.authorizer..name= + +``` + +These properties provide the authenticator and authorizer names to the implementations as @JsonProperty parameters, potentially useful when multiple authenticators or authorizers of the same type are configured. diff --git a/server/src/main/java/io/druid/server/initialization/AuthenticatorMapperModule.java b/server/src/main/java/io/druid/server/initialization/AuthenticatorMapperModule.java index 56b7b0097cd..cb8ccbedfaf 100644 --- a/server/src/main/java/io/druid/server/initialization/AuthenticatorMapperModule.java +++ b/server/src/main/java/io/druid/server/initialization/AuthenticatorMapperModule.java @@ -108,7 +108,14 @@ public class AuthenticatorMapperModule implements DruidModule Authenticator.class ); - authenticatorProvider.inject(props, configurator); + String nameProperty = StringUtils.format("druid.auth.authenticator.%s.name", authenticatorName); + Properties adjustedProps = new Properties(props); + if (adjustedProps.containsKey(nameProperty)) { + throw new IAE("Name property [%s] is reserved.", nameProperty); + } else { + adjustedProps.put(nameProperty, authenticatorName); + } + authenticatorProvider.inject(adjustedProps, configurator); Supplier authenticatorSupplier = authenticatorProvider.get(); if (authenticatorSupplier == null) { diff --git a/server/src/main/java/io/druid/server/initialization/AuthorizerMapperModule.java b/server/src/main/java/io/druid/server/initialization/AuthorizerMapperModule.java index 54e5eda36a7..6da287a648e 100644 --- a/server/src/main/java/io/druid/server/initialization/AuthorizerMapperModule.java +++ b/server/src/main/java/io/druid/server/initialization/AuthorizerMapperModule.java @@ -111,7 +111,15 @@ public class AuthorizerMapperModule implements DruidModule Authorizer.class ); - authorizerProvider.inject(props, configurator); + String nameProperty = StringUtils.format("druid.auth.authorizer.%s.name", authorizerName); + Properties adjustedProps = new Properties(props); + if (adjustedProps.containsKey(nameProperty)) { + throw new IAE("Name property [%s] is reserved.", nameProperty); + } else { + adjustedProps.put(nameProperty, authorizerName); + } + + authorizerProvider.inject(adjustedProps, configurator); Supplier authorizerSupplier = authorizerProvider.get(); if (authorizerSupplier == null) {