• Home
• org.apache.calcite.avatica
• avatica-server
• 1.25.0
• source code
• AbstractAvaticaHandler.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.apache.calcite.avatica.server.AbstractAvaticaHandler Maven / Gradle / Ivy

/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to you under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apache.calcite.avatica.server;

import org.apache.calcite.avatica.AvaticaSeverity;
import org.apache.calcite.avatica.AvaticaUtils;
import org.apache.calcite.avatica.remote.AuthenticationType;
import org.apache.calcite.avatica.remote.Service.ErrorResponse;

import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.handler.AbstractHandler;

import java.io.IOException;
import java.net.HttpURLConnection;
import java.util.Collections;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Base-class for Avatica implemented Jetty Handlers.
 */
public abstract class AbstractAvaticaHandler extends AbstractHandler
    implements MetricsAwareAvaticaHandler {

  private static final ErrorResponse UNAUTHORIZED_ERROR = new ErrorResponse(
      Collections.emptyList(), "User is not authenticated",
      ErrorResponse.UNAUTHORIZED_ERROR_CODE, ErrorResponse.UNAUTHORIZED_SQL_STATE,
      AvaticaSeverity.ERROR, null);

  /**
   * Determines if a request is permitted to be executed. The server may require authentication
   * and the login mechanism might have failed. This check verifies that only authenticated
   * users are permitted through when the server is requiring authentication. When a user
   * is disallowed, a status code and response will be automatically written to the provided
   * response and the caller should return immediately.
   *
   * @param serverConfig The server's configuration
   * @param request The user's request
   * @param response The response to the user's request
   * @return True if request can proceed, false otherwise.
   */
  public boolean isUserPermitted(AvaticaServerConfiguration serverConfig, Request baseRequest,
      HttpServletRequest request, HttpServletResponse response) throws IOException {
    // Make sure that we drop any unauthenticated users out first.
    if (null != serverConfig) {
      if (AuthenticationType.SPNEGO == serverConfig.getAuthenticationType()) {
        // This is largely a failsafe. We should never normally get here, but
        // AvaticaSpnegoAuthenticator should throw the HTTP/401.
        String remoteUser = request.getRemoteUser();
        if (null == remoteUser) {
          ServletInputStream input = request.getInputStream();
          if (request.getContentLengthLong() < 0) {
            AvaticaUtils.skipFully(input);
          }
          response.setStatus(HttpURLConnection.HTTP_UNAUTHORIZED);
          response.getOutputStream().write(UNAUTHORIZED_ERROR.serialize().toByteArray());
          baseRequest.setHandled(true);
          return false;
        }
      }
    }

    return true;
  }
}

// End AbstractAvaticaHandler.java