teiid SVN: r3391 - in branches/7.4.x/engine/src: main/java/org/teiid/query/optimizer/relational/rules and 1 other directories.
by teiid-commits@lists.jboss.org
Author: shawkins
Date: 2011-08-17 16:24:17 -0400 (Wed, 17 Aug 2011)
New Revision: 3391
Modified:
branches/7.4.x/engine/src/main/java/org/teiid/query/optimizer/relational/plantree/NodeEditor.java
branches/7.4.x/engine/src/main/java/org/teiid/query/optimizer/relational/rules/RuleImplementJoinStrategy.java
branches/7.4.x/engine/src/test/java/org/teiid/query/processor/TestTextTable.java
Log:
TEIID-1717 fix for NPE with Texttable join
Modified: branches/7.4.x/engine/src/main/java/org/teiid/query/optimizer/relational/plantree/NodeEditor.java
===================================================================
--- branches/7.4.x/engine/src/main/java/org/teiid/query/optimizer/relational/plantree/NodeEditor.java 2011-08-17 15:24:59 UTC (rev 3390)
+++ branches/7.4.x/engine/src/main/java/org/teiid/query/optimizer/relational/plantree/NodeEditor.java 2011-08-17 20:24:17 UTC (rev 3391)
@@ -54,6 +54,9 @@
}
public static final PlanNode findNodePreOrder(PlanNode root, int types, int stopTypes) {
+ if (root == null) {
+ return null;
+ }
if((types & root.getType()) == root.getType()) {
return root;
} else if((stopTypes & root.getType()) == root.getType()) {
Modified: branches/7.4.x/engine/src/main/java/org/teiid/query/optimizer/relational/rules/RuleImplementJoinStrategy.java
===================================================================
--- branches/7.4.x/engine/src/main/java/org/teiid/query/optimizer/relational/rules/RuleImplementJoinStrategy.java 2011-08-17 15:24:59 UTC (rev 3390)
+++ branches/7.4.x/engine/src/main/java/org/teiid/query/optimizer/relational/rules/RuleImplementJoinStrategy.java 2011-08-17 20:24:17 UTC (rev 3391)
@@ -227,7 +227,7 @@
PlanNode sortNode = createSortNode(new ArrayList<SingleElementSymbol>(orderSymbols), outputSymbols);
boolean distinct = false;
- if (sourceNode.getType() == NodeConstants.Types.SOURCE && outputSymbols.size() == expressions.size() && outputSymbols.containsAll(expressions)) {
+ if (sourceNode.getFirstChild() != null && sourceNode.getType() == NodeConstants.Types.SOURCE && outputSymbols.size() == expressions.size() && outputSymbols.containsAll(expressions)) {
PlanNode setOp = NodeEditor.findNodePreOrder(sourceNode.getFirstChild(), NodeConstants.Types.SET_OP, NodeConstants.Types.SOURCE);
if (setOp != null) {
if (setOp.hasBooleanProperty(NodeConstants.Info.USE_ALL)) {
Modified: branches/7.4.x/engine/src/test/java/org/teiid/query/processor/TestTextTable.java
===================================================================
--- branches/7.4.x/engine/src/test/java/org/teiid/query/processor/TestTextTable.java 2011-08-17 15:24:59 UTC (rev 3390)
+++ branches/7.4.x/engine/src/test/java/org/teiid/query/processor/TestTextTable.java 2011-08-17 20:24:17 UTC (rev 3391)
@@ -278,6 +278,21 @@
helpProcess(plan, createCommandContext(), dataManager, expected);
}
+ @Test public void testTextTableJoin1() throws Exception {
+ String sql = "select e1, e2 from texttable('a' COLUMNS col string) x, pm1.g1 where col = e1";
+
+ List[] expected = new List[] {
+ Arrays.asList("a", 0),
+ Arrays.asList("a", 3),
+ Arrays.asList("a", 0),
+ };
+
+ FakeDataManager dataManager = new FakeDataManager();
+ sampleData1(dataManager);
+ RelationalPlan plan = (RelationalPlan)helpGetPlan(helpParse(sql), RealMetadataFactory.example1Cached());
+ helpProcess(plan, createCommandContext(), dataManager, expected);
+ }
+
public static void process(String sql, List[] expectedResults) throws Exception {
FakeDataManager dataManager = new FakeDataManager();
sampleData1(dataManager);
13 years, 4 months
- 1
- 0
teiid SVN: r3390 - branches/7.4.x/documentation/client-developers-guide/src/main/docbook/en-US/content.
by teiid-commits@lists.jboss.org
Author: rareddy
Date: 2011-08-17 11:24:59 -0400 (Wed, 17 Aug 2011)
New Revision: 3390
Modified:
branches/7.4.x/documentation/client-developers-guide/src/main/docbook/en-US/content/odbc.xml
Log:
TEIID-1716
Modified: branches/7.4.x/documentation/client-developers-guide/src/main/docbook/en-US/content/odbc.xml
===================================================================
--- branches/7.4.x/documentation/client-developers-guide/src/main/docbook/en-US/content/odbc.xml 2011-08-17 14:23:34 UTC (rev 3389)
+++ branches/7.4.x/documentation/client-developers-guide/src/main/docbook/en-US/content/odbc.xml 2011-08-17 15:24:59 UTC (rev 3390)
@@ -203,21 +203,21 @@
Description = PostgreSQL Data Source
Servername = <Teiid Host name or ip>
Port = 35432
- Protocol = 7.4
+ Protocol = 7.4-1
UserName = <user-name>
Password = <password>
Database = <vdb-name>
ReadOnly = no
ServerType = Postgres
ConnSettings =
- UseServerSidePrepare=0
+ UseServerSidePrepare=1
ByteaAsLongVarBinary=1
Optimizer=0
Ksqo=0
- Trace = No
- TraceFile = /var/log/trace.log
- Debug = No
- DebugFile = /var/log/debug.log
+ Debug=0
+ Fetch = 10000
+ # enable below when dealing large resultsets
+ #UseDeclareFetch=1
]]></programlisting>
<para>Note that you need "sudo" permissions to edit the "/etc/odbc.ini" file.
13 years, 4 months
- 1
- 0
teiid SVN: r3389 - in branches/7.4.x: documentation/admin-guide/src/main/docbook/en-US/content and 2 other directories.
by teiid-commits@lists.jboss.org
Author: shawkins
Date: 2011-08-17 10:23:34 -0400 (Wed, 17 Aug 2011)
New Revision: 3389
Modified:
branches/7.4.x/common-core/src/main/java/org/teiid/core/util/ObjectConverterUtil.java
branches/7.4.x/documentation/admin-guide/src/main/docbook/en-US/content/appendix-c.xml
branches/7.4.x/runtime/src/main/java/org/teiid/transport/ODBCSocketListener.java
branches/7.4.x/runtime/src/main/java/org/teiid/transport/PgBackendProtocol.java
branches/7.4.x/test-integration/common/src/test/java/org/teiid/transport/TestODBCSocketTransport.java
Log:
TEIID-1715 simplifying odbc buffering logic
Modified: branches/7.4.x/common-core/src/main/java/org/teiid/core/util/ObjectConverterUtil.java
===================================================================
--- branches/7.4.x/common-core/src/main/java/org/teiid/core/util/ObjectConverterUtil.java 2011-08-17 01:23:42 UTC (rev 3388)
+++ branches/7.4.x/common-core/src/main/java/org/teiid/core/util/ObjectConverterUtil.java 2011-08-17 14:23:34 UTC (rev 3389)
@@ -118,6 +118,7 @@
while ((l_nbytes = is.read(l_buffer, 0, readLength)) != -1) {
if (length != -1 && writen > length - l_nbytes) {
out.write(l_buffer, 0, writen + l_nbytes - length);
+ writen = length;
break;
}
out.write(l_buffer,0,l_nbytes);
@@ -143,7 +144,7 @@
return write(out, is, new byte[DEFAULT_READING_SIZE], length, close); // buffer holding bytes to be transferred
}
- public static void write(final Writer out, final Reader is, int length) throws IOException {
+ public static int write(final Writer out, final Reader is, int length, boolean close) throws IOException {
int writen = 0;
try {
char[] l_buffer = new char[DEFAULT_READING_SIZE]; // buffer holding bytes to be transferred
@@ -151,16 +152,20 @@
while ((l_nbytes = is.read(l_buffer)) != -1) {
if (length != -1 && writen > length - l_nbytes) {
out.write(l_buffer, 0, writen + l_nbytes - length);
+ writen = length;
break;
}
out.write(l_buffer,0,l_nbytes);
writen += l_nbytes;
}
+ return writen;
} finally {
- try {
- is.close();
- } finally {
- out.close();
+ if (close) {
+ try {
+ is.close();
+ } finally {
+ out.close();
+ }
}
}
}
@@ -192,7 +197,7 @@
public static void write(final Reader reader, final File f) throws IOException {
f.getParentFile().mkdirs();
FileWriter fw = new FileWriter(f);
- write(fw, reader, -1);
+ write(fw, reader, -1, true);
}
public static void write(final InputStream is, final File f) throws IOException {
@@ -290,7 +295,7 @@
public static char[] convertToCharArray(Reader reader, int length) throws IOException {
StringWriter sb = new StringWriter();
- write(sb, reader, length);
+ write(sb, reader, length, true);
return sb.toString().toCharArray();
}
Modified: branches/7.4.x/documentation/admin-guide/src/main/docbook/en-US/content/appendix-c.xml
===================================================================
--- branches/7.4.x/documentation/admin-guide/src/main/docbook/en-US/content/appendix-c.xml 2011-08-17 01:23:42 UTC (rev 3388)
+++ branches/7.4.x/documentation/admin-guide/src/main/docbook/en-US/content/appendix-c.xml 2011-08-17 14:23:34 UTC (rev 3389)
@@ -30,5 +30,10 @@
If a traditional join is not possible (such as with NOT IN) a merge join version of the semijoin or antijoin will be considered by upon the costing information available.
</para>
</listitem>
+ <listitem>
+ <para><emphasis>org.teiid.ODBCPacketSize</emphasis> - defaults to 307200.
+ Target size in bytes of the ODBC results buffer. This is not a hard maximum, lobs and wide rows may use larger buffers.
+ </para>
+ </listitem>
</itemizedlist>
</appendix>
\ No newline at end of file
Modified: branches/7.4.x/runtime/src/main/java/org/teiid/transport/ODBCSocketListener.java
===================================================================
--- branches/7.4.x/runtime/src/main/java/org/teiid/transport/ODBCSocketListener.java 2011-08-17 01:23:42 UTC (rev 3388)
+++ branches/7.4.x/runtime/src/main/java/org/teiid/transport/ODBCSocketListener.java 2011-08-17 14:23:34 UTC (rev 3389)
@@ -34,6 +34,8 @@
import org.teiid.odbc.ODBCServerRemote;
public class ODBCSocketListener extends SocketListener {
+
+ private int maxBufferSize = Integer.parseInt(System.getProperty("org.teiid.ODBCPacketSize", "307200")); //$NON-NLS-1$ //$NON-NLS-2$
private ODBCServerRemote.AuthenticationType authType = ODBCServerRemote.AuthenticationType.CLEARTEXT;
private int maxLobSize;
private TeiidDriver driver;
@@ -56,6 +58,10 @@
public void setDriver(TeiidDriver driver) {
this.driver = driver;
}
+
+ public void setMaxBufferSize(int maxBufferSize) {
+ this.maxBufferSize = maxBufferSize;
+ }
@Override
protected SSLAwareChannelHandler createChannelPipelineFactory(final SSLConfiguration config, final StorageManager storageManager) {
@@ -64,7 +70,7 @@
ChannelPipeline pipeline = new DefaultChannelPipeline();
pipeline.addLast("odbcFrontendProtocol", new PgFrontendProtocol(1 << 20)); //$NON-NLS-1$
- pipeline.addLast("odbcBackendProtocol", new PgBackendProtocol(maxLobSize, config)); //$NON-NLS-1$
+ pipeline.addLast("odbcBackendProtocol", new PgBackendProtocol(maxLobSize, maxBufferSize, config)); //$NON-NLS-1$
pipeline.addLast("handler", this); //$NON-NLS-1$
return pipeline;
}
Modified: branches/7.4.x/runtime/src/main/java/org/teiid/transport/PgBackendProtocol.java
===================================================================
--- branches/7.4.x/runtime/src/main/java/org/teiid/transport/PgBackendProtocol.java 2011-08-17 01:23:42 UTC (rev 3388)
+++ branches/7.4.x/runtime/src/main/java/org/teiid/transport/PgBackendProtocol.java 2011-08-17 14:23:34 UTC (rev 3389)
@@ -1,4 +1,3 @@
-
/*
* JBoss, Home of Professional Open Source.
* See the COPYRIGHT.txt file distributed with this work for information
@@ -21,30 +20,13 @@
* 02110-1301 USA.
*/package org.teiid.transport;
-import static org.teiid.odbc.PGUtil.PG_TYPE_BOOL;
-import static org.teiid.odbc.PGUtil.PG_TYPE_BPCHAR;
-import static org.teiid.odbc.PGUtil.PG_TYPE_BYTEA;
-import static org.teiid.odbc.PGUtil.PG_TYPE_CHARARRAY;
-import static org.teiid.odbc.PGUtil.PG_TYPE_DATE;
-import static org.teiid.odbc.PGUtil.PG_TYPE_FLOAT4;
-import static org.teiid.odbc.PGUtil.PG_TYPE_FLOAT8;
-import static org.teiid.odbc.PGUtil.PG_TYPE_INT2;
-import static org.teiid.odbc.PGUtil.PG_TYPE_INT4;
-import static org.teiid.odbc.PGUtil.PG_TYPE_INT8;
-import static org.teiid.odbc.PGUtil.PG_TYPE_NUMERIC;
-import static org.teiid.odbc.PGUtil.PG_TYPE_OIDARRAY;
-import static org.teiid.odbc.PGUtil.PG_TYPE_OIDVECTOR;
-import static org.teiid.odbc.PGUtil.PG_TYPE_TEXT;
-import static org.teiid.odbc.PGUtil.PG_TYPE_TEXTARRAY;
-import static org.teiid.odbc.PGUtil.PG_TYPE_TIME;
-import static org.teiid.odbc.PGUtil.PG_TYPE_TIMESTAMP_NO_TMZONE;
-import static org.teiid.odbc.PGUtil.PG_TYPE_UNKNOWN;
-import static org.teiid.odbc.PGUtil.PG_TYPE_VARCHAR;
+import static org.teiid.odbc.PGUtil.*;
-import java.io.ByteArrayOutputStream;
-import java.io.DataOutputStream;
import java.io.IOException;
+import java.io.OutputStreamWriter;
+import java.io.Reader;
import java.io.StreamCorruptedException;
+import java.io.Writer;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.nio.charset.Charset;
@@ -61,6 +43,7 @@
import javax.net.ssl.SSLEngine;
import org.jboss.netty.buffer.ChannelBuffer;
+import org.jboss.netty.buffer.ChannelBufferOutputStream;
import org.jboss.netty.buffer.ChannelBuffers;
import org.jboss.netty.channel.ChannelDownstreamHandler;
import org.jboss.netty.channel.ChannelEvent;
@@ -72,7 +55,6 @@
import org.jboss.netty.handler.ssl.SslHandler;
import org.teiid.client.util.ResultsFuture;
import org.teiid.core.util.ObjectConverterUtil;
-import org.teiid.core.util.ReaderInputStream;
import org.teiid.core.util.ReflectionHelper;
import org.teiid.jdbc.ResultSetImpl;
import org.teiid.jdbc.TeiidSQLException;
@@ -108,9 +90,6 @@
}
}
- // 300k
- static int ODBC_SOCKET_BUFF_SIZE = Integer.parseInt(System.getProperty("ODBCPacketSize", "307200"));
-
private final class ResultsWorkItem implements Runnable {
private final List<PgColInfo> cols;
private final ResultSetImpl rs;
@@ -118,13 +97,13 @@
private int rows2Send;
private int rowsSent = 0;
private int rowsInBuffer = 0;
- private ChannelBuffer buffer = ChannelBuffers.directBuffer(ODBC_SOCKET_BUFF_SIZE);
private ResultsWorkItem(List<PgColInfo> cols, ResultSetImpl rs, ResultsFuture<Integer> result, int rows2Send) {
this.cols = cols;
this.rs = rs;
this.result = result;
this.rows2Send = rows2Send;
+ initBuffer(maxBufferSize / 8);
}
@Override
@@ -160,7 +139,7 @@
boolean processNext = true;
try {
if (future.get()) {
- sendDataRow(rs, cols, buffer);
+ sendDataRow(rs, cols);
rowsSent++;
rowsInBuffer++;
boolean done = rowsSent == rows2Send;
@@ -170,7 +149,7 @@
result.getResultsReceiver().receiveResults(rowsSent);
}
} else {
- sendContents(buffer);
+ sendContents();
result.getResultsReceiver().receiveResults(rowsSent);
processNext = false;
}
@@ -182,31 +161,33 @@
}
private void flushResults(boolean force) {
- int avgRowsize = buffer.readableBytes()/rowsInBuffer;
- if (force || buffer.writableBytes() < (avgRowsize*2)) {
- sendContents(buffer);
- buffer= ChannelBuffers.directBuffer(ODBC_SOCKET_BUFF_SIZE);
+ int avgRowsize = dataOut.writerIndex()/rowsInBuffer;
+ if (force || (maxBufferSize - dataOut.writerIndex()) < (avgRowsize*2)) {
+ sendContents();
+ initBuffer(maxBufferSize / 8);
rowsInBuffer = 0;
}
}
}
- private DataOutputStream dataOut;
- private ByteArrayOutputStream outBuffer;
- private char messageType;
+ private ChannelBuffer dataOut;
+ private OutputStreamWriter writer;
+
private Properties props;
private Charset encoding = Charset.forName("UTF-8");
private ReflectionHelper clientProxy = new ReflectionHelper(ODBCClientRemote.class);
private ChannelHandlerContext ctx;
private MessageEvent message;
private int maxLobSize = (2*1024*1024); // 2 MB
+ private final int maxBufferSize;
private volatile ResultsFuture<Boolean> nextFuture;
private SSLConfiguration config;
- public PgBackendProtocol(int maxLobSize, SSLConfiguration config) {
+ public PgBackendProtocol(int maxLobSize, int maxBufferSize, SSLConfiguration config) {
this.maxLobSize = maxLobSize;
+ this.maxBufferSize = maxBufferSize;
this.config = config;
}
@@ -246,42 +227,34 @@
@Override
public void useClearTextAuthentication() {
- try {
- sendAuthenticationCleartextPassword();
- } catch (IOException e) {
- terminate(e);
- }
+ sendAuthenticationCleartextPassword();
}
@Override
public void authenticationSucess(int processId, int screctKey) {
- try {
- sendAuthenticationOk();
- // server_version, server_encoding, client_encoding, application_name,
- // is_superuser, session_authorization, DateStyle, IntervalStyle, TimeZone,
- // integer_datetimes, and standard_conforming_strings.
- // (server_encoding, TimeZone, and integer_datetimes were not reported
- // by releases before 8.0; standard_conforming_strings was not reported by
- // releases before 8.1; IntervalStyle was not reported by releases before 8.4;
- // application_name was not reported by releases before 9.0.)
-
- sendParameterStatus("client_encoding", PGCharsetConverter.getEncoding(this.encoding));
- sendParameterStatus("DateStyle", this.props.getProperty("DateStyle", "ISO"));
- sendParameterStatus("integer_datetimes", "off");
- sendParameterStatus("is_superuser", "off");
- sendParameterStatus("server_encoding", "SQL_ASCII");
- sendParameterStatus("server_version", "8.1.4");
- sendParameterStatus("session_authorization", this.props.getProperty("user"));
- sendParameterStatus("standard_conforming_strings", "off");
- sendParameterStatus("application_name", this.props.getProperty("application_name", "ODBCClient"));
-
- // TODO PostgreSQL TimeZone
- sendParameterStatus("TimeZone", "CET");
-
- sendBackendKeyData(processId, screctKey);
- } catch (IOException e) {
- terminate(e);
- }
+ sendAuthenticationOk();
+ // server_version, server_encoding, client_encoding, application_name,
+ // is_superuser, session_authorization, DateStyle, IntervalStyle, TimeZone,
+ // integer_datetimes, and standard_conforming_strings.
+ // (server_encoding, TimeZone, and integer_datetimes were not reported
+ // by releases before 8.0; standard_conforming_strings was not reported by
+ // releases before 8.1; IntervalStyle was not reported by releases before 8.4;
+ // application_name was not reported by releases before 9.0.)
+
+ sendParameterStatus("client_encoding", PGCharsetConverter.getEncoding(this.encoding));
+ sendParameterStatus("DateStyle", this.props.getProperty("DateStyle", "ISO"));
+ sendParameterStatus("integer_datetimes", "off");
+ sendParameterStatus("is_superuser", "off");
+ sendParameterStatus("server_encoding", "SQL_ASCII");
+ sendParameterStatus("server_version", "8.1.4");
+ sendParameterStatus("session_authorization", this.props.getProperty("user"));
+ sendParameterStatus("standard_conforming_strings", "off");
+ sendParameterStatus("application_name", this.props.getProperty("application_name", "ODBCClient"));
+
+ // TODO PostgreSQL TimeZone
+ sendParameterStatus("TimeZone", "CET");
+
+ sendBackendKeyData(processId, screctKey);
}
@Override
@@ -296,29 +269,17 @@
@Override
public void errorOccurred(String msg) {
- try {
- sendErrorResponse(msg);
- } catch (IOException e) {
- terminate(e);
- }
+ sendErrorResponse(msg);
}
@Override
public void errorOccurred(Throwable t) {
- try {
- sendErrorResponse(t);
- } catch (IOException e) {
- terminate(e);
- }
+ sendErrorResponse(t);
}
@Override
public void ready(boolean inTransaction, boolean failedTransaction) {
- try {
- sendReadyForQuery(inTransaction, failedTransaction);
- } catch (IOException e) {
- terminate(e);
- }
+ sendReadyForQuery(inTransaction, failedTransaction);
}
public void setEncoding(String value) {
@@ -331,47 +292,35 @@
@Override
public void sendParameterDescription(ParameterMetaData meta, int[] paramType) {
try {
- try {
- int count = meta.getParameterCount();
- startMessage('t');
- writeShort(count);
- for (int i = 0; i < count; i++) {
- int type;
- if (paramType != null && paramType[i] != 0) {
- type = paramType[i];
- } else {
- type = convertType(meta.getParameterType(i+1));
- }
- writeInt(type);
+ int count = meta.getParameterCount();
+ startMessage('t');
+ writeShort(count);
+ for (int i = 0; i < count; i++) {
+ int type;
+ if (paramType != null && paramType[i] != 0) {
+ type = paramType[i];
+ } else {
+ type = convertType(meta.getParameterType(i+1));
}
- sendMessage();
- } catch (SQLException e) {
- sendErrorResponse(e);
- }
- } catch (IOException e) {
- terminate(e);
- }
+ writeInt(type);
+ }
+ sendMessage();
+ } catch (SQLException e) {
+ sendErrorResponse(e);
+ }
}
@Override
public void sendResultSetDescription(List<PgColInfo> cols) {
- try {
- sendRowDescription(cols);
- } catch (IOException e) {
- terminate(e);
- }
+ sendRowDescription(cols);
}
@Override
public void sendCursorResults(ResultSetImpl rs, List<PgColInfo> cols, ResultsFuture<Integer> result, int rowCount) {
- try {
- sendRowDescription(cols);
+ sendRowDescription(cols);
- ResultsWorkItem r = new ResultsWorkItem(cols, rs, result, rowCount);
- r.run();
- } catch (IOException e) {
- terminate(e);
- }
+ ResultsWorkItem r = new ResultsWorkItem(cols, rs, result, rowCount);
+ r.run();
}
@Override
@@ -383,48 +332,36 @@
@Override
public void sendMoveCursor(ResultSetImpl rs, int rowCount, ResultsFuture<Integer> results) {
try {
- try {
- int rowsMoved = 0;
- for (int i = 0; i < rowCount; i++) {
- if (!rs.next()) {
- break;
- }
- rowsMoved++;
- }
- results.getResultsReceiver().receiveResults(rowsMoved);
- } catch (SQLException e) {
- sendErrorResponse(e);
- }
- } catch (IOException e) {
- terminate(e);
+ int rowsMoved = 0;
+ for (int i = 0; i < rowCount; i++) {
+ if (!rs.next()) {
+ break;
+ }
+ rowsMoved++;
+ }
+ results.getResultsReceiver().receiveResults(rowsMoved);
+ } catch (SQLException e) {
+ sendErrorResponse(e);
}
}
@Override
public void sendResults(final String sql, final ResultSetImpl rs, List<PgColInfo> cols, ResultsFuture<Integer> result, boolean describeRows) {
- try {
- if (nextFuture != null) {
- sendErrorResponse(new IllegalStateException("Pending results have not been sent")); //$NON-NLS-1$
- }
-
- if (describeRows) {
- sendRowDescription(cols);
- }
- ResultsWorkItem r = new ResultsWorkItem(cols, rs, result, -1);
- r.run();
- sendCommandComplete(sql, 0);
- } catch (IOException e) {
- terminate(e);
+ if (nextFuture != null) {
+ sendErrorResponse(new IllegalStateException("Pending results have not been sent")); //$NON-NLS-1$
}
+
+ if (describeRows) {
+ sendRowDescription(cols);
+ }
+ ResultsWorkItem r = new ResultsWorkItem(cols, rs, result, -1);
+ r.run();
+ sendCommandComplete(sql, 0);
}
@Override
public void sendUpdateCount(String sql, int updateCount) {
- try {
- sendCommandComplete(sql, updateCount);
- } catch (IOException e) {
- terminate(e);
- }
+ sendCommandComplete(sql, updateCount);
}
@Override
@@ -435,24 +372,16 @@
@Override
public void terminated() {
- try {
- trace("channel being terminated");
- this.sendNoticeResponse("Connection closed");
- this.ctx.getChannel().close();
- } catch (IOException e) {
- trace(e.getMessage());
- }
+ trace("channel being terminated");
+ this.sendNoticeResponse("Connection closed");
+ this.ctx.getChannel().close();
}
@Override
public void flush() {
- try {
- this.dataOut.flush();
- this.dataOut = null;
- Channels.write(this.ctx.getChannel(), null);
- } catch (IOException e) {
- terminate(e);
- }
+ this.dataOut = null;
+ this.writer = null;
+ Channels.write(this.ctx.getChannel(), null);
}
@Override
@@ -471,7 +400,7 @@
}
@Override
- public void sendCommandComplete(String sql, int updateCount) throws IOException {
+ public void sendCommandComplete(String sql, int updateCount) {
startMessage('C');
sql = sql.trim().toUpperCase();
// TODO remove remarks at the beginning
@@ -508,32 +437,24 @@
sendMessage();
}
- private void sendDataRow(ResultSet rs, List<PgColInfo> cols, ChannelBuffer buffer) throws SQLException, IOException {
- startMessage('D');
+ private void sendDataRow(ResultSet rs, List<PgColInfo> cols) throws SQLException, IOException {
+ startMessage('D', -1);
+ int lengthIndex = this.dataOut.writerIndex() - 4;
writeShort(cols.size());
for (int i = 0; i < cols.size(); i++) {
- byte[] bytes = getContent(rs, cols.get(i), i+1);
- if (bytes == null) {
- writeInt(-1);
- } else {
- writeInt(bytes.length);
- write(bytes);
+ int dataBytesIndex = this.dataOut.writerIndex();
+ writeInt(-1);
+ getContent(rs, cols.get(i), i+1);
+ writer.flush();
+ if (!rs.wasNull()) {
+ int bytes = this.dataOut.writerIndex() - dataBytesIndex - 4;
+ this.dataOut.setInt(dataBytesIndex, bytes);
}
}
-
- byte[] buff = outBuffer.toByteArray();
- int len = buff.length;
- this.outBuffer = null;
- this.dataOut = null;
-
- // now build the wire contents.
- buffer.writeByte((byte)this.messageType);
- buffer.writeInt(len+4);
- buffer.writeBytes(buff);
+ this.dataOut.setInt(lengthIndex, this.dataOut.writerIndex() - lengthIndex);
}
- private byte[] getContent(ResultSet rs, PgColInfo col, int column) throws SQLException, TeiidSQLException, IOException {
- byte[] bytes = null;
+ private void getContent(ResultSet rs, PgColInfo col, int column) throws SQLException, TeiidSQLException, IOException {
switch (col.type) {
case PG_TYPE_BOOL:
case PG_TYPE_BPCHAR:
@@ -549,14 +470,19 @@
case PG_TYPE_VARCHAR:
String value = rs.getString(column);
if (value != null) {
- bytes = value.getBytes(this.encoding);
+ writer.write(value);
}
break;
case PG_TYPE_TEXT:
Clob clob = rs.getClob(column);
if (clob != null) {
- bytes = ObjectConverterUtil.convertToByteArray(new ReaderInputStream(clob.getCharacterStream(), this.encoding), this.maxLobSize);
+ Reader r = clob.getCharacterStream();
+ try {
+ ObjectConverterUtil.write(writer, r, this.maxLobSize, false);
+ } finally {
+ r.close();
+ }
}
break;
@@ -564,7 +490,8 @@
Blob blob = rs.getBlob(column);
if (blob != null) {
try {
- bytes = PGbytea.toPGString(ObjectConverterUtil.convertToByteArray(blob.getBinaryStream(), this.maxLobSize)).getBytes(this.encoding);
+ String blobString = PGbytea.toPGString(ObjectConverterUtil.convertToByteArray(blob.getBinaryStream(), this.maxLobSize));
+ writer.write(blobString);
} catch(OutOfMemoryError e) {
throw new StreamCorruptedException("data too big: " + e.getMessage()); //$NON-NLS-1$
}
@@ -577,25 +504,23 @@
{
Object[] obj = (Object[])rs.getObject(column);
if (obj != null) {
- StringBuilder sb = new StringBuilder();
- sb.append("{");
+ writer.append("{");
boolean first = true;
for (Object o:obj) {
if (!first) {
- sb.append(",");
+ writer.append(",");
}
else {
first = false;
}
if (col.type == PG_TYPE_TEXTARRAY) {
- escapeQuote(sb, o.toString());
+ escapeQuote(writer, o.toString());
}
else {
- sb.append(o.toString());
+ writer.append(o.toString());
}
}
- sb.append("}");
- bytes = sb.toString().getBytes(this.encoding);
+ writer.append("}");
}
}
break;
@@ -604,18 +529,16 @@
{
Object[] obj = (Object[])rs.getObject(column);
if (obj != null) {
- StringBuilder sb = new StringBuilder();
boolean first = true;
for (Object o:obj) {
if (!first) {
- sb.append(" ");
+ writer.append(" ");
}
else {
first = false;
}
- sb.append(o);
+ writer.append(o.toString());
}
- bytes = sb.toString().getBytes(this.encoding);
}
}
break;
@@ -623,10 +546,9 @@
default:
throw new TeiidSQLException("unknown datatype failed to convert");
}
- return bytes;
}
- public static void escapeQuote(StringBuilder sb, String s) {
+ public static void escapeQuote(Writer sb, String s) throws IOException {
sb.append('"');
for (int i = 0; i < s.length(); i++) {
char c = s.charAt(i);
@@ -649,7 +571,7 @@
} catch (GeneralSecurityException e) {
LogManager.logError(LogConstants.CTX_ODBC, e, RuntimePlugin.Util.getString("PgBackendProtocol.ssl_error"));
}
- ChannelBuffer buffer = ChannelBuffers.directBuffer(1);
+ ChannelBuffer buffer = ctx.getChannel().getConfig().getBufferFactory().getBuffer(1);
if (engine == null) {
buffer.writeByte('N');
} else {
@@ -659,7 +581,7 @@
Channels.write(this.ctx, this.message.getFuture(), buffer, this.message.getRemoteAddress());
}
- private void sendErrorResponse(Throwable t) throws IOException {
+ private void sendErrorResponse(Throwable t) {
trace(t.getMessage());
SQLException e = TeiidSQLException.create(t);
startMessage('E');
@@ -675,7 +597,7 @@
sendMessage();
}
- private void sendRowDescription(List<PgColInfo> cols) throws IOException {
+ private void sendRowDescription(List<PgColInfo> cols) {
startMessage('T');
writeShort(cols.size());
for (PgColInfo info : cols) {
@@ -705,7 +627,7 @@
}
}
- private void sendErrorResponse(String message) throws IOException {
+ private void sendErrorResponse(String message) {
trace("Exception:", message);
startMessage('E');
write('S');
@@ -718,7 +640,7 @@
sendMessage();
}
- private void sendNoticeResponse(String message) throws IOException {
+ private void sendNoticeResponse(String message) {
trace("notice:", message);
startMessage('N');
write('S');
@@ -744,19 +666,19 @@
sendMessage();
}
- private void sendAuthenticationCleartextPassword() throws IOException {
+ private void sendAuthenticationCleartextPassword() {
startMessage('R');
writeInt(3);
sendMessage();
}
- private void sendAuthenticationOk() throws IOException {
+ private void sendAuthenticationOk() {
startMessage('R');
writeInt(0);
sendMessage();
}
- private void sendReadyForQuery(boolean inTransaction, boolean failedTransaction) throws IOException {
+ private void sendReadyForQuery(boolean inTransaction, boolean failedTransaction) {
startMessage('Z');
char c;
if (failedTransaction) {
@@ -776,14 +698,14 @@
sendMessage();
}
- private void sendBackendKeyData(int processId, int screctKey) throws IOException {
+ private void sendBackendKeyData(int processId, int screctKey) {
startMessage('K');
writeInt(processId);
writeInt(screctKey);
sendMessage();
}
- private void sendParameterStatus(String param, String value) throws IOException {
+ private void sendParameterStatus(String param, String value) {
startMessage('S');
writeString(param);
writeString(value);
@@ -792,76 +714,74 @@
@Override
public void functionCallResponse(byte[] data) {
- try {
- startMessage('V');
- if (data == null) {
- writeInt(-1);
- }
- else {
- writeInt(data.length);
- write(data);
- }
- sendMessage();
- } catch (IOException e) {
- terminate(e);
- }
+ startMessage('V');
+ if (data == null) {
+ writeInt(-1);
+ }
+ else {
+ writeInt(data.length);
+ write(data);
+ }
+ sendMessage();
}
@Override
public void functionCallResponse(int data) {
- try {
- startMessage('V');
- writeInt(4);
- writeInt(data);
- sendMessage();
- } catch (IOException e) {
- terminate(e);
- }
+ startMessage('V');
+ writeInt(4);
+ writeInt(data);
+ sendMessage();
}
- private void writeString(String s) throws IOException {
+ private void writeString(String s) {
write(s.getBytes(this.encoding));
write(0);
}
- private void writeInt(int i) throws IOException {
+ private void writeInt(int i) {
dataOut.writeInt(i);
}
- private void writeShort(int i) throws IOException {
+ private void writeShort(int i) {
dataOut.writeShort(i);
}
- private void write(byte[] data) throws IOException {
- dataOut.write(data);
+ private void write(byte[] data) {
+ dataOut.writeBytes(data);
}
- private void write(int b) throws IOException {
- dataOut.write(b);
+ private void write(int b) {
+ dataOut.writeByte(b);
}
private void startMessage(char newMessageType) {
- this.messageType = newMessageType;
- this.outBuffer = new ByteArrayOutputStream();
- this.dataOut = new DataOutputStream(this.outBuffer);
+ startMessage(newMessageType, 32);
}
+ private void startMessage(char newMessageType, int estimatedLength) {
+ if (estimatedLength > -1) {
+ initBuffer(estimatedLength);
+ }
+ this.dataOut.writeByte((byte)newMessageType);
+ this.dataOut.writerIndex(this.dataOut.writerIndex() + 4);
+ }
+
+ private void initBuffer(int estimatedLength) {
+ this.dataOut = ChannelBuffers.dynamicBuffer(estimatedLength);
+ ChannelBufferOutputStream cbos = new ChannelBufferOutputStream(this.dataOut);
+ this.writer = new OutputStreamWriter(cbos, this.encoding);
+ }
+
private void sendMessage() {
- byte[] buff = outBuffer.toByteArray();
- int len = buff.length;
- this.outBuffer = null;
- this.dataOut = null;
-
- // now build the wire contents.
- ChannelBuffer buffer = ChannelBuffers.directBuffer(len+5);
- buffer.writeByte((byte)this.messageType);
- buffer.writeInt(len+4);
- buffer.writeBytes(buff);
- Channels.write(this.ctx, this.message.getFuture(), buffer, this.message.getRemoteAddress());
+ int pos = this.dataOut.writerIndex();
+ this.dataOut.setInt(1, pos - 1);
+ sendContents();
}
- private void sendContents(ChannelBuffer buffer) {
- Channels.write(this.ctx, this.message.getFuture(), buffer, this.message.getRemoteAddress());
+ private void sendContents() {
+ ChannelBuffer cb = this.dataOut;
+ this.dataOut = null;
+ Channels.write(this.ctx, this.message.getFuture(), cb, this.message.getRemoteAddress());
}
private static void trace(String... msg) {
Modified: branches/7.4.x/test-integration/common/src/test/java/org/teiid/transport/TestODBCSocketTransport.java
===================================================================
--- branches/7.4.x/test-integration/common/src/test/java/org/teiid/transport/TestODBCSocketTransport.java 2011-08-17 01:23:42 UTC (rev 3388)
+++ branches/7.4.x/test-integration/common/src/test/java/org/teiid/transport/TestODBCSocketTransport.java 2011-08-17 14:23:34 UTC (rev 3389)
@@ -128,7 +128,7 @@
config.setBindAddress(addr.getHostName());
config.setPortNumber(0);
odbcTransport = new ODBCSocketListener(config, BufferManagerFactory.getStandaloneBufferManager(), 0, 100000);
-
+ odbcTransport.setMaxBufferSize(100); //set to a small size to ensure buffering over the limit works
FakeServer server = new FakeServer();
server.setUseCallingThread(false);
server.deployVDB("parts", UnitTestUtil.getTestDataPath() + "/PartsSupplier.vdb");
13 years, 4 months
- 1
- 0
teiid SVN: r3388 - in branches/7.4.x: connectors/translator-salesforce/src/test/java/org/teiid/translator/salesforce/execution and 1 other directories.
by teiid-commits@lists.jboss.org
Author: shawkins
Date: 2011-08-16 21:23:42 -0400 (Tue, 16 Aug 2011)
New Revision: 3388
Added:
branches/7.4.x/connectors/translator-salesforce/src/test/java/org/teiid/translator/salesforce/execution/TestProcedureExecution.java
Modified:
branches/7.4.x/connectors/translator-salesforce/src/main/java/org/teiid/translator/salesforce/execution/ProcedureExecutionParentImpl.java
branches/7.4.x/engine/src/test/java/org/teiid/query/unittest/RealMetadataFactory.java
Log:
TEIID-1443 reapplying fix
Modified: branches/7.4.x/connectors/translator-salesforce/src/main/java/org/teiid/translator/salesforce/execution/ProcedureExecutionParentImpl.java
===================================================================
--- branches/7.4.x/connectors/translator-salesforce/src/main/java/org/teiid/translator/salesforce/execution/ProcedureExecutionParentImpl.java 2011-08-16 19:39:25 UTC (rev 3387)
+++ branches/7.4.x/connectors/translator-salesforce/src/main/java/org/teiid/translator/salesforce/execution/ProcedureExecutionParentImpl.java 2011-08-17 01:23:42 UTC (rev 3388)
@@ -71,14 +71,18 @@
@Override
public void execute() throws TranslatorException {
- if(getCommand().getProcedureName().endsWith("getUpdated")) {
+ String name = getCommand().getMetadataObject().getNameInSource();
+ if (name == null) {
+ name = getCommand().getProcedureName();
+ }
+ if("GetUpdated".equalsIgnoreCase(name)) { //$NON-NLS-1$
execution = new GetUpdatedExecutionImpl(this);
- execution.execute(this);
- }
- else if(getCommand().getProcedureName().endsWith("getDeleted")) {
+ } else if("GetDeleted".equalsIgnoreCase(name)) { //$NON-NLS-1$
execution = new GetDeletedExecutionImpl(this);
- execution.execute(this);
+ } else {
+ throw new AssertionError("Unknown procedure " + getCommand().getProcedureName() + " with name in source " + getCommand().getMetadataObject().getNameInSource()); //$NON-NLS-1$ //$NON-NLS-2$
}
+ execution.execute(this);
}
public void setCommand(Call command) {
Added: branches/7.4.x/connectors/translator-salesforce/src/test/java/org/teiid/translator/salesforce/execution/TestProcedureExecution.java
===================================================================
--- branches/7.4.x/connectors/translator-salesforce/src/test/java/org/teiid/translator/salesforce/execution/TestProcedureExecution.java (rev 0)
+++ branches/7.4.x/connectors/translator-salesforce/src/test/java/org/teiid/translator/salesforce/execution/TestProcedureExecution.java 2011-08-17 01:23:42 UTC (rev 3388)
@@ -0,0 +1,59 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.translator.salesforce.execution;
+
+import static org.junit.Assert.*;
+
+import java.util.Arrays;
+
+import javax.xml.datatype.XMLGregorianCalendar;
+
+import org.junit.Test;
+import org.mockito.Mockito;
+import org.teiid.cdk.api.TranslationUtility;
+import org.teiid.language.Call;
+import org.teiid.metadata.RuntimeMetadata;
+import org.teiid.translator.ExecutionContext;
+import org.teiid.translator.salesforce.SalesforceConnection;
+import org.teiid.translator.salesforce.execution.visitors.TestVisitors;
+
+@SuppressWarnings("nls")
+public class TestProcedureExecution {
+
+ private static TranslationUtility translationUtility = new TranslationUtility(TestVisitors.exampleSalesforce());
+
+ @Test public void testProcedureName() throws Exception {
+ Call command = (Call)translationUtility.parseCommand("exec getupdated('foo', {d '1970-01-01'}, {d '1990-01-01'})"); //$NON-NLS-1$
+ SalesforceConnection sfc = Mockito.mock(SalesforceConnection.class);
+ UpdatedResult ur = new UpdatedResult();
+ ur.setIDs(Arrays.asList("1", "2"));
+ Mockito.stub(sfc.getUpdated(Mockito.eq("foo"), (XMLGregorianCalendar)Mockito.anyObject(), (XMLGregorianCalendar)Mockito.anyObject())).toReturn(ur);
+ ProcedureExecutionParentImpl pepi = new ProcedureExecutionParentImpl(command, sfc, Mockito.mock(RuntimeMetadata.class), Mockito.mock(ExecutionContext.class));
+ pepi.execute();
+ assertNotNull(pepi.next());
+ assertNotNull(pepi.next());
+ assertNull(pepi.next());
+ pepi.close();
+ }
+
+}
Property changes on: branches/7.4.x/connectors/translator-salesforce/src/test/java/org/teiid/translator/salesforce/execution/TestProcedureExecution.java
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Modified: branches/7.4.x/engine/src/test/java/org/teiid/query/unittest/RealMetadataFactory.java
===================================================================
--- branches/7.4.x/engine/src/test/java/org/teiid/query/unittest/RealMetadataFactory.java 2011-08-16 19:39:25 UTC (rev 3387)
+++ branches/7.4.x/engine/src/test/java/org/teiid/query/unittest/RealMetadataFactory.java 2011-08-17 01:23:42 UTC (rev 3388)
@@ -1742,6 +1742,7 @@
public static Procedure createStoredProcedure(String name, Schema model, List<ProcedureParameter> params) {
Procedure proc = new Procedure();
proc.setName(name);
+ proc.setNameInSource(name);
if (params != null) {
int index = 1;
for (ProcedureParameter procedureParameter : params) {
13 years, 4 months
- 1
- 0
teiid SVN: r3387 - in trunk: documentation/admin-guide/src/main/docbook/en-US/content and 7 other directories.
by teiid-commits@lists.jboss.org
Author: shawkins
Date: 2011-08-16 15:39:25 -0400 (Tue, 16 Aug 2011)
New Revision: 3387
Modified:
trunk/client/src/main/java/org/teiid/client/security/LogonResult.java
trunk/documentation/admin-guide/src/main/docbook/en-US/content/security.xml
trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPWorkContext.java
trunk/engine/src/main/java/org/teiid/dqp/service/SessionService.java
trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java
trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java
trunk/runtime/src/main/java/org/teiid/odbc/ODBCServerRemoteImpl.java
trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java
trunk/runtime/src/main/java/org/teiid/transport/LogonImpl.java
Log:
TEIID-1610 minor changes to the initial check-in of GSSAPI support
Modified: trunk/client/src/main/java/org/teiid/client/security/LogonResult.java
===================================================================
--- trunk/client/src/main/java/org/teiid/client/security/LogonResult.java 2011-08-16 19:13:31 UTC (rev 3386)
+++ trunk/client/src/main/java/org/teiid/client/security/LogonResult.java 2011-08-16 19:39:25 UTC (rev 3387)
@@ -26,6 +26,7 @@
import java.io.IOException;
import java.io.ObjectInput;
import java.io.ObjectOutput;
+import java.io.OptionalDataException;
import java.util.HashMap;
import java.util.Map;
import java.util.TimeZone;
@@ -116,7 +117,11 @@
timeZone = (TimeZone)in.readObject();
clusterName = (String)in.readObject();
vdbVersion = in.readInt();
- addtionalProperties = ExternalizeUtil.readMap(in);
+ try {
+ addtionalProperties = ExternalizeUtil.readMap(in);
+ } catch (OptionalDataException e) {
+
+ }
}
@Override
Modified: trunk/documentation/admin-guide/src/main/docbook/en-US/content/security.xml
===================================================================
--- trunk/documentation/admin-guide/src/main/docbook/en-US/content/security.xml 2011-08-16 19:13:31 UTC (rev 3386)
+++ trunk/documentation/admin-guide/src/main/docbook/en-US/content/security.xml 2011-08-16 19:39:25 UTC (rev 3387)
@@ -1,5 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
+<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY % CustomDTD SYSTEM "../../../../../../docbook/custom.dtd">
+%CustomDTD;
+]>
<chapter id="custom_security">
<title>Teiid Security</title>
<para>The Teiid system provides a range of built-in and extensible security features to enable the
@@ -106,23 +109,21 @@
<section>
<title>Kerberos support through GSSAPI</title>
<para>Teiid supports kerberos authentication using GSSAPI, to be used with single sign-on applications.
- This service ticket negotiation based authentication is supported through remote JDBC and ODBC drivers and as
- well as in LocalConnections. However, configuration is varies for local connections vs remote connections</para>
+ This service ticket negotiation based authentication is supported through remote JDBC and ODBC drivers and LocalConnections.
+ Client configuration is different for all connection types.</para>
<section>
<title>LocalConnection</title>
- <para>For supporting kerberos through local connections, provide JDBC URL property <emphasis>PassthroughAuthentication</emphasis>
- as true and use the <ulink url="http://community.jboss.org/docs/DOC-10680">JBoss Negotiation</ulink> as
- authentication configure your web-application for kerberos. When the web application authenticates with the provided
+ <para>Set the JDBC URL property <emphasis>PassthroughAuthentication</emphasis>
+ as true and use <ulink url="http://community.jboss.org/docs/DOC-10680">JBoss Negotiation</ulink> for
+ authentication of your web-application with kerberos. When the web application authenticates with the provided
kerberos token, the same subject authenticated will be used in Teiid. For details about configuration, check the
JBoss Negotiation documentation.</para>
</section>
<section>
- <title>Remote JDBC Connection</title>
- <para>Server: For supporting the kerberos through jdbc from a remote client application, follow the below configuration.
- On the server, edit "{jboss-as}/server/{profile}/deploy/teiid/teiid-jboss-beans.xml" file, and make sure under
- "SessionService" bean definition the following properties are set.
+ <title>Remote Connections</title>
+ <para>On the server, edit the &jboss-beans; under the "SessionService" bean definition, as follows:
<programlisting><![CDATA[
<!-- Sets the authentication Type -->
<property name="authenticationType">KRB5</property>
@@ -130,12 +131,11 @@
<property name="krb5SecurityDomain">teiid-krb5</property>
]]></programlisting>
- Now we need to define security domain context for kerberos with name mentioned in above, and since the kerberos
- authorization can not define authorization roles, we need devise a way to define them using another login context.
- Given below is sample configuration to define roles using UserRolesLoginModule.
- Note that the below configuration replaces the default Teiid login configuration. Note to change the principal
- and key tab locations accordingly.
-
+ Now we need to define a security domain context for kerberos with the name mentioned in above.
+ Since kerberos authorization cannot define authorization roles, we'll define them using another login context.
+ Given below is a sample configuration to define roles using a UserRolesLoginModule.
+ <note><para>This configuration replaces the default Teiid login configuration, and you should change the principal
+ and key tab locations accordingly.</para></note>
<programlisting><![CDATA[
<!--login module that negotiates the login conext for kerberos -->
<application-policy xmlns="urn:jboss:security-beans:1.0" name="teiid-krb5">
@@ -166,51 +166,59 @@
</authentication>
</application-policy>
]]></programlisting>
- Edit "run.conf" or "run.conf.bat"file depending upon the environment in "${jboss-as}/bin" directory
- and add the following JVM options to startup script (note to change the realm and KDC settings according to your environment)
+ Edit the "run.conf" or "run.conf.bat" file depending upon the environment in the "${jboss-as}/bin" directory
+ and add the following JVM options (changing the realm and KDC settings according to your environment)
<programlisting><![CDATA[
JAVA_OPTS = "$JAVA_OPTS -Djava.security.krb5.realm=EXAMPLE.COM -Djava.security.krb5.kdc=kerberos.example.com -Djavax.security.auth.useSubjectCredsOnly=false"
]]></programlisting>
This finishes the configuration on the server side, restart the server and make sure that there were no errors during startup.
</para>
- <para>Client: The following configuration needs to be done on the Teiid client application VM. For client VM, JAAS
- configuration for kerberos authentication needs to be written. A sample configuration file (client.conf) is show below
-
- <programlisting><![CDATA[
- Client {
- com.sun.security.auth.module.Krb5LoginModule required
- useTicketCache=true
- storeKey=true
- useKeyTab=true
- keyTab="/path/to/krb5.keytab"
- doNotPrompt=false
- debug=false
- principal="demo(a)EXAMPLE.COM";
- };
- ]]></programlisting>
-
- Add the following JVM options to your client's startup script, note the change Realm and KDC settings according to
- your environment
- <programlisting><![CDATA[
- -Djava.security.krb5.realm=EXAMPLE.COM
- -Djava.security.krb5.kdc=kerberos.example.com
- -Djavax.security.auth.useSubjectCredsOnly=false
- -Dsun.security.krb5.debug=false
- -Djava.security.auth.login.config=/path/to/client.conf
- ]]></programlisting>
-
- Add the following URL connection properties to Teiid JDBC connection string
- <programlisting><![CDATA[
- authenticationType=KRB5;jaasName=Client;kerberosServicePrincipleName=demo(a)EXAMPLE.COM
- ]]></programlisting>
- There is no need to provide the user name and password, when the application is trying to make JDBC connection it
- will authenticate locally and use the same user credetinals to neogitiate service token with server and grant the
- connection. See Client Developer's guide for information on connection properties and how to configure data sources.
- </para>
- </section>
-
- </section>
+ <section>
+ <title>JDBC Client Configuration</title>
+ <para>In you client VM the JAAS
+ configuration for kerberos authentication needs to be written. A sample configuration file (client.conf) is show below
+
+ <programlisting><![CDATA[
+ Client {
+ com.sun.security.auth.module.Krb5LoginModule required
+ useTicketCache=true
+ storeKey=true
+ useKeyTab=true
+ keyTab="/path/to/krb5.keytab"
+ doNotPrompt=false
+ debug=false
+ principal="demo(a)EXAMPLE.COM";
+ };
+ ]]></programlisting>
+
+ Add the following JVM options to your client's startup script - change Realm and KDC settings according to
+ your environment
+ <programlisting><![CDATA[
+ -Djava.security.krb5.realm=EXAMPLE.COM
+ -Djava.security.krb5.kdc=kerberos.example.com
+ -Djavax.security.auth.useSubjectCredsOnly=false
+ -Dsun.security.krb5.debug=false
+ -Djava.security.auth.login.config=/path/to/client.conf
+ ]]></programlisting>
+
+ Add the following URL connection properties to Teiid JDBC connection string
+ <programlisting><![CDATA[
+ authenticationType=KRB5;jaasName=Client;kerberosServicePrincipleName=demo(a)EXAMPLE.COM
+ ]]></programlisting>
+ There is no need to provide the user name and password, when the application is trying to make JDBC connection it
+ will authenticate locally and use the same user credetinals to neogitiate service token with server and grant the
+ connection. See Client Developer's guide for information on connection properties and how to configure data sources.
+ </para>
+ </section>
+
+ </section>
+ </section>
+
+ <section>
+ <title>ODBC Client Configuration</title>
+ <para>Consult the PostgreSQL ODBC client documentation.</para>
+ </section>
<section>
<title>Security at Data Source level</title>
Modified: trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPWorkContext.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPWorkContext.java 2011-08-16 19:13:31 UTC (rev 3386)
+++ trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPWorkContext.java 2011-08-16 19:39:25 UTC (rev 3387)
@@ -207,7 +207,7 @@
DQPWorkContext.setWorkContext(this);
boolean associated = false;
if (securityHelper != null && this.getSubject() != null) {
- associated = securityHelper.assosiateSecurityContext(this.getSecurityDomain(), this.getSecurityContext());
+ associated = securityHelper.associateSecurityContext(this.getSecurityDomain(), this.getSecurityContext());
}
return associated;
}
Modified: trunk/engine/src/main/java/org/teiid/dqp/service/SessionService.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/dqp/service/SessionService.java 2011-08-16 19:13:31 UTC (rev 3386)
+++ trunk/engine/src/main/java/org/teiid/dqp/service/SessionService.java 2011-08-16 19:39:25 UTC (rev 3387)
@@ -23,7 +23,6 @@
package org.teiid.dqp.service;
import java.util.Collection;
-import java.util.List;
import java.util.Properties;
import javax.security.auth.Subject;
@@ -149,5 +148,5 @@
String getKrb5SecurityDomain();
- void assosiateSubjectInContext(String securityDomain, Subject subject);
+ void associateSubjectInContext(String securityDomain, Subject subject);
}
Modified: trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java 2011-08-16 19:13:31 UTC (rev 3386)
+++ trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java 2011-08-16 19:39:25 UTC (rev 3387)
@@ -28,7 +28,7 @@
public interface SecurityHelper {
- boolean assosiateSecurityContext(String securityDomain, Object context);
+ boolean associateSecurityContext(String securityDomain, Object context);
void clearSecurityContext(String securityDomain);
Modified: trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java
===================================================================
--- trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java 2011-08-16 19:13:31 UTC (rev 3386)
+++ trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java 2011-08-16 19:39:25 UTC (rev 3387)
@@ -36,7 +36,7 @@
private static final long serialVersionUID = 3598997061994110254L;
@Override
- public boolean assosiateSecurityContext(String securityDomain, Object newContext) {
+ public boolean associateSecurityContext(String securityDomain, Object newContext) {
SecurityContext context = SecurityActions.getSecurityContext();
if (context == null || (!context.getSecurityDomain().equals(securityDomain) && newContext != null)) {
SecurityActions.setSecurityContext((SecurityContext)newContext);
Modified: trunk/runtime/src/main/java/org/teiid/odbc/ODBCServerRemoteImpl.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/odbc/ODBCServerRemoteImpl.java 2011-08-16 19:13:31 UTC (rev 3386)
+++ trunk/runtime/src/main/java/org/teiid/odbc/ODBCServerRemoteImpl.java 2011-08-16 19:39:25 UTC (rev 3387)
@@ -21,7 +21,7 @@
*/
package org.teiid.odbc;
-import static org.teiid.odbc.PGUtil.convertType;
+import static org.teiid.odbc.PGUtil.*;
import java.io.IOException;
import java.io.StringReader;
@@ -207,7 +207,7 @@
else if (authType.equals(AuthenticationType.KRB5)) {
byte[] serviceToken = data.readServiceToken();
LogonResult result = this.logon.neogitiateGssLogin(this.props, serviceToken, false);
- if ((Boolean)result.getProperty(ILogon.KRB5_ESTABLISHED)) {
+ if (!Boolean.TRUE.equals(result.getProperty(ILogon.KRB5_ESTABLISHED))) {
serviceToken = (byte[])result.getProperty(ILogon.KRB5TOKEN);
this.client.authenticationGSSContinue(serviceToken);
return;
Modified: trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java 2011-08-16 19:13:31 UTC (rev 3386)
+++ trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java 2011-08-16 19:39:25 UTC (rev 3387)
@@ -424,13 +424,13 @@
}
@Override
- public void assosiateSubjectInContext(String securityDomain, Subject subject) {
+ public void associateSubjectInContext(String securityDomain, Subject subject) {
Principal principal = null;
for(Principal p:subject.getPrincipals()) {
principal = p;
break;
}
- this.securityHelper.assosiateSecurityContext(securityDomain, this.securityHelper.createSecurityContext(securityDomain, principal, null, subject));
+ this.securityHelper.associateSecurityContext(securityDomain, this.securityHelper.createSecurityContext(securityDomain, principal, null, subject));
}
public void setKrb5SecurityDomain(String domain) {
Modified: trunk/runtime/src/main/java/org/teiid/transport/LogonImpl.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/transport/LogonImpl.java 2011-08-16 19:13:31 UTC (rev 3386)
+++ trunk/runtime/src/main/java/org/teiid/transport/LogonImpl.java 2011-08-16 19:39:25 UTC (rev 3387)
@@ -174,7 +174,7 @@
LogManager.logDetail(LogConstants.CTX_SECURITY, "Kerberos context established"); //$NON-NLS-1$
//connProps.setProperty(TeiidURL.CONNECTION.PASSTHROUGH_AUTHENTICATION, "true"); //$NON-NLS-1$
- service.assosiateSubjectInContext(securityDomain, subject);
+ service.associateSubjectInContext(securityDomain, subject);
return logon(connProps, result.serviceTicket);
} catch (LoginException e) {
throw new LogonException(e, RuntimePlugin.Util.getString("krb5_login_failed")); //$NON-NLS-1$
13 years, 4 months
- 1
- 0
teiid SVN: r3386 - in trunk/client/src: test/java/org/teiid/jdbc and 1 other directory.
by teiid-commits@lists.jboss.org
Author: shawkins
Date: 2011-08-16 15:13:31 -0400 (Tue, 16 Aug 2011)
New Revision: 3386
Modified:
trunk/client/src/main/java/org/teiid/jdbc/BatchResults.java
trunk/client/src/test/java/org/teiid/jdbc/TestAllResultsImpl.java
trunk/client/src/test/java/org/teiid/jdbc/TestBatchResults.java
Log:
TEIID-1700 adding improved absolute positioning. Intermediate batches will no longer be read by the client to determine the final row.
Modified: trunk/client/src/main/java/org/teiid/jdbc/BatchResults.java
===================================================================
--- trunk/client/src/main/java/org/teiid/jdbc/BatchResults.java 2011-08-16 16:03:23 UTC (rev 3385)
+++ trunk/client/src/main/java/org/teiid/jdbc/BatchResults.java 2011-08-16 19:13:31 UTC (rev 3386)
@@ -187,11 +187,11 @@
}
if (row > 0) {
- //row is greater than highest, but the last row is not known
- while (row + offset > highestRowNumber && lastRowNumber == -1) {
- requestNextBatch();
+
+ if (row + offset > highestRowNumber && lastRowNumber == -1) {
+ requestBatchAndWait(row + offset);
}
-
+
if (row + offset <= highestRowNumber) {
setCurrentRowNumber(row);
return true;
@@ -203,9 +203,9 @@
row -= offset;
- while (lastRowNumber == -1) {
- requestNextBatch();
- }
+ if (lastRowNumber == -1) {
+ requestBatchAndWait(Integer.MAX_VALUE);
+ }
int positiveRow = lastRowNumber + row + 1;
Modified: trunk/client/src/test/java/org/teiid/jdbc/TestAllResultsImpl.java
===================================================================
--- trunk/client/src/test/java/org/teiid/jdbc/TestAllResultsImpl.java 2011-08-16 16:03:23 UTC (rev 3385)
+++ trunk/client/src/test/java/org/teiid/jdbc/TestAllResultsImpl.java 2011-08-16 19:13:31 UTC (rev 3386)
@@ -34,14 +34,13 @@
import java.util.Calendar;
import java.util.List;
import java.util.TimeZone;
-import java.util.concurrent.ExecutionException;
-import java.util.concurrent.TimeUnit;
-import java.util.concurrent.TimeoutException;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Matchers;
import org.mockito.Mockito;
+import org.mockito.invocation.InvocationOnMock;
+import org.mockito.stubbing.Answer;
import org.teiid.client.DQP;
import org.teiid.client.RequestMessage;
import org.teiid.client.ResultsMessage;
@@ -709,30 +708,27 @@
cs.next();
}
- static ResultSetImpl helpTestBatching(StatementImpl statement, int fetchSize, int batchLength,
- int totalLength) throws InterruptedException, ExecutionException,
- TeiidProcessingException, SQLException, TimeoutException {
+ static ResultSetImpl helpTestBatching(StatementImpl statement, final int fetchSize, final int batchLength,
+ final int totalLength) throws TeiidProcessingException, SQLException {
DQP dqp = statement.getDQP();
if (dqp == null) {
dqp = mock(DQP.class);
stub(statement.getDQP()).toReturn(dqp);
}
stub(statement.getFetchSize()).toReturn(fetchSize);
- for (int i = batchLength; i < totalLength; i += batchLength) {
- //forward requests
- ResultsFuture<ResultsMessage> nextBatch = mock(ResultsFuture.class);
- stub(nextBatch.get(Matchers.anyLong(), (TimeUnit)Matchers.anyObject())).toReturn(exampleResultsMsg4(i + 1, Math.min(batchLength, totalLength - i), fetchSize, i + batchLength >= totalLength));
- stub(dqp.processCursorRequest(REQUEST_ID, i + 1, fetchSize)).toReturn(nextBatch);
-
- if (i + batchLength < totalLength) {
- //backward requests
- ResultsFuture<ResultsMessage> previousBatch = mock(ResultsFuture.class);
- stub(previousBatch.get(Matchers.anyLong(), (TimeUnit)Matchers.anyObject())).toReturn(exampleResultsMsg4(i - batchLength + 1, i, fetchSize, false));
- stub(dqp.processCursorRequest(REQUEST_ID, i, fetchSize)).toReturn(previousBatch);
+ stub(dqp.processCursorRequest(Matchers.eq(REQUEST_ID), Matchers.anyInt(), Matchers.eq(fetchSize))).toAnswer(new Answer<ResultsFuture<ResultsMessage>>() {
+ @Override
+ public ResultsFuture<ResultsMessage> answer(
+ InvocationOnMock invocation) throws Throwable {
+ ResultsFuture<ResultsMessage> nextBatch = new ResultsFuture<ResultsMessage>();
+ int begin = Math.min(totalLength, (Integer)invocation.getArguments()[1]);
+ int length = Math.min(totalLength - begin + 1, batchLength);
+ nextBatch.getResultsReceiver().receiveResults(exampleResultsMsg4(begin, length, begin + length - 1>= totalLength));
+ return nextBatch;
}
- }
+ });
- ResultsMessage msg = exampleResultsMsg4(1, batchLength, fetchSize, batchLength == totalLength);
+ ResultsMessage msg = exampleResultsMsg4(1, batchLength, batchLength == totalLength);
return new ResultSetImpl(msg, statement, new ResultSetMetaDataImpl(new MetadataProvider(DeferredMetadataProvider.loadPartialMetadata(msg.getColumnNames(), msg.getDataTypes())), null), 0);
}
@@ -835,7 +831,7 @@
return exampleMessage(new List[0], new String[] { "IntNum", "StringNum" }, new String[] { JDBCSQLTypeInfo.INTEGER, JDBCSQLTypeInfo.STRING }); //$NON-NLS-1$ //$NON-NLS-2$
}
- private static ResultsMessage exampleResultsMsg4(int begin, int length, int fetchSize, boolean lastBatch) {
+ private static ResultsMessage exampleResultsMsg4(int begin, int length, boolean lastBatch) {
RequestMessage request = new RequestMessage();
request.setExecutionId(REQUEST_ID);
ResultsMessage resultsMsg = new ResultsMessage(request);
Modified: trunk/client/src/test/java/org/teiid/jdbc/TestBatchResults.java
===================================================================
--- trunk/client/src/test/java/org/teiid/jdbc/TestBatchResults.java 2011-08-16 16:03:23 UTC (rev 3385)
+++ trunk/client/src/test/java/org/teiid/jdbc/TestBatchResults.java 2011-08-16 19:13:31 UTC (rev 3386)
@@ -41,13 +41,13 @@
static class MockBatchFetcher implements BatchFetcher {
- private int totalRows = 50;
+ private int totalRows;
private boolean throwException;
private boolean useLastRow;
List<Integer> batchCalls = new ArrayList<Integer>();
public MockBatchFetcher() {
-
+ this(50);
}
public MockBatchFetcher(int totalRows) {
@@ -68,7 +68,11 @@
if (beginRow%10==0) {
endRow = beginRow - 9;
}
- if(beginRow > endRow) {
+ if (beginRow > totalRows) {
+ beginRow = totalRows + 1;
+ endRow = totalRows;
+ isLast = true;
+ } else if(beginRow > endRow) {
if(endRow < 1) {
endRow = 1;
}
@@ -76,7 +80,7 @@
beginRow = endRow;
endRow = i;
} else if(endRow > totalRows) {
- endRow = totalRows;
+ endRow = totalRows;
isLast = true;
}
Batch batch = new Batch(createBatch(beginRow, endRow), beginRow, endRow, isLast);
13 years, 4 months
- 1
- 0
teiid SVN: r3385 - in branches/7.4.x/engine/src: test/java/org/teiid/query/processor and 1 other directory.
by teiid-commits@lists.jboss.org
Author: shawkins
Date: 2011-08-16 12:03:23 -0400 (Tue, 16 Aug 2011)
New Revision: 3385
Modified:
branches/7.4.x/engine/src/main/java/org/teiid/query/processor/relational/TextTableNode.java
branches/7.4.x/engine/src/test/java/org/teiid/query/processor/TestTextTable.java
Log:
TEIID-1712 allowing for partial delimited lines
Modified: branches/7.4.x/engine/src/main/java/org/teiid/query/processor/relational/TextTableNode.java
===================================================================
--- branches/7.4.x/engine/src/main/java/org/teiid/query/processor/relational/TextTableNode.java 2011-08-16 14:37:23 UTC (rev 3384)
+++ branches/7.4.x/engine/src/main/java/org/teiid/query/processor/relational/TextTableNode.java 2011-08-16 16:03:23 UTC (rev 3385)
@@ -184,14 +184,16 @@
index = nameIndexes.get(col.getName());
}
if (index >= vals.size()) {
- throw new TeiidProcessingException(QueryPlugin.Util.getString("TextTableNode.no_value", col.getName(), textLine, systemId)); //$NON-NLS-1$
+ //throw new TeiidProcessingException(QueryPlugin.Util.getString("TextTableNode.no_value", col.getName(), textLine, systemId)); //$NON-NLS-1$
+ tuple.add(null);
+ } else {
+ val = vals.get(index);
+ try {
+ tuple.add(DataTypeManager.transformValue(val, table.getColumns().get(output).getSymbol().getType()));
+ } catch (TransformationException e) {
+ throw new TeiidProcessingException(e, QueryPlugin.Util.getString("TextTableNode.conversion_error", col.getName(), textLine, systemId)); //$NON-NLS-1$
+ }
}
- val = vals.get(index);
- try {
- tuple.add(DataTypeManager.transformValue(val, table.getColumns().get(output).getSymbol().getType()));
- } catch (TransformationException e) {
- throw new TeiidProcessingException(e, QueryPlugin.Util.getString("TextTableNode.conversion_error", col.getName(), textLine, systemId)); //$NON-NLS-1$
- }
}
addBatchRow(tuple);
}
Modified: branches/7.4.x/engine/src/test/java/org/teiid/query/processor/TestTextTable.java
===================================================================
--- branches/7.4.x/engine/src/test/java/org/teiid/query/processor/TestTextTable.java 2011-08-16 14:37:23 UTC (rev 3384)
+++ branches/7.4.x/engine/src/test/java/org/teiid/query/processor/TestTextTable.java 2011-08-16 16:03:23 UTC (rev 3385)
@@ -171,6 +171,17 @@
process(sql, expected);
}
+ @Test public void testMissingValues() throws Exception {
+ String sql = "select * from texttable('a,b\nc' COLUMNS c1 string, c2 string) x"; //$NON-NLS-1$
+
+ List[] expected = new List[] {
+ Arrays.asList("a", "b"),
+ Arrays.asList("c", null),
+ };
+
+ process(sql, expected);
+ }
+
@Test public void testQuote() throws Exception {
String sql = "select * from texttable(' \" a\", \" \"\" \"' COLUMNS c1 string, c2 string) x"; //$NON-NLS-1$
13 years, 4 months
- 1
- 0
teiid SVN: r3384 - branches/7.4.x/runtime/src/main/java/org/teiid/deployers.
by teiid-commits@lists.jboss.org
Author: shawkins
Date: 2011-08-16 10:37:23 -0400 (Tue, 16 Aug 2011)
New Revision: 3384
Modified:
branches/7.4.x/runtime/src/main/java/org/teiid/deployers/VDBRepository.java
Log:
TEIID-1708 triggering a redeploy of the master vdb during a merge
Modified: branches/7.4.x/runtime/src/main/java/org/teiid/deployers/VDBRepository.java
===================================================================
--- branches/7.4.x/runtime/src/main/java/org/teiid/deployers/VDBRepository.java 2011-08-16 14:25:21 UTC (rev 3383)
+++ branches/7.4.x/runtime/src/main/java/org/teiid/deployers/VDBRepository.java 2011-08-16 14:37:23 UTC (rev 3384)
@@ -302,9 +302,12 @@
if (target == null) {
throw new AdminProcessingException(RuntimePlugin.Util.getString("vdb_not_found", sourceVDBName, sourceVDBVersion)); //$NON-NLS-1$
}
-
+
+ notifyRemove(targetVDBName, targetVDBVersion);
// merge them
target.addChild(source);
+
+ notifyAdd(targetVDBName, targetVDBVersion);
}
// this is called by mc
13 years, 4 months
- 1
- 0
teiid SVN: r3383 - in branches/7.4.x/engine/src: main/java/org/teiid/query/xquery/saxon and 3 other directories.
by teiid-commits@lists.jboss.org
Author: shawkins
Date: 2011-08-16 10:25:21 -0400 (Tue, 16 Aug 2011)
New Revision: 3383
Modified:
branches/7.4.x/engine/src/main/java/org/teiid/query/validator/ValidationVisitor.java
branches/7.4.x/engine/src/main/java/org/teiid/query/xquery/saxon/SaxonXQueryExpression.java
branches/7.4.x/engine/src/main/java/org/teiid/query/xquery/saxon/StreamingUtils.java
branches/7.4.x/engine/src/main/resources/org/teiid/query/i18n.properties
branches/7.4.x/engine/src/test/java/org/teiid/query/processor/TestSQLXMLProcessing.java
branches/7.4.x/engine/src/test/java/org/teiid/query/validator/TestValidator.java
Log:
TEIID-1713 fix for not using the default namespace
Modified: branches/7.4.x/engine/src/main/java/org/teiid/query/validator/ValidationVisitor.java
===================================================================
--- branches/7.4.x/engine/src/main/java/org/teiid/query/validator/ValidationVisitor.java 2011-08-15 18:31:49 UTC (rev 3382)
+++ branches/7.4.x/engine/src/main/java/org/teiid/query/validator/ValidationVisitor.java 2011-08-16 14:25:21 UTC (rev 3383)
@@ -1337,6 +1337,8 @@
if (item.getPrefix() != null) {
if (item.getPrefix().equals("xml") || item.getPrefix().equals("xmlns")) { //$NON-NLS-1$ //$NON-NLS-2$
handleValidationError(QueryPlugin.Util.getString("ValidationVisitor.xml_namespaces_reserved"), obj); //$NON-NLS-1$
+ } else if (!Name11Checker.getInstance().isValidNCName(item.getPrefix())) {
+ handleValidationError(QueryPlugin.Util.getString("ValidationVisitor.xml_namespaces_invalid", item.getPrefix()), obj); //$NON-NLS-1$
}
if (item.getUri().length() == 0) {
handleValidationError(QueryPlugin.Util.getString("ValidationVisitor.xml_namespaces_null_uri"), obj); //$NON-NLS-1$
Modified: branches/7.4.x/engine/src/main/java/org/teiid/query/xquery/saxon/SaxonXQueryExpression.java
===================================================================
--- branches/7.4.x/engine/src/main/java/org/teiid/query/xquery/saxon/SaxonXQueryExpression.java 2011-08-15 18:31:49 UTC (rev 3382)
+++ branches/7.4.x/engine/src/main/java/org/teiid/query/xquery/saxon/SaxonXQueryExpression.java 2011-08-16 14:25:21 UTC (rev 3383)
@@ -90,6 +90,9 @@
@SuppressWarnings("serial")
public class SaxonXQueryExpression {
+ private static final String EMPTY_STRING = ""; //$NON-NLS-1$
+ static final String DEFAULT_PREFIX = "-"; //$NON-NLS-1$
+
public static final Properties DEFAULT_OUTPUT_PROPERTIES = new Properties();
{
DEFAULT_OUTPUT_PROPERTIES.setProperty(OutputKeys.METHOD, "xml"); //$NON-NLS-1$
@@ -170,17 +173,17 @@
this.xQueryString = xQueryString;
StaticQueryContext context = new StaticQueryContext(config);
IndependentContext ic = new IndependentContext(config);
- namespaceMap.put("", ""); //$NON-NLS-1$ //$NON-NLS-2$
+ namespaceMap.put(EMPTY_STRING, EMPTY_STRING);
if (namespaces != null) {
for (NamespaceItem item : namespaces.getNamespaceItems()) {
if (item.getPrefix() == null) {
if (item.getUri() == null) {
- context.setDefaultElementNamespace(""); //$NON-NLS-1$
- ic.setDefaultElementNamespace(""); //$NON-NLS-1$
+ context.setDefaultElementNamespace(EMPTY_STRING);
+ ic.setDefaultElementNamespace(EMPTY_STRING);
} else {
context.setDefaultElementNamespace(item.getUri());
ic.setDefaultElementNamespace(item.getUri());
- namespaceMap.put("", item.getUri()); //$NON-NLS-1$
+ namespaceMap.put(EMPTY_STRING, item.getUri());
}
} else {
context.declareNamespace(item.getPrefix(), item.getUri());
@@ -189,6 +192,7 @@
}
}
}
+ namespaceMap.put(DEFAULT_PREFIX, namespaceMap.get(EMPTY_STRING));
for (DerivedColumn derivedColumn : passing) {
if (derivedColumn.getAlias() == null) {
continue;
Modified: branches/7.4.x/engine/src/main/java/org/teiid/query/xquery/saxon/StreamingUtils.java
===================================================================
--- branches/7.4.x/engine/src/main/java/org/teiid/query/xquery/saxon/StreamingUtils.java 2011-08-15 18:31:49 UTC (rev 3382)
+++ branches/7.4.x/engine/src/main/java/org/teiid/query/xquery/saxon/StreamingUtils.java 2011-08-16 14:25:21 UTC (rev 3383)
@@ -82,7 +82,7 @@
"QName must not contain more than one colon: " //$NON-NLS-1$
+ "qname='" + localNames[i] + "', path='" + path + "'"); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
if (k <= 0) {
- fixedPath += " :"; //$NON-NLS-1$
+ fixedPath += SaxonXQueryExpression.DEFAULT_PREFIX+":"; //$NON-NLS-1$
} else {
String prefix = localNames[i].substring(0, k).trim();
if (k >= localNames[i].length() - 1)
Modified: branches/7.4.x/engine/src/main/resources/org/teiid/query/i18n.properties
===================================================================
--- branches/7.4.x/engine/src/main/resources/org/teiid/query/i18n.properties 2011-08-15 18:31:49 UTC (rev 3382)
+++ branches/7.4.x/engine/src/main/resources/org/teiid/query/i18n.properties 2011-08-16 14:25:21 UTC (rev 3383)
@@ -709,6 +709,7 @@
ValidationVisitor.xml_namespaces=At most only one NO DEFAULT or DEFAULT namespace may be specified.
ValidationVisitor.xml_namespaces_reserved=The namespaces xmlns and xml are reserved.
ValidationVisitor.xml_namespaces_null_uri=The null uri, or empty string, is not allowed as the uri value.
+ValidationVisitor.xml_namespaces_invalid=The namespace prefix {0} is not a valid NCName
ValidationVisitor.xml_attributes_reserved=The namespace xmlns is reserved.
ValidationVisitor.xml_content_type=The expression "{0}" is of OBJECT or BLOB type, which cannot be used as an XML or TEXT content value.
ValidationVisitor.xml_invalid_qname=The qname "{0}" is invalid.
Modified: branches/7.4.x/engine/src/test/java/org/teiid/query/processor/TestSQLXMLProcessing.java
===================================================================
--- branches/7.4.x/engine/src/test/java/org/teiid/query/processor/TestSQLXMLProcessing.java 2011-08-15 18:31:49 UTC (rev 3382)
+++ branches/7.4.x/engine/src/test/java/org/teiid/query/processor/TestSQLXMLProcessing.java 2011-08-16 14:25:21 UTC (rev 3383)
@@ -474,5 +474,17 @@
public static BlobType blobFromFile(final String file) {
return new BlobType(new BlobImpl(new InputStreamFactory.FileInputStreamFactory(UnitTestUtil.getTestDataFile(file))));
}
+
+ @Test public void testXmlTableWithDefault() throws Exception {
+ String sql = "select * from xmltable(XMLNAMESPACES(default 'http://x.y.com'), '/a/b' passing convert('<a xmlns=\"http://x.y.com\"><b>first</b><b x=\"attr\">second</b></a>', xml) columns x string path '@x', val string path '/.') as x"; //$NON-NLS-1$
+
+ List<?>[] expected = new List<?>[] {
+ Arrays.asList(null, "first"),
+ Arrays.asList("attr", "second"),
+ };
+
+ process(sql, expected);
+ }
+
}
Modified: branches/7.4.x/engine/src/test/java/org/teiid/query/validator/TestValidator.java
===================================================================
--- branches/7.4.x/engine/src/test/java/org/teiid/query/validator/TestValidator.java 2011-08-15 18:31:49 UTC (rev 3382)
+++ branches/7.4.x/engine/src/test/java/org/teiid/query/validator/TestValidator.java 2011-08-16 14:25:21 UTC (rev 3383)
@@ -1735,6 +1735,10 @@
@Test public void testXMLNamespaces() {
helpValidate("select xmlforest(xmlnamespaces(no default, default 'http://foo'), e1 as \"table\") from pm1.g1", new String[] {"XMLNAMESPACES(NO DEFAULT, DEFAULT 'http://foo')"}, RealMetadataFactory.example1Cached());
}
+
+ @Test public void testXMLNamespacesInvalid() {
+ helpValidate("select xmlforest(xmlnamespaces('http://foo' as \"1\"), e1 as \"table\") from pm1.g1", new String[] {"XMLNAMESPACES('http://foo' AS \"1\")"}, RealMetadataFactory.example1Cached());
+ }
@Test public void testXMLNamespacesReserved() {
helpValidate("select xmlforest(xmlnamespaces('http://foo' as xmlns), e1 as \"table\") from pm1.g1", new String[] {"XMLNAMESPACES('http://foo' AS xmlns)"}, RealMetadataFactory.example1Cached());
13 years, 4 months
- 1
- 0
teiid SVN: r3382 - in trunk: client/src/main/java/org/teiid and 20 other directories.
by teiid-commits@lists.jboss.org
Author: rareddy
Date: 2011-08-15 14:31:49 -0400 (Mon, 15 Aug 2011)
New Revision: 3382
Added:
trunk/client/src/main/java/org/teiid/gss/
trunk/client/src/main/java/org/teiid/gss/GSSCallbackHandler.java
trunk/client/src/main/java/org/teiid/gss/MakeGSS.java
trunk/jboss-integration/src/main/java/org/teiid/jboss/AssosiateCallerIdentityLoginModule.java
Modified:
trunk/build/kits/jboss-container/deploy/teiid/teiid-jboss-beans.xml
trunk/client/src/main/java/org/teiid/client/security/ILogon.java
trunk/client/src/main/java/org/teiid/client/security/LogonResult.java
trunk/client/src/main/java/org/teiid/jdbc/JDBCURL.java
trunk/client/src/main/java/org/teiid/jdbc/TeiidDataSource.java
trunk/client/src/main/java/org/teiid/net/TeiidURL.java
trunk/client/src/main/java/org/teiid/net/socket/SocketServerConnection.java
trunk/client/src/main/resources/org/teiid/jdbc/i18n.properties
trunk/client/src/test/java/org/teiid/jdbc/TestTeiidDriver.java
trunk/client/src/test/java/org/teiid/net/socket/TestSocketServerConnection.java
trunk/documentation/admin-guide/src/main/docbook/en-US/content/security.xml
trunk/documentation/client-developers-guide/src/main/docbook/en-US/content/jdbc-connection.xml
trunk/engine/src/main/java/org/teiid/dqp/service/SessionService.java
trunk/jboss-integration/src/main/java/org/teiid/jboss/deployers/RuntimeEngineDeployer.java
trunk/runtime/src/main/java/org/teiid/odbc/ODBCClientRemote.java
trunk/runtime/src/main/java/org/teiid/odbc/ODBCServerRemote.java
trunk/runtime/src/main/java/org/teiid/odbc/ODBCServerRemoteImpl.java
trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java
trunk/runtime/src/main/java/org/teiid/services/TeiidLoginContext.java
trunk/runtime/src/main/java/org/teiid/transport/LogonImpl.java
trunk/runtime/src/main/java/org/teiid/transport/ODBCClientInstance.java
trunk/runtime/src/main/java/org/teiid/transport/ODBCSocketListener.java
trunk/runtime/src/main/java/org/teiid/transport/PgBackendProtocol.java
trunk/runtime/src/main/java/org/teiid/transport/PgFrontendProtocol.java
trunk/runtime/src/main/resources/org/teiid/runtime/i18n.properties
trunk/runtime/src/test/java/org/teiid/transport/TestLogonImpl.java
trunk/runtime/src/test/java/org/teiid/transport/TestSocketRemoting.java
trunk/test-integration/common/src/test/java/org/teiid/transport/TestODBCSocketTransport.java
trunk/test-integration/pom.xml
Log:
TEIID-1610: Implementing the GSSAPI support for remote JDBC & ODBC clients in Teiid
Modified: trunk/build/kits/jboss-container/deploy/teiid/teiid-jboss-beans.xml
===================================================================
--- trunk/build/kits/jboss-container/deploy/teiid/teiid-jboss-beans.xml 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/build/kits/jboss-container/deploy/teiid/teiid-jboss-beans.xml 2011-08-15 18:31:49 UTC (rev 3382)
@@ -13,6 +13,10 @@
<property name="sessionMaxLimit">5000</property>
<!-- Max allowed time before the session is terminated by the system, 0 indicates unlimited (default 0) -->
<property name="sessionExpirationTimeLimit">0</property>
+ <!-- authentication type are CLEARTEXT, KRB5 (default:CLEARTEXT) -->
+ <property name="authenticationType">CLEARTEXT</property>
+ <!-- When authenticationType=KRB5, then it requires a kerberos security domain to authorize first before teiid-security takes over -->
+ <property name="krb5SecurityDomain">teiid-krb5</property>
</bean>
<bean name="BufferService" class="org.teiid.services.BufferServiceImpl">
@@ -256,10 +260,36 @@
<property name="authenticationMode">1-way</property>
</bean>
- <!-- teiid's default security domain, replace this with your own if needs to be any other JAAS domain -->
+ <!-- un-comment and edit for Kerberos login configuration (comment the original login config below)
+ <application-policy xmlns="urn:jboss:security-beans:1.0" name="teiid-krb5">
+ <authentication>
+ <login-module code="com.sun.security.auth.module.Krb5LoginModule" flag="required">
+ <module-option name="storeKey">true</module-option>
+ <module-option name="useKeyTab">true</module-option>
+ <module-option name="principal">demo(a)EXAMPLE.COM</module-option>
+ <module-option name="keyTab">/path/to/krb5.keytab</module-option>
+ <module-option name="doNotPrompt">true</module-option>
+ <module-option name="debug">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
<application-policy xmlns="urn:jboss:security-beans:1.0" name="teiid-security">
<authentication>
+ <login-module code="org.teiid.jboss.AssosiateCallerIdentityLoginModule" flag="required"/>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
+ <module-option name="password-stacking">useFirstPass</module-option>
+ <module-option name="usersProperties">props/teiid-security-users.properties</module-option>
+ <module-option name="rolesProperties">props/teiid-security-roles.properties</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ -->
+ <!-- teiid's default security domain, replace this with your own if needs to be any other JAAS domain -->
+ <application-policy xmlns="urn:jboss:security-beans:1.0" name="teiid-security">
+ <authentication>
+ <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
<!-- property files can found under conf/props directory -->
<module-option name="usersProperties">props/teiid-security-users.properties</module-option>
<module-option name="rolesProperties">props/teiid-security-roles.properties</module-option>
Modified: trunk/client/src/main/java/org/teiid/client/security/ILogon.java
===================================================================
--- trunk/client/src/main/java/org/teiid/client/security/ILogon.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/client/src/main/java/org/teiid/client/security/ILogon.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -34,9 +34,14 @@
* Generic logon interface.
*/
public interface ILogon {
+ static final String KRB5TOKEN = "KRB5TOKEN"; //$NON-NLS-1$
+ static final String KRB5_ESTABLISHED = "KRB5_CONTEXT_ESTABLISHED"; //$NON-NLS-1$
+
LogonResult logon(Properties connectionProperties)
throws LogonException, TeiidComponentException, CommunicationException;
-
+
+ LogonResult neogitiateGssLogin(Properties connectionProperties, byte[] serviceToken, boolean createSession) throws LogonException;
+
/**
* Ping the server to see if the client-server connection is alive.
* @throws InvalidSessionException if the sessionID is invalid
Modified: trunk/client/src/main/java/org/teiid/client/security/LogonResult.java
===================================================================
--- trunk/client/src/main/java/org/teiid/client/security/LogonResult.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/client/src/main/java/org/teiid/client/security/LogonResult.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -26,10 +26,14 @@
import java.io.IOException;
import java.io.ObjectInput;
import java.io.ObjectOutput;
+import java.util.HashMap;
+import java.util.Map;
import java.util.TimeZone;
+import org.teiid.core.util.ExternalizeUtil;
+
/**
* Dataholder for the result of <code>ILogon.logon()</code>.
* Contains a sessionID
@@ -44,8 +48,9 @@
private SessionToken sessionToken;
private String vdbName;
private int vdbVersion;
+ private Map<Object, Object> addtionalProperties;
- public LogonResult() {
+ public LogonResult() {
}
public LogonResult(SessionToken token, String vdbName, int vdbVersion, String clusterName) {
@@ -89,6 +94,20 @@
return vdbVersion;
}
+ public Object getProperty(String key) {
+ if (this.addtionalProperties == null) {
+ return null;
+ }
+ return addtionalProperties.get(key);
+ }
+
+ public void addProperty(String key, Object value) {
+ if (this.addtionalProperties == null) {
+ this.addtionalProperties = new HashMap<Object, Object>();
+ }
+ this.addtionalProperties.put(key, value);
+ }
+
@Override
public void readExternal(ObjectInput in) throws IOException,
ClassNotFoundException {
@@ -97,6 +116,7 @@
timeZone = (TimeZone)in.readObject();
clusterName = (String)in.readObject();
vdbVersion = in.readInt();
+ addtionalProperties = ExternalizeUtil.readMap(in);
}
@Override
@@ -106,6 +126,7 @@
out.writeObject(timeZone);
out.writeObject(clusterName);
out.writeInt(vdbVersion);
+ ExternalizeUtil.writeMap(out, addtionalProperties);
}
}
Added: trunk/client/src/main/java/org/teiid/gss/GSSCallbackHandler.java
===================================================================
--- trunk/client/src/main/java/org/teiid/gss/GSSCallbackHandler.java (rev 0)
+++ trunk/client/src/main/java/org/teiid/gss/GSSCallbackHandler.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -0,0 +1,85 @@
+/*-------------------------------------------------------------------------
+*
+* Copyright (c) 2008, PostgreSQL Global Development Group
+*
+* IDENTIFICATION
+* $PostgreSQL: pgjdbc/org/postgresql/gss/GSSCallbackHandler.java,v 1.2 2008/11/29 07:43:47 jurka Exp $
+*
+*-------------------------------------------------------------------------
+*/
+
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+package org.teiid.gss;
+
+import java.io.IOException;
+import javax.security.auth.callback.*;
+
+import org.teiid.jdbc.JDBCPlugin;
+
+public class GSSCallbackHandler implements CallbackHandler {
+
+ private final String user;
+ private final String password;
+
+ public GSSCallbackHandler(String user, String password)
+ {
+ this.user = user;
+ this.password = password;
+ }
+
+ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
+ {
+ for (int i=0; i<callbacks.length; i++) {
+ if (callbacks[i] instanceof TextOutputCallback) {
+ TextOutputCallback toc = (TextOutputCallback)callbacks[i];
+ switch (toc.getMessageType()) {
+ case TextOutputCallback.INFORMATION:
+ System.out.println("INFO: " + toc.getMessage());//$NON-NLS-1$
+ break;
+ case TextOutputCallback.ERROR:
+ System.out.println("ERROR: " + toc.getMessage()); //$NON-NLS-1$
+ break;
+ case TextOutputCallback.WARNING:
+ System.out.println("WARNING: " + toc.getMessage());//$NON-NLS-1$
+ break;
+ default:
+ throw new IOException("Unsupported message type: " + toc.getMessageType()); //$NON-NLS-1$
+ }
+ } else if (callbacks[i] instanceof NameCallback) {
+ NameCallback nc = (NameCallback)callbacks[i];
+ nc.setName(user);
+ } else if (callbacks[i] instanceof PasswordCallback) {
+ PasswordCallback pc = (PasswordCallback)callbacks[i];
+ if (password == null) {
+ throw new IOException(JDBCPlugin.Util.getString("no_krb_ticket")); //$NON-NLS-1$
+ }
+ pc.setPassword(password.toCharArray());
+ } else {
+ throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); //$NON-NLS-1$
+ }
+ }
+ }
+
+}
+
+
Property changes on: trunk/client/src/main/java/org/teiid/gss/GSSCallbackHandler.java
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Added: trunk/client/src/main/java/org/teiid/gss/MakeGSS.java
===================================================================
--- trunk/client/src/main/java/org/teiid/gss/MakeGSS.java (rev 0)
+++ trunk/client/src/main/java/org/teiid/gss/MakeGSS.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -0,0 +1,163 @@
+/*-------------------------------------------------------------------------
+*
+* Copyright (c) 2008, PostgreSQL Global Development Group
+*
+* IDENTIFICATION
+* $PostgreSQL: pgjdbc/org/postgresql/gss/MakeGSS.java,v 1.2.2.1 2009/08/18 03:37:08 jurka Exp $
+*
+*-------------------------------------------------------------------------
+*/
+
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.gss;
+
+import java.security.PrivilegedAction;
+import java.util.Properties;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
+
+import org.ietf.jgss.GSSContext;
+import org.ietf.jgss.GSSException;
+import org.ietf.jgss.GSSManager;
+import org.ietf.jgss.GSSName;
+import org.teiid.client.security.ILogon;
+import org.teiid.client.security.LogonException;
+import org.teiid.client.security.LogonResult;
+import org.teiid.core.TeiidComponentException;
+import org.teiid.jdbc.JDBCPlugin;
+import org.teiid.jdbc.TeiidSQLException;
+import org.teiid.net.CommunicationException;
+import org.teiid.net.TeiidURL;
+
+
+
+public class MakeGSS {
+
+ private static Logger logger = Logger.getLogger("org.teiid.jdbc"); //$NON-NLS-1$
+
+ public static LogonResult authenticate(ILogon logon, Properties props)
+ throws LogonException, TeiidComponentException, CommunicationException {
+ if (logger.isLoggable(Level.FINE)) {
+ logger.fine("GSS Authentication Request"); //$NON-NLS-1$
+ }
+
+ Object result = null;
+
+ String jaasApplicationName = props.getProperty(TeiidURL.CONNECTION.JAAS_NAME, "teiid"); //$NON-NLS-1$
+ String kerberosPrincipalName = props.getProperty(TeiidURL.CONNECTION.KERBEROS_SERVICE_PRINCIPLE_NAME, "teiid"); //$NON-NLS-1$
+ String user = props.getProperty(TeiidURL.CONNECTION.USER_NAME);
+ String password = props.getProperty(TeiidURL.CONNECTION.PASSWORD);
+
+ try {
+ LoginContext lc = new LoginContext(jaasApplicationName, new GSSCallbackHandler(user, password));
+ lc.login();
+
+ Subject sub = lc.getSubject();
+ PrivilegedAction action = new GssAction(logon, kerberosPrincipalName, props);
+ result = Subject.doAs(sub, action);
+ } catch (Exception e) {
+ throw new LogonException(e, JDBCPlugin.Util.getString("gss_auth_failed")); //$NON-NLS-1$
+ }
+
+ if (result instanceof LogonException)
+ throw (LogonException)result;
+ else if (result instanceof TeiidComponentException)
+ throw (TeiidComponentException)result;
+ else if (result instanceof CommunicationException)
+ throw (CommunicationException)result;
+ else if (result instanceof Exception)
+ throw new LogonException((Exception)result, JDBCPlugin.Util.getString("gss_auth_failed")); //$NON-NLS-1$
+
+ return (LogonResult)result;
+ }
+
+}
+
+class GssAction implements PrivilegedAction {
+
+ private static Logger logger = Logger.getLogger("org.teiid.jdbc"); //$NON-NLS-1$
+ private final ILogon logon;
+ private final String kerberosPrincipalName;
+ private Properties props;
+
+ public GssAction(ILogon pgStream, String kerberosPrincipalName, Properties props) {
+ this.logon = pgStream;
+ this.kerberosPrincipalName = kerberosPrincipalName;
+ this.props = props;
+ }
+
+ public Object run() {
+ byte outToken[] = null;
+
+ try {
+ org.ietf.jgss.Oid desiredMechs[] = new org.ietf.jgss.Oid[1];
+ desiredMechs[0] = new org.ietf.jgss.Oid("1.2.840.113554.1.2.2"); //$NON-NLS-1$
+
+ GSSManager manager = GSSManager.getInstance();
+
+ // null on second param means the serverName is already in the native format.
+ GSSName serverName = manager.createName(this.kerberosPrincipalName, null);
+
+ GSSContext secContext = manager.createContext(serverName, desiredMechs[0], null, GSSContext.DEFAULT_LIFETIME);
+ secContext.requestMutualAuth(true);
+ secContext.requestConf(true); // Will use confidentiality later
+ secContext.requestInteg(true); // Will use integrity later
+
+ byte inToken[] = new byte[0];
+
+ boolean established = false;
+ LogonResult result = null;
+ while (!established) {
+ outToken = secContext.initSecContext(inToken, 0, inToken.length);
+ if (outToken != null) {
+ if (logger.isLoggable(Level.FINE)) {
+ logger.fine("Sending Service Token to Server (GSS Authentication Token)"); //$NON-NLS-1$
+ }
+ result = logon.neogitiateGssLogin(this.props, outToken, true);
+ inToken = (byte[])result.getProperty(ILogon.KRB5TOKEN);
+ }
+
+ if (!secContext.isEstablished()) {
+ if (logger.isLoggable(Level.FINE)) {
+ logger.fine("Authentication GSS Continue"); //$NON-NLS-1$
+ }
+ } else {
+ established = true;
+ if (logger.isLoggable(Level.FINE)) {
+ logger.fine("Authentication GSS Established"); //$NON-NLS-1$
+ }
+ }
+ }
+ return result;
+ } catch (GSSException gsse) {
+ return TeiidSQLException.create(gsse, JDBCPlugin.Util.getString("gss_auth_failed")); //$NON-NLS-1$
+ } catch(Exception e) {
+ return e;
+ }
+ }
+}
+
Property changes on: trunk/client/src/main/java/org/teiid/gss/MakeGSS.java
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Modified: trunk/client/src/main/java/org/teiid/jdbc/JDBCURL.java
===================================================================
--- trunk/client/src/main/java/org/teiid/jdbc/JDBCURL.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/client/src/main/java/org/teiid/jdbc/JDBCURL.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -73,7 +73,10 @@
BaseDataSource.PASSWORD,
TeiidURL.CONNECTION.AUTO_FAILOVER,
TeiidURL.CONNECTION.DISCOVERY_STRATEGY,
- TeiidURL.CONNECTION.PASSTHROUGH_AUTHENTICATION));
+ TeiidURL.CONNECTION.PASSTHROUGH_AUTHENTICATION,
+ TeiidURL.CONNECTION.AUTHENTICATION_TYPE,
+ TeiidURL.CONNECTION.JAAS_NAME,
+ TeiidURL.CONNECTION.KERBEROS_SERVICE_PRINCIPLE_NAME));
props.addAll(EXECUTION_PROPERTIES);
return Collections.unmodifiableSet(props);
}
Modified: trunk/client/src/main/java/org/teiid/jdbc/TeiidDataSource.java
===================================================================
--- trunk/client/src/main/java/org/teiid/jdbc/TeiidDataSource.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/client/src/main/java/org/teiid/jdbc/TeiidDataSource.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -98,7 +98,21 @@
*/
private boolean passthroughAuthentication = false;
-
+ /**
+ * Authentication type to used from client. choices are simple - which is plain user/password; krb5 - kerberos
+ */
+ private String authenticationType;
+
+ /**
+ * Name of the jass configuration to use from the -Djava.security.auth.login.config=login.conf property
+ */
+ private String jaasName;
+
+ /**
+ * Name of Kerberos KDC service principle name
+ */
+ private String kerberosServicePrincipleName;
+
public TeiidDataSource() {
}
@@ -243,6 +257,16 @@
private Properties buildEmbeddedProperties(final String userName, final String password) {
Properties props = buildProperties(userName, password);
props.setProperty(TeiidURL.CONNECTION.PASSTHROUGH_AUTHENTICATION, Boolean.toString(this.passthroughAuthentication));
+
+ if (getAuthenticationType() != null) {
+ props.setProperty(TeiidURL.CONNECTION.AUTHENTICATION_TYPE, getAuthenticationType());
+ }
+ if (getJaasName() != null) {
+ props.setProperty(TeiidURL.CONNECTION.JAAS_NAME, getJaasName());
+ }
+ if (getKerberosServicePrincipleName() != null) {
+ props.setProperty(TeiidURL.CONNECTION.KERBEROS_SERVICE_PRINCIPLE_NAME, getKerberosServicePrincipleName());
+ }
return props;
}
@@ -466,6 +490,57 @@
*/
public void setPassthroughAuthentication(final boolean passthroughAuthentication) {
this.passthroughAuthentication = passthroughAuthentication;
- }
+ }
+
+ /**
+ * Authentication Type {simple, krb5} default:simple
+ * @return
+ */
+ public String getAuthenticationType() {
+ return authenticationType;
+ }
+
+ /**
+ * Authentication Type.
+ * @since 7.6
+ * @return
+ */
+ public void setAuthenticationType(final String authType) {
+ this.authenticationType = authType;
+ }
+
+ /**
+ * Application name from JAAS Login Config file
+ * @since 7.6
+ * @return
+ */
+ public String getJaasName() {
+ return jaasName;
+ }
+
+ /**
+ * Application name from JAAS Login Config file
+ * @since 7.6
+ */
+ public void setJaasName(String jaasApplicationName) {
+ this.jaasName = jaasApplicationName;
+ }
+
+ /**
+ * Kerberos KDC service principle name
+ * @since 7.6
+ * @return
+ */
+ public String getKerberosServicePrincipleName() {
+ return kerberosServicePrincipleName;
+ }
+
+ /**
+ * Kerberos KDC service principle name
+ * @since 7.6
+ */
+ public void setKerberosServicePrincipleName(String kerberosServerName) {
+ this.kerberosServicePrincipleName = kerberosServerName;
+ }
}
Modified: trunk/client/src/main/java/org/teiid/net/TeiidURL.java
===================================================================
--- trunk/client/src/main/java/org/teiid/net/TeiidURL.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/client/src/main/java/org/teiid/net/TeiidURL.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -82,6 +82,16 @@
public static final String ADMIN = "admin"; //$NON-NLS-1$
public static final String PASSTHROUGH_AUTHENTICATION = "PassthroughAuthentication"; //$NON-NLS-1$
+
+ public static final String AUTHENTICATION_TYPE = "authenticationType"; //$NON-NLS-1$
+
+ public static final String JAAS_NAME = "jaasName"; //$NON-NLS-1$
+
+ public static final String KERBEROS_SERVICE_PRINCIPLE_NAME = "kerberosServicePrincipleName"; //$NON-NLS-1$
+
+ public enum AuthenticationType {
+ CLEARTEXT,KRB5
+ };
}
public static final String DOT_DELIMITER = "."; //$NON-NLS-1$
Modified: trunk/client/src/main/java/org/teiid/net/socket/SocketServerConnection.java
===================================================================
--- trunk/client/src/main/java/org/teiid/net/socket/SocketServerConnection.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/client/src/main/java/org/teiid/net/socket/SocketServerConnection.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -49,12 +49,14 @@
import org.teiid.client.util.ResultsFuture;
import org.teiid.core.TeiidComponentException;
import org.teiid.core.TeiidException;
+import org.teiid.gss.MakeGSS;
import org.teiid.jdbc.JDBCPlugin;
import org.teiid.net.CommunicationException;
import org.teiid.net.ConnectionException;
import org.teiid.net.HostInfo;
import org.teiid.net.ServerConnection;
import org.teiid.net.TeiidURL;
+import org.teiid.net.TeiidURL.CONNECTION.AuthenticationType;
/**
@@ -166,8 +168,18 @@
private void logon(ILogon newLogon, boolean logoff) throws LogonException,
TeiidComponentException, CommunicationException {
- LogonResult newResult = newLogon.logon(connProps);
+
SocketServerInstance instance = this.serverInstance;
+ LogonResult newResult = null;
+
+ AuthenticationType authType = getAuthenticationType();
+ if (AuthenticationType.CLEARTEXT.equals(authType)) {
+ newResult = newLogon.logon(connProps);
+ }
+ else if (AuthenticationType.KRB5.equals(authType)) {
+ newResult = MakeGSS.authenticate(newLogon, connProps);
+ }
+
if (logoff) {
if ("7.3".compareTo(this.serverInstance.getServerVersion()) <= 0) { //$NON-NLS-1$
//just remove the current instance - the server has already logged off the current user
@@ -176,10 +188,19 @@
}
logoffAll();
}
+
this.logonResult = newResult;
this.logonResults.put(instance.getHostInfo(), this.logonResult);
this.connectionFactory.connected(instance, this.logonResult.getSessionToken());
}
+
+ private AuthenticationType getAuthenticationType() {
+ String authStr = this.connProps.getProperty(TeiidURL.CONNECTION.AUTHENTICATION_TYPE);
+ if (authStr == null) {
+ return AuthenticationType.CLEARTEXT;
+ }
+ return AuthenticationType.valueOf(authStr);
+ }
private ILogon connect(HostInfo hostInfo) throws CommunicationException,
IOException {
Modified: trunk/client/src/main/resources/org/teiid/jdbc/i18n.properties
===================================================================
--- trunk/client/src/main/resources/org/teiid/jdbc/i18n.properties 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/client/src/main/resources/org/teiid/jdbc/i18n.properties 2011-08-15 18:31:49 UTC (rev 3382)
@@ -150,3 +150,8 @@
TeiidURL.port_out_of_range=The port ''{0}'' is out of range.
BatchSerializer.datatype_mismatch=The modeled datatype {0} for column {1} doesn''t match the runtime type "{2}". Please ensure that the column''s modeled datatype matches the expected data.
+
+
+no_krb_ticket=No cached kerberos ticket found and/or no password supplied
+gss_auth_failed=GSS Authentication failed
+setup_failed=Protocol error. Session setup failed.
Modified: trunk/client/src/test/java/org/teiid/jdbc/TestTeiidDriver.java
===================================================================
--- trunk/client/src/test/java/org/teiid/jdbc/TestTeiidDriver.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/client/src/test/java/org/teiid/jdbc/TestTeiidDriver.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -138,7 +138,7 @@
@Test public void testGetPropertyInfo1() throws Exception {
DriverPropertyInfo info[] = drv.getPropertyInfo("jdbc:teiid:vdb@mm://localhost:12345;applicationName=x", null); //$NON-NLS-1$
- assertEquals(21, info.length);
+ assertEquals(24, info.length);
assertEquals(false, info[0].required);
assertEquals("ApplicationName", info[0].name); //$NON-NLS-1$
assertEquals("x", info[0].value); //$NON-NLS-1$
Modified: trunk/client/src/test/java/org/teiid/net/socket/TestSocketServerConnection.java
===================================================================
--- trunk/client/src/test/java/org/teiid/net/socket/TestSocketServerConnection.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/client/src/test/java/org/teiid/net/socket/TestSocketServerConnection.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -107,6 +107,12 @@
throws TeiidComponentException, CommunicationException {
return ping();
}
+
+ @Override
+ public LogonResult neogitiateGssLogin(Properties connectionProperties,
+ byte[] serviceToken, boolean createSession) throws LogonException {
+ return null;
+ }
}
/**
Modified: trunk/documentation/admin-guide/src/main/docbook/en-US/content/security.xml
===================================================================
--- trunk/documentation/admin-guide/src/main/docbook/en-US/content/security.xml 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/documentation/admin-guide/src/main/docbook/en-US/content/security.xml 2011-08-15 18:31:49 UTC (rev 3382)
@@ -102,6 +102,115 @@
If you want write your own Custom Login module, check out the Developer's Guide for instructions.
</para>
</section>
+
+ <section>
+ <title>Kerberos support through GSSAPI</title>
+ <para>Teiid supports kerberos authentication using GSSAPI, to be used with single sign-on applications.
+ This service ticket negotiation based authentication is supported through remote JDBC and ODBC drivers and as
+ well as in LocalConnections. However, configuration is varies for local connections vs remote connections</para>
+
+ <section>
+ <title>LocalConnection</title>
+ <para>For supporting kerberos through local connections, provide JDBC URL property <emphasis>PassthroughAuthentication</emphasis>
+ as true and use the <ulink url="http://community.jboss.org/docs/DOC-10680">JBoss Negotiation</ulink> as
+ authentication configure your web-application for kerberos. When the web application authenticates with the provided
+ kerberos token, the same subject authenticated will be used in Teiid. For details about configuration, check the
+ JBoss Negotiation documentation.</para>
+ </section>
+
+ <section>
+ <title>Remote JDBC Connection</title>
+ <para>Server: For supporting the kerberos through jdbc from a remote client application, follow the below configuration.
+ On the server, edit "{jboss-as}/server/{profile}/deploy/teiid/teiid-jboss-beans.xml" file, and make sure under
+ "SessionService" bean definition the following properties are set.
+ <programlisting><![CDATA[
+ <!-- Sets the authentication Type -->
+ <property name="authenticationType">KRB5</property>
+ <!-- Security domain used for kerberos authentication -->
+ <property name="krb5SecurityDomain">teiid-krb5</property>
+ ]]></programlisting>
+
+ Now we need to define security domain context for kerberos with name mentioned in above, and since the kerberos
+ authorization can not define authorization roles, we need devise a way to define them using another login context.
+ Given below is sample configuration to define roles using UserRolesLoginModule.
+ Note that the below configuration replaces the default Teiid login configuration. Note to change the principal
+ and key tab locations accordingly.
+
+ <programlisting><![CDATA[
+ <!--login module that negotiates the login conext for kerberos -->
+ <application-policy xmlns="urn:jboss:security-beans:1.0" name="teiid-krb5">
+ <authentication>
+ <login-module code="com.sun.security.auth.module.Krb5LoginModule" flag="required">
+ <module-option name="storeKey">true</module-option>
+ <module-option name="useKeyTab">true</module-option>
+ <module-option name="principal">demo(a)EXAMPLE.COM</module-option>
+ <module-option name="keyTab">path/to/krb5.keytab</module-option>
+ <module-option name="doNotPrompt">true</module-option>
+ <module-option name="debug">false</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- teiid's default security domain, replace this with your own if needs to be any other JAAS domain -->
+ <application-policy xmlns="urn:jboss:security-beans:1.0" name="teiid-security">
+ <authentication>
+ <!-- This module assosiates kerberos user with this login set of login modules -->
+ <login-module code="org.teiid.jboss.AssosiateCallerIdentityLoginModule" flag="required"/>
+ <!-- Login module used for defining roles for user authencated using kerberos, keep the users file empty
+ but provide roles in the roles file for users -->
+ <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
+ <module-option name="password-stacking">useFirstPass</module-option>
+ <module-option name="usersProperties">props/teiid-security-users.properties</module-option>
+ <module-option name="rolesProperties">props/teiid-security-roles.properties</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+ ]]></programlisting>
+ Edit "run.conf" or "run.conf.bat"file depending upon the environment in "${jboss-as}/bin" directory
+ and add the following JVM options to startup script (note to change the realm and KDC settings according to your environment)
+ <programlisting><![CDATA[
+ JAVA_OPTS = "$JAVA_OPTS -Djava.security.krb5.realm=EXAMPLE.COM -Djava.security.krb5.kdc=kerberos.example.com -Djavax.security.auth.useSubjectCredsOnly=false"
+ ]]></programlisting>
+ This finishes the configuration on the server side, restart the server and make sure that there were no errors during startup.
+ </para>
+
+ <para>Client: The following configuration needs to be done on the Teiid client application VM. For client VM, JAAS
+ configuration for kerberos authentication needs to be written. A sample configuration file (client.conf) is show below
+
+ <programlisting><![CDATA[
+ Client {
+ com.sun.security.auth.module.Krb5LoginModule required
+ useTicketCache=true
+ storeKey=true
+ useKeyTab=true
+ keyTab="/path/to/krb5.keytab"
+ doNotPrompt=false
+ debug=false
+ principal="demo(a)EXAMPLE.COM";
+ };
+ ]]></programlisting>
+
+ Add the following JVM options to your client's startup script, note the change Realm and KDC settings according to
+ your environment
+ <programlisting><![CDATA[
+ -Djava.security.krb5.realm=EXAMPLE.COM
+ -Djava.security.krb5.kdc=kerberos.example.com
+ -Djavax.security.auth.useSubjectCredsOnly=false
+ -Dsun.security.krb5.debug=false
+ -Djava.security.auth.login.config=/path/to/client.conf
+ ]]></programlisting>
+
+ Add the following URL connection properties to Teiid JDBC connection string
+ <programlisting><![CDATA[
+ authenticationType=KRB5;jaasName=Client;kerberosServicePrincipleName=demo(a)EXAMPLE.COM
+ ]]></programlisting>
+ There is no need to provide the user name and password, when the application is trying to make JDBC connection it
+ will authenticate locally and use the same user credetinals to neogitiate service token with server and grant the
+ connection. See Client Developer's guide for information on connection properties and how to configure data sources.
+ </para>
+ </section>
+
+ </section>
<section>
<title>Security at Data Source level</title>
Modified: trunk/documentation/client-developers-guide/src/main/docbook/en-US/content/jdbc-connection.xml
===================================================================
--- trunk/documentation/client-developers-guide/src/main/docbook/en-US/content/jdbc-connection.xml 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/documentation/client-developers-guide/src/main/docbook/en-US/content/jdbc-connection.xml 2011-08-15 18:31:49 UTC (rev 3382)
@@ -255,7 +255,45 @@
backwards compatibility when JDBC3 and older support is still required. Defaults to true.
</para>
</entry>
- </row>
+ </row>
+ <row>
+ <entry>
+ <code>authenticationType</code>
+ </entry>
+ <entry>
+ <code>String</code>
+ </entry>
+ <entry>
+ <para>Type of authentication to use. Valid values are CLEARTEXT (default) and KRB5 (kerberos). See
+ Admin Guide for configuration required for kerberos
+ </para>
+ </entry>
+ </row>
+ <row>
+ <entry>
+ <code>jaasName</code>
+ </entry>
+ <entry>
+ <code>String</code>
+ </entry>
+ <entry>
+ <para>JAAS configuration name. Only applies when configuring a kerberos authentication.
+ See Admin Guide for configuration required for kerberos</para>
+ </entry>
+ </row>
+ <row>
+ <entry>
+ <code>kerberosServicePrincipleName</code>
+ </entry>
+ <entry>
+ <code>String</code>
+ </entry>
+ <entry>
+ <para>Kerberos authenticated principle name. Only applies when configuring a kerberos authentication.
+ See Admin Guide for configuration required for kerberos</para>
+ </entry>
+ </row>
+
</tbody>
</tgroup>
</table>
Modified: trunk/engine/src/main/java/org/teiid/dqp/service/SessionService.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/dqp/service/SessionService.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/engine/src/main/java/org/teiid/dqp/service/SessionService.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -23,13 +23,17 @@
package org.teiid.dqp.service;
import java.util.Collection;
+import java.util.List;
import java.util.Properties;
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.teiid.adminapi.impl.SessionMetadata;
import org.teiid.client.security.InvalidSessionException;
import org.teiid.dqp.internal.process.DQPCore;
+import org.teiid.net.TeiidURL.CONNECTION.AuthenticationType;
import org.teiid.security.Credentials;
@@ -138,5 +142,12 @@
SessionMetadata getActiveSession(String sessionID);
void setDqp(DQPCore dqp);
+
+ LoginContext createLoginContext(String securityDomain, String user, String password) throws LoginException;
+ AuthenticationType getAuthType();
+
+ String getKrb5SecurityDomain();
+
+ void assosiateSubjectInContext(String securityDomain, Subject subject);
}
Added: trunk/jboss-integration/src/main/java/org/teiid/jboss/AssosiateCallerIdentityLoginModule.java
===================================================================
--- trunk/jboss-integration/src/main/java/org/teiid/jboss/AssosiateCallerIdentityLoginModule.java (rev 0)
+++ trunk/jboss-integration/src/main/java/org/teiid/jboss/AssosiateCallerIdentityLoginModule.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -0,0 +1,87 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.teiid.jboss;
+
+import java.security.Principal;
+import java.security.acl.Group;
+import java.util.Map;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.LoginException;
+
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SubjectInfo;
+import org.jboss.security.auth.spi.AbstractServerLoginModule;
+
+/**
+ * This login modules simply takes the subject in the current context and adds
+ * its principle to shared state. This is same as CallerIdentityLoginModule,
+ * just it does not extend the AbstractPasswordCredentialLoginModule
+ */
+public class AssosiateCallerIdentityLoginModule extends AbstractServerLoginModule {
+
+ private Principal principal;
+
+ public void initialize(Subject subject, CallbackHandler handler,
+ Map sharedState, Map options) {
+ super.initialize(subject, handler, sharedState, options);
+ }
+
+ /**
+ * Performs the login association between the caller and the resource for a
+ * 1 to 1 mapping. This acts as a login propagation strategy and is useful
+ * for single-sign on requirements
+ *
+ * @return True if authentication succeeds
+ * @throws LoginException
+ */
+ public boolean login() throws LoginException {
+
+ SecurityContext sc = SecurityActions.getSecurityContext();
+ SubjectInfo si = sc.getSubjectInfo();
+ Subject subject = si.getAuthenticatedSubject();
+
+ Set<Principal> principals = subject.getPrincipals();
+ this.principal = principals.iterator().next();
+
+ if (super.login() == true) {
+ return true;
+ }
+
+ // Put the principal name into the sharedState map
+ sharedState.put("javax.security.auth.login.name", principal.getName()); //$NON-NLS-1$
+ sharedState.put("javax.security.auth.login.password", ""); //$NON-NLS-1$ //$NON-NLS-2$
+ super.loginOk = true;
+
+ return true;
+ }
+
+ protected Principal getIdentity() {
+ return principal;
+ }
+
+ protected Group[] getRoleSets() throws LoginException {
+ return new Group[] {};
+ }
+}
Property changes on: trunk/jboss-integration/src/main/java/org/teiid/jboss/AssosiateCallerIdentityLoginModule.java
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Modified: trunk/jboss-integration/src/main/java/org/teiid/jboss/deployers/RuntimeEngineDeployer.java
===================================================================
--- trunk/jboss-integration/src/main/java/org/teiid/jboss/deployers/RuntimeEngineDeployer.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/jboss-integration/src/main/java/org/teiid/jboss/deployers/RuntimeEngineDeployer.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -244,7 +244,9 @@
if (this.odbcSocketConfiguration.getEnabled()) {
this.vdbRepository.odbcEnabled();
- this.odbcSocket = new ODBCSocketListener(this.odbcSocketConfiguration, this.dqpCore.getBufferManager(), offset, getMaxODBCLobSizeAllowed());
+ ODBCSocketListener odbc = new ODBCSocketListener(this.odbcSocketConfiguration, this.dqpCore.getBufferManager(), offset, getMaxODBCLobSizeAllowed(), this.logon);
+ odbc.setAuthenticationType(sessionService.getAuthType());
+ this.odbcSocket = odbc;
LogManager.logInfo(LogConstants.CTX_RUNTIME, IntegrationPlugin.Util.getString("odbc_enabled","Teiid ODBC - SSL=", (this.odbcSocketConfiguration.getSSLConfiguration().isSslEnabled()?"ON":"OFF")+" Host = "+this.odbcSocketConfiguration.getHostAddress().getHostName()+" Port = "+(this.odbcSocketConfiguration.getPortNumber()+offset))); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$ //$NON-NLS-4$ //$NON-NLS-5$ //$NON-NLS-6$
} else {
LogManager.logInfo(LogConstants.CTX_RUNTIME, IntegrationPlugin.Util.getString("odbc_not_enabled")); //$NON-NLS-1$
Modified: trunk/runtime/src/main/java/org/teiid/odbc/ODBCClientRemote.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/odbc/ODBCClientRemote.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/runtime/src/main/java/org/teiid/odbc/ODBCClientRemote.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -39,6 +39,12 @@
// AuthenticationCleartextPassword (B)
void useClearTextAuthentication();
+ // AuthenticationGSS (B)
+ void useAuthenticationGSS();
+
+ // AuthenticationGSSContinue (B)
+ void authenticationGSSContinue(byte[] serviceToken);
+
// AuthenticationOk (B)
// BackendKeyData (B)
// ParameterStatus (B)
@@ -101,9 +107,7 @@
// AuthenticationKerberosV5 (B)
// AuthenticationMD5Password (B)
// AuthenticationSCMCredential (B)
- // AuthenticationGSS (B)
// AuthenticationSSPI (B)
- // AuthenticationGSSContinue (B)
// CloseComplete (B)
Modified: trunk/runtime/src/main/java/org/teiid/odbc/ODBCServerRemote.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/odbc/ODBCServerRemote.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/runtime/src/main/java/org/teiid/odbc/ODBCServerRemote.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -23,12 +23,13 @@
import java.util.Properties;
+import org.teiid.transport.PgFrontendProtocol.NullTerminatedStringDataInputStream;
+
public interface ODBCServerRemote {
- enum AuthenticationType {CLEARTEXT, MD5};
void initialize(Properties props);
- void logon(String databaseName, String userid, String password);
+ void logon(String databaseName, String userid, NullTerminatedStringDataInputStream data);
void prepare(String prepareName, String sql, int[] paramType);
Modified: trunk/runtime/src/main/java/org/teiid/odbc/ODBCServerRemoteImpl.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/odbc/ODBCServerRemoteImpl.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/runtime/src/main/java/org/teiid/odbc/ODBCServerRemoteImpl.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -40,6 +40,9 @@
import java.util.regex.Matcher;
import java.util.regex.Pattern;
+import org.teiid.client.security.ILogon;
+import org.teiid.client.security.LogonException;
+import org.teiid.client.security.LogonResult;
import org.teiid.client.util.ResultsFuture;
import org.teiid.core.util.ApplicationInfo;
import org.teiid.core.util.StringUtil;
@@ -50,9 +53,11 @@
import org.teiid.jdbc.TeiidDriver;
import org.teiid.logging.LogConstants;
import org.teiid.logging.LogManager;
+import org.teiid.net.TeiidURL.CONNECTION.AuthenticationType;
import org.teiid.odbc.PGUtil.PgColInfo;
import org.teiid.runtime.RuntimePlugin;
import org.teiid.transport.ODBCClientInstance;
+import org.teiid.transport.PgFrontendProtocol.NullTerminatedStringDataInputStream;
/**
* While executing the multiple prepared statements I see this bug currently
@@ -165,11 +170,13 @@
private Map<String, Prepared> preparedMap = Collections.synchronizedMap(new HashMap<String, Prepared>());
private Map<String, Portal> portalMap = Collections.synchronizedMap(new HashMap<String, Portal>());
private Map<String, Cursor> cursorMap = Collections.synchronizedMap(new HashMap<String, Cursor>());
+ private ILogon logon;
- public ODBCServerRemoteImpl(ODBCClientInstance client, AuthenticationType authType, TeiidDriver driver) {
+ public ODBCServerRemoteImpl(ODBCClientInstance client, AuthenticationType authType, TeiidDriver driver, ILogon logon) {
this.driver = driver;
this.client = client.getClient();
this.authType = authType;
+ this.logon = logon;
}
@Override
@@ -181,18 +188,39 @@
if (this.authType.equals(AuthenticationType.CLEARTEXT)) {
this.client.useClearTextAuthentication();
}
- else if (this.authType.equals(AuthenticationType.MD5)) {
- // TODO: implement MD5 auth type
+ else if (this.authType.equals(AuthenticationType.KRB5)) {
+ this.client.useAuthenticationGSS();
}
}
@Override
- public void logon(String databaseName, String user, String password) {
+ public void logon(String databaseName, String user, NullTerminatedStringDataInputStream data) {
try {
- java.util.Properties info = new java.util.Properties();
- String url = "jdbc:teiid:"+databaseName+";ApplicationName=ODBC"; //$NON-NLS-1$ //$NON-NLS-2$
+ java.util.Properties info = new java.util.Properties();
info.put("user", user); //$NON-NLS-1$
- info.put("password", password); //$NON-NLS-1$
+
+ String password = null;
+ String passthroughAuthentication = ""; //$NON-NLS-1$
+ if (authType.equals(AuthenticationType.CLEARTEXT)) {
+ password = data.readString();
+ }
+ else if (authType.equals(AuthenticationType.KRB5)) {
+ byte[] serviceToken = data.readServiceToken();
+ LogonResult result = this.logon.neogitiateGssLogin(this.props, serviceToken, false);
+ if ((Boolean)result.getProperty(ILogon.KRB5_ESTABLISHED)) {
+ serviceToken = (byte[])result.getProperty(ILogon.KRB5TOKEN);
+ this.client.authenticationGSSContinue(serviceToken);
+ return;
+ }
+ passthroughAuthentication = ";PassthroughAuthentication=true"; //$NON-NLS-1$
+ }
+
+ String url = "jdbc:teiid:"+databaseName+";ApplicationName=ODBC"+passthroughAuthentication; //$NON-NLS-1$ //$NON-NLS-2$
+
+ if (password != null) {
+ info.put("password", password); //$NON-NLS-1$
+ }
+
this.connection = (ConnectionImpl)driver.connect(url, info);
int hash = this.connection.getConnectionId().hashCode();
Enumeration keys = this.props.propertyNames();
@@ -207,7 +235,13 @@
} catch (SQLException e) {
errorOccurred(e);
terminate();
- }
+ } catch(LogonException e) {
+ errorOccurred(e);
+ terminate();
+ } catch (IOException e) {
+ errorOccurred(e);
+ terminate();
+ }
}
private void cursorExecute(final String cursorName, final String sql, final ResultsFuture<Integer> completion) {
Modified: trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -22,6 +22,8 @@
package org.teiid.services;
+import java.io.IOException;
+import java.security.Principal;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
@@ -33,6 +35,12 @@
import java.util.TimerTask;
import java.util.concurrent.ConcurrentHashMap;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
@@ -55,6 +63,7 @@
import org.teiid.logging.LogManager;
import org.teiid.net.ServerConnection;
import org.teiid.net.TeiidURL;
+import org.teiid.net.TeiidURL.CONNECTION.AuthenticationType;
import org.teiid.runtime.RuntimePlugin;
import org.teiid.security.Credentials;
import org.teiid.security.SecurityHelper;
@@ -72,6 +81,8 @@
*/
private long sessionMaxLimit = DEFAULT_MAX_SESSIONS;
private long sessionExpirationTimeLimit = DEFAULT_SESSION_EXPIRATION;
+ private String authenticationType = AuthenticationType.CLEARTEXT.name();
+ private String krb5SecurityDomain;
/*
* Injected state
@@ -249,6 +260,31 @@
}
@Override
+ public LoginContext createLoginContext(final String securityDomain, final String user, final String password) throws LoginException{
+ CallbackHandler handler = new CallbackHandler() {
+ @Override
+ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+ for (int i = 0; i < callbacks.length; i++) {
+ if (callbacks[i] instanceof NameCallback) {
+ NameCallback nc = (NameCallback)callbacks[i];
+ nc.setName(user);
+ } else if (callbacks[i] instanceof PasswordCallback) {
+ PasswordCallback pc = (PasswordCallback)callbacks[i];
+ if (password != null) {
+ pc.setPassword(password.toCharArray());
+ }
+ } else {
+ throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); //$NON-NLS-1$
+ }
+ }
+ }
+ };
+
+ TeiidLoginContext context = new TeiidLoginContext(this.securityHelper);
+ return context.createLoginContext(securityDomain, handler);
+ }
+
+ @Override
public Collection<SessionMetadata> getActiveSessions() throws SessionServiceException {
return new ArrayList<SessionMetadata>(this.sessionCache.values());
}
@@ -333,8 +369,18 @@
public void setSessionExpirationTimeLimit(long limit) {
this.sessionExpirationTimeLimit = limit;
- }
+ }
+ @Override
+ public AuthenticationType getAuthType() {
+ return AuthenticationType.valueOf(this.authenticationType);
+ }
+
+ public void setAuthenticationType(String flag) {
+ this.authenticationType = flag;
+ LogManager.logInfo(LogConstants.CTX_SECURITY, "Authentication Type set to: "+flag); //$NON-NLS-1$
+ }
+
public void setSecurityDomains(String domainNameOrder) {
if (domainNameOrder != null && domainNameOrder.trim().length()>0) {
LogManager.logInfo(LogConstants.CTX_SECURITY, "Security Enabled: true"); //$NON-NLS-1$
@@ -345,7 +391,7 @@
}
}
}
-
+
public void setAdminSecurityDomain(String domain) {
this.adminSecurityDomains.add(domain);
LogManager.logInfo(LogConstants.CTX_SECURITY, "Admin Security Enabled: true"); //$NON-NLS-1$
@@ -376,4 +422,23 @@
public void setDqp(DQPCore dqp) {
this.dqp = dqp;
}
+
+ @Override
+ public void assosiateSubjectInContext(String securityDomain, Subject subject) {
+ Principal principal = null;
+ for(Principal p:subject.getPrincipals()) {
+ principal = p;
+ break;
+ }
+ this.securityHelper.assosiateSecurityContext(securityDomain, this.securityHelper.createSecurityContext(securityDomain, principal, null, subject));
+ }
+
+ public void setKrb5SecurityDomain(String domain) {
+ this.krb5SecurityDomain = domain;
+ }
+
+ @Override
+ public String getKrb5SecurityDomain(){
+ return this.krb5SecurityDomain;
+ }
}
Modified: trunk/runtime/src/main/java/org/teiid/services/TeiidLoginContext.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/services/TeiidLoginContext.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/runtime/src/main/java/org/teiid/services/TeiidLoginContext.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -137,7 +137,7 @@
return null;
}
- protected LoginContext createLoginContext(String domain, CallbackHandler handler) throws LoginException {
+ public LoginContext createLoginContext(String domain, CallbackHandler handler) throws LoginException {
return new LoginContext(domain, handler);
}
Modified: trunk/runtime/src/main/java/org/teiid/transport/LogonImpl.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/transport/LogonImpl.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/runtime/src/main/java/org/teiid/transport/LogonImpl.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -22,11 +22,18 @@
package org.teiid.transport;
+import java.security.PrivilegedAction;
import java.util.Collection;
import java.util.Properties;
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
+import org.ietf.jgss.GSSContext;
+import org.ietf.jgss.GSSCredential;
+import org.ietf.jgss.GSSException;
+import org.ietf.jgss.GSSManager;
import org.teiid.adminapi.impl.SessionMetadata;
import org.teiid.client.security.ILogon;
import org.teiid.client.security.InvalidSessionException;
@@ -34,7 +41,6 @@
import org.teiid.client.security.LogonResult;
import org.teiid.client.security.SessionToken;
import org.teiid.client.util.ResultsFuture;
-import org.teiid.core.ComponentNotFoundException;
import org.teiid.core.CoreConstants;
import org.teiid.core.TeiidComponentException;
import org.teiid.dqp.internal.process.DQPWorkContext;
@@ -44,6 +50,8 @@
import org.teiid.logging.LogManager;
import org.teiid.net.CommunicationException;
import org.teiid.net.TeiidURL;
+import org.teiid.net.TeiidURL.CONNECTION.AuthenticationType;
+import org.teiid.runtime.RuntimePlugin;
import org.teiid.security.Credentials;
@@ -57,8 +65,15 @@
this.clusterName = clusterName;
}
- public LogonResult logon(Properties connProps) throws LogonException,
- ComponentNotFoundException {
+ public LogonResult logon(Properties connProps) throws LogonException, TeiidComponentException, CommunicationException {
+ if (!AuthenticationType.CLEARTEXT.equals(service.getAuthType())) {
+ throw new LogonException(RuntimePlugin.Util.getString("wrong_logon_type_jaas")); //$NON-NLS-1$
+ }
+ return logon(connProps, null);
+ }
+
+
+ private LogonResult logon(Properties connProps, byte[] krb5ServiceTicket) throws LogonException {
DQPWorkContext workContext = DQPWorkContext.getWorkContext();
String oldSessionId = workContext.getSessionId();
String applicationName = connProps.getProperty(TeiidURL.CONNECTION.APP_NAME);
@@ -84,14 +99,88 @@
} catch (InvalidSessionException e) {
}
}
- return new LogonResult(sessionInfo.getSessionToken(), sessionInfo.getVDBName(), sessionInfo.getVDBVersion(), clusterName);
+ LogonResult result = new LogonResult(sessionInfo.getSessionToken(), sessionInfo.getVDBName(), sessionInfo.getVDBVersion(), clusterName);
+ if (krb5ServiceTicket != null) {
+ result.addProperty(ILogon.KRB5TOKEN, krb5ServiceTicket);
+ }
+ return result;
} catch (LoginException e) {
throw new LogonException(e.getMessage());
} catch (SessionServiceException e) {
throw new LogonException(e, e.getMessage());
}
}
-
+
+ class GssAction implements PrivilegedAction<GSSResult> {
+ byte[] serviceTicket;
+
+ public GssAction(byte[] ticket) {
+ this.serviceTicket = ticket;
+ }
+
+ @Override
+ public GSSResult run() {
+ GSSContext context = null;
+ try {
+ GSSManager manager = GSSManager.getInstance();
+ context = manager.createContext((GSSCredential)null);
+ this.serviceTicket = context.acceptSecContext(this.serviceTicket, 0, this.serviceTicket.length);
+ return new GSSResult(context, serviceTicket);
+ } catch (GSSException e) {
+ LogManager.logError(LogConstants.CTX_SECURITY, e, "Kerberos context login failed"); //$NON-NLS-1$
+ }
+ return null;
+ }
+ }
+
+ class GSSResult {
+ GSSContext context;
+ byte[] serviceTicket;
+ public GSSResult(GSSContext context, byte[] serviceTicket) {
+ this.context = context;
+ this.serviceTicket = serviceTicket;
+ }
+ }
+
+ @Override
+ public LogonResult neogitiateGssLogin(Properties connProps, byte[] serviceTicket, boolean createSession) throws LogonException {
+
+ if (!AuthenticationType.KRB5.equals(service.getAuthType())) {
+ throw new LogonException(RuntimePlugin.Util.getString("wrong_logon_type_krb5")); //$NON-NLS-1$
+ }
+
+ String user = connProps.getProperty(TeiidURL.CONNECTION.USER_NAME);
+ String password = connProps.getProperty(TeiidURL.CONNECTION.PASSWORD);
+
+ try {
+ String securityDomain = service.getKrb5SecurityDomain();
+ if (securityDomain == null) {
+ throw new LogonException(RuntimePlugin.Util.getString("no_security_domains")); //$NON-NLS-1$
+ }
+ // If this KRB5 and using keytab, user and password callback handler never gets called
+ LoginContext ctx = service.createLoginContext(securityDomain, user, password);
+ ctx.login();
+ Subject subject = ctx.getSubject();
+ GSSResult result = Subject.doAs(subject, new GssAction(serviceTicket));
+ if (result == null) {
+ throw new LogonException(RuntimePlugin.Util.getString("krb5_login_failed")); //$NON-NLS-1$
+ }
+ if (!result.context.isEstablished() || !createSession) {
+ LogonResult logonResult = new LogonResult(new SessionToken(0, "temp"), "internal", 0, "internal"); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ logonResult.addProperty(ILogon.KRB5TOKEN, result.serviceTicket);
+ logonResult.addProperty(ILogon.KRB5_ESTABLISHED, new Boolean(result.context.isEstablished()));
+ return logonResult;
+ }
+
+ LogManager.logDetail(LogConstants.CTX_SECURITY, "Kerberos context established"); //$NON-NLS-1$
+ //connProps.setProperty(TeiidURL.CONNECTION.PASSTHROUGH_AUTHENTICATION, "true"); //$NON-NLS-1$
+ service.assosiateSubjectInContext(securityDomain, subject);
+ return logon(connProps, result.serviceTicket);
+ } catch (LoginException e) {
+ throw new LogonException(e, RuntimePlugin.Util.getString("krb5_login_failed")); //$NON-NLS-1$
+ }
+ }
+
private String updateDQPContext(SessionMetadata s) {
String sessionID = s.getSessionId();
Modified: trunk/runtime/src/main/java/org/teiid/transport/ODBCClientInstance.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/transport/ODBCClientInstance.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/runtime/src/main/java/org/teiid/transport/ODBCClientInstance.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -28,12 +28,14 @@
import java.util.Arrays;
import java.util.concurrent.ConcurrentLinkedQueue;
+import org.teiid.client.security.ILogon;
import org.teiid.core.util.ReflectionHelper;
import org.teiid.jdbc.TeiidDriver;
import org.teiid.logging.LogConstants;
import org.teiid.logging.LogManager;
import org.teiid.logging.MessageLevel;
import org.teiid.net.CommunicationException;
+import org.teiid.net.TeiidURL.CONNECTION.AuthenticationType;
import org.teiid.net.socket.ObjectChannel;
import org.teiid.net.socket.ServiceInvocationStruct;
import org.teiid.odbc.ODBCClientRemote;
@@ -48,7 +50,7 @@
private ReflectionHelper serverProxy = new ReflectionHelper(ODBCServerRemote.class);
private ConcurrentLinkedQueue<PGRequest> messageQueue = new ConcurrentLinkedQueue<PGRequest>();
- public ODBCClientInstance(final ObjectChannel channel, ODBCServerRemote.AuthenticationType authType, TeiidDriver driver) {
+ public ODBCClientInstance(final ObjectChannel channel, AuthenticationType authType, TeiidDriver driver, ILogon logonService) {
this.client = (ODBCClientRemote)Proxy.newProxyInstance(this.getClass().getClassLoader(), new Class[] {ODBCClientRemote.class}, new InvocationHandler() {
@Override
public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
@@ -60,7 +62,7 @@
return null;
}
});
- this.server = new ODBCServerRemoteImpl(this, authType, driver) {
+ this.server = new ODBCServerRemoteImpl(this, authType, driver, logonService) {
@Override
protected synchronized void doneExecuting() {
super.doneExecuting();
Modified: trunk/runtime/src/main/java/org/teiid/transport/ODBCSocketListener.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/transport/ODBCSocketListener.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/runtime/src/main/java/org/teiid/transport/ODBCSocketListener.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -25,20 +25,22 @@
import org.jboss.netty.channel.ChannelPipeline;
import org.jboss.netty.channel.DefaultChannelPipeline;
+import org.teiid.client.security.ILogon;
import org.teiid.common.buffer.StorageManager;
import org.teiid.core.TeiidException;
import org.teiid.jdbc.EmbeddedProfile;
import org.teiid.jdbc.TeiidDriver;
import org.teiid.net.ServerConnection;
+import org.teiid.net.TeiidURL.CONNECTION.AuthenticationType;
import org.teiid.net.socket.ObjectChannel;
-import org.teiid.odbc.ODBCServerRemote;
public class ODBCSocketListener extends SocketListener {
- private ODBCServerRemote.AuthenticationType authType = ODBCServerRemote.AuthenticationType.CLEARTEXT;
+ private AuthenticationType authType = AuthenticationType.CLEARTEXT;
private int maxLobSize;
private TeiidDriver driver;
+ private ILogon logonService;
- public ODBCSocketListener(SocketConfiguration config, StorageManager storageManager, int portOffset, int maxLobSize) {
+ public ODBCSocketListener(SocketConfiguration config, StorageManager storageManager, int portOffset, int maxLobSize, ILogon logon) {
//the clientserviceregistry isn't actually used by ODBC
super(config, new ClientServiceRegistryImpl(ClientServiceRegistry.Type.ODBC), storageManager, portOffset);
this.maxLobSize = maxLobSize;
@@ -51,6 +53,7 @@
return new LocalServerConnection(info, false);
}
});
+ this.logonService = logon;
}
public void setDriver(TeiidDriver driver) {
@@ -73,11 +76,11 @@
@Override
public ChannelListener createChannelListener(ObjectChannel channel) {
- return new ODBCClientInstance(channel, this.authType, driver);
+ return new ODBCClientInstance(channel, this.authType, driver, logonService);
}
- public void setAuthenticationType(String value) {
- this.authType = ODBCServerRemote.AuthenticationType.valueOf(value);
+ public void setAuthenticationType(AuthenticationType value) {
+ this.authType = value;
}
}
Modified: trunk/runtime/src/main/java/org/teiid/transport/PgBackendProtocol.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/transport/PgBackendProtocol.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/runtime/src/main/java/org/teiid/transport/PgBackendProtocol.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -254,6 +254,24 @@
}
@Override
+ public void useAuthenticationGSS() {
+ try {
+ sendAuthenticationGSS();
+ } catch (IOException e) {
+ terminate(e);
+ }
+ }
+
+ @Override
+ public void authenticationGSSContinue(byte[] serviceToken) {
+ try {
+ sendAuthenticationGSSContinue(serviceToken);
+ } catch (IOException e) {
+ terminate(e);
+ }
+ }
+
+ @Override
public void authenticationSucess(int processId, int screctKey) {
try {
sendAuthenticationOk();
@@ -749,7 +767,20 @@
writeInt(3);
sendMessage();
}
-
+
+ private void sendAuthenticationGSS() throws IOException {
+ startMessage('R');
+ writeInt(7);
+ sendMessage();
+ }
+
+ private void sendAuthenticationGSSContinue(byte[] serviceToken) throws IOException {
+ startMessage('R');
+ writeInt(8);
+ write(serviceToken);
+ sendMessage();
+ }
+
private void sendAuthenticationOk() throws IOException {
startMessage('R');
writeInt(0);
@@ -918,6 +949,5 @@
default:
return PG_TYPE_UNKNOWN;
}
- }
-
+ }
}
Modified: trunk/runtime/src/main/java/org/teiid/transport/PgFrontendProtocol.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/transport/PgFrontendProtocol.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/runtime/src/main/java/org/teiid/transport/PgFrontendProtocol.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -131,7 +131,7 @@
byte[] data = createByteArray(this.dataLength - 4);
buffer.readBytes(data);
- createRequestMessage(this.messageType, new NullTerminatedStringDataInputStream(new DataInputStream(new ByteArrayInputStream(data, 0, this.dataLength-4)), this.encoding));
+ createRequestMessage(this.messageType, new NullTerminatedStringDataInputStream(data, new DataInputStream(new ByteArrayInputStream(data, 0, this.dataLength-4)), this.encoding));
this.dataLength = null;
this.messageType = null;
return message;
@@ -223,8 +223,7 @@
}
private Object buildLogin(NullTerminatedStringDataInputStream data) throws IOException{
- String password = data.readString();
- this.odbcProxy.logon(this.databaseName, this.user, password);
+ this.odbcProxy.logon(this.databaseName, this.user, data);
return message;
}
@@ -403,12 +402,14 @@
ServiceInvocationStruct struct;
}
- static class NullTerminatedStringDataInputStream extends DataInputStream{
+ public static class NullTerminatedStringDataInputStream extends DataInputStream{
private Charset encoding;
+ private byte[] rawData;
- public NullTerminatedStringDataInputStream(DataInputStream in, Charset encoding) {
+ public NullTerminatedStringDataInputStream(byte[] rawData, DataInputStream in, Charset encoding) {
super(in);
this.encoding = encoding;
+ this.rawData = rawData;
}
public String readString() throws IOException {
@@ -422,6 +423,10 @@
}
return new String(buff.toByteArray(), this.encoding);
}
+
+ public byte[] readServiceToken() {
+ return this.rawData;
+ }
}
private static void trace(Object... msg) {
Modified: trunk/runtime/src/main/resources/org/teiid/runtime/i18n.properties
===================================================================
--- trunk/runtime/src/main/resources/org/teiid/runtime/i18n.properties 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/runtime/src/main/resources/org/teiid/runtime/i18n.properties 2011-08-15 18:31:49 UTC (rev 3382)
@@ -94,4 +94,8 @@
SSLConfiguration.no_anonymous=The anonymous cipher suite TLS_DH_anon_WITH_AES_128_CBC_SHA is not available. Please change the transport to be non-SSL or use non-anonymous SSL.
execution_failed=Cursor execution failed
-PgBackendProtocol.ssl_error=Could not initialize ODBC SSL. non-SSL connections will still be allowed.
\ No newline at end of file
+PgBackendProtocol.ssl_error=Could not initialize ODBC SSL. non-SSL connections will still be allowed.
+wrong_logon_type_jaas = Wrong logon method is being used. Server is not set up for JAAS based authentication. Correct your client's 'AuthenticationType' property.
+wrong_logon_type_krb5 = Wrong logon method is being used. Server is not set up for Kerberos based authentication. Correct your client's 'AuthenticationType' property.
+krb5_login_failed=Kerberos context login failed
+no_security_domains=No security domain configured for Kerberos authentication. Can not authenticate.
\ No newline at end of file
Modified: trunk/runtime/src/test/java/org/teiid/transport/TestLogonImpl.java
===================================================================
--- trunk/runtime/src/test/java/org/teiid/transport/TestLogonImpl.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/runtime/src/test/java/org/teiid/transport/TestLogonImpl.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -34,12 +34,14 @@
import org.teiid.dqp.internal.process.DQPWorkContext;
import org.teiid.dqp.service.SessionService;
import org.teiid.net.TeiidURL;
+import org.teiid.net.TeiidURL.CONNECTION.AuthenticationType;
public class TestLogonImpl extends TestCase {
public void testLogonResult() throws Exception {
SessionService ssi = Mockito.mock(SessionService.class);
+ Mockito.stub(ssi.getAuthType()).toReturn(AuthenticationType.CLEARTEXT);
DQPWorkContext.setWorkContext(new DQPWorkContext());
String userName = "Fred"; //$NON-NLS-1$
String applicationName = "test"; //$NON-NLS-1$
Modified: trunk/runtime/src/test/java/org/teiid/transport/TestSocketRemoting.java
===================================================================
--- trunk/runtime/src/test/java/org/teiid/transport/TestSocketRemoting.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/runtime/src/test/java/org/teiid/transport/TestSocketRemoting.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -193,6 +193,13 @@
TeiidComponentException {
}
+ @Override
+ public LogonResult neogitiateGssLogin(
+ Properties connectionProperties, byte[] serviceToken, boolean createSession)
+ throws LogonException {
+ return null;
+ }
+
}, "foo"); //$NON-NLS-1$
csr.registerClientService(FakeService.class, new FakeServiceImpl(), "foo"); //$NON-NLS-1$
final FakeClientServerInstance serverInstance = new FakeClientServerInstance(csr);
Modified: trunk/test-integration/common/src/test/java/org/teiid/transport/TestODBCSocketTransport.java
===================================================================
--- trunk/test-integration/common/src/test/java/org/teiid/transport/TestODBCSocketTransport.java 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/test-integration/common/src/test/java/org/teiid/transport/TestODBCSocketTransport.java 2011-08-15 18:31:49 UTC (rev 3382)
@@ -47,7 +47,9 @@
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
+import org.mockito.Mockito;
import org.postgresql.Driver;
+import org.teiid.client.security.ILogon;
import org.teiid.common.buffer.BufferManagerFactory;
import org.teiid.core.util.UnitTestUtil;
import org.teiid.jdbc.FakeServer;
@@ -127,7 +129,7 @@
addr = new InetSocketAddress(0);
config.setBindAddress(addr.getHostName());
config.setPortNumber(0);
- odbcTransport = new ODBCSocketListener(config, BufferManagerFactory.getStandaloneBufferManager(), 0, 100000);
+ odbcTransport = new ODBCSocketListener(config, BufferManagerFactory.getStandaloneBufferManager(), 0, 100000, Mockito.mock(ILogon.class));
FakeServer server = new FakeServer();
server.setUseCallingThread(false);
Modified: trunk/test-integration/pom.xml
===================================================================
--- trunk/test-integration/pom.xml 2011-08-15 15:36:27 UTC (rev 3381)
+++ trunk/test-integration/pom.xml 2011-08-15 18:31:49 UTC (rev 3382)
@@ -14,7 +14,7 @@
<properties>
<derby.version>10.2.1.6</derby.version>
<mysql.connector.version>5.1.5</mysql.connector.version>
- <postgresql.version>8.3-603.jdbc3</postgresql.version>
+ <postgresql.version>8.4-702.jdbc4</postgresql.version>
<apache.ant.version>1.7.0</apache.ant.version>
</properties>
13 years, 4 months
- 1
- 0