[
https://issues.apache.org/jira/browse/IMPALA-14009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17948259#comment-17948259
]
Jason Fehr commented on IMPALA-14009:
-------------------------------------
The tests in JwtWebserverTest.java seem to be duplicates of the python custom
cluster tests and LdapHs2Test.java. It may be possible to delete
JwtWebserverTest.java without any loss of test coverage.
> JwtWebserverTest Has Invalid Assertions
> ---------------------------------------
>
> Key: IMPALA-14009
> URL: https://issues.apache.org/jira/browse/IMPALA-14009
> Project: IMPALA
> Issue Type: Improvement
> Affects Versions: Impala 5.0.0
> Reporter: Jason Fehr
> Assignee: gaurav singh
> Priority: Major
> Labels: impala
>
> The
> [JwtWebserverTests|https://github.com/apache/impala/blob/master/fe/src/test/java/org/apache/impala/customcluster/JwtWebserverTest.java]
> unit tests cover both JWT and OAuth authentication. These tests call the
> endpoint 'http://localhost:25000/?json', but since the Impala cluster set up
> by this test does not have any authentication on the Impala web ui, this test
> is not actually asserting anything since the web ui can be accessed without
> any credentials.
> Possible solutions:
> 1. Configure the web ui to require JWT/OAuth tokens.
> 2. Modify the tests to access the hs2-http port 28000 which already is
> configured to access JWT/OAuth tokens.
> Additional assertions are needed to assert the HTTP response code,
> WWW-Authenticate http header, and the Impala server logs to be absolutely
> certain that the expected authentication method was used and that method
> failed in the expected way.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
