[
https://issues.apache.org/jira/browse/IMPALA-14009?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
gaurav singh reassigned IMPALA-14009:
-------------------------------------
Assignee: Jason Fehr (was: gaurav singh)
> JwtWebserverTest Has Invalid Assertions
> ---------------------------------------
>
> Key: IMPALA-14009
> URL: https://issues.apache.org/jira/browse/IMPALA-14009
> Project: IMPALA
> Issue Type: Improvement
> Affects Versions: Impala 5.0.0
> Reporter: Jason Fehr
> Assignee: Jason Fehr
> Priority: Major
> Labels: impala
>
> The
> [JwtWebserverTests|https://github.com/apache/impala/blob/master/fe/src/test/java/org/apache/impala/customcluster/JwtWebserverTest.java]
> unit tests cover both JWT and OAuth authentication. These tests call the
> endpoint 'http://localhost:25000/?json', but since the Impala cluster set up
> by this test does not have any authentication on the Impala web ui, the
> failure cases are not actually asserting the correct http response status
> code is returned since the web ui can be accessed without any credentials.
> The catch blocks that contain assertions are not run since the
> attemptConnection calls are not returning an error. The attemptConnection
> calls are not returning errors since the web ui has no auth. The JWT auth
> still registers as a failure though in the JWT auth metrics.
> Possible solutions:
> 1. Configure the web ui to require JWT/OAuth tokens.
> 2. Modify the tests to access the hs2-http port 28000 which already is
> configured to access JWT/OAuth tokens.
> Additional assertions are needed to assert the HTTP response code,
> WWW-Authenticate http header, and the Impala server logs to be absolutely
> certain that the expected authentication method was used and that method
> failed in the expected way.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
