Skip to content

[KYUUBI #4152][FOLLOWUP] LDAP configurations should be server-only#4383

Closed
pan3793 wants to merge 1 commit intoapache:masterfrom
pan3793:auth-conf
Closed

[KYUUBI #4152][FOLLOWUP] LDAP configurations should be server-only#4383
pan3793 wants to merge 1 commit intoapache:masterfrom
pan3793:auth-conf

Conversation

@pan3793
Copy link
Member

@pan3793 pan3793 commented Feb 20, 2023

Why are the changes needed?

Filter out the LDAP configurations to suppress potential security issues.

How was this patch tested?

  • Add some test cases that check the changes thoroughly including negative and positive cases if possible

  • Add screenshots for manual tests if appropriate

  • Run test locally before make a pull request

@pan3793 pan3793 changed the title [KYUUBI #4152] LDAP configurations should be server-only [KYUUBI #4152][FOLLOWUP] LDAP configurations should be server-only Feb 20, 2023
@pan3793 pan3793 added this to the v1.7.0 milestone Feb 20, 2023
@pan3793 pan3793 self-assigned this Feb 20, 2023
bowenliang123
bowenliang123 approved these changes Feb 20, 2023
View reviewed changes
Copy link
Contributor

@bowenliang123 bowenliang123 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agree. LGTM.

@codecov-commenter
Copy link

codecov-commenter commented Feb 20, 2023

Codecov Report

Merging #4383 (032245f) into master (0dce65d) will decrease coverage by 0.01%.
The diff coverage is n/a.

@@             Coverage Diff              @@
##             master    #4383      +/-   ##
============================================
- Coverage     53.69%   53.68%   -0.01%     
  Complexity       13       13              
============================================
  Files           563      563              
  Lines         30877    30877              
  Branches       4164     4164              
============================================
- Hits          16579    16577       -2     
- Misses        12743    12749       +6     
+ Partials       1555     1551       -4
Impacted Files Coverage Δ
...in/scala/org/apache/kyuubi/config/KyuubiConf.scala 97.51% <ø> (+0.06%) ⬆️
...client/exception/RetryableKyuubiRestException.java 0.00% <0.00%> (-100.00%) ⬇️
.../org/apache/kyuubi/client/RetryableRestClient.java 48.78% <0.00%> (-24.40%) ⬇️
...apache/kyuubi/engine/JpsApplicationOperation.scala 77.41% <0.00%> (-3.23%) ⬇️
...in/spark/authz/ranger/SparkRangerAdminPlugin.scala 64.47% <0.00%> (-2.64%) ⬇️
...main/java/org/apache/kyuubi/client/RestClient.java 83.11% <0.00%> (-2.60%) ⬇️
...g/apache/kyuubi/operation/BatchJobSubmission.scala 75.27% <0.00%> (-1.10%) ⬇️
...n/scala/org/apache/kyuubi/engine/ProcBuilder.scala 79.01% <0.00%> (+0.61%) ⬆️
...ain/scala/org/apache/kyuubi/engine/EngineRef.scala 71.77% <0.00%> (+0.80%) ⬆️
... and 5 more

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@pan3793 pan3793 closed this in ae374c1 Feb 20, 2023
pan3793 added a commit that referenced this pull request Feb 20, 2023
@pan3793
[KYUUBI #4152][FOLLOWUP] LDAP configurations should be server-only
db025bd 
### _Why are the changes needed?_

Filter out the LDAP configurations to suppress potential security issues.

### _How was this patch tested?_
- [ ] Add some test cases that check the changes thoroughly including negative and positive cases if possible

- [ ] Add screenshots for manual tests if appropriate

- [ ] [Run test](https://kyuubi.readthedocs.io/en/master/develop_tools/testing.html#running-tests) locally before make a pull request

Closes #4383 from pan3793/auth-conf.

Closes #4152

032245f [Cheng Pan] [KYUUBI #4152] LDAP configurations should be server-only

Authored-by: Cheng Pan <chengpan@apache.org>
Signed-off-by: Cheng Pan <chengpan@apache.org>
(cherry picked from commit ae374c1)
Signed-off-by: Cheng Pan <chengpan@apache.org>
@pan3793
Copy link
Member Author

pan3793 commented Feb 20, 2023

Thanks, merged to master/1.7

@pan3793 pan3793 deleted the auth-conf branch March 3, 2023 05:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bowenliang123 bowenliang123 bowenliang123 approved these changes

Assignees

@pan3793 pan3793

Labels

module:common

Projects

None yet

Milestone

v1.7.0

Development

Successfully merging this pull request may close these issues.

3 participants

@pan3793 @codecov-commenter @bowenliang123