diff --git a/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java b/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java index 7292cd9..854d078 100644 --- a/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java +++ b/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java @@ -53,6 +53,11 @@ public void Authenticate(String user, String password) throws AuthenticationExce user = user + "@" + ldapDomain; } + if (password == null || password.isEmpty()) { + throw new AuthenticationException("Error validating LDAP user:" + + " a null or blank password has been provided"); + } + // setup the security principal String bindDN; if (baseDN == null) { diff --git a/service/src/test/org/apache/hive/service/auth/TestLdapAuthenticationProviderImpl.java b/service/src/test/org/apache/hive/service/auth/TestLdapAuthenticationProviderImpl.java new file mode 100644 index 0000000..74a5bbe --- /dev/null +++ b/service/src/test/org/apache/hive/service/auth/TestLdapAuthenticationProviderImpl.java @@ -0,0 +1,49 @@ +package org.apache.hive.service.auth; + +import javax.security.sasl.AuthenticationException; +import java.io.ByteArrayOutputStream; +import java.io.File; +import java.io.FileOutputStream; + +import junit.framework.TestCase; +import org.apache.hadoop.hive.conf.HiveConf; +import org.apache.hive.service.server.HiveServer2; + +public class TestLdapAuthenticationProviderImpl extends TestCase { + + private static HiveServer2 hiveserver2; + private static HiveConf hiveConf; + private static byte[] hiveConfBackup; + + @Override + public void setUp() throws Exception { + hiveConf = new HiveConf(); + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + hiveConf.writeXml(baos); + baos.close(); + hiveConfBackup = baos.toByteArray(); + hiveConf.set("hive.server2.authentication.ldap.url", "localhost"); + FileOutputStream fos = new FileOutputStream(new File(hiveConf.getHiveSiteLocation().toURI())); + hiveConf.writeXml(fos); + fos.close(); + } + + public void testLdapEmptyPassword() { + LdapAuthenticationProviderImpl ldapImpl = new LdapAuthenticationProviderImpl(); + try { + ldapImpl.Authenticate("user", ""); + assertFalse(true); + } catch (AuthenticationException e) { + assertTrue(e.getMessage(), e.getMessage().contains("a null or blank password has been provided")); + } + } + + @Override + public void tearDown() throws Exception { + if(hiveConf != null && hiveConfBackup != null) { + FileOutputStream fos = new FileOutputStream(new File(hiveConf.getHiveSiteLocation().toURI())); + fos.write(hiveConfBackup); + fos.close(); + } + } +}