Stuck on enabling basic auth. What am I missing?

Hi,

I have been fiddling with druid for past month or so and it looks very promising to suite our needs. I am not trying to set up basic auth and I was under the impression that after adding the authenticators and authorizers in my common runtime properties file, and restarting the services, any API will be needing basic auth schemes with request. However, no matter what request I send I get this error -

io.druid.java.util.common.ISE: No authorizer found with name: [allowAll].

This is what my auth config looks like -

Hi,

The property druid.auth.authenticationChain=["MyAuthn"] should be druid.auth.authenticatorChain=["MyAuthn"] instead.

Thanks,
Jon

I can’t believe it that I am blind… Thank you… I initially checked out the page http://druid.io/docs/latest/design/auth.html and I guess I got confused… I will give it a go right now.

@Jonathan - Getting these errors now; is SSL to be configured to use basic auth?

2018-11-20T02:58:56,394 DEBUG [main] com.google.inject.internal.BytecodeGen - Loading class io.druid.security.basic.authentication.db.cache.CoordinatorBasicAuthenticatorCacheNotifier FastClass with com.google.inject.internal.BytecodeGen$BridgeClassLoader@16c3ca31

2018-11-20T02:58:56,401 INFO [main] io.druid.guice.JsonConfigurator - Loaded class[class io.druid.guice.http.DruidHttpClientConfig] from props[druid.broker.http.] as [io.druid.guice.http.DruidHttpClientConfig@3b95a6db]

2018-11-20T02:58:56,407 INFO [main] io.druid.guice.JsonConfigurator - Loaded class[class io.druid.https.SSLClientConfig] from props[druid.client.https.] as [SSLClientConfig{protocol=‘null’, trustStoreType=‘null’, trustStorePath=‘null’, trustStoreAlgorithm=‘null’}]

2018-11-20T02:58:56,408 INFO [main] io.druid.https.SSLContextProvider - Creating SslContext for https client using config [SSLClientConfig{protocol=‘null’, trustStoreType=‘null’, trustStorePath=‘null’, trustStoreAlgorithm=‘null’}]

2018-11-20T02:58:56,413 INFO [main] io.druid.guice.JsonConfigurator - Loaded class[class io.druid.common.config.ConfigManagerConfig] from props[druid.manager.config.] as [io.druid.common.config.ConfigManagerConfig@7209ffb5]

2018-11-20T02:58:56,417 ERROR [main] io.druid.cli.CliCoordinator - Error when starting up. Failing.

com.google.inject.ProvisionException: Unable to provision, see the following errors:

  1. Error in custom provider, java.lang.NullPointerException

while locating io.druid.https.SSLContextProvider

while locating javax.net.ssl.SSLContext annotated with interface io.druid.guice.annotations.EscalatedClient

at io.druid.guice.http.HttpClientModule.configure(HttpClientModule.java:93) (via modules: com.google.inject.util.Modules$OverrideModule -> com.google.inject.util.Modules$OverrideModule -> io.druid.guice.http.HttpClientModule)

at io.druid.guice.http.HttpClientModule.configure(HttpClientModule.java:93) (via modules: com.google.inject.util.Modules$OverrideModule -> com.google.inject.util.Modules$OverrideModule -> io.druid.guice.http.HttpClientModule)

while locating io.druid.java.util.http.client.HttpClient annotated with @io.druid.guice.annotations.EscalatedClient()

for the 3rd parameter of io.druid.security.basic.authentication.db.cache.CoordinatorBasicAuthenticatorCacheNotifier.(CoordinatorBasicAuthenticatorCacheNotifier.java:57)

at io.druid.security.basic.authentication.db.cache.CoordinatorBasicAuthenticatorCacheNotifier.class(CoordinatorBasicAuthenticatorCacheNotifier.java:46)

while locating io.druid.security.basic.authentication.db.cache.CoordinatorBasicAuthenticatorCacheNotifier

at io.druid.security.basic.BasicSecurityDruidModule.createAuthenticatorCacheNotifier(BasicSecurityDruidModule.java:112) (via modules: com.google.inject.util.Modules$OverrideModule -> io.druid.security.basic.BasicSecurityDruidModule)

at io.druid.security.basic.BasicSecurityDruidModule.createAuthenticatorCacheNotifier(BasicSecurityDruidModule.java:112) (via modules: com.google.inject.util.Modules$OverrideModule -> io.druid.security.basic.BasicSecurityDruidModule)

while locating io.druid.security.basic.authentication.db.cache.BasicAuthenticatorCacheNotifier

for the 6th parameter of io.druid.security.basic.authentication.db.updater.CoordinatorBasicAuthenticatorMetadataStorageUpdater.(CoordinatorBasicAuthenticatorMetadataStorageUpdater.java:96)

at io.druid.security.basic.authentication.db.updater.CoordinatorBasicAuthenticatorMetadataStorageUpdater.class(CoordinatorBasicAuthenticatorMetadataStorageUpdater.java:64)

while locating io.druid.security.basic.authentication.db.updater.CoordinatorBasicAuthenticatorMetadataStorageUpdater

at io.druid.security.basic.BasicSecurityDruidModule.createAuthenticatorStorageUpdater(BasicSecurityDruidModule.java:82) (via modules: com.google.inject.util.Modules$OverrideModule -> io.druid.security.basic.BasicSecurityDruidModule)

at io.druid.security.basic.BasicSecurityDruidModule.createAuthenticatorStorageUpdater(BasicSecurityDruidModule.java:82) (via modules: com.google.inject.util.Modules$OverrideModule -> io.druid.security.basic.BasicSecurityDruidModule)

while locating io.druid.security.basic.authentication.db.updater.BasicAuthenticatorMetadataStorageUpdater

1 error

``

Please ignore… It was a silly miss on my part.

@Kar, how do you pass the credentials after enabling auth?

I am also trying to secure my druid setup with basic auth. After enabling the auth, i can see the following error response for unauthorized access.

{

“error”: “Unauthorized request.”,

“errorMessage”: null,

“errorClass”: null,

“host”: “localhost”

}

``

which headers need to be specified? There is no user specified in the configuration for authenticator ‘MyAuth’, does a user have to be created?

Got it. I created a new user using the Authorization API endpoints and was able to authorize the request (http://druid.io/docs/latest/development/extensions-core/druid-basic-security.html).