thevar1able/ClickHouse
1
0
Fork 0
mirror of https://github.com/ClickHouse/ClickHouse.git synced 2024-11-22 07:31:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Rename header and config setting for consistency.

Browse Source
This commit is contained in:
Vitaly Baranov 2022-02-19 03:58:58 +07:00
parent 765d136d2a
commit cb66a63aa4
4 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Access/UsersConfigAccessStorage.cpp
View File

@ -62,7 +62,7 @@ namespace
bool has_ldap = config.has(user_config + ".ldap"); bool has_ldap = config.has(user_config + ".ldap");
bool has_kerberos = config.has(user_config + ".kerberos"); bool has_kerberos = config.has(user_config + ".kerberos");
const auto certificates_config = user_config + ".certificates"; const auto certificates_config = user_config + ".ssl_certificates";
bool has_certificates = config.has(certificates_config); bool has_certificates = config.has(certificates_config);
size_t num_password_fields = has_no_password + has_password_plaintext + has_password_sha256_hex + has_password_double_sha1_hex + has_ldap + has_kerberos + has_certificates; size_t num_password_fields = has_no_password + has_password_plaintext + has_password_sha256_hex + has_password_double_sha1_hex + has_ldap + has_kerberos + has_certificates;

2
src/Server/HTTPHandler.cpp
View File

@ -330,7 +330,7 @@ bool HTTPHandler::authenticateUser(
/// The header 'X-ClickHouse-SSL-Certificate-Auth: on' enables checking the common name /// The header 'X-ClickHouse-SSL-Certificate-Auth: on' enables checking the common name
/// extracted from the SSL certificate used for this connection instead of checking password. /// extracted from the SSL certificate used for this connection instead of checking password.
bool has_ssl_certificate_auth = (request.get("X-ClickHouse-X509Authentication", "") == "yes"); bool has_ssl_certificate_auth = (request.get("X-ClickHouse-SSL-Certificate-Auth", "") == "on");
bool has_auth_headers = !user.empty() || !password.empty() || !quota_key.empty() || has_ssl_certificate_auth; bool has_auth_headers = !user.empty() || !password.empty() || !quota_key.empty() || has_ssl_certificate_auth;
/// User name and password can be passed using HTTP Basic auth or query parameters /// User name and password can be passed using HTTP Basic auth or query parameters

8
tests/integration/test_ssl_cert_authentication/configs/users_with_ssl_auth.xml
View File

@ -2,15 +2,15 @@
<clickhouse> <clickhouse>
<users> <users>
<john> <john>
<certificates> <ssl_certificates>
<common_name>client1</common_name> <common_name>client1</common_name>
</certificates> </ssl_certificates>
</john> </john>
<lucy> <lucy>
<certificates> <ssl_certificates>
<common_name>client2</common_name> <common_name>client2</common_name>
<common_name>client3</common_name> <common_name>client3</common_name>
</certificates> </ssl_certificates>
</lucy> </lucy>
<peter> <peter>
<no_password/> <no_password/>

2
tests/integration/test_ssl_cert_authentication/test.py
View File

@ -40,7 +40,7 @@ def execute_query_https(query, user, enable_ssl_auth=True, cert_name=None, passw
request = urllib.request.Request(url) request = urllib.request.Request(url)
request.add_header('X-ClickHouse-User', user) request.add_header('X-ClickHouse-User', user)
if enable_ssl_auth: if enable_ssl_auth:
request.add_header('X-ClickHouse-X509Authentication', 'yes') request.add_header('X-ClickHouse-SSL-Certificate-Auth', 'on')
if password: if password:
request.add_header('X-ClickHouse-Key', password) request.add_header('X-ClickHouse-Key', password)
response = urllib.request.urlopen(request, context=get_ssl_context(cert_name)).read() response = urllib.request.urlopen(request, context=get_ssl_context(cert_name)).read()