Example 1 with FileBasedSecurityModule
use of co.cask.cdap.security.guice.FileBasedSecurityModule in project cdap by caskdata.
the class TestFileBasedTokenManager method testFileBasedKey.
/**
* Test that two token managers can share a key that is written to a file.
* @throws Exception
*/
@Test
public void testFileBasedKey() throws Exception {
// Create two token managers that points to the same path
CConfiguration cConf = CConfiguration.create();
cConf.set(Constants.CFG_LOCAL_DATA_DIR, TEMP_FOLDER.newFolder().getAbsolutePath());
TokenManager tokenManager = Guice.createInjector(new IOModule(), new ConfigModule(cConf), new FileBasedSecurityModule(), new DiscoveryRuntimeModule().getInMemoryModules()).getInstance(TokenManager.class);
tokenManager.startAndWait();
TokenManager tokenManager2 = Guice.createInjector(new IOModule(), new ConfigModule(cConf), new FileBasedSecurityModule(), new DiscoveryRuntimeModule().getInMemoryModules()).getInstance(TokenManager.class);
tokenManager2.startAndWait();
Assert.assertNotSame("ERROR: Both token managers refer to the same object.", tokenManager, tokenManager2);
String user = "testuser";
long now = System.currentTimeMillis();
List<String> groups = Lists.newArrayList("users", "admins");
AccessTokenIdentifier identifier = new AccessTokenIdentifier(user, groups, now, now + TOKEN_DURATION);
AccessToken token = tokenManager.signIdentifier(identifier);
// Since both tokenManagers have the same key, they must both be able to validate the secret.
tokenManager.validateSecret(token);
tokenManager2.validateSecret(token);
}
Also used :
IOModule(co.cask.cdap.common.guice.IOModule)
FileBasedSecurityModule(co.cask.cdap.security.guice.FileBasedSecurityModule)
ConfigModule(co.cask.cdap.common.guice.ConfigModule)
CConfiguration(co.cask.cdap.common.conf.CConfiguration)
DiscoveryRuntimeModule(co.cask.cdap.common.guice.DiscoveryRuntimeModule)
Test(org.junit.Test)
Example 2 with FileBasedSecurityModule
use of co.cask.cdap.security.guice.FileBasedSecurityModule in project cdap by caskdata.
the class TestKeyIdentifierCodec method setup.
@BeforeClass
public static void setup() throws Exception {
Injector injector = Guice.createInjector(new IOModule(), new ConfigModule(), new FileBasedSecurityModule(), new DiscoveryRuntimeModule().getInMemoryModules());
CConfiguration conf = injector.getInstance(CConfiguration.class);
keyIdentifierCodec = injector.getInstance(KeyIdentifierCodec.class);
keyLength = conf.getInt(Constants.Security.TOKEN_DIGEST_KEY_LENGTH);
keyAlgo = conf.get(Constants.Security.TOKEN_DIGEST_ALGO);
keyGenerator = KeyGenerator.getInstance(keyAlgo);
keyGenerator.init(keyLength);
}
Also used :
IOModule(co.cask.cdap.common.guice.IOModule)
FileBasedSecurityModule(co.cask.cdap.security.guice.FileBasedSecurityModule)
Injector(com.google.inject.Injector)
ConfigModule(co.cask.cdap.common.guice.ConfigModule)
DiscoveryRuntimeModule(co.cask.cdap.common.guice.DiscoveryRuntimeModule)
CConfiguration(co.cask.cdap.common.conf.CConfiguration)
BeforeClass(org.junit.BeforeClass)
Example 3 with FileBasedSecurityModule
use of co.cask.cdap.security.guice.FileBasedSecurityModule in project cdap by caskdata.
the class TestFileBasedTokenManager method getTokenManagerAndCodec.
@Override
protected ImmutablePair<TokenManager, Codec<AccessToken>> getTokenManagerAndCodec() throws IOException {
CConfiguration cConf = CConfiguration.create();
cConf.set(Constants.CFG_LOCAL_DATA_DIR, TEMP_FOLDER.newFolder().getAbsolutePath());
Injector injector = Guice.createInjector(new IOModule(), new ConfigModule(cConf), new FileBasedSecurityModule(), new DiscoveryRuntimeModule().getInMemoryModules());
TokenManager tokenManager = injector.getInstance(TokenManager.class);
tokenManager.startAndWait();
Codec<AccessToken> tokenCodec = injector.getInstance(AccessTokenCodec.class);
return new ImmutablePair<>(tokenManager, tokenCodec);
}
Also used :
IOModule(co.cask.cdap.common.guice.IOModule)
FileBasedSecurityModule(co.cask.cdap.security.guice.FileBasedSecurityModule)
ImmutablePair(co.cask.cdap.common.utils.ImmutablePair)
Injector(com.google.inject.Injector)
ConfigModule(co.cask.cdap.common.guice.ConfigModule)
CConfiguration(co.cask.cdap.common.conf.CConfiguration)
DiscoveryRuntimeModule(co.cask.cdap.common.guice.DiscoveryRuntimeModule)
Aggregations
CConfiguration (co.cask.cdap.common.conf.CConfiguration)3
ConfigModule (co.cask.cdap.common.guice.ConfigModule)3
DiscoveryRuntimeModule (co.cask.cdap.common.guice.DiscoveryRuntimeModule)3
IOModule (co.cask.cdap.common.guice.IOModule)3
FileBasedSecurityModule (co.cask.cdap.security.guice.FileBasedSecurityModule)3
Injector (com.google.inject.Injector)2
ImmutablePair (co.cask.cdap.common.utils.ImmutablePair)1
BeforeClass (org.junit.BeforeClass)1
Test (org.junit.Test)1
