Example 6 with OwnerAdmin
use of co.cask.cdap.security.impersonation.OwnerAdmin in project cdap by caskdata.
the class AuthorizationUtilTest method testGetAppAuthorizingUse.
@Test
public void testGetAppAuthorizingUse() throws Exception {
OwnerAdmin ownerAdmin = getOwnerAdmin();
// test with complete principal (alice/somehost.net@somerealm.net)
String principal = username + "/" + InetAddress.getLocalHost().getHostName() + "@REALM.net";
NamespaceMeta nsMeta = new NamespaceMeta.Builder().setName(namespaceId).setPrincipal(principal).setKeytabURI("doesnotmatter").build();
namespaceClient.create(nsMeta);
Assert.assertEquals(username, AuthorizationUtil.getAppAuthorizingUser(ownerAdmin, authenticationContext, applicationId, null));
// test with principal which is just username (alice)
namespaceClient.delete(namespaceId);
principal = username;
nsMeta = new NamespaceMeta.Builder().setName(namespaceId).setPrincipal(principal).setKeytabURI("doesnotmatter").build();
namespaceClient.create(nsMeta);
Assert.assertEquals(username, AuthorizationUtil.getAppAuthorizingUser(ownerAdmin, authenticationContext, applicationId, null));
// test with principal and realm (alice@somerealm.net)
namespaceClient.delete(namespaceId);
principal = username + "@REALM.net";
nsMeta = new NamespaceMeta.Builder().setName(namespaceId).setPrincipal(principal).setKeytabURI("doesnotmatter").build();
namespaceClient.create(nsMeta);
Assert.assertEquals(username, AuthorizationUtil.getAppAuthorizingUser(ownerAdmin, authenticationContext, applicationId, null));
// clean up
namespaceClient.delete(namespaceId);
}
Also used :
NamespaceMeta(co.cask.cdap.proto.NamespaceMeta)
DefaultOwnerAdmin(co.cask.cdap.security.impersonation.DefaultOwnerAdmin)
OwnerAdmin(co.cask.cdap.security.impersonation.OwnerAdmin)
Test(org.junit.Test)
Aggregations
OwnerAdmin (co.cask.cdap.security.impersonation.OwnerAdmin)6
DefaultOwnerAdmin (co.cask.cdap.security.impersonation.DefaultOwnerAdmin)5
ConfigModule (co.cask.cdap.common.guice.ConfigModule)4
NonCustomLocationUnitTestModule (co.cask.cdap.common.guice.NonCustomLocationUnitTestModule)4
NamespaceQueryAdmin (co.cask.cdap.common.namespace.NamespaceQueryAdmin)4
NamespacedLocationFactory (co.cask.cdap.common.namespace.NamespacedLocationFactory)4
AbstractModule (com.google.inject.AbstractModule)4
DiscoveryRuntimeModule (co.cask.cdap.common.guice.DiscoveryRuntimeModule)3
SystemDatasetRuntimeModule (co.cask.cdap.data.runtime.SystemDatasetRuntimeModule)3
AuditModule (co.cask.cdap.data2.audit.AuditModule)3
InMemoryAuditPublisher (co.cask.cdap.data2.audit.InMemoryAuditPublisher)3
AuthenticationContextModules (co.cask.cdap.security.auth.context.AuthenticationContextModules)3
AuthorizationEnforcementModule (co.cask.cdap.security.authorization.AuthorizationEnforcementModule)3
AuthorizationTestModule (co.cask.cdap.security.authorization.AuthorizationTestModule)3
Injector (com.google.inject.Injector)3
BeforeClass (org.junit.BeforeClass)3
NamespaceAdmin (co.cask.cdap.common.namespace.NamespaceAdmin)2
SimpleNamespaceQueryAdmin (co.cask.cdap.common.namespace.SimpleNamespaceQueryAdmin)2
NamespaceClientRuntimeModule (co.cask.cdap.common.namespace.guice.NamespaceClientRuntimeModule)2
DataSetsModules (co.cask.cdap.data.runtime.DataSetsModules)2
