use of com.hortonworks.streamline.streams.security.StreamlineAuthorizer in project streamline by hortonworks.
the class StreamlineApplication method registerResources.
private void registerResources(StreamlineConfiguration configuration, Environment environment, Subject subject) throws ConfigException, ClassNotFoundException, IllegalAccessException, InstantiationException {
StorageManager storageManager = getDao(configuration);
TransactionManager transactionManager;
if (storageManager instanceof TransactionManager) {
transactionManager = (TransactionManager) storageManager;
} else {
transactionManager = new NOOPTransactionManager();
}
environment.jersey().register(new TransactionEventListener(transactionManager, true));
Collection<Class<? extends Storable>> streamlineEntities = getStorableEntities();
storageManager.registerStorables(streamlineEntities);
LOG.info("Registered streamline entities {}", streamlineEntities);
FileStorage fileStorage = this.getJarStorage(configuration, storageManager);
int appPort = ((HttpConnectorFactory) ((DefaultServerFactory) configuration.getServerFactory()).getApplicationConnectors().get(0)).getPort();
String catalogRootUrl = configuration.getCatalogRootUrl().replaceFirst("8080", appPort + "");
List<ModuleConfiguration> modules = configuration.getModules();
List<Object> resourcesToRegister = new ArrayList<>();
// add StreamlineConfigResource
resourcesToRegister.add(new StreamlineConfigurationResource(configuration));
// authorizer
StreamlineAuthorizer authorizer;
AuthorizerConfiguration authorizerConf = configuration.getAuthorizerConfiguration();
SecurityCatalogService securityCatalogService = new SecurityCatalogService(storageManager);
if (authorizerConf != null) {
authorizer = ((Class<StreamlineAuthorizer>) Class.forName(authorizerConf.getClassName())).newInstance();
Map<String, Object> authorizerConfig = new HashMap<>();
authorizerConfig.put(DefaultStreamlineAuthorizer.CONF_CATALOG_SERVICE, securityCatalogService);
authorizerConfig.put(DefaultStreamlineAuthorizer.CONF_ADMIN_PRINCIPALS, authorizerConf.getAdminPrincipals());
authorizer.init(authorizerConfig);
String filterClazzName = authorizerConf.getContainerRequestFilter();
ContainerRequestFilter filter;
if (StringUtils.isEmpty(filterClazzName)) {
// default
filter = new StreamlineKerberosRequestFilter();
} else {
filter = ((Class<ContainerRequestFilter>) Class.forName(filterClazzName)).newInstance();
}
LOG.info("Registering ContainerRequestFilter: {}", filter.getClass().getCanonicalName());
environment.jersey().register(filter);
} else {
LOG.info("Authorizer config not set, setting noop authorizer");
String noopAuthorizerClassName = "com.hortonworks.streamline.streams.security.impl.NoopAuthorizer";
authorizer = ((Class<StreamlineAuthorizer>) Class.forName(noopAuthorizerClassName)).newInstance();
}
for (ModuleConfiguration moduleConfiguration : modules) {
String moduleName = moduleConfiguration.getName();
String moduleClassName = moduleConfiguration.getClassName();
LOG.info("Registering module [{}] with class [{}]", moduleName, moduleClassName);
ModuleRegistration moduleRegistration = (ModuleRegistration) Class.forName(moduleClassName).newInstance();
if (moduleConfiguration.getConfig() == null) {
moduleConfiguration.setConfig(new HashMap<String, Object>());
}
if (moduleName.equals(Constants.CONFIG_STREAMS_MODULE)) {
moduleConfiguration.getConfig().put(Constants.CONFIG_CATALOG_ROOT_URL, catalogRootUrl);
}
Map<String, Object> initConfig = new HashMap<>(moduleConfiguration.getConfig());
initConfig.put(Constants.CONFIG_AUTHORIZER, authorizer);
initConfig.put(Constants.CONFIG_SECURITY_CATALOG_SERVICE, securityCatalogService);
initConfig.put(Constants.CONFIG_SUBJECT, subject);
if ((initConfig.get("proxyUrl") != null) && (configuration.getHttpProxyUrl() == null || configuration.getHttpProxyUrl().isEmpty())) {
LOG.warn("Please move proxyUrl, proxyUsername and proxyPassword configuration properties under streams module to httpProxyUrl, " + "httpProxyUsername and httpProxyPassword respectively at top level in your streamline.yaml");
configuration.setHttpProxyUrl((String) initConfig.get("proxyUrl"));
configuration.setHttpProxyUsername((String) initConfig.get("proxyUsername"));
configuration.setHttpProxyPassword((String) initConfig.get("proxyPassword"));
}
// pass http proxy information from top level config to each module. Up to them how they want to use it. Currently used in StreamsModule
initConfig.put(Constants.CONFIG_HTTP_PROXY_URL, configuration.getHttpProxyUrl());
initConfig.put(Constants.CONFIG_HTTP_PROXY_USERNAME, configuration.getHttpProxyUsername());
initConfig.put(Constants.CONFIG_HTTP_PROXY_PASSWORD, configuration.getHttpProxyPassword());
moduleRegistration.init(initConfig, fileStorage);
if (moduleRegistration instanceof StorageManagerAware) {
LOG.info("Module [{}] is StorageManagerAware and setting StorageManager.", moduleName);
StorageManagerAware storageManagerAware = (StorageManagerAware) moduleRegistration;
storageManagerAware.setStorageManager(storageManager);
}
if (moduleRegistration instanceof TransactionManagerAware) {
LOG.info("Module [{}] is TransactionManagerAware and setting TransactionManager.", moduleName);
TransactionManagerAware transactionManagerAware = (TransactionManagerAware) moduleRegistration;
transactionManagerAware.setTransactionManager(transactionManager);
}
resourcesToRegister.addAll(moduleRegistration.getResources());
}
LOG.info("Registering resources to Jersey environment: [{}]", resourcesToRegister);
for (Object resource : resourcesToRegister) {
environment.jersey().register(resource);
}
environment.jersey().register(MultiPartFeature.class);
final ErrorPageErrorHandler errorPageErrorHandler = new ErrorPageErrorHandler();
errorPageErrorHandler.addErrorPage(Response.Status.UNAUTHORIZED.getStatusCode(), "/401.html");
environment.getApplicationContext().setErrorHandler(errorPageErrorHandler);
}
use of com.hortonworks.streamline.streams.security.StreamlineAuthorizer in project streamline by hortonworks.
the class StreamsModule method getResources.
@Override
public List<Object> getResources() {
List<Object> result = new ArrayList<>();
String catalogRootUrl = (String) config.get(Constants.CONFIG_CATALOG_ROOT_URL);
// Authorized subject
final Subject subject = (Subject) config.get(Constants.CONFIG_SUBJECT);
MLModelRegistryClient modelRegistryClient = new MLModelRegistryClient(catalogRootUrl, subject);
final StreamCatalogService streamcatalogService = new StreamCatalogService(storageManager, fileStorage, modelRegistryClient);
final EnvironmentService environmentService = new EnvironmentService(storageManager);
TagClient tagClient = new TagClient(catalogRootUrl);
final CatalogService catalogService = new CatalogService(storageManager, fileStorage, tagClient);
final TopologyActionsService topologyActionsService = new TopologyActionsService(streamcatalogService, environmentService, fileStorage, modelRegistryClient, config, subject, transactionManager);
final TopologyMetricsService topologyMetricsService = new TopologyMetricsService(environmentService, subject);
final TopologyLogSearchService topologyLogSearchService = new TopologyLogSearchService(environmentService, subject);
environmentService.addNamespaceAwareContainer(topologyActionsService);
environmentService.addNamespaceAwareContainer(topologyMetricsService);
environmentService.addNamespaceAwareContainer(topologyLogSearchService);
// authorizer
final StreamlineAuthorizer authorizer = (StreamlineAuthorizer) config.get(Constants.CONFIG_AUTHORIZER);
if (authorizer == null) {
throw new IllegalStateException("Authorizer not set");
}
final SecurityCatalogService securityCatalogService = (SecurityCatalogService) config.get(Constants.CONFIG_SECURITY_CATALOG_SERVICE);
result.addAll(getAuthorizerResources(authorizer, securityCatalogService));
result.add(new MetricsResource(authorizer, streamcatalogService, topologyMetricsService));
result.addAll(getClusterRelatedResources(authorizer, environmentService));
result.add(new FileCatalogResource(authorizer, catalogService));
result.addAll(getTopologyRelatedResources(authorizer, streamcatalogService, environmentService, topologyActionsService, topologyMetricsService, topologyLogSearchService, securityCatalogService, subject));
result.add(new UDFCatalogResource(authorizer, streamcatalogService, fileStorage));
result.addAll(getNotificationsRelatedResources(authorizer, streamcatalogService));
result.add(new SchemaResource(createSchemaRegistryClient()));
result.addAll(getServiceMetadataResources(authorizer, environmentService, subject));
result.add(new NamespaceCatalogResource(authorizer, streamcatalogService, topologyActionsService, environmentService));
result.add(new SearchCatalogResource(authorizer, streamcatalogService, environmentService, topologyActionsService, topologyMetricsService));
watchFiles(streamcatalogService);
setupPlaceholderEntities(streamcatalogService, environmentService);
return result;
}
Aggregations