Examples with ServiceKeytabResponse com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse used on opensource projects

Search in sources :

Example 6 with ServiceKeytabResponse

use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse in project cloudbreak by hortonworks.

the class KeytabConfigurationHandler method accept.

@Override
public void accept(Event<KeytabConfigurationRequest> keytabConfigurationRequestEvent) {
    Long stackId = keytabConfigurationRequestEvent.getData().getResourceId();
    Selectable response;
    try {
        Stack stack = stackService.getByIdWithListsInTransaction(stackId);
        Optional<KerberosConfig> kerberosConfigOptional = kerberosConfigService.get(stack.getEnvironmentCrn(), stack.getName());
        boolean childEnvironment = environmentConfigProvider.isChildEnvironment(stack.getEnvironmentCrn());
        if (kerberosDetailService.keytabsShouldBeUpdated(stack.cloudPlatform(), childEnvironment, kerberosConfigOptional)) {
            GatewayConfig primaryGatewayConfig = gatewayConfigService.getPrimaryGatewayConfig(stack);
            ServiceKeytabResponse serviceKeytabResponse = keytabProvider.getServiceKeytabResponse(stack, primaryGatewayConfig);
            KeytabModel keytabModel = buildKeytabModel(serviceKeytabResponse);
            hostOrchestrator.uploadKeytabs(List.of(primaryGatewayConfig), Set.of(keytabModel), ClusterDeletionBasedExitCriteriaModel.clusterDeletionBasedModel(stackId, stack.getCluster().getId()));
        }
        response = new KeytabConfigurationSuccess(stackId);
    } catch (Exception e) {
        LOGGER.info("Error during keytab configuration, stackId: " + stackId, e);
        KeytabConfigurationException configurationException = new KeytabConfigurationException("Keytab generation failed with: " + e.getMessage(), e);
        response = new KeytabConfigurationFailed(stackId, configurationException);
    }
    eventBus.notify(response.selector(), new Event<>(keytabConfigurationRequestEvent.getHeaders(), response));
}
Also used : KerberosConfig(com.sequenceiq.cloudbreak.dto.KerberosConfig) KeytabConfigurationException(com.sequenceiq.cloudbreak.reactor.api.event.kerberos.KeytabConfigurationException) Stack(com.sequenceiq.cloudbreak.domain.stack.Stack) KeytabModel(com.sequenceiq.cloudbreak.orchestrator.model.KeytabModel) KeytabConfigurationFailed(com.sequenceiq.cloudbreak.reactor.api.event.kerberos.KeytabConfigurationFailed) Selectable(com.sequenceiq.cloudbreak.common.event.Selectable) KeytabConfigurationException(com.sequenceiq.cloudbreak.reactor.api.event.kerberos.KeytabConfigurationException) ServiceKeytabResponse(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse) KeytabConfigurationSuccess(com.sequenceiq.cloudbreak.reactor.api.event.kerberos.KeytabConfigurationSuccess) GatewayConfig(com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig)

Example 7 with ServiceKeytabResponse

use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse in project cloudbreak by hortonworks.

the class ServiceKeytabServiceTest method testGenerateExistingNotCachedServiceMissing.

@Test
public void testGenerateExistingNotCachedServiceMissing() throws FreeIpaClientException {
    ServiceKeytabRequest request = new ServiceKeytabRequest();
    request.setEnvironmentCrn(ENVIRONMENT_CRN);
    request.setServiceName(SERVICE_NAME);
    request.setServerHostName(HOST);
    request.setDoNotRecreateKeytab(Boolean.TRUE);
    request.setServerHostNameAlias(ALIAS);
    RoleRequest roleRequest = new RoleRequest();
    request.setRoleRequest(roleRequest);
    when(keytabCacheService.findByEnvironmentCrnAndPrincipal(ENVIRONMENT_CRN, PRINCIPAL)).thenReturn(Optional.empty());
    FreeIpaClient ipaClient = mock(FreeIpaClient.class);
    when(freeIpaClientFactory.getFreeIpaClientForStack(stack)).thenReturn(ipaClient);
    when(roleComponent.privilegesExist(roleRequest, ipaClient)).thenReturn(Boolean.TRUE);
    Service service = new Service();
    service.setKrbcanonicalname(PRINCIPAL);
    service.setHasKeytab(Boolean.TRUE);
    when(ipaClient.showService(PRINCIPAL)).thenThrow(new FreeIpaClientException("notfound", new JsonRpcClientException(NOT_FOUND.getValue(), "notfound", null)));
    when(ipaClient.addService(PRINCIPAL)).thenReturn(service);
    when(keytabCommonService.constructPrincipal(SERVICE_NAME, ALIAS, REALM)).thenReturn(ALIAS_PRINCIPAL);
    when(keytabCommonService.getExistingKeytab(ENVIRONMENT_CRN, PRINCIPAL, HOST, ipaClient)).thenReturn(keytabCache);
    ServiceKeytabResponse result = underTest.generateServiceKeytab(request, ACCOUNT_ID);
    verify(ipaClient).addServiceAlias(PRINCIPAL, ALIAS_PRINCIPAL);
    verify(roleComponent).addRoleAndPrivileges(Optional.of(service), Optional.empty(), roleRequest, ipaClient);
    assertEquals(keytabResponse, result.getKeytab());
    assertEquals(principalResponse, result.getServicePrincipal());
}
Also used : ServiceKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest) JsonRpcClientException(com.googlecode.jsonrpc4j.JsonRpcClientException) FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) Service(com.sequenceiq.freeipa.client.model.Service) FreeIpaClientException(com.sequenceiq.freeipa.client.FreeIpaClientException) ServiceKeytabResponse(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse) RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest) Test(org.junit.jupiter.api.Test)

Example 8 with ServiceKeytabResponse

use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse in project cloudbreak by hortonworks.

the class ServiceKeytabServiceTest method testGenerateExistingNotCachedDoNotRecreateTrueAliasExists.

@Test
public void testGenerateExistingNotCachedDoNotRecreateTrueAliasExists() throws FreeIpaClientException {
    ServiceKeytabRequest request = new ServiceKeytabRequest();
    request.setEnvironmentCrn(ENVIRONMENT_CRN);
    request.setServiceName(SERVICE_NAME);
    request.setServerHostName(HOST);
    request.setDoNotRecreateKeytab(Boolean.TRUE);
    request.setServerHostNameAlias(ALIAS);
    RoleRequest roleRequest = new RoleRequest();
    request.setRoleRequest(roleRequest);
    when(keytabCacheService.findByEnvironmentCrnAndPrincipal(ENVIRONMENT_CRN, PRINCIPAL)).thenReturn(Optional.empty());
    FreeIpaClient ipaClient = mock(FreeIpaClient.class);
    when(freeIpaClientFactory.getFreeIpaClientForStack(stack)).thenReturn(ipaClient);
    when(roleComponent.privilegesExist(roleRequest, ipaClient)).thenReturn(Boolean.TRUE);
    Service service = new Service();
    service.setKrbcanonicalname(PRINCIPAL);
    service.setHasKeytab(Boolean.TRUE);
    when(ipaClient.showService(PRINCIPAL)).thenReturn(service);
    when(keytabCommonService.constructPrincipal(SERVICE_NAME, ALIAS, REALM)).thenReturn(ALIAS_PRINCIPAL);
    when(keytabCommonService.getExistingKeytab(ENVIRONMENT_CRN, PRINCIPAL, HOST, ipaClient)).thenReturn(keytabCache);
    doThrow(new FreeIpaClientException("notfound", new JsonRpcClientException(EXECUTION_ERROR.getValue(), "notfound", null))).when(ipaClient).addServiceAlias(PRINCIPAL, ALIAS_PRINCIPAL);
    ServiceKeytabResponse result = underTest.generateServiceKeytab(request, ACCOUNT_ID);
    verify(roleComponent).addRoleAndPrivileges(Optional.of(service), Optional.empty(), roleRequest, ipaClient);
    assertEquals(keytabResponse, result.getKeytab());
    assertEquals(principalResponse, result.getServicePrincipal());
}
Also used : ServiceKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest) JsonRpcClientException(com.googlecode.jsonrpc4j.JsonRpcClientException) FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) Service(com.sequenceiq.freeipa.client.model.Service) FreeIpaClientException(com.sequenceiq.freeipa.client.FreeIpaClientException) ServiceKeytabResponse(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse) RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest) Test(org.junit.jupiter.api.Test)

Example 9 with ServiceKeytabResponse

use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse in project cloudbreak by hortonworks.

the class ServiceKeytabServiceTest method testGetExistingFromIpa.

@Test
public void testGetExistingFromIpa() throws FreeIpaClientException {
    ServiceKeytabRequest request = new ServiceKeytabRequest();
    request.setEnvironmentCrn(ENVIRONMENT_CRN);
    request.setServiceName(SERVICE_NAME);
    request.setServerHostName(HOST);
    when(keytabCacheService.findByEnvironmentCrnAndPrincipal(ENVIRONMENT_CRN, PRINCIPAL)).thenReturn(Optional.empty());
    FreeIpaClient ipaClient = mock(FreeIpaClient.class);
    when(freeIpaClientFactory.getFreeIpaClientForStack(stack)).thenReturn(ipaClient);
    when(keytabCommonService.getExistingKeytab(ENVIRONMENT_CRN, PRINCIPAL, HOST, ipaClient)).thenReturn(keytabCache);
    ServiceKeytabResponse result = underTest.getExistingServiceKeytab(request, ACCOUNT_ID);
    assertEquals(keytabResponse, result.getKeytab());
    assertEquals(principalResponse, result.getServicePrincipal());
}
Also used : ServiceKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest) FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) ServiceKeytabResponse(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse) Test(org.junit.jupiter.api.Test)

Example 10 with ServiceKeytabResponse

use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse in project cloudbreak by hortonworks.

the class ServiceKeytabService method createServiceKeytabResponse.

private ServiceKeytabResponse createServiceKeytabResponse(KeytabCache serviceKeytab) {
    ServiceKeytabResponse response = new ServiceKeytabResponse();
    response.setKeytab(secretResponseConverter.convert(serviceKeytab.getKeytab().getSecret()));
    response.setServicePrincipal(secretResponseConverter.convert(serviceKeytab.getPrincipal().getSecret()));
    return response;
}
Also used : ServiceKeytabResponse(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse)

Aggregations

ServiceKeytabResponse (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse)10 ServiceKeytabRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest)8 Test (org.junit.jupiter.api.Test)8 FreeIpaClient (com.sequenceiq.freeipa.client.FreeIpaClient)6 RoleRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)5 Service (com.sequenceiq.freeipa.client.model.Service)5 JsonRpcClientException (com.googlecode.jsonrpc4j.JsonRpcClientException)3 FreeIpaClientException (com.sequenceiq.freeipa.client.FreeIpaClientException)3 Selectable (com.sequenceiq.cloudbreak.common.event.Selectable)1 Stack (com.sequenceiq.cloudbreak.domain.stack.Stack)1 KerberosConfig (com.sequenceiq.cloudbreak.dto.KerberosConfig)1 GatewayConfig (com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig)1 KeytabModel (com.sequenceiq.cloudbreak.orchestrator.model.KeytabModel)1 KeytabConfigurationException (com.sequenceiq.cloudbreak.reactor.api.event.kerberos.KeytabConfigurationException)1 KeytabConfigurationFailed (com.sequenceiq.cloudbreak.reactor.api.event.kerberos.KeytabConfigurationFailed)1 KeytabConfigurationSuccess (com.sequenceiq.cloudbreak.reactor.api.event.kerberos.KeytabConfigurationSuccess)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial