Search in sources :

Example 1 with GroupPrincipal

use of com.thinkbiganalytics.security.GroupPrincipal in project kylo by Teradata.

the class JpaFeedProviderTest method testFindFeedUsingGenericFilter.

@WithMockJaasUser(username = "dladmin", password = "secret", authorities = { "admin" })
@Test
public void testFindFeedUsingGenericFilter() {
    // Create feed
    final String name = "testCategory.testFeed";
    final String id = metadataAccess.commit(() -> {
        final OpsManagerFeed.ID feedId = feedProvider.resolveId(UUID.randomUUID().toString());
        feedProvider.save(feedId, name, false, 1000L);
        return feedId.toString();
    });
    // Add ACL entries
    final BaseFeed.FeedId feedId = new BaseFeed.FeedId(id);
    final JpaFeedOpsAclEntry userAcl = new JpaFeedOpsAclEntry(feedId, "dladmin", JpaFeedOpsAclEntry.PrincipalType.USER);
    final JpaFeedOpsAclEntry adminAcl = new JpaFeedOpsAclEntry(feedId, "admin", JpaFeedOpsAclEntry.PrincipalType.GROUP);
    aclProvider.grantAccess(feedId, new UsernamePrincipal("dladmin"), new GroupPrincipal("admin"));
    // Verify access to feeds
    metadataAccess.read(() -> {
        List<OpsManagerFeed> feeds = feedProvider.findAll("name:" + name);
        Assert.assertTrue(feeds != null && !feeds.isEmpty());
        List<String> feedNames = feedProvider.getFeedNames();
        Assert.assertTrue(feedNames != null && !feedNames.isEmpty());
        return feeds;
    });
}
Also used : UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal) OpsManagerFeed(com.thinkbiganalytics.metadata.api.feed.OpsManagerFeed) GroupPrincipal(com.thinkbiganalytics.security.GroupPrincipal) BaseFeed(com.thinkbiganalytics.metadata.core.feed.BaseFeed) JpaFeedOpsAclEntry(com.thinkbiganalytics.metadata.jpa.feed.security.JpaFeedOpsAclEntry) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) WithMockJaasUser(com.thinkbiganalytics.test.security.WithMockJaasUser)

Example 2 with GroupPrincipal

use of com.thinkbiganalytics.security.GroupPrincipal in project kylo by Teradata.

the class Main method main.

public static void main(String[] args) {
    AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext(VaultDataSourceCredentialConfig.class);
    context.start();
    SecretStore ss = context.getBean(SecretStore.class);
    System.out.println("ss.contains(\"oracle\")= " + ss.contains("oracle"));
    ss.remove("oracle");
    System.out.println("removed path 'oracle'");
    System.out.println("ss.contains(\"oracle\")= " + ss.contains("oracle"));
    AbstractDataSourceCredentialProvider.Credentials creds = new AbstractDataSourceCredentialProvider.Credentials();
    creds.addUserCredential("dladmin", "user", "user-dladmin", true, true);
    creds.addUserCredential("dladmin", "password", "pass-dladmin", true, true);
    creds.addGroupCredential("admin", "user", "user-admins", true, true);
    creds.addGroupCredential("admin", "password", "pass-admins", true, true);
    creds.addGroupCredential("analysts", "user", "user-analysts", true, true);
    creds.addGroupCredential("analysts", "password", "pass-analysts", true, true);
    creds.addDefaultCredential("user", "root", true, true);
    creds.addDefaultCredential("password", "thinkbig", true, true);
    ss.write("oracle", creds);
    System.out.println("ss.contains(\"oracle\")= " + ss.contains("oracle"));
    Set<Principal> principals = new HashSet<>();
    principals.add(new GroupPrincipal("analysts"));
    principals.add(new GroupPrincipal("admin"));
    // principals.add(new UsernamePrincipal("dladmin"));
    AbstractDataSourceCredentialProvider.Credentials read = ss.read("oracle", principals);
    System.out.println(read);
    context.stop();
}
Also used : AnnotationConfigApplicationContext(org.springframework.context.annotation.AnnotationConfigApplicationContext) GroupPrincipal(com.thinkbiganalytics.security.GroupPrincipal) AbstractDataSourceCredentialProvider(com.thinkbiganalytics.kylo.catalog.credential.spi.AbstractDataSourceCredentialProvider) Principal(java.security.Principal) UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal) GroupPrincipal(com.thinkbiganalytics.security.GroupPrincipal) HashSet(java.util.HashSet)

Example 3 with GroupPrincipal

use of com.thinkbiganalytics.security.GroupPrincipal in project kylo by Teradata.

the class JwtRememberMeServicesTest method processAutoLoginCookie.

/**
 * Verify building a user from tokens.
 */
@Test
public void processAutoLoginCookie() throws Exception {
    final UserDetails user = service.processAutoLoginCookie(new String[] { "dladmin", groupPrincipalsJson("admin") }, Mockito.mock(HttpServletRequest.class), Mockito.mock(HttpServletResponse.class));
    Assert.assertEquals("dladmin", user.getUsername());
    Principal group = user.getAuthorities().stream().findAny().map(JaasGrantedAuthority.class::cast).map(ja -> ja.getPrincipal()).orElseThrow(() -> new AssertionError("No group principal found"));
    Assert.assertEquals(new GroupPrincipal("admin"), group);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Arrays(java.util.Arrays) DateTimeUtils(org.joda.time.DateTimeUtils) AlgorithmIdentifiers(org.jose4j.jws.AlgorithmIdentifiers) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GroupPrincipal(com.thinkbiganalytics.security.GroupPrincipal) AtomicReference(java.util.concurrent.atomic.AtomicReference) HttpServletRequest(javax.servlet.http.HttpServletRequest) JwtProperties(com.thinkbiganalytics.auth.config.JwtProperties) After(org.junit.After) UserDetails(org.springframework.security.core.userdetails.UserDetails) Cookie(javax.servlet.http.Cookie) Before(org.junit.Before) JaasGrantedAuthority(org.springframework.security.authentication.jaas.JaasGrantedAuthority) Collection(java.util.Collection) HttpServletResponse(javax.servlet.http.HttpServletResponse) Test(org.junit.Test) InvalidCookieException(org.springframework.security.web.authentication.rememberme.InvalidCookieException) Collectors(java.util.stream.Collectors) GrantedAuthority(org.springframework.security.core.GrantedAuthority) Mockito(org.mockito.Mockito) Principal(java.security.Principal) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) Assert(org.junit.Assert) Authentication(org.springframework.security.core.Authentication) Collections(java.util.Collections) UserDetails(org.springframework.security.core.userdetails.UserDetails) GroupPrincipal(com.thinkbiganalytics.security.GroupPrincipal) HttpServletResponse(javax.servlet.http.HttpServletResponse) JaasGrantedAuthority(org.springframework.security.authentication.jaas.JaasGrantedAuthority) GroupPrincipal(com.thinkbiganalytics.security.GroupPrincipal) Principal(java.security.Principal) Test(org.junit.Test)

Example 4 with GroupPrincipal

use of com.thinkbiganalytics.security.GroupPrincipal in project kylo by Teradata.

the class ActiveDirectoryLoginModuleTest method testLoginTest.

// @Test
public void testLoginTest() throws Exception {
    Subject subject = login("test", "Th1nkb1g!");
    assertThat(subject.getPrincipals()).hasSize(3).contains(new UsernamePrincipal("test"), new GroupPrincipal("Admin"), new GroupPrincipal("Developer"));
}
Also used : UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal) GroupPrincipal(com.thinkbiganalytics.security.GroupPrincipal) Subject(javax.security.auth.Subject)

Example 5 with GroupPrincipal

use of com.thinkbiganalytics.security.GroupPrincipal in project kylo by Teradata.

the class LdapLoginModuleTest method testLoginTest.

@Test
public void testLoginTest() throws Exception {
    Subject subject = login("test", "user");
    assertThat(subject.getPrincipals()).hasSize(3).contains(new UsernamePrincipal("test"), new GroupPrincipal("admin"), new GroupPrincipal("developer"));
}
Also used : UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal) GroupPrincipal(com.thinkbiganalytics.security.GroupPrincipal) Subject(javax.security.auth.Subject) Test(org.testng.annotations.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Aggregations

GroupPrincipal (com.thinkbiganalytics.security.GroupPrincipal)14 UsernamePrincipal (com.thinkbiganalytics.security.UsernamePrincipal)10 Subject (javax.security.auth.Subject)4 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)4 Test (org.testng.annotations.Test)3 UserGroup (com.thinkbiganalytics.metadata.api.user.UserGroup)2 Principal (java.security.Principal)2 Group (java.security.acl.Group)2 Test (org.junit.Test)2 JwtProperties (com.thinkbiganalytics.auth.config.JwtProperties)1 AbstractDataSourceCredentialProvider (com.thinkbiganalytics.kylo.catalog.credential.spi.AbstractDataSourceCredentialProvider)1 OpsManagerFeed (com.thinkbiganalytics.metadata.api.feed.OpsManagerFeed)1 User (com.thinkbiganalytics.metadata.api.user.User)1 BaseFeed (com.thinkbiganalytics.metadata.core.feed.BaseFeed)1 JpaFeedOpsAclEntry (com.thinkbiganalytics.metadata.jpa.feed.security.JpaFeedOpsAclEntry)1 WithMockJaasUser (com.thinkbiganalytics.test.security.WithMockJaasUser)1 Arrays (java.util.Arrays)1 Collection (java.util.Collection)1 Collections (java.util.Collections)1 HashSet (java.util.HashSet)1