Example 6 with GroupPrincipal
use of com.thinkbiganalytics.security.GroupPrincipal in project kylo by Teradata.
the class ExampleLoginModule method doCommit.
/* (non-Javadoc)
* @see com.thinkbiganalytics.auth.jaas.AbstractLoginModule#doCommit()
*/
@Override
protected boolean doCommit() throws Exception {
// Associate the username and the admin group with the subject.
getSubject().getPrincipals().add(new UsernamePrincipal(this.username));
getSubject().getPrincipals().add(new GroupPrincipal("admin"));
return true;
}
Also used :
UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal)
GroupPrincipal(com.thinkbiganalytics.security.GroupPrincipal)
Example 7 with GroupPrincipal
use of com.thinkbiganalytics.security.GroupPrincipal in project kylo by Teradata.
the class ExampleLoginModule method doAbort.
/* (non-Javadoc)
* @see com.thinkbiganalytics.auth.jaas.AbstractLoginModule#doAbort()
*/
@Override
protected boolean doAbort() throws Exception {
// Since it is possible for login to still be aborted even after this module was told to commit,
// remove the principals we may have added to the subject.
getSubject().getPrincipals().remove(new UsernamePrincipal(this.username));
getSubject().getPrincipals().remove(new GroupPrincipal("admin"));
return true;
}
Also used :
UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal)
GroupPrincipal(com.thinkbiganalytics.security.GroupPrincipal)
Example 8 with GroupPrincipal
use of com.thinkbiganalytics.security.GroupPrincipal in project kylo by Teradata.
the class AclPrincipalTypeUpgradeAction method upgrade.
private void upgrade(JcrAllowedActions allowed, Set<String> groupNames) {
allowed.streamActions().forEach(action -> {
allowed.getPrincipalsAllowedAll(action).stream().filter(this::isUpgradable).forEach(principal -> {
// If the principal name does not match a group name then assume it is a user.
if (groupNames.contains(principal.getName())) {
GroupPrincipal group = new GroupPrincipal(principal.getName());
allowed.enable(group, action);
} else {
UsernamePrincipal newPrincipal = new UsernamePrincipal(principal.getName());
allowed.enable(newPrincipal, action);
}
});
});
allowed.streamActions().forEach(action -> {
allowed.getPrincipalsAllowedAll(action).stream().filter(this::isUpgradable).forEach(principal -> {
// If the principal name does not match a group name then assume it is a user.
if (!(principal instanceof UsernamePrincipal || principal instanceof Group)) {
allowed.disable(new RemovedPrincipal(principal), action);
}
});
});
}
Also used :
UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal)
Group(java.security.acl.Group)
UserGroup(com.thinkbiganalytics.metadata.api.user.UserGroup)
GroupPrincipal(com.thinkbiganalytics.security.GroupPrincipal)
Example 9 with GroupPrincipal
use of com.thinkbiganalytics.security.GroupPrincipal in project kylo by Teradata.
the class AbstractLoginModule method addNewGroupPrincipal.
protected GroupPrincipal addNewGroupPrincipal(String name) {
GroupPrincipal group = new GroupPrincipal(name);
addPrincipal(group);
return group;
}
Also used :
GroupPrincipal(com.thinkbiganalytics.security.GroupPrincipal)
Example 10 with GroupPrincipal
use of com.thinkbiganalytics.security.GroupPrincipal in project kylo by Teradata.
the class AclPrincipalTypeUpgradeAction method upgrade.
private void upgrade(JcrAllowedActions allowed, Set<String> userNames, Set<String> groupNames) {
allowed.streamActions().forEach(action -> {
allowed.getPrincipalsAllowedAll(action).stream().filter(this::isUpgradable).forEach(principal -> {
// Re-add known groups and users principals of the correct type.
if (groupNames.contains(principal.getName())) {
GroupPrincipal group = new GroupPrincipal(principal.getName());
allowed.enable(group, action);
} else if (userNames.contains(principal.getName())) {
UsernamePrincipal newPrincipal = new UsernamePrincipal(principal.getName());
allowed.enable(newPrincipal, action);
}
});
});
// Clean out any generic principals not upgraded to the correct type.
allowed.streamActions().forEach(action -> {
allowed.getPrincipalsAllowedAll(action).stream().filter(this::isUpgradable).forEach(principal -> {
if (!(principal instanceof UsernamePrincipal || principal instanceof Group)) {
allowed.disable(new RemovedPrincipal(principal), action);
}
});
});
}
Also used :
UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal)
Group(java.security.acl.Group)
UserGroup(com.thinkbiganalytics.metadata.api.user.UserGroup)
GroupPrincipal(com.thinkbiganalytics.security.GroupPrincipal)
Aggregations
GroupPrincipal (com.thinkbiganalytics.security.GroupPrincipal)14
UsernamePrincipal (com.thinkbiganalytics.security.UsernamePrincipal)10
Subject (javax.security.auth.Subject)4
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)4
Test (org.testng.annotations.Test)3
UserGroup (com.thinkbiganalytics.metadata.api.user.UserGroup)2
Principal (java.security.Principal)2
Group (java.security.acl.Group)2
Test (org.junit.Test)2
JwtProperties (com.thinkbiganalytics.auth.config.JwtProperties)1
AbstractDataSourceCredentialProvider (com.thinkbiganalytics.kylo.catalog.credential.spi.AbstractDataSourceCredentialProvider)1
OpsManagerFeed (com.thinkbiganalytics.metadata.api.feed.OpsManagerFeed)1
User (com.thinkbiganalytics.metadata.api.user.User)1
BaseFeed (com.thinkbiganalytics.metadata.core.feed.BaseFeed)1
JpaFeedOpsAclEntry (com.thinkbiganalytics.metadata.jpa.feed.security.JpaFeedOpsAclEntry)1
WithMockJaasUser (com.thinkbiganalytics.test.security.WithMockJaasUser)1
Arrays (java.util.Arrays)1
Collection (java.util.Collection)1
Collections (java.util.Collections)1
HashSet (java.util.HashSet)1
