Examples with AuthenticationDataCommand - com.yahoo.pulsar.broker.authentication.AuthenticationDataCommand

Example 1 with AuthenticationDataCommand

use of com.yahoo.pulsar.broker.authentication.AuthenticationDataCommand in project pulsar by yahoo.

the class ServerCnx method handleConnect.

@Override
protected void handleConnect(CommandConnect connect) {
    checkArgument(state == State.Start);
    if (service.isAuthenticationEnabled()) {
        try {
            String authMethod = "none";
            if (connect.hasAuthMethodName()) {
                authMethod = connect.getAuthMethodName();
            } else if (connect.hasAuthMethod()) {
                // Legacy client is passing enum
                authMethod = connect.getAuthMethod().name().substring(10).toLowerCase();
            }
            String authData = connect.getAuthData().toStringUtf8();
            ChannelHandler sslHandler = ctx.channel().pipeline().get(PulsarChannelInitializer.TLS_HANDLER);
            SSLSession sslSession = null;
            if (sslHandler != null) {
                sslSession = ((SslHandler) sslHandler).engine().getSession();
            }
            authRole = getBrokerService().getAuthenticationService().authenticate(new AuthenticationDataCommand(authData, remoteAddress, sslSession), authMethod);
            log.info("[{}] Client successfully authenticated with {} role {}", remoteAddress, authMethod, authRole);
        } catch (AuthenticationException e) {
            String msg = "Unable to authenticate";
            log.warn("[{}] {}: {}", remoteAddress, msg, e.getMessage());
            ctx.writeAndFlush(Commands.newError(-1, ServerError.AuthenticationError, msg));
            close();
            return;
        }
    }
    if (log.isDebugEnabled()) {
        log.debug("Received CONNECT from {}", remoteAddress);
    }
    ctx.writeAndFlush(Commands.newConnected(connect));
    state = State.Connected;
    remoteEndpointProtocolVersion = connect.getProtocolVersion();
}

Also used : AuthenticationDataCommand(com.yahoo.pulsar.broker.authentication.AuthenticationDataCommand) AuthenticationException(javax.naming.AuthenticationException) SSLSession(javax.net.ssl.SSLSession) ChannelHandler(io.netty.channel.ChannelHandler) SslHandler(io.netty.handler.ssl.SslHandler)

Example 2 with AuthenticationDataCommand

use of com.yahoo.pulsar.broker.authentication.AuthenticationDataCommand in project pulsar by yahoo.

the class ServerCnxTest method testConnectCommandWithAuthenticationPositive.

@Test(timeOut = 30000)
public void testConnectCommandWithAuthenticationPositive() throws Exception {
    AuthenticationService authenticationService = mock(AuthenticationService.class);
    doReturn(authenticationService).when(brokerService).getAuthenticationService();
    doReturn("appid1").when(authenticationService).authenticate(new AuthenticationDataCommand(Mockito.anyString()), Mockito.anyString());
    doReturn(true).when(brokerService).isAuthenticationEnabled();
    resetChannel();
    assertTrue(channel.isActive());
    assertEquals(serverCnx.getState(), State.Start);
    // test server response to CONNECT
    ByteBuf clientCommand = Commands.newConnect("none", "");
    channel.writeInbound(clientCommand);
    assertEquals(serverCnx.getState(), State.Connected);
    assertTrue(getResponse() instanceof CommandConnected);
    channel.finish();
}

Also used : AuthenticationDataCommand(com.yahoo.pulsar.broker.authentication.AuthenticationDataCommand) CommandConnected(com.yahoo.pulsar.common.api.proto.PulsarApi.CommandConnected) ByteBuf(io.netty.buffer.ByteBuf) AuthenticationService(com.yahoo.pulsar.broker.authentication.AuthenticationService) Test(org.testng.annotations.Test)

Example 3 with AuthenticationDataCommand

use of com.yahoo.pulsar.broker.authentication.AuthenticationDataCommand in project pulsar by yahoo.

the class ServerCnxTest method testConnectCommandWithAuthenticationNegative.

@Test(timeOut = 30000)
public void testConnectCommandWithAuthenticationNegative() throws Exception {
    AuthenticationException e = new AuthenticationException();
    AuthenticationService authenticationService = mock(AuthenticationService.class);
    doReturn(authenticationService).when(brokerService).getAuthenticationService();
    doThrow(e).when(authenticationService).authenticate(new AuthenticationDataCommand(Mockito.anyString()), Mockito.anyString());
    doReturn(true).when(brokerService).isAuthenticationEnabled();
    resetChannel();
    assertTrue(channel.isActive());
    assertEquals(serverCnx.getState(), State.Start);
    // test server response to CONNECT
    ByteBuf clientCommand = Commands.newConnect("none", "");
    channel.writeInbound(clientCommand);
    assertEquals(serverCnx.getState(), State.Start);
    assertTrue(getResponse() instanceof CommandError);
    channel.finish();
}

Also used : AuthenticationDataCommand(com.yahoo.pulsar.broker.authentication.AuthenticationDataCommand) AuthenticationException(javax.naming.AuthenticationException) CommandError(com.yahoo.pulsar.common.api.proto.PulsarApi.CommandError) ByteBuf(io.netty.buffer.ByteBuf) AuthenticationService(com.yahoo.pulsar.broker.authentication.AuthenticationService) Test(org.testng.annotations.Test)

Example 4 with AuthenticationDataCommand

use of com.yahoo.pulsar.broker.authentication.AuthenticationDataCommand in project pulsar by yahoo.

the class ServerConnection method handleConnect.

/**
     * handles connect request and sends {@code State.Connected} ack to client
     */
@Override
protected void handleConnect(CommandConnect connect) {
    checkArgument(state == State.Start);
    if (LOG.isDebugEnabled()) {
        LOG.debug("Received CONNECT from {}", remoteAddress);
    }
    if (service.getConfiguration().isAuthenticationEnabled()) {
        try {
            String authMethod = "none";
            if (connect.hasAuthMethodName()) {
                authMethod = connect.getAuthMethodName();
            } else if (connect.hasAuthMethod()) {
                // Legacy client is passing enum
                authMethod = connect.getAuthMethod().name().substring(10).toLowerCase();
            }
            String authData = connect.getAuthData().toStringUtf8();
            ChannelHandler sslHandler = ctx.channel().pipeline().get(TLS_HANDLER);
            SSLSession sslSession = null;
            if (sslHandler != null) {
                sslSession = ((SslHandler) sslHandler).engine().getSession();
            }
            authRole = service.getAuthenticationService().authenticate(new AuthenticationDataCommand(authData, remoteAddress, sslSession), authMethod);
            LOG.info("[{}] Client successfully authenticated with {} role {}", remoteAddress, authMethod, authRole);
        } catch (AuthenticationException e) {
            String msg = "Unable to authenticate";
            LOG.warn("[{}] {}: {}", remoteAddress, msg, e.getMessage());
            ctx.writeAndFlush(Commands.newError(-1, ServerError.AuthenticationError, msg));
            close();
            return;
        }
    }
    ctx.writeAndFlush(Commands.newConnected(connect));
    state = State.Connected;
    remoteEndpointProtocolVersion = connect.getProtocolVersion();
}

Aggregations

AuthenticationDataCommand (com.yahoo.pulsar.broker.authentication.AuthenticationDataCommand)4 AuthenticationException (javax.naming.AuthenticationException)3 AuthenticationService (com.yahoo.pulsar.broker.authentication.AuthenticationService)2 ByteBuf (io.netty.buffer.ByteBuf)2 ChannelHandler (io.netty.channel.ChannelHandler)2 SslHandler (io.netty.handler.ssl.SslHandler)2 SSLSession (javax.net.ssl.SSLSession)2 Test (org.testng.annotations.Test)2 CommandConnected (com.yahoo.pulsar.common.api.proto.PulsarApi.CommandConnected)1 CommandError (com.yahoo.pulsar.common.api.proto.PulsarApi.CommandError)1