Examples with AuthenticationTls com.yahoo.pulsar.client.impl.auth.AuthenticationTls used on opensource projects

Search in sources :

Example 1 with AuthenticationTls

use of com.yahoo.pulsar.client.impl.auth.AuthenticationTls in project pulsar by yahoo.

the class AuthenticatedProducerConsumerTest method testTlsSyncProducerAndConsumer.

@Test(dataProvider = "batch")
public void testTlsSyncProducerAndConsumer(int batchMessageDelayMs) throws Exception {
    log.info("-- Starting {} test --", methodName);
    Map<String, String> authParams = new HashMap<>();
    authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
    authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);
    Authentication authTls = new AuthenticationTls();
    authTls.configure(authParams);
    internalSetup(authTls);
    admin.clusters().createCluster("use", new ClusterData(brokerUrl.toString(), brokerUrlTls.toString(), "pulsar://localhost:" + BROKER_PORT, "pulsar+ssl://localhost:" + BROKER_PORT_TLS));
    admin.properties().createProperty("my-property", new PropertyAdmin(Lists.newArrayList("appid1", "appid2"), Sets.newHashSet("use")));
    admin.namespaces().createNamespace("my-property/use/my-ns");
    ConsumerConfiguration conf = new ConsumerConfiguration();
    conf.setSubscriptionType(SubscriptionType.Exclusive);
    Consumer consumer = pulsarClient.subscribe("persistent://my-property/use/my-ns/my-topic1", "my-subscriber-name", conf);
    ProducerConfiguration producerConf = new ProducerConfiguration();
    if (batchMessageDelayMs != 0) {
        producerConf.setBatchingEnabled(true);
        producerConf.setBatchingMaxPublishDelay(batchMessageDelayMs, TimeUnit.MILLISECONDS);
        producerConf.setBatchingMaxMessages(5);
    }
    Producer producer = pulsarClient.createProducer("persistent://my-property/use/my-ns/my-topic1", producerConf);
    for (int i = 0; i < 10; i++) {
        String message = "my-message-" + i;
        producer.send(message.getBytes());
    }
    Message msg = null;
    Set<String> messageSet = Sets.newHashSet();
    for (int i = 0; i < 10; i++) {
        msg = consumer.receive(5, TimeUnit.SECONDS);
        String receivedMessage = new String(msg.getData());
        log.debug("Received message: [{}]", receivedMessage);
        String expectedMessage = "my-message-" + i;
        testMessageOrderAndDuplicates(messageSet, receivedMessage, expectedMessage);
    }
    // Acknowledge the consumption of all messages at once
    consumer.acknowledgeCumulative(msg);
    consumer.close();
    log.info("-- Exiting {} test --", methodName);
}
Also used : HashMap(java.util.HashMap) AuthenticationTls(com.yahoo.pulsar.client.impl.auth.AuthenticationTls) ClusterData(com.yahoo.pulsar.common.policies.data.ClusterData) PropertyAdmin(com.yahoo.pulsar.common.policies.data.PropertyAdmin) Test(org.testng.annotations.Test)

Example 2 with AuthenticationTls

use of com.yahoo.pulsar.client.impl.auth.AuthenticationTls in project pulsar by yahoo.

the class AuthenticatedProducerConsumerTest method testInternalServerExceptionOnLookup.

/**
     * verifies that topicLookup/PartitionMetadataLookup gives InternalServerError(500) instead 401(auth_failed) on
     * unknown-exception failure
     * 
     * @throws Exception
     */
@Test
public void testInternalServerExceptionOnLookup() throws Exception {
    log.info("-- Starting {} test --", methodName);
    Map<String, String> authParams = new HashMap<>();
    authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
    authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);
    Authentication authTls = new AuthenticationTls();
    authTls.configure(authParams);
    internalSetup(authTls);
    admin.clusters().createCluster("use", new ClusterData(brokerUrl.toString(), brokerUrlTls.toString(), "pulsar://localhost:" + BROKER_PORT, "pulsar+ssl://localhost:" + BROKER_PORT_TLS));
    admin.properties().createProperty("my-property", new PropertyAdmin(Lists.newArrayList("appid1", "appid2"), Sets.newHashSet("use")));
    String namespace = "my-property/use/my-ns";
    admin.namespaces().createNamespace(namespace);
    String destination = "persistent://" + namespace + "1/topic1";
    // this will cause NPE and it should throw 500
    mockZookKeeper.shutdown();
    pulsar.getConfiguration().setSuperUserRoles(Sets.newHashSet());
    try {
        admin.persistentTopics().getPartitionedTopicMetadata(destination);
    } catch (PulsarAdminException e) {
        Assert.assertTrue(e.getCause() instanceof InternalServerErrorException);
    }
    try {
        admin.lookups().lookupDestination(destination);
    } catch (PulsarAdminException e) {
        Assert.assertTrue(e.getCause() instanceof InternalServerErrorException);
    }
}
Also used : AuthenticationTls(com.yahoo.pulsar.client.impl.auth.AuthenticationTls) ClusterData(com.yahoo.pulsar.common.policies.data.ClusterData) PropertyAdmin(com.yahoo.pulsar.common.policies.data.PropertyAdmin) HashMap(java.util.HashMap) InternalServerErrorException(javax.ws.rs.InternalServerErrorException) PulsarAdminException(com.yahoo.pulsar.client.admin.PulsarAdminException) Test(org.testng.annotations.Test)

Example 3 with AuthenticationTls

use of com.yahoo.pulsar.client.impl.auth.AuthenticationTls in project pulsar by yahoo.

the class BrokerServiceTest method testTlsAuthDisallowInsecure.

@Test
public void testTlsAuthDisallowInsecure() throws Exception {
    final String topicName = "persistent://prop/usw/my-ns/newTopic";
    final String subName = "newSub";
    ClientConfiguration clientConfig;
    ConsumerConfiguration consumerConfig;
    Consumer consumer;
    Authentication auth;
    Set<String> providers = new HashSet<>();
    providers.add("com.yahoo.pulsar.broker.authentication.AuthenticationProviderTls");
    conf.setAuthenticationEnabled(true);
    conf.setAuthenticationProviders(providers);
    conf.setTlsEnabled(true);
    conf.setTlsCertificateFilePath(TLS_SERVER_CERT_FILE_PATH);
    conf.setTlsKeyFilePath(TLS_SERVER_KEY_FILE_PATH);
    conf.setTlsAllowInsecureConnection(false);
    restartBroker();
    Map<String, String> authParams = new HashMap<>();
    authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
    authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);
    PulsarClient pulsarClient = null;
    // Case 1: Access without client certificate
    try {
        clientConfig = new ClientConfiguration();
        clientConfig.setUseTls(true);
        clientConfig.setTlsAllowInsecureConnection(true);
        clientConfig.setStatsInterval(0, TimeUnit.SECONDS);
        pulsarClient = PulsarClient.create(brokerUrlTls.toString(), clientConfig);
        consumerConfig = new ConsumerConfiguration();
        consumerConfig.setSubscriptionType(SubscriptionType.Exclusive);
        consumer = pulsarClient.subscribe(topicName, subName, consumerConfig);
        consumer.close();
        fail("should fail");
    } catch (Exception e) {
        assertTrue(e.getMessage().contains("Authentication required"));
    } finally {
        pulsarClient.close();
    }
    // Case 2: Access with client certificate
    try {
        auth = new AuthenticationTls();
        auth.configure(authParams);
        clientConfig = new ClientConfiguration();
        clientConfig.setAuthentication(auth);
        clientConfig.setUseTls(true);
        clientConfig.setTlsAllowInsecureConnection(true);
        clientConfig.setStatsInterval(0, TimeUnit.SECONDS);
        pulsarClient = PulsarClient.create(brokerUrlTls.toString(), clientConfig);
        consumerConfig = new ConsumerConfiguration();
        consumerConfig.setSubscriptionType(SubscriptionType.Exclusive);
        consumer = pulsarClient.subscribe(topicName, subName, consumerConfig);
        consumer.close();
        fail("should fail");
    } catch (Exception e) {
        assertTrue(e.getMessage().contains("Authentication required"));
    } finally {
        pulsarClient.close();
    }
}
Also used : AuthenticationTls(com.yahoo.pulsar.client.impl.auth.AuthenticationTls) Consumer(com.yahoo.pulsar.client.api.Consumer) HashMap(java.util.HashMap) Authentication(com.yahoo.pulsar.client.api.Authentication) ConsumerConfiguration(com.yahoo.pulsar.client.api.ConsumerConfiguration) PulsarClient(com.yahoo.pulsar.client.api.PulsarClient) ClientConfiguration(com.yahoo.pulsar.client.api.ClientConfiguration) IOException(java.io.IOException) HashSet(java.util.HashSet) Test(org.testng.annotations.Test)

Example 4 with AuthenticationTls

use of com.yahoo.pulsar.client.impl.auth.AuthenticationTls in project pulsar by yahoo.

the class BrokerServiceTest method testTlsAuthAllowInsecure.

@Test
public void testTlsAuthAllowInsecure() throws Exception {
    final String topicName = "persistent://prop/usw/my-ns/newTopic";
    final String subName = "newSub";
    ClientConfiguration clientConfig;
    ConsumerConfiguration consumerConfig;
    Consumer consumer;
    Authentication auth;
    Set<String> providers = new HashSet<>();
    providers.add("com.yahoo.pulsar.broker.authentication.AuthenticationProviderTls");
    conf.setAuthenticationEnabled(true);
    conf.setAuthenticationProviders(providers);
    conf.setTlsEnabled(true);
    conf.setTlsCertificateFilePath(TLS_SERVER_CERT_FILE_PATH);
    conf.setTlsKeyFilePath(TLS_SERVER_KEY_FILE_PATH);
    conf.setTlsAllowInsecureConnection(true);
    restartBroker();
    Map<String, String> authParams = new HashMap<>();
    authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
    authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);
    PulsarClient pulsarClient = null;
    // Case 1: Access without client certificate
    try {
        clientConfig = new ClientConfiguration();
        clientConfig.setUseTls(true);
        clientConfig.setTlsAllowInsecureConnection(true);
        clientConfig.setStatsInterval(0, TimeUnit.SECONDS);
        pulsarClient = PulsarClient.create(brokerUrlTls.toString(), clientConfig);
        consumerConfig = new ConsumerConfiguration();
        consumerConfig.setSubscriptionType(SubscriptionType.Exclusive);
        consumer = pulsarClient.subscribe(topicName, subName, consumerConfig);
        consumer.close();
        fail("should fail");
    } catch (Exception e) {
        assertTrue(e.getMessage().contains("Authentication required"));
    } finally {
        pulsarClient.close();
    }
    // Case 2: Access with client certificate
    try {
        auth = new AuthenticationTls();
        auth.configure(authParams);
        clientConfig = new ClientConfiguration();
        clientConfig.setAuthentication(auth);
        clientConfig.setUseTls(true);
        clientConfig.setTlsAllowInsecureConnection(true);
        clientConfig.setStatsInterval(0, TimeUnit.SECONDS);
        pulsarClient = PulsarClient.create(brokerUrlTls.toString(), clientConfig);
        consumerConfig = new ConsumerConfiguration();
        consumerConfig.setSubscriptionType(SubscriptionType.Exclusive);
        consumer = pulsarClient.subscribe(topicName, subName, consumerConfig);
        consumer.close();
    } catch (Exception e) {
        fail("should not fail");
    } finally {
        pulsarClient.close();
    }
}
Also used : AuthenticationTls(com.yahoo.pulsar.client.impl.auth.AuthenticationTls) Consumer(com.yahoo.pulsar.client.api.Consumer) HashMap(java.util.HashMap) Authentication(com.yahoo.pulsar.client.api.Authentication) ConsumerConfiguration(com.yahoo.pulsar.client.api.ConsumerConfiguration) PulsarClient(com.yahoo.pulsar.client.api.PulsarClient) ClientConfiguration(com.yahoo.pulsar.client.api.ClientConfiguration) IOException(java.io.IOException) HashSet(java.util.HashSet) Test(org.testng.annotations.Test)

Example 5 with AuthenticationTls

use of com.yahoo.pulsar.client.impl.auth.AuthenticationTls in project pulsar by yahoo.

the class BrokerServiceTest method testTlsAuthUseTrustCert.

@Test
public void testTlsAuthUseTrustCert() throws Exception {
    final String topicName = "persistent://prop/usw/my-ns/newTopic";
    final String subName = "newSub";
    ClientConfiguration clientConfig;
    ConsumerConfiguration consumerConfig;
    Consumer consumer;
    Authentication auth;
    Set<String> providers = new HashSet<>();
    providers.add("com.yahoo.pulsar.broker.authentication.AuthenticationProviderTls");
    conf.setAuthenticationEnabled(true);
    conf.setAuthenticationProviders(providers);
    conf.setTlsEnabled(true);
    conf.setTlsCertificateFilePath(TLS_SERVER_CERT_FILE_PATH);
    conf.setTlsKeyFilePath(TLS_SERVER_KEY_FILE_PATH);
    conf.setTlsAllowInsecureConnection(false);
    conf.setTlsTrustCertsFilePath(TLS_CLIENT_CERT_FILE_PATH);
    restartBroker();
    Map<String, String> authParams = new HashMap<>();
    authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
    authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);
    PulsarClient pulsarClient = null;
    // Case 1: Access without client certificate
    try {
        clientConfig = new ClientConfiguration();
        clientConfig.setUseTls(true);
        clientConfig.setTlsAllowInsecureConnection(true);
        clientConfig.setStatsInterval(0, TimeUnit.SECONDS);
        pulsarClient = PulsarClient.create(brokerUrlTls.toString(), clientConfig);
        consumerConfig = new ConsumerConfiguration();
        consumerConfig.setSubscriptionType(SubscriptionType.Exclusive);
        consumer = pulsarClient.subscribe(topicName, subName, consumerConfig);
        consumer.close();
        fail("should fail");
    } catch (Exception e) {
        assertTrue(e.getMessage().contains("Authentication required"));
    } finally {
        pulsarClient.close();
    }
    // Case 2: Access with client certificate
    try {
        auth = new AuthenticationTls();
        auth.configure(authParams);
        clientConfig = new ClientConfiguration();
        clientConfig.setAuthentication(auth);
        clientConfig.setUseTls(true);
        clientConfig.setTlsAllowInsecureConnection(true);
        clientConfig.setStatsInterval(0, TimeUnit.SECONDS);
        pulsarClient = PulsarClient.create(brokerUrlTls.toString(), clientConfig);
        consumerConfig = new ConsumerConfiguration();
        consumerConfig.setSubscriptionType(SubscriptionType.Exclusive);
        consumer = pulsarClient.subscribe(topicName, subName, consumerConfig);
        consumer.close();
    } catch (Exception e) {
        fail("should not fail");
    } finally {
        pulsarClient.close();
    }
}
Also used : AuthenticationTls(com.yahoo.pulsar.client.impl.auth.AuthenticationTls) Consumer(com.yahoo.pulsar.client.api.Consumer) HashMap(java.util.HashMap) Authentication(com.yahoo.pulsar.client.api.Authentication) ConsumerConfiguration(com.yahoo.pulsar.client.api.ConsumerConfiguration) PulsarClient(com.yahoo.pulsar.client.api.PulsarClient) ClientConfiguration(com.yahoo.pulsar.client.api.ClientConfiguration) IOException(java.io.IOException) HashSet(java.util.HashSet) Test(org.testng.annotations.Test)

Aggregations

AuthenticationTls (com.yahoo.pulsar.client.impl.auth.AuthenticationTls)8 HashMap (java.util.HashMap)8 Test (org.testng.annotations.Test)7 Authentication (com.yahoo.pulsar.client.api.Authentication)4 ClientConfiguration (com.yahoo.pulsar.client.api.ClientConfiguration)4 ClusterData (com.yahoo.pulsar.common.policies.data.ClusterData)4 IOException (java.io.IOException)4 HashSet (java.util.HashSet)4 Consumer (com.yahoo.pulsar.client.api.Consumer)3 ConsumerConfiguration (com.yahoo.pulsar.client.api.ConsumerConfiguration)3 PulsarClient (com.yahoo.pulsar.client.api.PulsarClient)3 PulsarAdminException (com.yahoo.pulsar.client.admin.PulsarAdminException)2 PropertyAdmin (com.yahoo.pulsar.common.policies.data.PropertyAdmin)2 InternalServerErrorException (javax.ws.rs.InternalServerErrorException)2 PulsarService (com.yahoo.pulsar.broker.PulsarService)1 ServiceConfiguration (com.yahoo.pulsar.broker.ServiceConfiguration)1 PulsarAdmin (com.yahoo.pulsar.client.admin.PulsarAdmin)1 ConflictException (com.yahoo.pulsar.client.admin.PulsarAdminException.ConflictException)1 DiscoveryService (com.yahoo.pulsar.discovery.service.DiscoveryService)1 ServiceConfig (com.yahoo.pulsar.discovery.service.server.ServiceConfig)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial