Examples with AuthenticationTls com.yahoo.pulsar.client.impl.auth.AuthenticationTls used on opensource projects

Example 6 with AuthenticationTls

use of com.yahoo.pulsar.client.impl.auth.AuthenticationTls in project pulsar by yahoo.

the class BrokerServiceLookupTest method testDiscoveryLookupTls.

/**
     * Verify discovery-service binary-proto lookup using tls
     * 
     * @throws Exception
     */
@Test
public void testDiscoveryLookupTls() throws Exception {
    final String TLS_SERVER_CERT_FILE_PATH = "./src/test/resources/certificate/server.crt";
    final String TLS_SERVER_KEY_FILE_PATH = "./src/test/resources/certificate/server.key";
    final String TLS_CLIENT_CERT_FILE_PATH = "./src/test/resources/certificate/client.crt";
    final String TLS_CLIENT_KEY_FILE_PATH = "./src/test/resources/certificate/client.key";
    // (1) restart broker1 with tls enabled
    conf.setTlsAllowInsecureConnection(true);
    conf.setTlsEnabled(true);
    conf.setTlsCertificateFilePath(TLS_SERVER_CERT_FILE_PATH);
    conf.setTlsKeyFilePath(TLS_SERVER_KEY_FILE_PATH);
    stopBroker();
    startBroker();
    // (2) start discovery service
    ServiceConfig config = new ServiceConfig();
    config.setServicePort(nextFreePort());
    config.setServicePortTls(nextFreePort());
    config.setTlsEnabled(true);
    config.setBindOnLocalhost(true);
    config.setTlsCertificateFilePath(TLS_SERVER_CERT_FILE_PATH);
    config.setTlsKeyFilePath(TLS_SERVER_KEY_FILE_PATH);
    DiscoveryService discoveryService = spy(new DiscoveryService(config));
    doReturn(mockZooKeeperClientFactory).when(discoveryService).getZooKeeperClientFactory();
    discoveryService.start();
    // (3) lookup using discovery service
    final String discoverySvcUrl = discoveryService.getServiceUrlTls();
    ClientConfiguration clientConfig = new ClientConfiguration();
    Map<String, String> authParams = new HashMap<>();
    authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
    authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);
    Authentication auth = new AuthenticationTls();
    auth.configure(authParams);
    clientConfig.setAuthentication(auth);
    clientConfig.setUseTls(true);
    clientConfig.setTlsAllowInsecureConnection(true);
    PulsarClient pulsarClient2 = PulsarClient.create(discoverySvcUrl, clientConfig);
    Consumer consumer = pulsarClient2.subscribe("persistent://my-property2/use2/my-ns/my-topic1", "my-subscriber-name", new ConsumerConfiguration());
    Producer producer = pulsarClient2.createProducer("persistent://my-property2/use2/my-ns/my-topic1", new ProducerConfiguration());
    for (int i = 0; i < 10; i++) {
        String message = "my-message-" + i;
        producer.send(message.getBytes());
    }
    Message msg = null;
    Set<String> messageSet = Sets.newHashSet();
    for (int i = 0; i < 10; i++) {
        msg = consumer.receive(5, TimeUnit.SECONDS);
        String receivedMessage = new String(msg.getData());
        log.debug("Received message: [{}]", receivedMessage);
        String expectedMessage = "my-message-" + i;
        testMessageOrderAndDuplicates(messageSet, receivedMessage, expectedMessage);
    }
    // Acknowledge the consumption of all messages at once
    consumer.acknowledgeCumulative(msg);
    consumer.close();
    producer.close();
}

Example 7 with AuthenticationTls

use of com.yahoo.pulsar.client.impl.auth.AuthenticationTls in project pulsar by yahoo.

the class WebServiceTest method setupEnv.

private void setupEnv(boolean enableFilter, String minApiVersion, boolean allowUnversionedClients, boolean enableTls, boolean enableAuth, boolean allowInsecure) throws Exception {
    Set<String> providers = new HashSet<>();
    providers.add("com.yahoo.pulsar.broker.authentication.AuthenticationProviderTls");
    Set<String> roles = new HashSet<>();
    roles.add("client");
    ServiceConfiguration config = new ServiceConfiguration();
    config.setWebServicePort(BROKER_WEBSERVICE_PORT);
    config.setWebServicePortTls(BROKER_WEBSERVICE_PORT_TLS);
    config.setClientLibraryVersionCheckEnabled(enableFilter);
    config.setAuthenticationEnabled(enableAuth);
    config.setAuthenticationProviders(providers);
    config.setAuthorizationEnabled(false);
    config.setClientLibraryVersionCheckAllowUnversioned(allowUnversionedClients);
    config.setSuperUserRoles(roles);
    config.setTlsEnabled(enableTls);
    config.setTlsCertificateFilePath(TLS_SERVER_CERT_FILE_PATH);
    config.setTlsKeyFilePath(TLS_SERVER_KEY_FILE_PATH);
    config.setTlsAllowInsecureConnection(allowInsecure);
    config.setTlsTrustCertsFilePath(allowInsecure ? "" : TLS_CLIENT_CERT_FILE_PATH);
    config.setClusterName("local");
    // TLS certificate expects localhost
    config.setAdvertisedAddress("localhost");
    pulsar = spy(new PulsarService(config));
    doReturn(new MockedZooKeeperClientFactoryImpl()).when(pulsar).getZooKeeperClientFactory();
    pulsar.start();
    try {
        pulsar.getZkClient().delete("/minApiVersion", -1);
    } catch (Exception ex) {
    }
    pulsar.getZkClient().create("/minApiVersion", minApiVersion.getBytes(), null, CreateMode.PERSISTENT);
    String serviceUrl = BROKER_URL_BASE;
    ClientConfiguration clientConfig = new ClientConfiguration();
    if (enableTls && enableAuth) {
        serviceUrl = BROKER_URL_BASE_TLS;
        Map<String, String> authParams = new HashMap<>();
        authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
        authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);
        Authentication auth = new AuthenticationTls();
        auth.configure(authParams);
        clientConfig.setAuthentication(auth);
        clientConfig.setUseTls(true);
        clientConfig.setTlsAllowInsecureConnection(true);
    }
    PulsarAdmin pulsarAdmin = new PulsarAdmin(new URL(serviceUrl), clientConfig);
    try {
        pulsarAdmin.clusters().createCluster(config.getClusterName(), new ClusterData(pulsar.getWebServiceAddress()));
    } catch (ConflictException ce) {
    // This is OK.
    } finally {
        pulsarAdmin.close();
    }
}

Example 8 with AuthenticationTls

use of com.yahoo.pulsar.client.impl.auth.AuthenticationTls in project pulsar by yahoo.

the class AuthenticatedProducerConsumerTest method testAuthemticationFilterNegative.

/**
     * Verifies: on 500 server error, broker invalidates session and client receives 500 correctly.
     * 
     * @throws Exception
     */
@Test
public void testAuthemticationFilterNegative() throws Exception {
    log.info("-- Starting {} test --", methodName);
    Map<String, String> authParams = new HashMap<>();
    authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
    authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);
    Authentication authTls = new AuthenticationTls();
    authTls.configure(authParams);
    internalSetup(authTls);
    final String cluster = "use";
    final ClusterData clusterData = new ClusterData(brokerUrl.toString(), brokerUrlTls.toString(), "pulsar://localhost:" + BROKER_PORT, "pulsar+ssl://localhost:" + BROKER_PORT_TLS);
    // this will cause NPE and it should throw 500
    doReturn(null).when(pulsar).getGlobalZkCache();
    try {
        admin.clusters().createCluster(cluster, clusterData);
    } catch (PulsarAdminException e) {
        Assert.assertTrue(e.getCause() instanceof InternalServerErrorException);
    }
    log.info("-- Exiting {} test --", methodName);
}