Example 6 with InMemoryNamespaceAdmin
use of io.cdap.cdap.common.namespace.InMemoryNamespaceAdmin in project cdap by cdapio.
the class SecretManagerSecureStoreServiceTest method setUp.
@BeforeClass
public static void setUp() throws Exception {
InMemoryNamespaceAdmin namespaceClient = new InMemoryNamespaceAdmin();
NamespaceMeta namespaceMeta = new NamespaceMeta.Builder().setName(NAMESPACE1).build();
namespaceClient.create(namespaceMeta);
secureStoreService = new SecretManagerSecureStoreService(namespaceClient, new MockSecretManagerContext(), "mock", new MockSecretManager());
secureStoreService.startAndWait();
}
Also used :
InMemoryNamespaceAdmin(io.cdap.cdap.common.namespace.InMemoryNamespaceAdmin)
NamespaceMeta(io.cdap.cdap.proto.NamespaceMeta)
BeforeClass(org.junit.BeforeClass)
Example 7 with InMemoryNamespaceAdmin
use of io.cdap.cdap.common.namespace.InMemoryNamespaceAdmin in project cdap by cdapio.
the class FileSecureStoreServiceTest method setUp.
@Before
public void setUp() throws Exception {
CConfiguration conf = CConfiguration.create();
conf.set(Constants.Security.Store.FILE_PATH, TEMP_FOLDER.newFolder().getAbsolutePath());
SConfiguration sConf = SConfiguration.create();
sConf.set(Constants.Security.Store.FILE_PASSWORD, "secret");
InMemoryNamespaceAdmin namespaceClient = new InMemoryNamespaceAdmin();
NamespaceMeta namespaceMeta = new NamespaceMeta.Builder().setName(NAMESPACE1).build();
namespaceClient.create(namespaceMeta);
namespaceMeta = new NamespaceMeta.Builder().setName(NAMESPACE2).build();
namespaceClient.create(namespaceMeta);
FileSecureStoreService fileSecureStoreService = new FileSecureStoreService(conf, sConf, namespaceClient);
secureStoreManager = fileSecureStoreService;
secureStore = fileSecureStoreService;
}
Also used :
InMemoryNamespaceAdmin(io.cdap.cdap.common.namespace.InMemoryNamespaceAdmin)
NamespaceMeta(io.cdap.cdap.proto.NamespaceMeta)
SConfiguration(io.cdap.cdap.common.conf.SConfiguration)
CConfiguration(io.cdap.cdap.common.conf.CConfiguration)
Before(org.junit.Before)
Example 8 with InMemoryNamespaceAdmin
use of io.cdap.cdap.common.namespace.InMemoryNamespaceAdmin in project cdap by cdapio.
the class DefaultUGIProviderTest method init.
@BeforeClass
public static void init() throws Exception {
cConf = CConfiguration.create();
cConf.set(Constants.CFG_LOCAL_DATA_DIR, TEMP_FOLDER.newFolder().getAbsolutePath());
namespaceClient = new InMemoryNamespaceAdmin();
// Start KDC
miniKdc = new MiniKdc(MiniKdc.createConf(), TEMP_FOLDER.newFolder());
miniKdc.start();
System.setProperty("java.security.krb5.conf", miniKdc.getKrb5conf().getAbsolutePath());
localKeytabDirPath = TEMP_FOLDER.newFolder();
// Generate keytab
aliceKeytabFile = createPrincipal(localKeytabDirPath, "alice");
bobKeytabFile = createPrincipal(localKeytabDirPath, "bob");
eveKeytabFile = createPrincipal(localKeytabDirPath, "eve");
// construct Kerberos PrincipalIds
aliceKerberosPrincipalId = new KerberosPrincipalId(getPrincipal("alice"));
bobKerberosPrincipalId = new KerberosPrincipalId(getPrincipal("bob"));
eveKerberosPrincipalId = new KerberosPrincipalId(getPrincipal("eve"));
// Start mini DFS cluster
Configuration hConf = new Configuration();
hConf.set(MiniDFSCluster.HDFS_MINIDFS_BASEDIR, TEMP_FOLDER.newFolder().getAbsolutePath());
hConf.setBoolean("ipc.client.fallback-to-simple-auth-allowed", true);
hConf.setBoolean("ignore.secure.ports.for.testing", true);
miniDFSCluster = new MiniDFSCluster.Builder(hConf).numDataNodes(1).build();
miniDFSCluster.waitClusterUp();
locationFactory = new FileContextLocationFactory(miniDFSCluster.getFileSystem().getConf());
hConf = new Configuration();
hConf.set("hadoop.security.authentication", "kerberos");
hConf.set("hadoop.security.auth_to_local", "RULE:[1:$1@$0](.*@EXAMPLE.COM)s/@.*//");
UserGroupInformation.setConfiguration(hConf);
store = getInjector().getInstance(DefaultStore.class);
}
Also used :
DefaultStore(io.cdap.cdap.internal.app.store.DefaultStore)
MiniDFSCluster(org.apache.hadoop.hdfs.MiniDFSCluster)
Configuration(org.apache.hadoop.conf.Configuration)
CConfiguration(io.cdap.cdap.common.conf.CConfiguration)
InMemoryNamespaceAdmin(io.cdap.cdap.common.namespace.InMemoryNamespaceAdmin)
MiniKdc(org.apache.hadoop.minikdc.MiniKdc)
FileContextLocationFactory(org.apache.twill.filesystem.FileContextLocationFactory)
KerberosPrincipalId(io.cdap.cdap.proto.id.KerberosPrincipalId)
BeforeClass(org.junit.BeforeClass)
Example 9 with InMemoryNamespaceAdmin
use of io.cdap.cdap.common.namespace.InMemoryNamespaceAdmin in project cdap by caskdata.
the class RemoteSecureStoreTest method setUp.
@BeforeClass
public static void setUp() throws Exception {
CConfiguration conf = CConfiguration.create();
conf.setBoolean(Constants.Security.SSL.INTERNAL_ENABLED, true);
conf.set(Constants.Security.Store.FILE_PATH, TEMP_FOLDER.newFolder().getAbsolutePath());
SConfiguration sConf = SConfiguration.create();
sConf.set(Constants.Security.Store.FILE_PASSWORD, "secret");
InMemoryNamespaceAdmin namespaceClient = new InMemoryNamespaceAdmin();
NamespaceMeta namespaceMeta = new NamespaceMeta.Builder().setName(NAMESPACE1).build();
namespaceClient.create(namespaceMeta);
FileSecureStoreService fileSecureStoreService = new FileSecureStoreService(conf, sConf, namespaceClient);
// Starts a mock server to handle remote secure store requests
httpService = new HttpsEnabler().configureKeyStore(conf, sConf).enable(NettyHttpService.builder("remoteSecureStoreTest").setHttpHandlers(new SecureStoreHandler(fileSecureStoreService, fileSecureStoreService)).setExceptionHandler(new HttpExceptionHandler())).build();
httpService.start();
InMemoryDiscoveryService discoveryService = new InMemoryDiscoveryService();
discoveryService.register(URIScheme.HTTPS.createDiscoverable(Constants.Service.SECURE_STORE_SERVICE, httpService.getBindAddress()));
RemoteClientFactory remoteClientFactory = new RemoteClientFactory(discoveryService, new DefaultInternalAuthenticator(new AuthenticationTestContext()));
remoteSecureStore = new RemoteSecureStore(remoteClientFactory);
}
Also used :
RemoteClientFactory(io.cdap.cdap.common.internal.remote.RemoteClientFactory)
FileSecureStoreService(io.cdap.cdap.security.store.FileSecureStoreService)
AuthenticationTestContext(io.cdap.cdap.security.auth.context.AuthenticationTestContext)
HttpExceptionHandler(io.cdap.cdap.common.HttpExceptionHandler)
CConfiguration(io.cdap.cdap.common.conf.CConfiguration)
DefaultInternalAuthenticator(io.cdap.cdap.common.internal.remote.DefaultInternalAuthenticator)
InMemoryNamespaceAdmin(io.cdap.cdap.common.namespace.InMemoryNamespaceAdmin)
NamespaceMeta(io.cdap.cdap.proto.NamespaceMeta)
SConfiguration(io.cdap.cdap.common.conf.SConfiguration)
HttpsEnabler(io.cdap.cdap.common.security.HttpsEnabler)
SecureStoreHandler(io.cdap.cdap.security.store.SecureStoreHandler)
InMemoryDiscoveryService(org.apache.twill.discovery.InMemoryDiscoveryService)
BeforeClass(org.junit.BeforeClass)
Example 10 with InMemoryNamespaceAdmin
use of io.cdap.cdap.common.namespace.InMemoryNamespaceAdmin in project cdap by caskdata.
the class AuthorizationUtilTest method init.
@BeforeClass
public static void init() throws Exception {
cConf = CConfiguration.create();
// Note: it is important to initialize the UGI before we call AuthorizationUtil.getAppAuthorizingUser(..)
// which uses KerberosName since KerberosName expect the rules for matching to be set. See
// http://lucene.472066.n3.nabble.com/KerberosName-rules-are-null-during-KerberosName-getShortName-
// in-KerberosAuthenticationHandler-td4074309.html for more context
username = UserGroupInformation.getCurrentUser().getShortUserName();
namespaceClient = new InMemoryNamespaceAdmin();
authenticationContext = new AuthenticationTestContext();
}
Also used :
InMemoryNamespaceAdmin(io.cdap.cdap.common.namespace.InMemoryNamespaceAdmin)
AuthenticationTestContext(io.cdap.cdap.security.auth.context.AuthenticationTestContext)
BeforeClass(org.junit.BeforeClass)
Aggregations
InMemoryNamespaceAdmin (io.cdap.cdap.common.namespace.InMemoryNamespaceAdmin)16
BeforeClass (org.junit.BeforeClass)14
CConfiguration (io.cdap.cdap.common.conf.CConfiguration)10
NamespaceMeta (io.cdap.cdap.proto.NamespaceMeta)8
AuthenticationTestContext (io.cdap.cdap.security.auth.context.AuthenticationTestContext)6
SConfiguration (io.cdap.cdap.common.conf.SConfiguration)4
DefaultInternalAuthenticator (io.cdap.cdap.common.internal.remote.DefaultInternalAuthenticator)4
RemoteClientFactory (io.cdap.cdap.common.internal.remote.RemoteClientFactory)4
KerberosPrincipalId (io.cdap.cdap.proto.id.KerberosPrincipalId)4
Configuration (org.apache.hadoop.conf.Configuration)4
MiniDFSCluster (org.apache.hadoop.hdfs.MiniDFSCluster)4
MiniKdc (org.apache.hadoop.minikdc.MiniKdc)4
FileContextLocationFactory (org.apache.twill.filesystem.FileContextLocationFactory)4
InMemoryDiscoveryService (org.apache.twill.discovery.InMemoryDiscoveryService)3
ListenableFuture (com.google.common.util.concurrent.ListenableFuture)2
Gson (com.google.gson.Gson)2
GsonBuilder (com.google.gson.GsonBuilder)2
AllProgramsApp (io.cdap.cdap.AllProgramsApp)2
ConfigTestApp (io.cdap.cdap.ConfigTestApp)2
ApplicationSpecification (io.cdap.cdap.api.app.ApplicationSpecification)2
