use of io.cdap.cdap.security.guice.CoreSecurityRuntimeModule in project cdap by caskdata.
the class RouterResource method before.
@Override
protected void before() {
CConfiguration cConf = CConfiguration.create();
Injector injector = Guice.createInjector(new CoreSecurityRuntimeModule().getStandaloneModules(), new ExternalAuthenticationModule(), new InMemoryDiscoveryModule(), new AppFabricTestModule(cConf));
DiscoveryServiceClient discoveryServiceClient = injector.getInstance(DiscoveryServiceClient.class);
TokenValidator mockValidator = new MockTokenValidator("failme");
UserIdentityExtractor extractor = new MockAccessTokenIdentityExtractor(mockValidator);
SConfiguration sConf = injector.getInstance(SConfiguration.class);
cConf.set(Constants.Router.ADDRESS, hostname);
cConf.setInt(Constants.Router.ROUTER_PORT, 0);
for (Map.Entry<String, String> entry : additionalConfig.entrySet()) {
cConf.set(entry.getKey(), entry.getValue());
}
router = new NettyRouter(cConf, sConf, InetAddresses.forString(hostname), new RouterServiceLookup(cConf, (DiscoveryServiceClient) discoveryService, new RouterPathLookup()), mockValidator, extractor, discoveryServiceClient);
router.startAndWait();
}
use of io.cdap.cdap.security.guice.CoreSecurityRuntimeModule in project cdap by caskdata.
the class PreviewRunnerTwillRunnable method createInjector.
@VisibleForTesting
static Injector createInjector(CConfiguration cConf, Configuration hConf, PreviewRequestPollerInfo pollerInfo) {
List<Module> modules = new ArrayList<>();
byte[] pollerInfoBytes = Bytes.toBytes(new Gson().toJson(pollerInfo));
SConfiguration sConf = SConfiguration.create();
modules.add(new ConfigModule(cConf, hConf, sConf));
modules.add(RemoteAuthenticatorModules.getDefaultModule());
modules.add(new PreviewConfigModule(cConf, hConf, sConf));
modules.add(new IOModule());
modules.add(new MetricsClientRuntimeModule().getDistributedModules());
// If MasterEnvironment is not available, assuming it is the old hadoop stack with ZK, Kafka
MasterEnvironment masterEnv = MasterEnvironments.getMasterEnvironment();
if (masterEnv == null) {
modules.add(new ZKClientModule());
modules.add(new ZKDiscoveryModule());
modules.add(new KafkaClientModule());
modules.add(new KafkaLogAppenderModule());
} else {
modules.add(new AbstractModule() {
@Override
protected void configure() {
bind(DiscoveryService.class).toProvider(new SupplierProviderBridge<>(masterEnv.getDiscoveryServiceSupplier()));
bind(DiscoveryServiceClient.class).toProvider(new SupplierProviderBridge<>(masterEnv.getDiscoveryServiceClientSupplier()));
}
});
modules.add(new RemoteLogAppenderModule());
}
modules.add(new PreviewRunnerManagerModule().getDistributedModules());
modules.add(new DataSetServiceModules().getStandaloneModules());
modules.add(new DataSetsModules().getStandaloneModules());
modules.add(new AppFabricServiceRuntimeModule(cConf).getStandaloneModules());
modules.add(new ProgramRunnerRuntimeModule().getStandaloneModules());
modules.add(new MetricsStoreModule());
modules.add(new MessagingClientModule());
modules.add(new AuditModule());
modules.add(new SecureStoreClientModule());
modules.add(new MetadataReaderWriterModules().getStandaloneModules());
modules.add(new DFSLocationModule());
modules.add(new MetadataServiceModule());
modules.add(new CoreSecurityRuntimeModule().getInMemoryModules());
modules.add(new AuthenticationContextModules().getMasterWorkerModule());
modules.add(new AuthorizationModule());
modules.add(new AuthorizationEnforcementModule().getNoOpModules());
modules.add(Modules.override(new DataFabricModules("master").getDistributedModules()).with(new AbstractModule() {
@Override
protected void configure() {
// Bind transaction system to a constant one, basically no transaction, with every write become
// visible immediately.
// TODO: Ideally we shouldn't need this at all. However, it is needed now to satisfy dependencies
bind(TransactionSystemClientService.class).to(DelegatingTransactionSystemClientService.class);
bind(TransactionSystemClient.class).to(ConstantTransactionSystemClient.class);
bind(ExploreClient.class).to(UnsupportedExploreClient.class);
bind(PreviewRequestPollerInfoProvider.class).toInstance(() -> pollerInfoBytes);
}
}));
return Guice.createInjector(modules);
}
use of io.cdap.cdap.security.guice.CoreSecurityRuntimeModule in project cdap by caskdata.
the class AuthenticationServerMain method init.
@Override
public void init(String[] args) {
Injector injector = Guice.createInjector(new ConfigModule(), new IOModule(), RemoteAuthenticatorModules.getDefaultModule(), new ZKClientModule(), new ZKDiscoveryModule(), new CoreSecurityRuntimeModule().getDistributedModules(), new ExternalAuthenticationModule());
configuration = injector.getInstance(CConfiguration.class);
if (SecurityUtil.isManagedSecurity(configuration)) {
this.zkClientService = injector.getInstance(ZKClientService.class);
this.authServer = injector.getInstance(ExternalAuthenticationServer.class);
}
}
use of io.cdap.cdap.security.guice.CoreSecurityRuntimeModule in project cdap by caskdata.
the class ExternalAuthenticationServerTestBase method setup.
protected void setup() throws Exception {
Assert.assertNotNull("CConfiguration needs to be set by derived classes", configuration);
// Intentionally set "security.auth.server.announce.urls" to invalid
// values verify that they are not used by external authentication server
configuration.set(Constants.Security.AUTH_SERVER_ANNOUNCE_URLS, "invalid.urls");
Module externalAuthenticationModule = Modules.override(new ExternalAuthenticationModule()).with(new AbstractModule() {
@Override
protected void configure() {
bind(AuditLogHandler.class).annotatedWith(Names.named(ExternalAuthenticationServer.NAMED_EXTERNAL_AUTH)).toInstance(new AuditLogHandler(TEST_AUDIT_LOGGER));
}
});
Injector injector = Guice.createInjector(new IOModule(), externalAuthenticationModule, new CoreSecurityRuntimeModule().getInMemoryModules(), new ConfigModule(getConfiguration(configuration), HBaseConfiguration.create(), sConfiguration), new InMemoryDiscoveryModule());
server = injector.getInstance(ExternalAuthenticationServer.class);
tokenCodec = injector.getInstance(AccessTokenCodec.class);
discoveryServiceClient = injector.getInstance(DiscoveryServiceClient.class);
startExternalAuthenticationServer();
server.startAndWait();
LOG.info("Auth server running on address {}", server.getSocketAddress());
TimeUnit.SECONDS.sleep(3);
}
use of io.cdap.cdap.security.guice.CoreSecurityRuntimeModule in project cdap by caskdata.
the class TestInMemoryTokenManager method getTokenManagerAndCodec.
@Override
protected ImmutablePair<TokenManager, Codec<AccessToken>> getTokenManagerAndCodec() {
Injector injector = Guice.createInjector(new IOModule(), new CoreSecurityRuntimeModule().getStandaloneModules(), new ConfigModule(), new InMemoryDiscoveryModule());
TokenManager tokenManager = injector.getInstance(TokenManager.class);
tokenManager.startAndWait();
Codec<AccessToken> tokenCodec = injector.getInstance(AccessTokenCodec.class);
return new ImmutablePair<>(tokenManager, tokenCodec);
}
Aggregations