Examples with AuthenticationMethod - io.crate.auth.AuthenticationMethod

Example 1 with AuthenticationMethod

use of io.crate.auth.AuthenticationMethod in project crate by crate.

the class PostgresWireProtocol method initAuthentication.

private void initAuthentication(Channel channel) {
    String userName = properties.getProperty("user");
    InetAddress address = Netty4HttpServerTransport.getRemoteAddress(channel);
    SSLSession sslSession = getSession(channel);
    ConnectionProperties connProperties = new ConnectionProperties(address, Protocol.POSTGRES, sslSession);
    AuthenticationMethod authMethod = authService.resolveAuthenticationType(userName, connProperties);
    if (authMethod == null) {
        String errorMessage = String.format(Locale.ENGLISH, "No valid auth.host_based entry found for host \"%s\", user \"%s\". Did you enable TLS in your client?", address.getHostAddress(), userName);
        Messages.sendAuthenticationError(channel, errorMessage);
    } else {
        authContext = new AuthenticationContext(authMethod, connProperties, userName, LOGGER);
        if (PASSWORD_AUTH_NAME.equals(authMethod.name())) {
            Messages.sendAuthenticationCleartextPassword(channel);
            return;
        }
        finishAuthentication(channel);
    }
}

Also used : SSLSession(javax.net.ssl.SSLSession) AuthenticationMethod(io.crate.auth.AuthenticationMethod) InetAddress(java.net.InetAddress)

Example 2 with AuthenticationMethod

use of io.crate.auth.AuthenticationMethod in project crate by crate.

the class AuthenticationContextTest method testAuthenticationContextCycle.

@Test
public void testAuthenticationContextCycle() throws Exception {
    String userName = "crate";
    char[] passwd = "passwd".toCharArray();
    ConnectionProperties connProperties = new ConnectionProperties(InetAddress.getByName("127.0.0.1"), Protocol.POSTGRES, null);
    AuthenticationMethod authMethod = AUTHENTICATION.resolveAuthenticationType(userName, connProperties);
    AuthenticationContext authContext = new AuthenticationContext(authMethod, connProperties, userName, LogManager.getLogger(AuthenticationContextTest.class));
    authContext.setSecurePassword(passwd);
    assertThat(authContext.authenticate(), is(User.CRATE_USER));
    assertThat(authContext.password().getChars(), is(passwd));
    authContext.close();
    // once the authContext has been closed it must not been re-used for authenticating a user
    expectedException.expect(IllegalStateException.class);
    expectedException.expectMessage("SecureString has already been closed");
    authContext.password().getChars();
}

Also used : AuthenticationMethod(io.crate.auth.AuthenticationMethod) Test(org.junit.Test)

Example 3 with AuthenticationMethod

use of io.crate.auth.AuthenticationMethod in project crate by crate.

the class PostgresWireProtocolTest method testPasswordMessageAuthenticationProcess.

@Test
public void testPasswordMessageAuthenticationProcess() throws Exception {
    PostgresWireProtocol ctx = new PostgresWireProtocol(mock(SQLOperations.class), sessionContext -> AccessControl.DISABLED, new Authentication() {

        @Override
        public AuthenticationMethod resolveAuthenticationType(String user, ConnectionProperties connectionProperties) {
            return new AuthenticationMethod() {

                @Nullable
                @Override
                public User authenticate(String userName, @Nullable SecureString passwd, ConnectionProperties connProperties) {
                    return null;
                }

                @Override
                public String name() {
                    return "password";
                }
            };
        }
    }, null);
    channel = new EmbeddedChannel(ctx.decoder, ctx.handler);
    ByteBuf respBuf;
    ByteBuf buffer = Unpooled.buffer();
    ClientMessages.sendStartupMessage(buffer, "doc");
    channel.writeInbound(buffer);
    respBuf = channel.readOutbound();
    try {
        // AuthenticationCleartextPassword
        assertThat((char) respBuf.readByte(), is('R'));
    } finally {
        respBuf.release();
    }
    buffer = Unpooled.buffer();
    ClientMessages.sendPasswordMessage(buffer, "pw");
    channel.writeInbound(buffer);
    respBuf = channel.readOutbound();
    try {
        // Auth OK
        assertThat((char) respBuf.readByte(), is('R'));
    } finally {
        respBuf.release();
    }
}

Also used : User(io.crate.user.User) Authentication(io.crate.auth.Authentication) AlwaysOKAuthentication(io.crate.auth.AlwaysOKAuthentication) EmbeddedChannel(io.netty.channel.embedded.EmbeddedChannel) SecureString(org.elasticsearch.common.settings.SecureString) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) AuthenticationMethod(io.crate.auth.AuthenticationMethod) ByteBuf(io.netty.buffer.ByteBuf) SQLOperations(io.crate.action.sql.SQLOperations) Nullable(javax.annotation.Nullable) SecureString(org.elasticsearch.common.settings.SecureString) CrateDummyClusterServiceUnitTest(io.crate.test.integration.CrateDummyClusterServiceUnitTest) Test(org.junit.Test)

Aggregations

AuthenticationMethod (io.crate.auth.AuthenticationMethod)3 Test (org.junit.Test)2 SQLOperations (io.crate.action.sql.SQLOperations)1 AlwaysOKAuthentication (io.crate.auth.AlwaysOKAuthentication)1 Authentication (io.crate.auth.Authentication)1 CrateDummyClusterServiceUnitTest (io.crate.test.integration.CrateDummyClusterServiceUnitTest)1 User (io.crate.user.User)1 ByteBuf (io.netty.buffer.ByteBuf)1 EmbeddedChannel (io.netty.channel.embedded.EmbeddedChannel)1 InetAddress (java.net.InetAddress)1 Nullable (javax.annotation.Nullable)1 SSLSession (javax.net.ssl.SSLSession)1 SecureString (org.elasticsearch.common.settings.SecureString)1 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)1