use of java.security.PrivilegedExceptionAction in project druid by druid-io.
the class KerberosJettyHttpClientProvider method get.
@Override
public HttpClient get() {
final HttpClient httpClient = delegateProvider.get();
httpClient.getAuthenticationStore().addAuthentication(new Authentication() {
@Override
public boolean matches(String type, URI uri, String realm) {
return true;
}
@Override
public Result authenticate(final Request request, ContentResponse response, Authentication.HeaderInfo headerInfo, Attributes context) {
return new Result() {
@Override
public URI getURI() {
return request.getURI();
}
@Override
public void apply(Request request) {
try {
// No need to set cookies as they are handled by Jetty Http Client itself.
URI uri = request.getURI();
if (DruidKerberosUtil.needToSendCredentials(httpClient.getCookieStore(), uri)) {
log.debug("No Auth Cookie found for URI[%s]. Existing Cookies[%s] Authenticating... ", uri, httpClient.getCookieStore().getCookies());
final String host = request.getHost();
DruidKerberosUtil.authenticateIfRequired(config);
UserGroupInformation currentUser = UserGroupInformation.getCurrentUser();
String challenge = currentUser.doAs(new PrivilegedExceptionAction<String>() {
@Override
public String run() throws Exception {
return DruidKerberosUtil.kerberosChallenge(host);
}
});
request.getHeaders().add(HttpHeaders.Names.AUTHORIZATION, "Negotiate " + challenge);
} else {
log.debug("Found Auth Cookie found for URI[%s].", uri);
}
} catch (Throwable e) {
Throwables.propagate(e);
}
}
};
}
});
return httpClient;
}
use of java.security.PrivilegedExceptionAction in project hbase by apache.
the class TestVisibilityLabelsWithDeletes method testVisibilityLabelsWithDeleteFamily.
@Test
public void testVisibilityLabelsWithDeleteFamily() throws Exception {
setAuths();
final TableName tableName = TableName.valueOf(TEST_NAME.getMethodName());
try (Table table = createTableAndWriteDataWithLabels(tableName, SECRET, CONFIDENTIAL + "|" + TOPSECRET)) {
PrivilegedExceptionAction<Void> actiona = new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
try (Connection connection = ConnectionFactory.createConnection(conf);
Table table = connection.getTable(tableName)) {
Delete d = new Delete(row2);
d.setCellVisibility(new CellVisibility(TOPSECRET + "|" + CONFIDENTIAL));
d.addFamily(fam);
table.delete(d);
} catch (Throwable t) {
throw new IOException(t);
}
return null;
}
};
SUPERUSER.runAs(actiona);
TEST_UTIL.getAdmin().flush(tableName);
Scan s = new Scan();
s.setAuthorizations(new Authorizations(SECRET, PRIVATE, CONFIDENTIAL));
ResultScanner scanner = table.getScanner(s);
Result[] next = scanner.next(3);
assertTrue(next.length == 1);
CellScanner cellScanner = next[0].cellScanner();
cellScanner.advance();
Cell current = cellScanner.current();
assertTrue(Bytes.equals(current.getRowArray(), current.getRowOffset(), current.getRowLength(), row1, 0, row1.length));
}
}
use of java.security.PrivilegedExceptionAction in project hbase by apache.
the class TestVisibilityLabelsWithDeletes method testVisibilityLabelsWithDeleteColumnsWithNoMatchVisExpWithMultipleVersionsNoTimestamp.
@Test
public void testVisibilityLabelsWithDeleteColumnsWithNoMatchVisExpWithMultipleVersionsNoTimestamp() throws Exception {
setAuths();
final TableName tableName = TableName.valueOf(TEST_NAME.getMethodName());
try (Table table = doPuts(tableName)) {
TEST_UTIL.getAdmin().flush(tableName);
PrivilegedExceptionAction<Void> actiona = new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
try (Connection connection = ConnectionFactory.createConnection(conf);
Table table = connection.getTable(tableName)) {
Delete d = new Delete(row1);
d.setCellVisibility(new CellVisibility(CONFIDENTIAL));
d.addColumns(fam, qual);
table.delete(d);
d = new Delete(row1);
d.setCellVisibility(new CellVisibility(SECRET));
d.addColumns(fam, qual);
table.delete(d);
d = new Delete(row1);
d.setCellVisibility(new CellVisibility("(" + PRIVATE + "&" + CONFIDENTIAL + ")|(" + SECRET + "&" + TOPSECRET + ")"));
d.addColumns(fam, qual);
table.delete(d);
} catch (Throwable t) {
throw new IOException(t);
}
return null;
}
};
SUPERUSER.runAs(actiona);
Scan s = new Scan();
s.setMaxVersions(5);
s.setAuthorizations(new Authorizations(SECRET, PRIVATE, CONFIDENTIAL, TOPSECRET));
ResultScanner scanner = table.getScanner(s);
Result[] next = scanner.next(3);
assertTrue(next.length == 2);
CellScanner cellScanner = next[0].cellScanner();
cellScanner.advance();
Cell current = cellScanner.current();
assertTrue(Bytes.equals(current.getRowArray(), current.getRowOffset(), current.getRowLength(), row1, 0, row1.length));
cellScanner = next[1].cellScanner();
cellScanner.advance();
current = cellScanner.current();
assertTrue(Bytes.equals(current.getRowArray(), current.getRowOffset(), current.getRowLength(), row2, 0, row2.length));
}
}
use of java.security.PrivilegedExceptionAction in project hbase by apache.
the class TestVisibilityLabelsWithDeletes method testVisibilityLabelsWithDeleteColumns.
@Test
public void testVisibilityLabelsWithDeleteColumns() throws Throwable {
setAuths();
final TableName tableName = TableName.valueOf(TEST_NAME.getMethodName());
try (Table table = createTableAndWriteDataWithLabels(tableName, SECRET + "&" + TOPSECRET, SECRET)) {
PrivilegedExceptionAction<Void> actiona = new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
try (Connection connection = ConnectionFactory.createConnection(conf);
Table table = connection.getTable(tableName)) {
Delete d = new Delete(row1);
d.setCellVisibility(new CellVisibility(TOPSECRET + "&" + SECRET));
d.addColumns(fam, qual);
table.delete(d);
} catch (Throwable t) {
throw new IOException(t);
}
return null;
}
};
SUPERUSER.runAs(actiona);
TEST_UTIL.getAdmin().flush(tableName);
Scan s = new Scan();
s.setAuthorizations(new Authorizations(SECRET, PRIVATE, CONFIDENTIAL));
ResultScanner scanner = table.getScanner(s);
Result[] next = scanner.next(3);
assertTrue(next.length == 1);
CellScanner cellScanner = next[0].cellScanner();
cellScanner.advance();
Cell current = cellScanner.current();
assertTrue(Bytes.equals(current.getRowArray(), current.getRowOffset(), current.getRowLength(), row2, 0, row2.length));
}
}
use of java.security.PrivilegedExceptionAction in project hbase by apache.
the class TestVisibilityLabelsWithDeletes method testVisibilityLabelsWithDeleteColumnExactVersion.
@Test
public void testVisibilityLabelsWithDeleteColumnExactVersion() throws Exception {
setAuths();
final TableName tableName = TableName.valueOf(TEST_NAME.getMethodName());
long[] ts = new long[] { 123l, 125l };
try (Table table = createTableAndWriteDataWithLabels(tableName, ts, CONFIDENTIAL + "|" + TOPSECRET, SECRET)) {
PrivilegedExceptionAction<Void> actiona = new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
try (Connection connection = ConnectionFactory.createConnection(conf);
Table table = connection.getTable(tableName)) {
Delete d = new Delete(row1);
d.setCellVisibility(new CellVisibility(TOPSECRET + "|" + CONFIDENTIAL));
d.addColumn(fam, qual, 123l);
table.delete(d);
} catch (Throwable t) {
throw new IOException(t);
}
return null;
}
};
SUPERUSER.runAs(actiona);
TEST_UTIL.getAdmin().flush(tableName);
Scan s = new Scan();
s.setAuthorizations(new Authorizations(SECRET, PRIVATE, CONFIDENTIAL));
ResultScanner scanner = table.getScanner(s);
Result[] next = scanner.next(3);
assertTrue(next.length == 1);
CellScanner cellScanner = next[0].cellScanner();
cellScanner.advance();
Cell current = cellScanner.current();
assertTrue(Bytes.equals(current.getRowArray(), current.getRowOffset(), current.getRowLength(), row2, 0, row2.length));
}
}
Aggregations