use of javax.security.auth.login.AppConfigurationEntry in project storm by apache.
the class AuthUtilsTest method makeDigestPayloadTest.
@Test
public void makeDigestPayloadTest() throws NoSuchAlgorithmException {
String section = "user-pass-section";
Map<String, String> optionMap = new HashMap<String, String>();
String user = "user";
String pass = "pass";
optionMap.put("username", user);
optionMap.put("password", pass);
AppConfigurationEntry entry = Mockito.mock(AppConfigurationEntry.class);
Mockito.<Map<String, ?>>when(entry.getOptions()).thenReturn(optionMap);
Configuration mockConfig = Mockito.mock(Configuration.class);
Mockito.when(mockConfig.getAppConfigurationEntry(section)).thenReturn(new AppConfigurationEntry[] { entry });
MessageDigest digest = MessageDigest.getInstance("SHA-512");
byte[] output = digest.digest((user + ":" + pass).getBytes());
String sha = Hex.encodeHexString(output);
// previous code used this method to generate the string, ensure the two match
StringBuilder builder = new StringBuilder();
for (byte b : output) {
builder.append(String.format("%02x", b));
}
String stringFormatMethod = builder.toString();
Assert.assertEquals(AuthUtils.makeDigestPayload(mockConfig, "user-pass-section"), sha);
Assert.assertEquals(sha, stringFormatMethod);
}
use of javax.security.auth.login.AppConfigurationEntry in project storm by apache.
the class AuthUtilsTest method getFirstValueForValidKeyTest.
@Test
public void getFirstValueForValidKeyTest() throws IOException {
String k = "the-key";
String expected = "good-value";
Map<String, String> optionMap = new HashMap<String, String>();
optionMap.put(k, expected);
Map<String, String> badOptionMap = new HashMap<String, String>();
badOptionMap.put(k, "bad-value");
AppConfigurationEntry emptyEntry = Mockito.mock(AppConfigurationEntry.class);
AppConfigurationEntry badEntry = Mockito.mock(AppConfigurationEntry.class);
AppConfigurationEntry goodEntry = Mockito.mock(AppConfigurationEntry.class);
Mockito.<Map<String, ?>>when(emptyEntry.getOptions()).thenReturn(new HashMap<String, String>());
Mockito.<Map<String, ?>>when(badEntry.getOptions()).thenReturn(badOptionMap);
Mockito.<Map<String, ?>>when(goodEntry.getOptions()).thenReturn(optionMap);
String section = "bogus-section";
Configuration mockConfig = Mockito.mock(Configuration.class);
Mockito.when(mockConfig.getAppConfigurationEntry(section)).thenReturn(new AppConfigurationEntry[] { emptyEntry, goodEntry, badEntry });
Assert.assertEquals(AuthUtils.get(mockConfig, section, k), expected);
}
use of javax.security.auth.login.AppConfigurationEntry in project storm by apache.
the class AuthUtils method pullConfig.
/**
* Pull a set of keys out of a Configuration.
* @param configuration The config to pull the key/value pairs out of.
* @param section The app configuration entry name to get stuff from.
* @return Return a map of the configs in conf.
*/
public static SortedMap<String, ?> pullConfig(Configuration configuration, String section) throws IOException {
AppConfigurationEntry[] configurationEntries = AuthUtils.getEntries(configuration, section);
if (configurationEntries == null) {
return null;
}
TreeMap<String, Object> results = new TreeMap<>();
for (AppConfigurationEntry entry : configurationEntries) {
Map<String, ?> options = entry.getOptions();
for (String key : options.keySet()) {
results.put(key, options.get(key));
}
}
return results;
}
use of javax.security.auth.login.AppConfigurationEntry in project zookeeper by apache.
the class ServerCnxnFactory method configureSaslLogin.
/**
* Initialize the server SASL if specified.
*
* If the user has specified a "ZooKeeperServer.LOGIN_CONTEXT_NAME_KEY"
* or a jaas.conf using "java.security.auth.login.config"
* the authentication is required and an exception is raised.
* Otherwise no authentication is configured and no exception is raised.
*
* @throws IOException if jaas.conf is missing or there's an error in it.
*/
protected void configureSaslLogin() throws IOException {
String serverSection = System.getProperty(ZooKeeperSaslServer.LOGIN_CONTEXT_NAME_KEY, ZooKeeperSaslServer.DEFAULT_LOGIN_CONTEXT_NAME);
// Note that 'Configuration' here refers to javax.security.auth.login.Configuration.
AppConfigurationEntry[] entries = null;
SecurityException securityException = null;
try {
entries = Configuration.getConfiguration().getAppConfigurationEntry(serverSection);
} catch (SecurityException e) {
// handle below: might be harmless if the user doesn't intend to use JAAS authentication.
securityException = e;
}
// we throw an exception otherwise we continue without authentication.
if (entries == null) {
String jaasFile = System.getProperty(Environment.JAAS_CONF_KEY);
String loginContextName = System.getProperty(ZooKeeperSaslServer.LOGIN_CONTEXT_NAME_KEY);
if (securityException != null && (loginContextName != null || jaasFile != null)) {
String errorMessage = "No JAAS configuration section named '" + serverSection + "' was found";
if (jaasFile != null) {
errorMessage += "in '" + jaasFile + "'.";
}
if (loginContextName != null) {
errorMessage += " But " + ZooKeeperSaslServer.LOGIN_CONTEXT_NAME_KEY + " was set.";
}
LOG.error(errorMessage);
throw new IOException(errorMessage);
}
return;
}
// jaas.conf entry available
try {
saslServerCallbackHandler = new SaslServerCallbackHandler(Configuration.getConfiguration());
login = new Login(serverSection, saslServerCallbackHandler, new ZKConfig());
login.startThreadIfNeeded();
} catch (LoginException e) {
throw new IOException("Could not configure server because SASL configuration did not allow the " + " ZooKeeper server to authenticate itself properly: " + e);
}
}
use of javax.security.auth.login.AppConfigurationEntry in project zookeeper by apache.
the class JaasConfiguration method addSection.
/**
* Add a section to the jaas.conf
* @param name Section name
* @param loginModuleName Login module name
* @param conf login key/value args
*/
public void addSection(String name, String loginModuleName, final Map<String, String> conf) {
AppConfigurationEntry[] entries = new AppConfigurationEntry[1];
entries[0] = new AppConfigurationEntry(loginModuleName, LoginModuleControlFlag.REQUIRED, conf);
this.sections.put(name, entries);
}
Aggregations