Examples with TCredentials org.apache.accumulo.core.security.thrift.TCredentials used on opensource projects

Search in sources :

Example 6 with TCredentials

use of org.apache.accumulo.core.security.thrift.TCredentials in project accumulo by apache.

the class TCredentialsUpdatingInvocationHandlerTest method testAllowedAnyImpersonationForAnyUserNewConfig.

@Test
public void testAllowedAnyImpersonationForAnyUserNewConfig() throws Exception {
    final String proxyServer = "proxy";
    cc.set(Property.INSTANCE_RPC_SASL_ALLOWED_USER_IMPERSONATION, proxyServer + ":*");
    cc.set(Property.INSTANCE_RPC_SASL_ALLOWED_HOST_IMPERSONATION, "*");
    proxy = new TCredentialsUpdatingInvocationHandler<>(new Object(), conf);
    TCredentials tcreds = new TCredentials("client", KerberosToken.class.getName(), ByteBuffer.allocate(0), UUID.randomUUID().toString());
    UGIAssumingProcessor.rpcPrincipal.set(proxyServer);
    proxy.updateArgs(new Object[] { new Object(), tcreds });
}
Also used : TCredentials(org.apache.accumulo.core.security.thrift.TCredentials) KerberosToken(org.apache.accumulo.core.client.security.tokens.KerberosToken) Test(org.junit.Test)

Example 7 with TCredentials

use of org.apache.accumulo.core.security.thrift.TCredentials in project accumulo by apache.

the class TCredentialsUpdatingInvocationHandlerTest method testDisallowedImpersonationFromSpecificHostNewConfig.

@Test(expected = ThriftSecurityException.class)
public void testDisallowedImpersonationFromSpecificHostNewConfig() throws Exception {
    final String proxyServer = "proxy", client = "client", host = "host.domain.com";
    cc.set(Property.INSTANCE_RPC_SASL_ALLOWED_USER_IMPERSONATION, proxyServer + ":" + client);
    cc.set(Property.INSTANCE_RPC_SASL_ALLOWED_HOST_IMPERSONATION, host);
    proxy = new TCredentialsUpdatingInvocationHandler<>(new Object(), conf);
    TCredentials tcreds = new TCredentials("client", KerberosToken.class.getName(), ByteBuffer.allocate(0), UUID.randomUUID().toString());
    UGIAssumingProcessor.rpcPrincipal.set(proxyServer);
    // The RPC came from a different host than is allowed
    TServerUtils.clientAddress.set("otherhost.domain.com");
    proxy.updateArgs(new Object[] { new Object(), tcreds });
}
Also used : TCredentials(org.apache.accumulo.core.security.thrift.TCredentials) KerberosToken(org.apache.accumulo.core.client.security.tokens.KerberosToken) Test(org.junit.Test)

Example 8 with TCredentials

use of org.apache.accumulo.core.security.thrift.TCredentials in project accumulo by apache.

the class TCredentialsUpdatingInvocationHandlerTest method testWrongTokenType.

@Test(expected = ThriftSecurityException.class)
public void testWrongTokenType() throws Exception {
    final String principal = "root";
    TCredentials tcreds = new TCredentials(principal, PasswordToken.class.getName(), ByteBuffer.allocate(0), UUID.randomUUID().toString());
    UGIAssumingProcessor.rpcPrincipal.set(principal);
    proxy.updateArgs(new Object[] { new Object(), tcreds });
}
Also used : PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken) TCredentials(org.apache.accumulo.core.security.thrift.TCredentials) Test(org.junit.Test)

Example 9 with TCredentials

use of org.apache.accumulo.core.security.thrift.TCredentials in project accumulo by apache.

the class TCredentialsUpdatingInvocationHandlerTest method testDisallowedImpersonationForUser.

@SuppressWarnings("deprecation")
@Test(expected = ThriftSecurityException.class)
public void testDisallowedImpersonationForUser() throws Exception {
    final String proxyServer = "proxy";
    // let "otherproxy" impersonate, but not "proxy"
    cc.set(Property.INSTANCE_RPC_SASL_PROXYUSERS.getKey() + "otherproxy" + ".users", "*");
    cc.set(Property.INSTANCE_RPC_SASL_PROXYUSERS.getKey() + "otherproxy" + ".hosts", "*");
    proxy = new TCredentialsUpdatingInvocationHandler<>(new Object(), conf);
    TCredentials tcreds = new TCredentials("client", KerberosToken.class.getName(), ByteBuffer.allocate(0), UUID.randomUUID().toString());
    UGIAssumingProcessor.rpcPrincipal.set(proxyServer);
    proxy.updateArgs(new Object[] { new Object(), tcreds });
}
Also used : TCredentials(org.apache.accumulo.core.security.thrift.TCredentials) KerberosToken(org.apache.accumulo.core.client.security.tokens.KerberosToken) Test(org.junit.Test)

Example 10 with TCredentials

use of org.apache.accumulo.core.security.thrift.TCredentials in project accumulo by apache.

the class TCredentialsUpdatingInvocationHandlerTest method testDisallowedImpersonationForUserNewConfig.

@Test(expected = ThriftSecurityException.class)
public void testDisallowedImpersonationForUserNewConfig() throws Exception {
    final String proxyServer = "proxy";
    // let "otherproxy" impersonate, but not "proxy"
    cc.set(Property.INSTANCE_RPC_SASL_ALLOWED_USER_IMPERSONATION, "otherproxy:*");
    cc.set(Property.INSTANCE_RPC_SASL_ALLOWED_HOST_IMPERSONATION, "*");
    proxy = new TCredentialsUpdatingInvocationHandler<>(new Object(), conf);
    TCredentials tcreds = new TCredentials("client", KerberosToken.class.getName(), ByteBuffer.allocate(0), UUID.randomUUID().toString());
    UGIAssumingProcessor.rpcPrincipal.set(proxyServer);
    proxy.updateArgs(new Object[] { new Object(), tcreds });
}
Also used : TCredentials(org.apache.accumulo.core.security.thrift.TCredentials) KerberosToken(org.apache.accumulo.core.client.security.tokens.KerberosToken) Test(org.junit.Test)

Aggregations

TCredentials (org.apache.accumulo.core.security.thrift.TCredentials)26 Test (org.junit.Test)21 KerberosToken (org.apache.accumulo.core.client.security.tokens.KerberosToken)13 PasswordToken (org.apache.accumulo.core.client.security.tokens.PasswordToken)6 Credentials (org.apache.accumulo.core.client.impl.Credentials)5 DataInputStream (java.io.DataInputStream)2 HashSet (java.util.HashSet)2 AccumuloException (org.apache.accumulo.core.client.AccumuloException)2 AccumuloSecurityException (org.apache.accumulo.core.client.AccumuloSecurityException)2 ThriftSecurityException (org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException)2 AuthenticationToken (org.apache.accumulo.core.client.security.tokens.AuthenticationToken)2 ReplicationTarget (org.apache.accumulo.core.replication.ReplicationTarget)2 Client (org.apache.accumulo.core.replication.thrift.ReplicationServicer.Client)2 WalEdits (org.apache.accumulo.core.replication.thrift.WalEdits)2 TInfo (org.apache.accumulo.core.trace.thrift.TInfo)2 Status (org.apache.accumulo.server.replication.proto.Replication.Status)2 ReplicationStats (org.apache.accumulo.tserver.replication.AccumuloReplicaSystem.ReplicationStats)2 WalClientExecReturn (org.apache.accumulo.tserver.replication.AccumuloReplicaSystem.WalClientExecReturn)2 WalReplication (org.apache.accumulo.tserver.replication.AccumuloReplicaSystem.WalReplication)2 Path (org.apache.hadoop.fs.Path)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial