Examples with TCredentials org.apache.accumulo.core.security.thrift.TCredentials used on opensource projects

Example 11 with TCredentials

use of org.apache.accumulo.core.security.thrift.TCredentials in project accumulo by apache.

the class TCredentialsUpdatingInvocationHandlerTest method testDisallowedImpersonationForMultipleUsersNewConfig.

@Test(expected = ThriftSecurityException.class)
public void testDisallowedImpersonationForMultipleUsersNewConfig() throws Exception {
    final String proxyServer = "proxy";
    // let "otherproxy" impersonate, but not "proxy"
    cc.set(Property.INSTANCE_RPC_SASL_ALLOWED_USER_IMPERSONATION, "otherproxy1:*;otherproxy2:client1,client2");
    cc.set(Property.INSTANCE_RPC_SASL_ALLOWED_HOST_IMPERSONATION, "*;*");
    proxy = new TCredentialsUpdatingInvocationHandler<>(new Object(), conf);
    TCredentials tcreds = new TCredentials("client1", KerberosToken.class.getName(), ByteBuffer.allocate(0), UUID.randomUUID().toString());
    UGIAssumingProcessor.rpcPrincipal.set(proxyServer);
    proxy.updateArgs(new Object[] { new Object(), tcreds });
}

Example 12 with TCredentials

use of org.apache.accumulo.core.security.thrift.TCredentials in project accumulo by apache.

the class CredentialsTest method roundtripThrift.

@Test
public void roundtripThrift() throws DestroyFailedException {
    Credentials creds = new Credentials("test", new PasswordToken("testing"));
    TCredentials tCreds = creds.toThrift(inst);
    Credentials roundtrip = Credentials.fromThrift(tCreds);
    assertEquals("Roundtrip through thirft changed credentials equality", creds, roundtrip);
}

Example 13 with TCredentials

use of org.apache.accumulo.core.security.thrift.TCredentials in project accumulo by apache.

the class CredentialsTest method testToThrift.

@Test
public void testToThrift() throws DestroyFailedException {
    // verify thrift serialization
    Credentials creds = new Credentials("test", new PasswordToken("testing"));
    TCredentials tCreds = creds.toThrift(inst);
    assertEquals("test", tCreds.getPrincipal());
    assertEquals(PasswordToken.class.getName(), tCreds.getTokenClassName());
    assertArrayEquals(AuthenticationTokenSerializer.serialize(new PasswordToken("testing")), tCreds.getToken());
    // verify that we can't serialize if it's destroyed
    creds.getToken().destroy();
    try {
        creds.toThrift(inst);
        fail();
    } catch (Exception e) {
        assertTrue(e instanceof RuntimeException);
        assertTrue(e.getCause() instanceof AccumuloSecurityException);
        assertTrue(AccumuloSecurityException.class.cast(e.getCause()).getSecurityErrorCode().equals(SecurityErrorCode.TOKEN_EXPIRED));
    }
}

Example 14 with TCredentials

use of org.apache.accumulo.core.security.thrift.TCredentials in project accumulo by apache.

the class AccumuloReplicaSystemTest method dontSendEmptyDataToPeer.

@Test
public void dontSendEmptyDataToPeer() throws Exception {
    Client replClient = createMock(Client.class);
    AccumuloReplicaSystem ars = createMock(AccumuloReplicaSystem.class);
    WalEdits edits = new WalEdits(Collections.emptyList());
    WalReplication walReplication = new WalReplication(edits, 0, 0, 0);
    ReplicationTarget target = new ReplicationTarget("peer", "2", Table.ID.of("1"));
    DataInputStream input = null;
    Path p = new Path("/accumulo/wals/tserver+port/" + UUID.randomUUID().toString());
    Status status = null;
    long sizeLimit = Long.MAX_VALUE;
    String remoteTableId = target.getRemoteIdentifier();
    TCredentials tcreds = null;
    Set<Integer> tids = new HashSet<>();
    WalClientExecReturn walClientExec = ars.new WalClientExecReturn(target, input, p, status, sizeLimit, remoteTableId, tcreds, tids);
    expect(ars.getWalEdits(target, input, p, status, sizeLimit, tids)).andReturn(walReplication);
    replay(replClient, ars);
    ReplicationStats stats = walClientExec.execute(replClient);
    verify(replClient, ars);
    Assert.assertEquals(new ReplicationStats(0l, 0l, 0l), stats);
}

Example 15 with TCredentials

use of org.apache.accumulo.core.security.thrift.TCredentials in project accumulo by apache.

the class AccumuloReplicaSystemTest method consumedButNotSentDataShouldBeRecorded.

@Test
public void consumedButNotSentDataShouldBeRecorded() throws Exception {
    Client replClient = createMock(Client.class);
    AccumuloReplicaSystem ars = createMock(AccumuloReplicaSystem.class);
    WalEdits edits = new WalEdits(Collections.emptyList());
    WalReplication walReplication = new WalReplication(edits, 0, 5, 0);
    ReplicationTarget target = new ReplicationTarget("peer", "2", Table.ID.of("1"));
    DataInputStream input = null;
    Path p = new Path("/accumulo/wals/tserver+port/" + UUID.randomUUID().toString());
    Status status = null;
    long sizeLimit = Long.MAX_VALUE;
    String remoteTableId = target.getRemoteIdentifier();
    TCredentials tcreds = null;
    Set<Integer> tids = new HashSet<>();
    WalClientExecReturn walClientExec = ars.new WalClientExecReturn(target, input, p, status, sizeLimit, remoteTableId, tcreds, tids);
    expect(ars.getWalEdits(target, input, p, status, sizeLimit, tids)).andReturn(walReplication);
    replay(replClient, ars);
    ReplicationStats stats = walClientExec.execute(replClient);
    verify(replClient, ars);
    Assert.assertEquals(new ReplicationStats(0l, 0l, 5l), stats);
}