Example 56 with DrillbitContext
use of org.apache.drill.exec.server.DrillbitContext in project drill by apache.
the class TestSpnegoAuthentication method testConfigBackwardCompatibility.
/**
* Validate when none of the security mechanism is specified in the
* {@link ExecConstants#HTTP_AUTHENTICATION_MECHANISMS}, FORM security handler is still configured correctly when
* authentication is enabled along with PAM authenticator module.
*/
@Test
public void testConfigBackwardCompatibility() throws Exception {
final DrillConfig newConfig = new DrillConfig(DrillConfig.create().withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)));
final ScanResult scanResult = ClassPathScanner.fromPrescan(newConfig);
final AuthenticatorProviderImpl authenticatorProvider = Mockito.mock(AuthenticatorProviderImpl.class);
Mockito.when(authenticatorProvider.containsFactory(PlainFactory.SIMPLE_NAME)).thenReturn(true);
final DrillbitContext context = Mockito.mock(DrillbitContext.class);
Mockito.when(context.getClasspathScan()).thenReturn(scanResult);
Mockito.when(context.getConfig()).thenReturn(newConfig);
Mockito.when(context.getAuthProvider()).thenReturn(authenticatorProvider);
final DrillHttpSecurityHandlerProvider securityProvider = new DrillHttpSecurityHandlerProvider(newConfig, context);
assertTrue(securityProvider.isFormEnabled());
assertTrue(!securityProvider.isSpnegoEnabled());
}
Also used :
DrillbitContext(org.apache.drill.exec.server.DrillbitContext)
AuthenticatorProviderImpl(org.apache.drill.exec.rpc.security.AuthenticatorProviderImpl)
ScanResult(org.apache.drill.common.scanner.persistence.ScanResult)
DrillHttpSecurityHandlerProvider(org.apache.drill.exec.server.rest.auth.DrillHttpSecurityHandlerProvider)
DrillConfig(org.apache.drill.common.config.DrillConfig)
BaseTest(org.apache.drill.test.BaseTest)
SecurityTest(org.apache.drill.categories.SecurityTest)
Test(org.junit.Test)
Example 57 with DrillbitContext
use of org.apache.drill.exec.server.DrillbitContext in project drill by apache.
the class TestSpnegoAuthentication method testOnlyFORMEnabled.
/**
* Validate if FORM security handler is created successfully when only form is configured as auth mechanism
*/
@Test
public void testOnlyFORMEnabled() throws Exception {
final DrillConfig newConfig = new DrillConfig(DrillConfig.create().withValue(ExecConstants.HTTP_AUTHENTICATION_MECHANISMS, ConfigValueFactory.fromIterable(Lists.newArrayList("form"))).withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.HTTP_SPNEGO_PRINCIPAL, ConfigValueFactory.fromAnyRef(spnegoHelper.SERVER_PRINCIPAL)).withValue(ExecConstants.HTTP_SPNEGO_KEYTAB, ConfigValueFactory.fromAnyRef(spnegoHelper.serverKeytab.toString())));
final ScanResult scanResult = ClassPathScanner.fromPrescan(newConfig);
final AuthenticatorProviderImpl authenticatorProvider = Mockito.mock(AuthenticatorProviderImpl.class);
Mockito.when(authenticatorProvider.containsFactory(PlainFactory.SIMPLE_NAME)).thenReturn(true);
final DrillbitContext context = Mockito.mock(DrillbitContext.class);
Mockito.when(context.getClasspathScan()).thenReturn(scanResult);
Mockito.when(context.getConfig()).thenReturn(newConfig);
Mockito.when(context.getAuthProvider()).thenReturn(authenticatorProvider);
final DrillHttpSecurityHandlerProvider securityProvider = new DrillHttpSecurityHandlerProvider(newConfig, context);
assertTrue(securityProvider.isFormEnabled());
assertTrue(!securityProvider.isSpnegoEnabled());
}
Also used :
DrillbitContext(org.apache.drill.exec.server.DrillbitContext)
AuthenticatorProviderImpl(org.apache.drill.exec.rpc.security.AuthenticatorProviderImpl)
ScanResult(org.apache.drill.common.scanner.persistence.ScanResult)
DrillHttpSecurityHandlerProvider(org.apache.drill.exec.server.rest.auth.DrillHttpSecurityHandlerProvider)
DrillConfig(org.apache.drill.common.config.DrillConfig)
BaseTest(org.apache.drill.test.BaseTest)
SecurityTest(org.apache.drill.categories.SecurityTest)
Test(org.junit.Test)
Example 58 with DrillbitContext
use of org.apache.drill.exec.server.DrillbitContext in project drill by apache.
the class TestSpnegoAuthentication method testDrillSpnegoLoginService.
/**
* Validate successful {@link DrillSpnegoLoginService#login(String, Object, javax.servlet.ServletRequest)}
* when provided with client token for a configured service principal.
*/
@Test
public void testDrillSpnegoLoginService() throws Exception {
// Create client subject using it's principal and keytab
final Subject clientSubject = JaasKrbUtil.loginUsingKeytab(spnegoHelper.CLIENT_PRINCIPAL, spnegoHelper.clientKeytab.getAbsoluteFile());
// Generate a SPNEGO token for the peer SERVER_PRINCIPAL from this CLIENT_PRINCIPAL
final String token = Subject.doAs(clientSubject, new PrivilegedExceptionAction<String>() {
@Override
public String run() throws Exception {
final GSSManager gssManager = GSSManager.getInstance();
GSSContext gssContext = null;
try {
final Oid oid = GSSUtil.GSS_SPNEGO_MECH_OID;
final GSSName serviceName = gssManager.createName(spnegoHelper.SERVER_PRINCIPAL, GSSName.NT_USER_NAME, oid);
gssContext = gssManager.createContext(serviceName, oid, null, GSSContext.DEFAULT_LIFETIME);
gssContext.requestCredDeleg(true);
gssContext.requestMutualAuth(true);
byte[] outToken = new byte[0];
outToken = gssContext.initSecContext(outToken, 0, outToken.length);
return Base64.encodeBase64String(outToken);
} finally {
if (gssContext != null) {
gssContext.dispose();
}
}
}
});
// Create a DrillbitContext with service principal and keytab for DrillSpnegoLoginService
final DrillConfig newConfig = new DrillConfig(DrillConfig.create().withValue(ExecConstants.HTTP_AUTHENTICATION_MECHANISMS, ConfigValueFactory.fromIterable(Lists.newArrayList("spnego"))).withValue(ExecConstants.HTTP_SPNEGO_PRINCIPAL, ConfigValueFactory.fromAnyRef(spnegoHelper.SERVER_PRINCIPAL)).withValue(ExecConstants.HTTP_SPNEGO_KEYTAB, ConfigValueFactory.fromAnyRef(spnegoHelper.serverKeytab.toString())));
final SystemOptionManager optionManager = Mockito.mock(SystemOptionManager.class);
Mockito.when(optionManager.getOption(ExecConstants.ADMIN_USERS_VALIDATOR)).thenReturn(ExecConstants.ADMIN_USERS_VALIDATOR.DEFAULT_ADMIN_USERS);
Mockito.when(optionManager.getOption(ExecConstants.ADMIN_USER_GROUPS_VALIDATOR)).thenReturn(ExecConstants.ADMIN_USER_GROUPS_VALIDATOR.DEFAULT_ADMIN_USER_GROUPS);
final DrillbitContext drillbitContext = Mockito.mock(DrillbitContext.class);
Mockito.when(drillbitContext.getConfig()).thenReturn(newConfig);
Mockito.when(drillbitContext.getOptionManager()).thenReturn(optionManager);
final DrillSpnegoLoginService loginService = new DrillSpnegoLoginService(drillbitContext);
// Authenticate the client using its SPNEGO token
final UserIdentity user = loginService.login(null, token, null);
// Validate the UserIdentity of authenticated client
assertNotNull(user);
assertEquals(user.getUserPrincipal().getName(), spnegoHelper.CLIENT_SHORT_NAME);
assertTrue(user.isUserInRole("authenticated", null));
}
Also used :
DrillbitContext(org.apache.drill.exec.server.DrillbitContext)
GSSName(org.ietf.jgss.GSSName)
SystemOptionManager(org.apache.drill.exec.server.options.SystemOptionManager)
UserIdentity(org.eclipse.jetty.server.UserIdentity)
Oid(org.ietf.jgss.Oid)
DrillSpnegoLoginService(org.apache.drill.exec.server.rest.auth.DrillSpnegoLoginService)
Subject(javax.security.auth.Subject)
DrillbitStartupException(org.apache.drill.exec.exception.DrillbitStartupException)
DrillConfig(org.apache.drill.common.config.DrillConfig)
GSSManager(org.ietf.jgss.GSSManager)
GSSContext(org.ietf.jgss.GSSContext)
BaseTest(org.apache.drill.test.BaseTest)
SecurityTest(org.apache.drill.categories.SecurityTest)
Test(org.junit.Test)
Example 59 with DrillbitContext
use of org.apache.drill.exec.server.DrillbitContext in project drill by apache.
the class TestRecordIterator method testSimpleIterator.
@Test
public void testSimpleIterator() throws Throwable {
final DrillbitContext bitContext = mockDrillbitContext();
final UserClientConnection connection = Mockito.mock(UserClientConnection.class);
final PhysicalPlanReader reader = PhysicalPlanReaderTestFactory.defaultPhysicalPlanReader(c);
final String planStr = Files.asCharSource(DrillFileUtils.getResourceAsFile("/record/test_recorditerator.json"), Charsets.UTF_8).read();
final PhysicalPlan plan = reader.readPhysicalPlan(planStr);
final FunctionImplementationRegistry registry = new FunctionImplementationRegistry(c);
final FragmentContextImpl context = new FragmentContextImpl(bitContext, BitControl.PlanFragment.getDefaultInstance(), connection, registry);
final List<PhysicalOperator> operatorList = plan.getSortedOperators(false);
SimpleRootExec exec = new SimpleRootExec(ImplCreator.getExec(context, (FragmentRoot) operatorList.iterator().next()));
RecordBatch singleBatch = exec.getIncoming();
PhysicalOperator dummyPop = operatorList.iterator().next();
OpProfileDef def = new OpProfileDef(dummyPop.getOperatorId(), MockSubScanPOP.OPERATOR_TYPE, OperatorUtilities.getChildCount(dummyPop));
OperatorStats stats = exec.getContext().getStats().newOperatorStats(def, exec.getContext().getAllocator());
RecordIterator iter = new RecordIterator(singleBatch, null, exec.getContext().newOperatorContext(dummyPop, stats), 0, false, null);
int totalRecords = 0;
List<ValueVector> vectors = null;
while (true) {
iter.next();
if (iter.finished()) {
break;
} else {
// First time save vectors.
if (vectors == null) {
vectors = Lists.newArrayList();
for (VectorWrapper vw : iter) {
vectors.add(vw.getValueVector());
}
}
final int position = iter.getCurrentPosition();
if (position % 2 == 0) {
assertTrue(checkValues(vectors, position));
} else {
assertTrue(checkValues(vectors, position));
}
totalRecords++;
}
assertEquals(0, iter.cachedBatches().size());
}
assertEquals(11112, totalRecords);
try {
iter.mark();
fail();
} catch (UnsupportedOperationException e) {
}
try {
iter.reset();
fail();
} catch (UnsupportedOperationException e) {
}
}
Also used :
DrillbitContext(org.apache.drill.exec.server.DrillbitContext)
PhysicalPlan(org.apache.drill.exec.physical.PhysicalPlan)
OpProfileDef(org.apache.drill.exec.ops.OpProfileDef)
PhysicalPlanReader(org.apache.drill.exec.planner.PhysicalPlanReader)
FragmentContextImpl(org.apache.drill.exec.ops.FragmentContextImpl)
FragmentRoot(org.apache.drill.exec.physical.base.FragmentRoot)
OperatorStats(org.apache.drill.exec.ops.OperatorStats)
ValueVector(org.apache.drill.exec.vector.ValueVector)
SimpleRootExec(org.apache.drill.exec.physical.impl.SimpleRootExec)
PhysicalOperator(org.apache.drill.exec.physical.base.PhysicalOperator)
UserClientConnection(org.apache.drill.exec.rpc.UserClientConnection)
FunctionImplementationRegistry(org.apache.drill.exec.expr.fn.FunctionImplementationRegistry)
Test(org.junit.Test)
VectorTest(org.apache.drill.categories.VectorTest)
Example 60 with DrillbitContext
use of org.apache.drill.exec.server.DrillbitContext in project drill by apache.
the class TestRecordIterator method testMarkResetIterator.
@Test
public void testMarkResetIterator() throws Throwable {
final DrillbitContext bitContext = mockDrillbitContext();
final UserClientConnection connection = Mockito.mock(UserClientConnection.class);
final PhysicalPlanReader reader = PhysicalPlanReaderTestFactory.defaultPhysicalPlanReader(c);
final String planStr = Files.asCharSource(DrillFileUtils.getResourceAsFile("/record/test_recorditerator.json"), Charsets.UTF_8).read();
final PhysicalPlan plan = reader.readPhysicalPlan(planStr);
final FunctionImplementationRegistry registry = new FunctionImplementationRegistry(c);
final FragmentContextImpl context = new FragmentContextImpl(bitContext, BitControl.PlanFragment.getDefaultInstance(), connection, registry);
final List<PhysicalOperator> operatorList = plan.getSortedOperators(false);
SimpleRootExec exec = new SimpleRootExec(ImplCreator.getExec(context, (FragmentRoot) operatorList.iterator().next()));
RecordBatch singleBatch = exec.getIncoming();
PhysicalOperator dummyPop = operatorList.iterator().next();
OpProfileDef def = new OpProfileDef(dummyPop.getOperatorId(), MockSubScanPOP.OPERATOR_TYPE, OperatorUtilities.getChildCount(dummyPop));
OperatorStats stats = exec.getContext().getStats().newOperatorStats(def, exec.getContext().getAllocator());
RecordIterator iter = new RecordIterator(singleBatch, null, exec.getContext().newOperatorContext(dummyPop, stats), 0, null);
List<ValueVector> vectors;
// batche sizes
// 1, 100, 10, 10000, 1, 1000
// total = 11112
// BATCH 1 : 1, starting outerposition: 0
iter.next();
assertFalse(iter.finished());
assertEquals(1, iter.getTotalRecordCount());
assertEquals(0, iter.getCurrentPosition());
assertEquals(0, iter.getOuterPosition());
assertEquals(1, iter.cachedBatches().size());
vectors = Lists.newArrayList();
for (VectorWrapper vw : iter) {
vectors.add(vw.getValueVector());
}
// mark at position 0
iter.mark();
checkValues(vectors, 0);
// BATCH 2: 100, starting outerposition: 1
iter.next();
assertFalse(iter.finished());
assertEquals(101, iter.getTotalRecordCount(), 101);
assertEquals(0, iter.getCurrentPosition());
assertEquals(100, iter.getInnerRecordCount());
assertEquals(1, iter.getOuterPosition());
assertEquals(2, iter.cachedBatches().size());
for (int i = 0; i < 100; i++) {
checkValues(vectors, i);
iter.next();
}
// BATCH 3 :10, starting outerposition: 101
assertFalse(iter.finished());
assertEquals(111, iter.getTotalRecordCount());
assertEquals(0, iter.getCurrentPosition());
assertEquals(10, iter.getInnerRecordCount());
assertEquals(101, iter.getOuterPosition());
assertEquals(3, iter.cachedBatches().size());
for (int i = 0; i < 10; i++) {
checkValues(vectors, i);
iter.next();
}
// BATCH 4 : 10000, starting outerposition: 111
assertFalse(iter.finished());
assertEquals(10111, iter.getTotalRecordCount());
assertEquals(0, iter.getCurrentPosition(), 0);
assertEquals(10000, iter.getInnerRecordCount());
assertEquals(111, iter.getOuterPosition());
assertEquals(4, iter.cachedBatches().size());
for (int i = 0; i < 10000; i++) {
checkValues(vectors, i);
iter.next();
}
// BATCH 5 : 1, starting outerposition: 10111
assertFalse(iter.finished());
assertEquals(10112, iter.getTotalRecordCount());
assertEquals(0, iter.getCurrentPosition());
assertEquals(1, iter.getInnerRecordCount());
assertEquals(10111, iter.getOuterPosition());
assertEquals(5, iter.cachedBatches().size());
checkValues(vectors, 0);
iter.next();
// BATCH 6 : 1000, starting outerposition: 10112
assertFalse(iter.finished());
assertEquals(11112, iter.getTotalRecordCount());
assertEquals(0, iter.getCurrentPosition());
assertEquals(1000, iter.getInnerRecordCount());
assertEquals(10112, iter.getOuterPosition());
assertEquals(6, iter.cachedBatches().size());
for (int i = 0; i < 1000; i++) {
checkValues(vectors, i);
iter.next();
}
assertTrue(iter.finished());
assertEquals(6, iter.cachedBatches().size());
// back to batch 1
iter.reset();
assertFalse(iter.finished());
assertEquals(iter.getTotalRecordCount(), 11112);
assertEquals(6, iter.cachedBatches().size());
assertEquals(iter.getCurrentPosition(), 0);
assertEquals(1, iter.getInnerRecordCount());
checkValues(vectors, 0);
iter.next();
// mark start of batch 2
iter.mark();
assertFalse(iter.finished());
assertEquals(iter.getTotalRecordCount(), 11112);
assertEquals(5, iter.cachedBatches().size());
assertEquals(iter.getCurrentPosition(), 0);
assertEquals(100, iter.getInnerRecordCount());
for (int i = 0; i < 100; i++) {
iter.next();
}
// mark start of batch 3
iter.mark();
assertFalse(iter.finished());
assertEquals(iter.getTotalRecordCount(), 11112);
assertEquals(4, iter.cachedBatches().size());
assertEquals(iter.getCurrentPosition(), 0);
assertEquals(10, iter.getInnerRecordCount());
for (int i = 0; i < 10; i++) {
iter.next();
}
// jump into middle of largest batch #4.
for (int i = 0; i < 5000; i++) {
iter.next();
}
assertEquals(4, iter.cachedBatches().size());
iter.mark();
assertEquals(3, iter.cachedBatches().size());
for (int i = 0; i < 5000; i++) {
iter.next();
}
// mark start of batch 5
iter.mark();
assertFalse(iter.finished());
assertEquals(iter.getTotalRecordCount(), 11112);
assertEquals(2, iter.cachedBatches().size());
assertEquals(iter.getCurrentPosition(), 0);
assertEquals(1, iter.getInnerRecordCount());
// move to last batch
iter.next();
// skip to the middle of last batch
for (int i = 0; i < 500; i++) {
iter.next();
}
checkValues(vectors, 499);
checkValues(vectors, 500);
iter.reset();
checkValues(vectors, 0);
assertFalse(iter.finished());
assertEquals(iter.getTotalRecordCount(), 11112);
assertEquals(2, iter.cachedBatches().size());
assertEquals(iter.getCurrentPosition(), 0);
assertEquals(1, iter.getInnerRecordCount());
// move to last batch
iter.next();
assertEquals(0, iter.getCurrentPosition());
for (int i = 0; i < 500; i++) {
iter.next();
}
// This should free 5th batch.
iter.mark();
assertFalse(iter.finished());
assertEquals(iter.getTotalRecordCount(), 11112);
assertEquals(1, iter.cachedBatches().size());
assertEquals(500, iter.getCurrentPosition());
assertEquals(1000, iter.getInnerRecordCount());
// go to the end of iterator
for (int i = 0; i < 500; i++) {
iter.next();
}
assertTrue(iter.finished());
iter.reset();
assertFalse(iter.finished());
assertEquals(iter.getTotalRecordCount(), 11112);
assertEquals(1, iter.cachedBatches().size());
assertEquals(500, iter.getCurrentPosition());
assertEquals(1000, iter.getInnerRecordCount());
iter.close();
assertEquals(0, iter.cachedBatches().size());
}
Also used :
DrillbitContext(org.apache.drill.exec.server.DrillbitContext)
PhysicalPlan(org.apache.drill.exec.physical.PhysicalPlan)
OpProfileDef(org.apache.drill.exec.ops.OpProfileDef)
PhysicalPlanReader(org.apache.drill.exec.planner.PhysicalPlanReader)
FragmentContextImpl(org.apache.drill.exec.ops.FragmentContextImpl)
FragmentRoot(org.apache.drill.exec.physical.base.FragmentRoot)
OperatorStats(org.apache.drill.exec.ops.OperatorStats)
ValueVector(org.apache.drill.exec.vector.ValueVector)
SimpleRootExec(org.apache.drill.exec.physical.impl.SimpleRootExec)
PhysicalOperator(org.apache.drill.exec.physical.base.PhysicalOperator)
UserClientConnection(org.apache.drill.exec.rpc.UserClientConnection)
FunctionImplementationRegistry(org.apache.drill.exec.expr.fn.FunctionImplementationRegistry)
Test(org.junit.Test)
VectorTest(org.apache.drill.categories.VectorTest)
Aggregations
DrillbitContext (org.apache.drill.exec.server.DrillbitContext)137
Test (org.junit.Test)96
FunctionImplementationRegistry (org.apache.drill.exec.expr.fn.FunctionImplementationRegistry)86
PhysicalPlan (org.apache.drill.exec.physical.PhysicalPlan)80
UserClientConnection (org.apache.drill.exec.rpc.UserClientConnection)78
FragmentContextImpl (org.apache.drill.exec.ops.FragmentContextImpl)77
FragmentRoot (org.apache.drill.exec.physical.base.FragmentRoot)72
PhysicalPlanReader (org.apache.drill.exec.planner.PhysicalPlanReader)72
SimpleRootExec (org.apache.drill.exec.physical.impl.SimpleRootExec)44
OperatorTest (org.apache.drill.categories.OperatorTest)39
ExecTest (org.apache.drill.exec.ExecTest)35
SchemaPath (org.apache.drill.common.expression.SchemaPath)32
DrillConfig (org.apache.drill.common.config.DrillConfig)28
ValueVector (org.apache.drill.exec.vector.ValueVector)17
Ignore (org.junit.Ignore)14
IntVector (org.apache.drill.exec.vector.IntVector)13
SecurityTest (org.apache.drill.categories.SecurityTest)12
ScanResult (org.apache.drill.common.scanner.persistence.ScanResult)12
DrillbitEndpoint (org.apache.drill.exec.proto.CoordinationProtos.DrillbitEndpoint)12
SystemOptionManager (org.apache.drill.exec.server.options.SystemOptionManager)12
