Examples with DrillbitContext org.apache.drill.exec.server.DrillbitContext used on opensource projects

Example 31 with DrillbitContext

use of org.apache.drill.exec.server.DrillbitContext in project drill by axbaretto.

the class TestSpnegoAuthentication method testSPNEGOAndFORMEnabled.

/**
 * Both SPNEGO and FORM mechanism is enabled for WebServer in configuration. Test to see if the respective security
 * handlers are created successfully or not.
 * @throws Exception
 */
@Test
public void testSPNEGOAndFORMEnabled() throws Exception {
    final DrillConfig newConfig = new DrillConfig(DrillConfig.create().withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.HTTP_AUTHENTICATION_MECHANISMS, ConfigValueFactory.fromIterable(Lists.newArrayList("form", "spnego"))).withValue(ExecConstants.HTTP_SPNEGO_PRINCIPAL, ConfigValueFactory.fromAnyRef(spnegoHelper.SERVER_PRINCIPAL)).withValue(ExecConstants.HTTP_SPNEGO_KEYTAB, ConfigValueFactory.fromAnyRef(spnegoHelper.serverKeytab.toString())));
    final ScanResult scanResult = ClassPathScanner.fromPrescan(newConfig);
    final AuthenticatorProviderImpl authenticatorProvider = Mockito.mock(AuthenticatorProviderImpl.class);
    Mockito.when(authenticatorProvider.containsFactory(PlainFactory.SIMPLE_NAME)).thenReturn(true);
    final DrillbitContext context = Mockito.mock(DrillbitContext.class);
    Mockito.when(context.getClasspathScan()).thenReturn(scanResult);
    Mockito.when(context.getConfig()).thenReturn(newConfig);
    Mockito.when(context.getAuthProvider()).thenReturn(authenticatorProvider);
    final DrillHttpSecurityHandlerProvider securityProvider = new DrillHttpSecurityHandlerProvider(newConfig, context);
    assertTrue(securityProvider.isFormEnabled());
    assertTrue(securityProvider.isSpnegoEnabled());
}

Example 32 with DrillbitContext

use of org.apache.drill.exec.server.DrillbitContext in project drill by axbaretto.

the class TestSpnegoAuthentication method testDrillSpnegoLoginService.

/**
 * Validate successful {@link DrillSpnegoLoginService#login(String, Object)} when provided with client token for a
 * configured service principal.
 * @throws Exception
 */
@Test
public void testDrillSpnegoLoginService() throws Exception {
    // Create client subject using it's principal and keytab
    final Subject clientSubject = JaasKrbUtil.loginUsingKeytab(spnegoHelper.CLIENT_PRINCIPAL, spnegoHelper.clientKeytab.getAbsoluteFile());
    // Generate a SPNEGO token for the peer SERVER_PRINCIPAL from this CLIENT_PRINCIPAL
    final String token = Subject.doAs(clientSubject, new PrivilegedExceptionAction<String>() {

        @Override
        public String run() throws Exception {
            final GSSManager gssManager = GSSManager.getInstance();
            GSSContext gssContext = null;
            try {
                final Oid oid = GSSUtil.GSS_SPNEGO_MECH_OID;
                final GSSName serviceName = gssManager.createName(spnegoHelper.SERVER_PRINCIPAL, GSSName.NT_USER_NAME, oid);
                gssContext = gssManager.createContext(serviceName, oid, null, GSSContext.DEFAULT_LIFETIME);
                gssContext.requestCredDeleg(true);
                gssContext.requestMutualAuth(true);
                byte[] outToken = new byte[0];
                outToken = gssContext.initSecContext(outToken, 0, outToken.length);
                return Base64.encodeBase64String(outToken);
            } finally {
                if (gssContext != null) {
                    gssContext.dispose();
                }
            }
        }
    });
    // Create a DrillbitContext with service principal and keytab for DrillSpnegoLoginService
    final DrillConfig newConfig = new DrillConfig(DrillConfig.create().withValue(ExecConstants.HTTP_AUTHENTICATION_MECHANISMS, ConfigValueFactory.fromIterable(Lists.newArrayList("spnego"))).withValue(ExecConstants.HTTP_SPNEGO_PRINCIPAL, ConfigValueFactory.fromAnyRef(spnegoHelper.SERVER_PRINCIPAL)).withValue(ExecConstants.HTTP_SPNEGO_KEYTAB, ConfigValueFactory.fromAnyRef(spnegoHelper.serverKeytab.toString())));
    final SystemOptionManager optionManager = Mockito.mock(SystemOptionManager.class);
    Mockito.when(optionManager.getOption(ExecConstants.ADMIN_USERS_VALIDATOR)).thenReturn(ExecConstants.ADMIN_USERS_VALIDATOR.DEFAULT_ADMIN_USERS);
    Mockito.when(optionManager.getOption(ExecConstants.ADMIN_USER_GROUPS_VALIDATOR)).thenReturn(ExecConstants.ADMIN_USER_GROUPS_VALIDATOR.DEFAULT_ADMIN_USER_GROUPS);
    final DrillbitContext drillbitContext = Mockito.mock(DrillbitContext.class);
    Mockito.when(drillbitContext.getConfig()).thenReturn(newConfig);
    Mockito.when(drillbitContext.getOptionManager()).thenReturn(optionManager);
    final DrillSpnegoLoginService loginService = new DrillSpnegoLoginService(drillbitContext);
    // Authenticate the client using its SPNEGO token
    final UserIdentity user = loginService.login(null, token);
    // Validate the UserIdentity of authenticated client
    assertTrue(user != null);
    assertTrue(user.getUserPrincipal().getName().equals(spnegoHelper.CLIENT_SHORT_NAME));
    assertTrue(user.isUserInRole("authenticated", null));
}

Example 33 with DrillbitContext

use of org.apache.drill.exec.server.DrillbitContext in project drill by axbaretto.

the class TestSpnegoAuthentication method testConfigBackwardCompatibility.

/**
 * Validate when none of the security mechanism is specified in the
 * {@link ExecConstants#HTTP_AUTHENTICATION_MECHANISMS}, FORM security handler is still configured correctly when
 * authentication is enabled along with PAM authenticator module.
 * @throws Exception
 */
@Test
public void testConfigBackwardCompatibility() throws Exception {
    final DrillConfig newConfig = new DrillConfig(DrillConfig.create().withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)));
    final ScanResult scanResult = ClassPathScanner.fromPrescan(newConfig);
    final AuthenticatorProviderImpl authenticatorProvider = Mockito.mock(AuthenticatorProviderImpl.class);
    Mockito.when(authenticatorProvider.containsFactory(PlainFactory.SIMPLE_NAME)).thenReturn(true);
    final DrillbitContext context = Mockito.mock(DrillbitContext.class);
    Mockito.when(context.getClasspathScan()).thenReturn(scanResult);
    Mockito.when(context.getConfig()).thenReturn(newConfig);
    Mockito.when(context.getAuthProvider()).thenReturn(authenticatorProvider);
    final DrillHttpSecurityHandlerProvider securityProvider = new DrillHttpSecurityHandlerProvider(newConfig, context);
    assertTrue(securityProvider.isFormEnabled());
    assertTrue(!securityProvider.isSpnegoEnabled());
}

Example 34 with DrillbitContext

use of org.apache.drill.exec.server.DrillbitContext in project drill by axbaretto.

the class TestCustomTunnel method ensureRoundTripJackson.

@Test
public void ensureRoundTripJackson() throws Exception {
    final DrillbitContext context = getDrillbitContext();
    final MesgA mesgA = new MesgA();
    mesgA.fieldA = "123";
    mesgA.fieldB = "okra";
    final TestCustomMessageHandlerJackson handler = new TestCustomMessageHandlerJackson(mesgA);
    context.getController().registerCustomHandler(1003, handler, new ControlTunnel.JacksonSerDe<MesgA>(MesgA.class), new ControlTunnel.JacksonSerDe<MesgB>(MesgB.class));
    final ControlTunnel loopbackTunnel = context.getController().getTunnel(context.getEndpoint());
    final CustomTunnel<MesgA, MesgB> tunnel = loopbackTunnel.getCustomTunnel(1003, new ControlTunnel.JacksonSerDe<MesgA>(MesgA.class), new ControlTunnel.JacksonSerDe<MesgB>(MesgB.class));
    CustomFuture<MesgB> future = tunnel.send(mesgA);
    assertEquals(expectedB, future.get());
}

Example 35 with DrillbitContext

use of org.apache.drill.exec.server.DrillbitContext in project drill by axbaretto.

the class TestCustomTunnel method ensureRoundTripBytes.

@Test
public void ensureRoundTripBytes() throws Exception {
    final DrillbitContext context = getDrillbitContext();
    final TestCustomMessageHandler handler = new TestCustomMessageHandler(context.getEndpoint(), true);
    context.getController().registerCustomHandler(1002, handler, DrillbitEndpoint.PARSER);
    final ControlTunnel loopbackTunnel = context.getController().getTunnel(context.getEndpoint());
    final CustomTunnel<DrillbitEndpoint, QueryId> tunnel = loopbackTunnel.getCustomTunnel(1002, DrillbitEndpoint.class, QueryId.PARSER);
    buf1.retain();
    CustomFuture<QueryId> future = tunnel.send(context.getEndpoint(), buf1);
    assertEquals(expectedId, future.get());
    byte[] actual = new byte[1024];
    future.getBuffer().getBytes(0, actual);
    future.getBuffer().release();
    assertTrue(Arrays.equals(expected, actual));
}