Search in sources :

Example 6 with DrillHttpSecurityHandlerProvider

use of org.apache.drill.exec.server.rest.auth.DrillHttpSecurityHandlerProvider in project drill by apache.

the class TestSpnegoAuthentication method testConfigBackwardCompatibility.

/**
 * Validate when none of the security mechanism is specified in the
 * {@link ExecConstants#HTTP_AUTHENTICATION_MECHANISMS}, FORM security handler is still configured correctly when
 * authentication is enabled along with PAM authenticator module.
 */
@Test
public void testConfigBackwardCompatibility() throws Exception {
    final DrillConfig newConfig = new DrillConfig(DrillConfig.create().withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)));
    final ScanResult scanResult = ClassPathScanner.fromPrescan(newConfig);
    final AuthenticatorProviderImpl authenticatorProvider = Mockito.mock(AuthenticatorProviderImpl.class);
    Mockito.when(authenticatorProvider.containsFactory(PlainFactory.SIMPLE_NAME)).thenReturn(true);
    final DrillbitContext context = Mockito.mock(DrillbitContext.class);
    Mockito.when(context.getClasspathScan()).thenReturn(scanResult);
    Mockito.when(context.getConfig()).thenReturn(newConfig);
    Mockito.when(context.getAuthProvider()).thenReturn(authenticatorProvider);
    final DrillHttpSecurityHandlerProvider securityProvider = new DrillHttpSecurityHandlerProvider(newConfig, context);
    assertTrue(securityProvider.isFormEnabled());
    assertTrue(!securityProvider.isSpnegoEnabled());
}
Also used : DrillbitContext(org.apache.drill.exec.server.DrillbitContext) AuthenticatorProviderImpl(org.apache.drill.exec.rpc.security.AuthenticatorProviderImpl) ScanResult(org.apache.drill.common.scanner.persistence.ScanResult) DrillHttpSecurityHandlerProvider(org.apache.drill.exec.server.rest.auth.DrillHttpSecurityHandlerProvider) DrillConfig(org.apache.drill.common.config.DrillConfig) BaseTest(org.apache.drill.test.BaseTest) SecurityTest(org.apache.drill.categories.SecurityTest) Test(org.junit.Test)

Example 7 with DrillHttpSecurityHandlerProvider

use of org.apache.drill.exec.server.rest.auth.DrillHttpSecurityHandlerProvider in project drill by apache.

the class TestSpnegoAuthentication method testOnlyFORMEnabled.

/**
 * Validate if FORM security handler is created successfully when only form is configured as auth mechanism
 */
@Test
public void testOnlyFORMEnabled() throws Exception {
    final DrillConfig newConfig = new DrillConfig(DrillConfig.create().withValue(ExecConstants.HTTP_AUTHENTICATION_MECHANISMS, ConfigValueFactory.fromIterable(Lists.newArrayList("form"))).withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.HTTP_SPNEGO_PRINCIPAL, ConfigValueFactory.fromAnyRef(spnegoHelper.SERVER_PRINCIPAL)).withValue(ExecConstants.HTTP_SPNEGO_KEYTAB, ConfigValueFactory.fromAnyRef(spnegoHelper.serverKeytab.toString())));
    final ScanResult scanResult = ClassPathScanner.fromPrescan(newConfig);
    final AuthenticatorProviderImpl authenticatorProvider = Mockito.mock(AuthenticatorProviderImpl.class);
    Mockito.when(authenticatorProvider.containsFactory(PlainFactory.SIMPLE_NAME)).thenReturn(true);
    final DrillbitContext context = Mockito.mock(DrillbitContext.class);
    Mockito.when(context.getClasspathScan()).thenReturn(scanResult);
    Mockito.when(context.getConfig()).thenReturn(newConfig);
    Mockito.when(context.getAuthProvider()).thenReturn(authenticatorProvider);
    final DrillHttpSecurityHandlerProvider securityProvider = new DrillHttpSecurityHandlerProvider(newConfig, context);
    assertTrue(securityProvider.isFormEnabled());
    assertTrue(!securityProvider.isSpnegoEnabled());
}
Also used : DrillbitContext(org.apache.drill.exec.server.DrillbitContext) AuthenticatorProviderImpl(org.apache.drill.exec.rpc.security.AuthenticatorProviderImpl) ScanResult(org.apache.drill.common.scanner.persistence.ScanResult) DrillHttpSecurityHandlerProvider(org.apache.drill.exec.server.rest.auth.DrillHttpSecurityHandlerProvider) DrillConfig(org.apache.drill.common.config.DrillConfig) BaseTest(org.apache.drill.test.BaseTest) SecurityTest(org.apache.drill.categories.SecurityTest) Test(org.junit.Test)

Example 8 with DrillHttpSecurityHandlerProvider

use of org.apache.drill.exec.server.rest.auth.DrillHttpSecurityHandlerProvider in project drill by axbaretto.

the class TestSpnegoAuthentication method testOnlyFORMEnabled.

/**
 * Validate if FORM security handler is created successfully when only form is configured as auth mechanism
 * @throws Exception
 */
@Test
public void testOnlyFORMEnabled() throws Exception {
    final DrillConfig newConfig = new DrillConfig(DrillConfig.create().withValue(ExecConstants.HTTP_AUTHENTICATION_MECHANISMS, ConfigValueFactory.fromIterable(Lists.newArrayList("form"))).withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.HTTP_SPNEGO_PRINCIPAL, ConfigValueFactory.fromAnyRef(spnegoHelper.SERVER_PRINCIPAL)).withValue(ExecConstants.HTTP_SPNEGO_KEYTAB, ConfigValueFactory.fromAnyRef(spnegoHelper.serverKeytab.toString())));
    final ScanResult scanResult = ClassPathScanner.fromPrescan(newConfig);
    final AuthenticatorProviderImpl authenticatorProvider = Mockito.mock(AuthenticatorProviderImpl.class);
    Mockito.when(authenticatorProvider.containsFactory(PlainFactory.SIMPLE_NAME)).thenReturn(true);
    final DrillbitContext context = Mockito.mock(DrillbitContext.class);
    Mockito.when(context.getClasspathScan()).thenReturn(scanResult);
    Mockito.when(context.getConfig()).thenReturn(newConfig);
    Mockito.when(context.getAuthProvider()).thenReturn(authenticatorProvider);
    final DrillHttpSecurityHandlerProvider securityProvider = new DrillHttpSecurityHandlerProvider(newConfig, context);
    assertTrue(securityProvider.isFormEnabled());
    assertTrue(!securityProvider.isSpnegoEnabled());
}
Also used : DrillbitContext(org.apache.drill.exec.server.DrillbitContext) AuthenticatorProviderImpl(org.apache.drill.exec.rpc.security.AuthenticatorProviderImpl) ScanResult(org.apache.drill.common.scanner.persistence.ScanResult) DrillHttpSecurityHandlerProvider(org.apache.drill.exec.server.rest.auth.DrillHttpSecurityHandlerProvider) DrillConfig(org.apache.drill.common.config.DrillConfig) SecurityTest(org.apache.drill.categories.SecurityTest) Test(org.junit.Test)

Example 9 with DrillHttpSecurityHandlerProvider

use of org.apache.drill.exec.server.rest.auth.DrillHttpSecurityHandlerProvider in project drill by axbaretto.

the class TestSpnegoAuthentication method testOnlySPNEGOEnabled.

/**
 * Validate only SPNEGO security handler is configured properly when enabled via configuration
 * @throws Exception
 */
@Test
public void testOnlySPNEGOEnabled() throws Exception {
    final DrillConfig newConfig = new DrillConfig(DrillConfig.create().withValue(ExecConstants.HTTP_AUTHENTICATION_MECHANISMS, ConfigValueFactory.fromIterable(Lists.newArrayList("spnego"))).withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.HTTP_SPNEGO_PRINCIPAL, ConfigValueFactory.fromAnyRef(spnegoHelper.SERVER_PRINCIPAL)).withValue(ExecConstants.HTTP_SPNEGO_KEYTAB, ConfigValueFactory.fromAnyRef(spnegoHelper.serverKeytab.toString())));
    final ScanResult scanResult = ClassPathScanner.fromPrescan(newConfig);
    final AuthenticatorProviderImpl authenticatorProvider = Mockito.mock(AuthenticatorProviderImpl.class);
    Mockito.when(authenticatorProvider.containsFactory(PlainFactory.SIMPLE_NAME)).thenReturn(false);
    final DrillbitContext context = Mockito.mock(DrillbitContext.class);
    Mockito.when(context.getClasspathScan()).thenReturn(scanResult);
    Mockito.when(context.getConfig()).thenReturn(newConfig);
    Mockito.when(context.getAuthProvider()).thenReturn(authenticatorProvider);
    final DrillHttpSecurityHandlerProvider securityProvider = new DrillHttpSecurityHandlerProvider(newConfig, context);
    assertTrue(!securityProvider.isFormEnabled());
    assertTrue(securityProvider.isSpnegoEnabled());
}
Also used : DrillbitContext(org.apache.drill.exec.server.DrillbitContext) AuthenticatorProviderImpl(org.apache.drill.exec.rpc.security.AuthenticatorProviderImpl) ScanResult(org.apache.drill.common.scanner.persistence.ScanResult) DrillHttpSecurityHandlerProvider(org.apache.drill.exec.server.rest.auth.DrillHttpSecurityHandlerProvider) DrillConfig(org.apache.drill.common.config.DrillConfig) SecurityTest(org.apache.drill.categories.SecurityTest) Test(org.junit.Test)

Example 10 with DrillHttpSecurityHandlerProvider

use of org.apache.drill.exec.server.rest.auth.DrillHttpSecurityHandlerProvider in project drill by apache.

the class TestSpnegoAuthentication method testFORMEnabledWithPlainDisabled.

/**
 * Validate failure in creating FORM security handler when PAM authenticator is absent. PAM authenticator is provided
 * via {@link PlainFactory#getAuthenticator()}
 */
@Test
public void testFORMEnabledWithPlainDisabled() throws Exception {
    try {
        final DrillConfig newConfig = new DrillConfig(DrillConfig.create().withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.HTTP_AUTHENTICATION_MECHANISMS, ConfigValueFactory.fromIterable(Lists.newArrayList("form"))).withValue(ExecConstants.HTTP_SPNEGO_PRINCIPAL, ConfigValueFactory.fromAnyRef(spnegoHelper.SERVER_PRINCIPAL)).withValue(ExecConstants.HTTP_SPNEGO_KEYTAB, ConfigValueFactory.fromAnyRef(spnegoHelper.serverKeytab.toString())));
        final ScanResult scanResult = ClassPathScanner.fromPrescan(newConfig);
        final AuthenticatorProviderImpl authenticatorProvider = Mockito.mock(AuthenticatorProviderImpl.class);
        Mockito.when(authenticatorProvider.containsFactory(PlainFactory.SIMPLE_NAME)).thenReturn(false);
        final DrillbitContext context = Mockito.mock(DrillbitContext.class);
        Mockito.when(context.getClasspathScan()).thenReturn(scanResult);
        Mockito.when(context.getConfig()).thenReturn(newConfig);
        Mockito.when(context.getAuthProvider()).thenReturn(authenticatorProvider);
        final DrillHttpSecurityHandlerProvider securityProvider = new DrillHttpSecurityHandlerProvider(newConfig, context);
        fail();
    } catch (Exception ex) {
        assertTrue(ex instanceof DrillbitStartupException);
    }
}
Also used : DrillbitContext(org.apache.drill.exec.server.DrillbitContext) AuthenticatorProviderImpl(org.apache.drill.exec.rpc.security.AuthenticatorProviderImpl) ScanResult(org.apache.drill.common.scanner.persistence.ScanResult) DrillHttpSecurityHandlerProvider(org.apache.drill.exec.server.rest.auth.DrillHttpSecurityHandlerProvider) DrillConfig(org.apache.drill.common.config.DrillConfig) DrillbitStartupException(org.apache.drill.exec.exception.DrillbitStartupException) DrillbitStartupException(org.apache.drill.exec.exception.DrillbitStartupException) BaseTest(org.apache.drill.test.BaseTest) SecurityTest(org.apache.drill.categories.SecurityTest) Test(org.junit.Test)

Aggregations

DrillHttpSecurityHandlerProvider (org.apache.drill.exec.server.rest.auth.DrillHttpSecurityHandlerProvider)12 SecurityTest (org.apache.drill.categories.SecurityTest)10 DrillConfig (org.apache.drill.common.config.DrillConfig)10 ScanResult (org.apache.drill.common.scanner.persistence.ScanResult)10 AuthenticatorProviderImpl (org.apache.drill.exec.rpc.security.AuthenticatorProviderImpl)10 DrillbitContext (org.apache.drill.exec.server.DrillbitContext)10 Test (org.junit.Test)10 BaseTest (org.apache.drill.test.BaseTest)5 MetricsServlet (com.codahale.metrics.servlets.MetricsServlet)2 ThreadDumpServlet (com.codahale.metrics.servlets.ThreadDumpServlet)2 DrillbitStartupException (org.apache.drill.exec.exception.DrillbitStartupException)2 DrillErrorHandler (org.apache.drill.exec.server.rest.auth.DrillErrorHandler)2 ErrorHandler (org.eclipse.jetty.server.handler.ErrorHandler)2 FilterHolder (org.eclipse.jetty.servlet.FilterHolder)2 ServletContextHandler (org.eclipse.jetty.servlet.ServletContextHandler)2 ServletHolder (org.eclipse.jetty.servlet.ServletHolder)2 ServletContainer (org.glassfish.jersey.servlet.ServletContainer)2