use of org.apache.druid.java.util.http.client.CredentialedHttpClient in project druid by druid-io.
the class AbstractAuthConfigurationTest method verifyMaliciousUser.
protected void verifyMaliciousUser() {
String maliciousUsername = "<script>alert('hello')</script>";
HttpClient maliciousClient = new CredentialedHttpClient(new BasicCredentials(maliciousUsername, "noPass"), httpClient);
StatusResponseHolder responseHolder = HttpUtil.makeRequestWithExpectedStatus(maliciousClient, HttpMethod.GET, config.getBrokerUrl() + "/status", null, HttpResponseStatus.UNAUTHORIZED);
String responseContent = responseHolder.getContent();
Assert.assertTrue(responseContent.contains("<tr><th>MESSAGE:</th><td>Unauthorized</td></tr>"));
Assert.assertFalse(responseContent.contains(maliciousUsername));
}
use of org.apache.druid.java.util.http.client.CredentialedHttpClient in project druid by druid-io.
the class ITBasicAuthLdapConfigurationTest method setupTestSpecificHttpClients.
@Override
protected void setupTestSpecificHttpClients() {
druidUserClient = new CredentialedHttpClient(new BasicCredentials("druid", "helloworld"), httpClient);
stateOnlyNoLdapGroupUserClient = new CredentialedHttpClient(new BasicCredentials("stateOnlyNoLdapGroup", "helloworld"), httpClient);
}
use of org.apache.druid.java.util.http.client.CredentialedHttpClient in project druid by druid-io.
the class ITTLSTest method makeCertlessClient.
private HttpClient makeCertlessClient() {
SSLContext certlessClientSSLContext = new TLSUtils.ClientSSLContextBuilder().setProtocol(sslClientConfig.getProtocol()).setTrustStoreType(sslClientConfig.getTrustStoreType()).setTrustStorePath(sslClientConfig.getTrustStorePath()).setTrustStoreAlgorithm(sslClientConfig.getTrustStoreAlgorithm()).setTrustStorePasswordProvider(sslClientConfig.getTrustStorePasswordProvider()).setCertificateChecker(certificateChecker).build();
final HttpClientConfig.Builder builder = getHttpClientConfigBuilder(certlessClientSSLContext);
final Lifecycle lifecycle = new Lifecycle();
HttpClient client = HttpClientInit.createClient(builder.build(), lifecycle);
HttpClient adminClient = new CredentialedHttpClient(new BasicCredentials("admin", "priest"), client);
return adminClient;
}
use of org.apache.druid.java.util.http.client.CredentialedHttpClient in project druid by druid-io.
the class ITTLSTest method testTLSNodeAccess.
@Test
public void testTLSNodeAccess() {
LOG.info("---------Testing resource access with TLS enabled---------");
HttpClient adminClient = new CredentialedHttpClient(new BasicCredentials("admin", "priest"), httpClient);
makeRequest(adminClient, HttpMethod.GET, config.getCoordinatorTLSUrl() + "/status", null);
makeRequest(adminClient, HttpMethod.GET, config.getOverlordTLSUrl() + "/status", null);
makeRequest(adminClient, HttpMethod.GET, config.getBrokerTLSUrl() + "/status", null);
makeRequest(adminClient, HttpMethod.GET, config.getHistoricalTLSUrl() + "/status", null);
makeRequest(adminClient, HttpMethod.GET, config.getRouterTLSUrl() + "/status", null);
makeRequest(adminClient, HttpMethod.GET, config.getPermissiveRouterTLSUrl() + "/status", null);
makeRequest(adminClient, HttpMethod.GET, config.getNoClientAuthRouterTLSUrl() + "/status", null);
}
use of org.apache.druid.java.util.http.client.CredentialedHttpClient in project druid by druid-io.
the class ITTLSTest method makeCustomHttpClient.
private HttpClient makeCustomHttpClient(String keystorePath, String certAlias, TLSCertificateChecker certificateChecker) {
SSLContext intermediateClientSSLContext = new TLSUtils.ClientSSLContextBuilder().setProtocol(sslClientConfig.getProtocol()).setTrustStoreType(sslClientConfig.getTrustStoreType()).setTrustStorePath(sslClientConfig.getTrustStorePath()).setTrustStoreAlgorithm(sslClientConfig.getTrustStoreAlgorithm()).setTrustStorePasswordProvider(sslClientConfig.getTrustStorePasswordProvider()).setKeyStoreType(sslClientConfig.getKeyStoreType()).setKeyStorePath(keystorePath).setKeyStoreAlgorithm(sslClientConfig.getKeyManagerFactoryAlgorithm()).setCertAlias(certAlias).setKeyStorePasswordProvider(sslClientConfig.getKeyStorePasswordProvider()).setKeyManagerFactoryPasswordProvider(sslClientConfig.getKeyManagerPasswordProvider()).setCertificateChecker(certificateChecker).build();
final HttpClientConfig.Builder builder = getHttpClientConfigBuilder(intermediateClientSSLContext);
final Lifecycle lifecycle = new Lifecycle();
HttpClient client = HttpClientInit.createClient(builder.build(), lifecycle);
HttpClient adminClient = new CredentialedHttpClient(new BasicCredentials("admin", "priest"), client);
return adminClient;
}
Aggregations