Search in sources :

Example 1 with BasicCredentials

use of org.apache.druid.java.util.http.client.auth.BasicCredentials in project druid by druid-io.

the class AbstractAuthConfigurationTest method verifyMaliciousUser.

protected void verifyMaliciousUser() {
    String maliciousUsername = "<script>alert('hello')</script>";
    HttpClient maliciousClient = new CredentialedHttpClient(new BasicCredentials(maliciousUsername, "noPass"), httpClient);
    StatusResponseHolder responseHolder = HttpUtil.makeRequestWithExpectedStatus(maliciousClient, HttpMethod.GET, config.getBrokerUrl() + "/status", null, HttpResponseStatus.UNAUTHORIZED);
    String responseContent = responseHolder.getContent();
    Assert.assertTrue(responseContent.contains("<tr><th>MESSAGE:</th><td>Unauthorized</td></tr>"));
    Assert.assertFalse(responseContent.contains(maliciousUsername));
}
Also used : CredentialedHttpClient(org.apache.druid.java.util.http.client.CredentialedHttpClient) HttpClient(org.apache.druid.java.util.http.client.HttpClient) CredentialedHttpClient(org.apache.druid.java.util.http.client.CredentialedHttpClient) StatusResponseHolder(org.apache.druid.java.util.http.client.response.StatusResponseHolder) BasicCredentials(org.apache.druid.java.util.http.client.auth.BasicCredentials)

Example 2 with BasicCredentials

use of org.apache.druid.java.util.http.client.auth.BasicCredentials in project druid by druid-io.

the class ITBasicAuthLdapConfigurationTest method setupTestSpecificHttpClients.

@Override
protected void setupTestSpecificHttpClients() {
    druidUserClient = new CredentialedHttpClient(new BasicCredentials("druid", "helloworld"), httpClient);
    stateOnlyNoLdapGroupUserClient = new CredentialedHttpClient(new BasicCredentials("stateOnlyNoLdapGroup", "helloworld"), httpClient);
}
Also used : CredentialedHttpClient(org.apache.druid.java.util.http.client.CredentialedHttpClient) BasicCredentials(org.apache.druid.java.util.http.client.auth.BasicCredentials)

Example 3 with BasicCredentials

use of org.apache.druid.java.util.http.client.auth.BasicCredentials in project druid by druid-io.

the class ITTLSTest method makeCertlessClient.

private HttpClient makeCertlessClient() {
    SSLContext certlessClientSSLContext = new TLSUtils.ClientSSLContextBuilder().setProtocol(sslClientConfig.getProtocol()).setTrustStoreType(sslClientConfig.getTrustStoreType()).setTrustStorePath(sslClientConfig.getTrustStorePath()).setTrustStoreAlgorithm(sslClientConfig.getTrustStoreAlgorithm()).setTrustStorePasswordProvider(sslClientConfig.getTrustStorePasswordProvider()).setCertificateChecker(certificateChecker).build();
    final HttpClientConfig.Builder builder = getHttpClientConfigBuilder(certlessClientSSLContext);
    final Lifecycle lifecycle = new Lifecycle();
    HttpClient client = HttpClientInit.createClient(builder.build(), lifecycle);
    HttpClient adminClient = new CredentialedHttpClient(new BasicCredentials("admin", "priest"), client);
    return adminClient;
}
Also used : CredentialedHttpClient(org.apache.druid.java.util.http.client.CredentialedHttpClient) HttpClientConfig(org.apache.druid.java.util.http.client.HttpClientConfig) DruidHttpClientConfig(org.apache.druid.guice.http.DruidHttpClientConfig) TLSUtils(org.apache.druid.server.security.TLSUtils) Lifecycle(org.apache.druid.java.util.common.lifecycle.Lifecycle) HttpClient(org.apache.druid.java.util.http.client.HttpClient) CredentialedHttpClient(org.apache.druid.java.util.http.client.CredentialedHttpClient) SSLContext(javax.net.ssl.SSLContext) BasicCredentials(org.apache.druid.java.util.http.client.auth.BasicCredentials)

Example 4 with BasicCredentials

use of org.apache.druid.java.util.http.client.auth.BasicCredentials in project druid by druid-io.

the class ITTLSTest method testTLSNodeAccess.

@Test
public void testTLSNodeAccess() {
    LOG.info("---------Testing resource access with TLS enabled---------");
    HttpClient adminClient = new CredentialedHttpClient(new BasicCredentials("admin", "priest"), httpClient);
    makeRequest(adminClient, HttpMethod.GET, config.getCoordinatorTLSUrl() + "/status", null);
    makeRequest(adminClient, HttpMethod.GET, config.getOverlordTLSUrl() + "/status", null);
    makeRequest(adminClient, HttpMethod.GET, config.getBrokerTLSUrl() + "/status", null);
    makeRequest(adminClient, HttpMethod.GET, config.getHistoricalTLSUrl() + "/status", null);
    makeRequest(adminClient, HttpMethod.GET, config.getRouterTLSUrl() + "/status", null);
    makeRequest(adminClient, HttpMethod.GET, config.getPermissiveRouterTLSUrl() + "/status", null);
    makeRequest(adminClient, HttpMethod.GET, config.getNoClientAuthRouterTLSUrl() + "/status", null);
}
Also used : CredentialedHttpClient(org.apache.druid.java.util.http.client.CredentialedHttpClient) HttpClient(org.apache.druid.java.util.http.client.HttpClient) CredentialedHttpClient(org.apache.druid.java.util.http.client.CredentialedHttpClient) BasicCredentials(org.apache.druid.java.util.http.client.auth.BasicCredentials) Test(org.testng.annotations.Test)

Example 5 with BasicCredentials

use of org.apache.druid.java.util.http.client.auth.BasicCredentials in project druid by druid-io.

the class ITTLSTest method makeCustomHttpClient.

private HttpClient makeCustomHttpClient(String keystorePath, String certAlias, TLSCertificateChecker certificateChecker) {
    SSLContext intermediateClientSSLContext = new TLSUtils.ClientSSLContextBuilder().setProtocol(sslClientConfig.getProtocol()).setTrustStoreType(sslClientConfig.getTrustStoreType()).setTrustStorePath(sslClientConfig.getTrustStorePath()).setTrustStoreAlgorithm(sslClientConfig.getTrustStoreAlgorithm()).setTrustStorePasswordProvider(sslClientConfig.getTrustStorePasswordProvider()).setKeyStoreType(sslClientConfig.getKeyStoreType()).setKeyStorePath(keystorePath).setKeyStoreAlgorithm(sslClientConfig.getKeyManagerFactoryAlgorithm()).setCertAlias(certAlias).setKeyStorePasswordProvider(sslClientConfig.getKeyStorePasswordProvider()).setKeyManagerFactoryPasswordProvider(sslClientConfig.getKeyManagerPasswordProvider()).setCertificateChecker(certificateChecker).build();
    final HttpClientConfig.Builder builder = getHttpClientConfigBuilder(intermediateClientSSLContext);
    final Lifecycle lifecycle = new Lifecycle();
    HttpClient client = HttpClientInit.createClient(builder.build(), lifecycle);
    HttpClient adminClient = new CredentialedHttpClient(new BasicCredentials("admin", "priest"), client);
    return adminClient;
}
Also used : CredentialedHttpClient(org.apache.druid.java.util.http.client.CredentialedHttpClient) HttpClientConfig(org.apache.druid.java.util.http.client.HttpClientConfig) DruidHttpClientConfig(org.apache.druid.guice.http.DruidHttpClientConfig) TLSUtils(org.apache.druid.server.security.TLSUtils) Lifecycle(org.apache.druid.java.util.common.lifecycle.Lifecycle) HttpClient(org.apache.druid.java.util.http.client.HttpClient) CredentialedHttpClient(org.apache.druid.java.util.http.client.CredentialedHttpClient) SSLContext(javax.net.ssl.SSLContext) BasicCredentials(org.apache.druid.java.util.http.client.auth.BasicCredentials)

Aggregations

CredentialedHttpClient (org.apache.druid.java.util.http.client.CredentialedHttpClient)10 BasicCredentials (org.apache.druid.java.util.http.client.auth.BasicCredentials)10 HttpClient (org.apache.druid.java.util.http.client.HttpClient)7 SSLContext (javax.net.ssl.SSLContext)2 DruidHttpClientConfig (org.apache.druid.guice.http.DruidHttpClientConfig)2 Lifecycle (org.apache.druid.java.util.common.lifecycle.Lifecycle)2 HttpClientConfig (org.apache.druid.java.util.http.client.HttpClientConfig)2 TLSUtils (org.apache.druid.server.security.TLSUtils)2 Test (org.testng.annotations.Test)2 StatusResponseHolder (org.apache.druid.java.util.http.client.response.StatusResponseHolder)1 BasicAuthenticatorCredentialUpdate (org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorCredentialUpdate)1