Examples with BasicAuthDBConfig org.apache.druid.security.basic.BasicAuthDBConfig used on opensource projects

Search in sources :

Example 1 with BasicAuthDBConfig

use of org.apache.druid.security.basic.BasicAuthDBConfig in project druid by druid-io.

the class CoordinatorBasicAuthorizerCacheNotifier method getAuthorizerConfigMap.

private Map<String, BasicAuthDBConfig> getAuthorizerConfigMap(AuthorizerMapper mapper) {
    Preconditions.checkNotNull(mapper);
    Preconditions.checkNotNull(mapper.getAuthorizerMap());
    Map<String, BasicAuthDBConfig> authorizerConfigMap = new HashMap<>();
    for (Map.Entry<String, Authorizer> entry : mapper.getAuthorizerMap().entrySet()) {
        Authorizer authorizer = entry.getValue();
        if (authorizer instanceof BasicRoleBasedAuthorizer) {
            String authorizerName = entry.getKey();
            BasicRoleBasedAuthorizer basicRoleBasedAuthorizer = (BasicRoleBasedAuthorizer) authorizer;
            BasicAuthDBConfig dbConfig = basicRoleBasedAuthorizer.getDbConfig();
            authorizerConfigMap.put(authorizerName, dbConfig);
        }
    }
    return authorizerConfigMap;
}
Also used : HashMap(java.util.HashMap) BasicRoleBasedAuthorizer(org.apache.druid.security.basic.authorization.BasicRoleBasedAuthorizer) Authorizer(org.apache.druid.server.security.Authorizer) BasicRoleBasedAuthorizer(org.apache.druid.security.basic.authorization.BasicRoleBasedAuthorizer) HashMap(java.util.HashMap) Map(java.util.Map) BasicAuthDBConfig(org.apache.druid.security.basic.BasicAuthDBConfig)

Example 2 with BasicAuthDBConfig

use of org.apache.druid.security.basic.BasicAuthDBConfig in project druid by druid-io.

the class CoordinatorBasicAuthorizerMetadataStorageUpdater method start.

@LifecycleStart
public void start() {
    if (!lifecycleLock.canStart()) {
        throw new ISE("can't start.");
    }
    if (authorizerMapper == null || authorizerMapper.getAuthorizerMap() == null) {
        return;
    }
    try {
        LOG.info("Starting CoordinatorBasicAuthorizerMetadataStorageUpdater");
        BasicAuthUtils.maybeInitialize(() -> {
            for (Map.Entry<String, Authorizer> entry : authorizerMapper.getAuthorizerMap().entrySet()) {
                Authorizer authorizer = entry.getValue();
                if (authorizer instanceof BasicRoleBasedAuthorizer) {
                    BasicRoleBasedAuthorizer basicRoleBasedAuthorizer = (BasicRoleBasedAuthorizer) authorizer;
                    BasicAuthDBConfig dbConfig = basicRoleBasedAuthorizer.getDbConfig();
                    String authorizerName = entry.getKey();
                    authorizerNames.add(authorizerName);
                    byte[] userMapBytes = getCurrentUserMapBytes(authorizerName);
                    Map<String, BasicAuthorizerUser> userMap = BasicAuthUtils.deserializeAuthorizerUserMap(objectMapper, userMapBytes);
                    cachedUserMaps.put(authorizerName, new BasicAuthorizerUserMapBundle(userMap, userMapBytes));
                    byte[] groupMappingMapBytes = getCurrentGroupMappingMapBytes(authorizerName);
                    Map<String, BasicAuthorizerGroupMapping> groupMappingMap = BasicAuthUtils.deserializeAuthorizerGroupMappingMap(objectMapper, groupMappingMapBytes);
                    cachedGroupMappingMaps.put(authorizerName, new BasicAuthorizerGroupMappingMapBundle(groupMappingMap, groupMappingMapBytes));
                    byte[] roleMapBytes = getCurrentRoleMapBytes(authorizerName);
                    Map<String, BasicAuthorizerRole> roleMap = BasicAuthUtils.deserializeAuthorizerRoleMap(objectMapper, roleMapBytes);
                    cachedRoleMaps.put(authorizerName, new BasicAuthorizerRoleMapBundle(roleMap, roleMapBytes));
                    initSuperUsersAndGroupMapping(authorizerName, userMap, roleMap, groupMappingMap, dbConfig.getInitialAdminUser(), dbConfig.getInitialAdminRole(), dbConfig.getInitialAdminGroupMapping());
                }
            }
            return true;
        });
        ScheduledExecutors.scheduleWithFixedDelay(exec, new Duration(commonCacheConfig.getPollingPeriod()), new Duration(commonCacheConfig.getPollingPeriod()), () -> {
            if (stopped) {
                return ScheduledExecutors.Signal.STOP;
            }
            try {
                LOG.debug("Scheduled db poll is running");
                for (String authorizerName : authorizerNames) {
                    byte[] userMapBytes = getCurrentUserMapBytes(authorizerName);
                    Map<String, BasicAuthorizerUser> userMap = BasicAuthUtils.deserializeAuthorizerUserMap(objectMapper, userMapBytes);
                    if (userMapBytes != null) {
                        synchronized (cachedUserMaps) {
                            cachedUserMaps.put(authorizerName, new BasicAuthorizerUserMapBundle(userMap, userMapBytes));
                        }
                    }
                    byte[] groupMappingMapBytes = getCurrentGroupMappingMapBytes(authorizerName);
                    Map<String, BasicAuthorizerGroupMapping> groupMappingMap = BasicAuthUtils.deserializeAuthorizerGroupMappingMap(objectMapper, groupMappingMapBytes);
                    if (groupMappingMapBytes != null) {
                        synchronized (cachedGroupMappingMaps) {
                            cachedGroupMappingMaps.put(authorizerName, new BasicAuthorizerGroupMappingMapBundle(groupMappingMap, groupMappingMapBytes));
                        }
                    }
                    byte[] roleMapBytes = getCurrentRoleMapBytes(authorizerName);
                    Map<String, BasicAuthorizerRole> roleMap = BasicAuthUtils.deserializeAuthorizerRoleMap(objectMapper, roleMapBytes);
                    if (roleMapBytes != null) {
                        synchronized (cachedRoleMaps) {
                            cachedRoleMaps.put(authorizerName, new BasicAuthorizerRoleMapBundle(roleMap, roleMapBytes));
                        }
                    }
                }
                LOG.debug("Scheduled db poll is done");
            } catch (Throwable t) {
                LOG.makeAlert(t, "Error occured while polling for cachedUserMaps, cachedGroupMappingMaps, cachedRoleMaps.").emit();
            }
            return ScheduledExecutors.Signal.REPEAT;
        });
        lifecycleLock.started();
    } finally {
        lifecycleLock.exitStart();
    }
}
Also used : Duration(org.joda.time.Duration) BasicAuthorizerRoleMapBundle(org.apache.druid.security.basic.authorization.entity.BasicAuthorizerRoleMapBundle) BasicAuthorizerGroupMapping(org.apache.druid.security.basic.authorization.entity.BasicAuthorizerGroupMapping) BasicAuthorizerUserMapBundle(org.apache.druid.security.basic.authorization.entity.BasicAuthorizerUserMapBundle) BasicAuthorizerUser(org.apache.druid.security.basic.authorization.entity.BasicAuthorizerUser) Authorizer(org.apache.druid.server.security.Authorizer) BasicRoleBasedAuthorizer(org.apache.druid.security.basic.authorization.BasicRoleBasedAuthorizer) BasicAuthorizerGroupMappingMapBundle(org.apache.druid.security.basic.authorization.entity.BasicAuthorizerGroupMappingMapBundle) ISE(org.apache.druid.java.util.common.ISE) BasicRoleBasedAuthorizer(org.apache.druid.security.basic.authorization.BasicRoleBasedAuthorizer) BasicAuthorizerRole(org.apache.druid.security.basic.authorization.entity.BasicAuthorizerRole) UserAndRoleMap(org.apache.druid.security.basic.authorization.entity.UserAndRoleMap) Map(java.util.Map) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) GroupMappingAndRoleMap(org.apache.druid.security.basic.authorization.entity.GroupMappingAndRoleMap) BasicAuthDBConfig(org.apache.druid.security.basic.BasicAuthDBConfig) LifecycleStart(org.apache.druid.java.util.common.lifecycle.LifecycleStart)

Example 3 with BasicAuthDBConfig

use of org.apache.druid.security.basic.BasicAuthDBConfig in project druid by druid-io.

the class CoordinatorBasicAuthenticatorMetadataStorageUpdater method start.

@LifecycleStart
public void start() {
    if (!lifecycleLock.canStart()) {
        throw new ISE("can't start.");
    }
    if (authenticatorMapper == null || authenticatorMapper.getAuthenticatorMap() == null) {
        return;
    }
    try {
        LOG.info("Starting CoordinatorBasicAuthenticatorMetadataStorageUpdater.");
        BasicAuthUtils.maybeInitialize(() -> {
            for (Map.Entry<String, Authenticator> entry : authenticatorMapper.getAuthenticatorMap().entrySet()) {
                Authenticator authenticator = entry.getValue();
                if (authenticator instanceof BasicHTTPAuthenticator) {
                    String authenticatorName = entry.getKey();
                    authenticatorPrefixes.add(authenticatorName);
                    BasicHTTPAuthenticator basicHTTPAuthenticator = (BasicHTTPAuthenticator) authenticator;
                    BasicAuthDBConfig dbConfig = basicHTTPAuthenticator.getDbConfig();
                    byte[] userMapBytes = getCurrentUserMapBytes(authenticatorName);
                    Map<String, BasicAuthenticatorUser> userMap = BasicAuthUtils.deserializeAuthenticatorUserMap(objectMapper, userMapBytes);
                    cachedUserMaps.put(authenticatorName, new BasicAuthenticatorUserMapBundle(userMap, userMapBytes));
                    if (dbConfig.getInitialAdminPassword() != null && !userMap.containsKey(BasicAuthUtils.ADMIN_NAME)) {
                        createUserInternal(authenticatorName, BasicAuthUtils.ADMIN_NAME);
                        setUserCredentialsInternal(authenticatorName, BasicAuthUtils.ADMIN_NAME, new BasicAuthenticatorCredentialUpdate(dbConfig.getInitialAdminPassword().getPassword(), BasicAuthUtils.DEFAULT_KEY_ITERATIONS));
                    }
                    if (dbConfig.getInitialInternalClientPassword() != null && !userMap.containsKey(BasicAuthUtils.INTERNAL_USER_NAME)) {
                        createUserInternal(authenticatorName, BasicAuthUtils.INTERNAL_USER_NAME);
                        setUserCredentialsInternal(authenticatorName, BasicAuthUtils.INTERNAL_USER_NAME, new BasicAuthenticatorCredentialUpdate(dbConfig.getInitialInternalClientPassword().getPassword(), BasicAuthUtils.DEFAULT_KEY_ITERATIONS));
                    }
                }
            }
            return true;
        });
        ScheduledExecutors.scheduleWithFixedDelay(exec, new Duration(commonCacheConfig.getPollingPeriod()), new Duration(commonCacheConfig.getPollingPeriod()), new Callable<ScheduledExecutors.Signal>() {

            @Override
            public ScheduledExecutors.Signal call() {
                if (stopped) {
                    return ScheduledExecutors.Signal.STOP;
                }
                try {
                    LOG.debug("Scheduled db userMap poll is running");
                    for (String authenticatorPrefix : authenticatorPrefixes) {
                        byte[] userMapBytes = getCurrentUserMapBytes(authenticatorPrefix);
                        Map<String, BasicAuthenticatorUser> userMap = BasicAuthUtils.deserializeAuthenticatorUserMap(objectMapper, userMapBytes);
                        if (userMapBytes != null) {
                            cachedUserMaps.put(authenticatorPrefix, new BasicAuthenticatorUserMapBundle(userMap, userMapBytes));
                        }
                    }
                    LOG.debug("Scheduled db userMap poll is done");
                } catch (Throwable t) {
                    LOG.makeAlert(t, "Error occured while polling for cachedUserMaps.").emit();
                }
                return ScheduledExecutors.Signal.REPEAT;
            }
        });
        lifecycleLock.started();
    } finally {
        lifecycleLock.exitStart();
    }
}
Also used : Duration(org.joda.time.Duration) BasicAuthenticatorUser(org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser) BasicAuthenticatorUserMapBundle(org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUserMapBundle) BasicHTTPAuthenticator(org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator) BasicAuthenticatorCredentialUpdate(org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorCredentialUpdate) ISE(org.apache.druid.java.util.common.ISE) Map(java.util.Map) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) Authenticator(org.apache.druid.server.security.Authenticator) BasicHTTPAuthenticator(org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator) BasicAuthDBConfig(org.apache.druid.security.basic.BasicAuthDBConfig) LifecycleStart(org.apache.druid.java.util.common.lifecycle.LifecycleStart)

Example 4 with BasicAuthDBConfig

use of org.apache.druid.security.basic.BasicAuthDBConfig in project druid by druid-io.

the class CoordinatorBasicAuthenticatorCacheNotifier method initAuthenticatorConfigMap.

private Map<String, BasicAuthDBConfig> initAuthenticatorConfigMap(AuthenticatorMapper mapper) {
    Preconditions.checkNotNull(mapper);
    Preconditions.checkNotNull(mapper.getAuthenticatorMap());
    Map<String, BasicAuthDBConfig> authenticatorConfigMap = new HashMap<>();
    for (Map.Entry<String, Authenticator> entry : mapper.getAuthenticatorMap().entrySet()) {
        Authenticator authenticator = entry.getValue();
        if (authenticator instanceof BasicHTTPAuthenticator) {
            String authenticatorName = entry.getKey();
            BasicHTTPAuthenticator basicHTTPAuthenticator = (BasicHTTPAuthenticator) authenticator;
            BasicAuthDBConfig dbConfig = basicHTTPAuthenticator.getDbConfig();
            authenticatorConfigMap.put(authenticatorName, dbConfig);
        }
    }
    return authenticatorConfigMap;
}
Also used : BasicHTTPAuthenticator(org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator) HashMap(java.util.HashMap) HashMap(java.util.HashMap) Map(java.util.Map) BasicAuthDBConfig(org.apache.druid.security.basic.BasicAuthDBConfig) Authenticator(org.apache.druid.server.security.Authenticator) BasicHTTPAuthenticator(org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator)

Aggregations

Map (java.util.Map)4 BasicAuthDBConfig (org.apache.druid.security.basic.BasicAuthDBConfig)4 HashMap (java.util.HashMap)2 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2 ISE (org.apache.druid.java.util.common.ISE)2 LifecycleStart (org.apache.druid.java.util.common.lifecycle.LifecycleStart)2 BasicHTTPAuthenticator (org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator)2 BasicRoleBasedAuthorizer (org.apache.druid.security.basic.authorization.BasicRoleBasedAuthorizer)2 Authenticator (org.apache.druid.server.security.Authenticator)2 Authorizer (org.apache.druid.server.security.Authorizer)2 Duration (org.joda.time.Duration)2 BasicAuthenticatorCredentialUpdate (org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorCredentialUpdate)1 BasicAuthenticatorUser (org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser)1 BasicAuthenticatorUserMapBundle (org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUserMapBundle)1 BasicAuthorizerGroupMapping (org.apache.druid.security.basic.authorization.entity.BasicAuthorizerGroupMapping)1 BasicAuthorizerGroupMappingMapBundle (org.apache.druid.security.basic.authorization.entity.BasicAuthorizerGroupMappingMapBundle)1 BasicAuthorizerRole (org.apache.druid.security.basic.authorization.entity.BasicAuthorizerRole)1 BasicAuthorizerRoleMapBundle (org.apache.druid.security.basic.authorization.entity.BasicAuthorizerRoleMapBundle)1 BasicAuthorizerUser (org.apache.druid.security.basic.authorization.entity.BasicAuthorizerUser)1 BasicAuthorizerUserMapBundle (org.apache.druid.security.basic.authorization.entity.BasicAuthorizerUserMapBundle)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial