Search in sources :

Example 6 with BasicHTTPAuthenticator

use of org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator in project druid by druid-io.

the class CoordinatorBasicAuthenticatorMetadataStorageUpdaterTest method setUp.

@Before
public void setUp() {
    objectMapper = new ObjectMapper(new SmileFactory());
    TestDerbyConnector connector = derbyConnectorRule.getConnector();
    MetadataStorageTablesConfig tablesConfig = derbyConnectorRule.metadataTablesConfigSupplier().get();
    connector.createConfigTable();
    updater = new CoordinatorBasicAuthenticatorMetadataStorageUpdater(new AuthenticatorMapper(ImmutableMap.of("test", new BasicHTTPAuthenticator(null, "test", "test", null, null, null, null, null, false, null))), connector, tablesConfig, new BasicAuthCommonCacheConfig(null, null, null, null), objectMapper, new NoopBasicAuthenticatorCacheNotifier(), null);
    updater.start();
}
Also used : AuthenticatorMapper(org.apache.druid.server.security.AuthenticatorMapper) BasicHTTPAuthenticator(org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator) MetadataStorageTablesConfig(org.apache.druid.metadata.MetadataStorageTablesConfig) SmileFactory(com.fasterxml.jackson.dataformat.smile.SmileFactory) CoordinatorBasicAuthenticatorMetadataStorageUpdater(org.apache.druid.security.basic.authentication.db.updater.CoordinatorBasicAuthenticatorMetadataStorageUpdater) BasicAuthCommonCacheConfig(org.apache.druid.security.basic.BasicAuthCommonCacheConfig) TestDerbyConnector(org.apache.druid.metadata.TestDerbyConnector) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) Before(org.junit.Before)

Example 7 with BasicHTTPAuthenticator

use of org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator in project druid by druid-io.

the class CoordinatorBasicAuthenticatorResourceTest method setUp.

@Before
public void setUp() {
    req = EasyMock.createStrictMock(HttpServletRequest.class);
    objectMapper = new ObjectMapper(new SmileFactory());
    TestDerbyConnector connector = derbyConnectorRule.getConnector();
    MetadataStorageTablesConfig tablesConfig = derbyConnectorRule.metadataTablesConfigSupplier().get();
    connector.createConfigTable();
    ObjectMapper objectMapper = new ObjectMapper(new SmileFactory());
    AuthenticatorMapper authenticatorMapper = new AuthenticatorMapper(ImmutableMap.of(AUTHENTICATOR_NAME, new BasicHTTPAuthenticator(null, AUTHENTICATOR_NAME, null, new DefaultPasswordProvider("druid"), new DefaultPasswordProvider("druid"), null, null, null, false, null), AUTHENTICATOR_NAME2, new BasicHTTPAuthenticator(null, AUTHENTICATOR_NAME2, null, new DefaultPasswordProvider("druid"), new DefaultPasswordProvider("druid"), null, null, null, false, null), AUTHENTICATOR_NAME_LDAP, new BasicHTTPAuthenticator(null, AUTHENTICATOR_NAME2, null, new DefaultPasswordProvider("druid"), new DefaultPasswordProvider("druid"), null, null, null, false, null)));
    storageUpdater = new CoordinatorBasicAuthenticatorMetadataStorageUpdater(authenticatorMapper, connector, tablesConfig, new BasicAuthCommonCacheConfig(null, null, null, null), objectMapper, new NoopBasicAuthenticatorCacheNotifier(), null);
    resource = new BasicAuthenticatorResource(new CoordinatorBasicAuthenticatorResourceHandler(storageUpdater, authenticatorMapper, objectMapper), authValidator);
    storageUpdater.start();
}
Also used : CoordinatorBasicAuthenticatorResourceHandler(org.apache.druid.security.basic.authentication.endpoint.CoordinatorBasicAuthenticatorResourceHandler) CoordinatorBasicAuthenticatorMetadataStorageUpdater(org.apache.druid.security.basic.authentication.db.updater.CoordinatorBasicAuthenticatorMetadataStorageUpdater) BasicAuthCommonCacheConfig(org.apache.druid.security.basic.BasicAuthCommonCacheConfig) TestDerbyConnector(org.apache.druid.metadata.TestDerbyConnector) HttpServletRequest(javax.servlet.http.HttpServletRequest) AuthenticatorMapper(org.apache.druid.server.security.AuthenticatorMapper) BasicHTTPAuthenticator(org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator) MetadataStorageTablesConfig(org.apache.druid.metadata.MetadataStorageTablesConfig) SmileFactory(com.fasterxml.jackson.dataformat.smile.SmileFactory) BasicAuthenticatorResource(org.apache.druid.security.basic.authentication.endpoint.BasicAuthenticatorResource) DefaultPasswordProvider(org.apache.druid.metadata.DefaultPasswordProvider) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) Before(org.junit.Before)

Example 8 with BasicHTTPAuthenticator

use of org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator in project druid by druid-io.

the class DefaultBasicAuthenticatorResourceHandler method authenticatorUserUpdateListener.

@Override
public Response authenticatorUserUpdateListener(String authenticatorName, byte[] serializedUserMap) {
    final BasicHTTPAuthenticator authenticator = authenticatorMap.get(authenticatorName);
    if (authenticator == null) {
        log.error(UNKNOWN_AUTHENTICATOR_MSG_FORMAT, authenticatorName);
        return Response.status(Response.Status.BAD_REQUEST).entity(ImmutableMap.<String, Object>of("error", StringUtils.format(UNKNOWN_AUTHENTICATOR_MSG_FORMAT, authenticatorName))).build();
    }
    cacheManager.handleAuthenticatorUserMapUpdate(authenticatorName, serializedUserMap);
    return Response.ok().build();
}
Also used : BasicHTTPAuthenticator(org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator)

Example 9 with BasicHTTPAuthenticator

use of org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator in project druid by druid-io.

the class CoordinatorPollingBasicAuthenticatorCacheManager method initUserMaps.

private void initUserMaps() {
    AuthenticatorMapper authenticatorMapper = injector.getInstance(AuthenticatorMapper.class);
    if (authenticatorMapper == null || authenticatorMapper.getAuthenticatorMap() == null) {
        return;
    }
    for (Map.Entry<String, Authenticator> entry : authenticatorMapper.getAuthenticatorMap().entrySet()) {
        Authenticator authenticator = entry.getValue();
        if (authenticator instanceof BasicHTTPAuthenticator) {
            String authenticatorName = entry.getKey();
            authenticatorPrefixes.add(authenticatorName);
            Map<String, BasicAuthenticatorUser> userMap = fetchUserMapFromCoordinator(authenticatorName, true);
            if (userMap != null) {
                cachedUserMaps.put(authenticatorName, userMap);
            }
        }
    }
}
Also used : AuthenticatorMapper(org.apache.druid.server.security.AuthenticatorMapper) BasicHTTPAuthenticator(org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator) BasicAuthenticatorUser(org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser) Map(java.util.Map) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) Authenticator(org.apache.druid.server.security.Authenticator) BasicHTTPAuthenticator(org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator)

Example 10 with BasicHTTPAuthenticator

use of org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator in project druid by druid-io.

the class CoordinatorBasicAuthenticatorMetadataStorageUpdater method setUserCredentialsInternal.

private void setUserCredentialsInternal(String prefix, String userName, BasicAuthenticatorCredentialUpdate update) {
    BasicAuthenticatorCredentials credentials;
    // use default iteration count from Authenticator if not specified in request
    if (update.getIterations() == -1) {
        BasicHTTPAuthenticator authenticator = (BasicHTTPAuthenticator) authenticatorMapper.getAuthenticatorMap().get(prefix);
        credentials = new BasicAuthenticatorCredentials(new BasicAuthenticatorCredentialUpdate(update.getPassword(), authenticator.getDbConfig().getCredentialIterations()));
    } else {
        credentials = new BasicAuthenticatorCredentials(update);
    }
    int attempts = 0;
    while (attempts < numRetries) {
        if (setUserCredentialOnce(prefix, userName, credentials)) {
            return;
        } else {
            attempts++;
        }
        try {
            Thread.sleep(ThreadLocalRandom.current().nextLong(UPDATE_RETRY_DELAY));
        } catch (InterruptedException ie) {
            throw new RuntimeException(ie);
        }
    }
    throw new ISE("Could not set credentials for user[%s] due to concurrent update contention.", userName);
}
Also used : BasicHTTPAuthenticator(org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator) BasicAuthenticatorCredentials(org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorCredentials) BasicAuthenticatorCredentialUpdate(org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorCredentialUpdate) ISE(org.apache.druid.java.util.common.ISE)

Aggregations

BasicHTTPAuthenticator (org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator)12 HttpServletRequest (javax.servlet.http.HttpServletRequest)4 BasicAuthenticatorUser (org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser)4 Map (java.util.Map)3 Filter (javax.servlet.Filter)3 FilterChain (javax.servlet.FilterChain)3 HttpServletResponse (javax.servlet.http.HttpServletResponse)3 CredentialsValidator (org.apache.druid.security.basic.authentication.validator.CredentialsValidator)3 Authenticator (org.apache.druid.server.security.Authenticator)3 AuthenticatorMapper (org.apache.druid.server.security.AuthenticatorMapper)3 Test (org.junit.Test)3 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2 SmileFactory (com.fasterxml.jackson.dataformat.smile.SmileFactory)2 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2 ISE (org.apache.druid.java.util.common.ISE)2 MetadataStorageTablesConfig (org.apache.druid.metadata.MetadataStorageTablesConfig)2 TestDerbyConnector (org.apache.druid.metadata.TestDerbyConnector)2 BasicAuthCommonCacheConfig (org.apache.druid.security.basic.BasicAuthCommonCacheConfig)2 BasicAuthDBConfig (org.apache.druid.security.basic.BasicAuthDBConfig)2 CoordinatorBasicAuthenticatorMetadataStorageUpdater (org.apache.druid.security.basic.authentication.db.updater.CoordinatorBasicAuthenticatorMetadataStorageUpdater)2