Search in sources :

Example 1 with BasicAuthenticatorUser

use of org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser in project druid by druid-io.

the class CoordinatorBasicAuthenticatorMetadataStorageUpdater method setUserCredentialOnce.

private boolean setUserCredentialOnce(String prefix, String userName, BasicAuthenticatorCredentials credentials) {
    byte[] oldValue = getCurrentUserMapBytes(prefix);
    Map<String, BasicAuthenticatorUser> userMap = BasicAuthUtils.deserializeAuthenticatorUserMap(objectMapper, oldValue);
    if (userMap.get(userName) == null) {
        throw new BasicSecurityDBResourceException("User [%s] does not exist.", userName);
    } else {
        userMap.put(userName, new BasicAuthenticatorUser(userName, credentials));
    }
    byte[] newValue = BasicAuthUtils.serializeAuthenticatorUserMap(objectMapper, userMap);
    return tryUpdateUserMap(prefix, userMap, oldValue, newValue);
}
Also used : BasicSecurityDBResourceException(org.apache.druid.security.basic.BasicSecurityDBResourceException) BasicAuthenticatorUser(org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser)

Example 2 with BasicAuthenticatorUser

use of org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser in project druid by druid-io.

the class CoordinatorBasicAuthenticatorMetadataStorageUpdater method createUserOnce.

private boolean createUserOnce(String prefix, String userName) {
    byte[] oldValue = getCurrentUserMapBytes(prefix);
    Map<String, BasicAuthenticatorUser> userMap = BasicAuthUtils.deserializeAuthenticatorUserMap(objectMapper, oldValue);
    if (userMap.get(userName) != null) {
        throw new BasicSecurityDBResourceException("User [%s] already exists.", userName);
    } else {
        userMap.put(userName, new BasicAuthenticatorUser(userName, null));
    }
    byte[] newValue = BasicAuthUtils.serializeAuthenticatorUserMap(objectMapper, userMap);
    return tryUpdateUserMap(prefix, userMap, oldValue, newValue);
}
Also used : BasicSecurityDBResourceException(org.apache.druid.security.basic.BasicSecurityDBResourceException) BasicAuthenticatorUser(org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser)

Example 3 with BasicAuthenticatorUser

use of org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser in project druid by druid-io.

the class CoordinatorBasicAuthenticatorResourceHandler method getUser.

@Override
public Response getUser(String authenticatorName, String userName) {
    final BasicHTTPAuthenticator authenticator = authenticatorMap.get(authenticatorName);
    if (authenticator == null) {
        return makeResponseForAuthenticatorNotFound(authenticatorName);
    }
    Map<String, BasicAuthenticatorUser> userMap = BasicAuthUtils.deserializeAuthenticatorUserMap(objectMapper, storageUpdater.getCurrentUserMapBytes(authenticatorName));
    try {
        BasicAuthenticatorUser user = userMap.get(userName);
        if (user == null) {
            throw new BasicSecurityDBResourceException("User [%s] does not exist.", userName);
        }
        return Response.ok(user).build();
    } catch (BasicSecurityDBResourceException cfe) {
        return makeResponseForBasicSecurityDBResourceException(cfe);
    }
}
Also used : BasicHTTPAuthenticator(org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator) BasicSecurityDBResourceException(org.apache.druid.security.basic.BasicSecurityDBResourceException) BasicAuthenticatorUser(org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser)

Example 4 with BasicAuthenticatorUser

use of org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser in project druid by druid-io.

the class CoordinatorBasicAuthenticatorResourceHandler method getAllUsers.

@Override
public Response getAllUsers(final String authenticatorName) {
    final BasicHTTPAuthenticator authenticator = authenticatorMap.get(authenticatorName);
    if (authenticator == null) {
        return makeResponseForAuthenticatorNotFound(authenticatorName);
    }
    Map<String, BasicAuthenticatorUser> userMap = BasicAuthUtils.deserializeAuthenticatorUserMap(objectMapper, storageUpdater.getCurrentUserMapBytes(authenticatorName));
    return Response.ok(userMap.keySet()).build();
}
Also used : BasicHTTPAuthenticator(org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator) BasicAuthenticatorUser(org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser)

Example 5 with BasicAuthenticatorUser

use of org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser in project druid by druid-io.

the class CoordinatorBasicAuthenticatorResourceTest method testGetAllUsers.

@Test
public void testGetAllUsers() {
    Response response = resource.getAllUsers(req, AUTHENTICATOR_NAME);
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(ImmutableSet.of(BasicAuthUtils.ADMIN_NAME, BasicAuthUtils.INTERNAL_USER_NAME), response.getEntity());
    resource.createUser(req, AUTHENTICATOR_NAME, "druid");
    resource.createUser(req, AUTHENTICATOR_NAME, "druid2");
    resource.createUser(req, AUTHENTICATOR_NAME, "druid3");
    Set<String> expectedUsers = ImmutableSet.of(BasicAuthUtils.ADMIN_NAME, BasicAuthUtils.INTERNAL_USER_NAME, "druid", "druid2", "druid3");
    response = resource.getAllUsers(req, AUTHENTICATOR_NAME);
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedUsers, response.getEntity());
    // Verify cached user map is also getting updated
    response = resource.getCachedSerializedUserMap(req, AUTHENTICATOR_NAME);
    Assert.assertEquals(200, response.getStatus());
    Assert.assertTrue(response.getEntity() instanceof byte[]);
    Map<String, BasicAuthenticatorUser> cachedUserMap = BasicAuthUtils.deserializeAuthenticatorUserMap(objectMapper, (byte[]) response.getEntity());
    Assert.assertNotNull(cachedUserMap.get(BasicAuthUtils.ADMIN_NAME));
    Assert.assertEquals(cachedUserMap.get(BasicAuthUtils.ADMIN_NAME).getName(), BasicAuthUtils.ADMIN_NAME);
    Assert.assertNotNull(cachedUserMap.get(BasicAuthUtils.INTERNAL_USER_NAME));
    Assert.assertEquals(cachedUserMap.get(BasicAuthUtils.ADMIN_NAME).getName(), BasicAuthUtils.ADMIN_NAME);
    Assert.assertNotNull(cachedUserMap.get("druid"));
    Assert.assertEquals(cachedUserMap.get("druid").getName(), "druid");
    Assert.assertNotNull(cachedUserMap.get("druid2"));
    Assert.assertEquals(cachedUserMap.get("druid2").getName(), "druid2");
    Assert.assertNotNull(cachedUserMap.get("druid3"));
    Assert.assertEquals(cachedUserMap.get("druid3").getName(), "druid3");
}
Also used : Response(javax.ws.rs.core.Response) BasicAuthenticatorUser(org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser) Test(org.junit.Test)

Aggregations

BasicAuthenticatorUser (org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser)15 Test (org.junit.Test)6 Response (javax.ws.rs.core.Response)4 BasicHTTPAuthenticator (org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator)4 BasicSecurityDBResourceException (org.apache.druid.security.basic.BasicSecurityDBResourceException)3 BasicAuthenticatorCredentialUpdate (org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorCredentialUpdate)3 BasicAuthenticatorCredentials (org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorCredentials)3 Map (java.util.Map)2 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2 ISE (org.apache.druid.java.util.common.ISE)2 LifecycleStart (org.apache.druid.java.util.common.lifecycle.LifecycleStart)2 Authenticator (org.apache.druid.server.security.Authenticator)2 Duration (org.joda.time.Duration)2 Nullable (javax.annotation.Nullable)1 IAE (org.apache.druid.java.util.common.IAE)1 Request (org.apache.druid.java.util.http.client.Request)1 BytesFullResponseHandler (org.apache.druid.java.util.http.client.response.BytesFullResponseHandler)1 BytesFullResponseHolder (org.apache.druid.java.util.http.client.response.BytesFullResponseHolder)1 BasicAuthDBConfig (org.apache.druid.security.basic.BasicAuthDBConfig)1 BasicSecurityAuthenticationException (org.apache.druid.security.basic.BasicSecurityAuthenticationException)1