Example 1 with BasicAuthenticatorUserMapBundle
use of org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUserMapBundle in project druid by druid-io.
the class CoordinatorBasicAuthenticatorMetadataStorageUpdater method tryUpdateUserMap.
private boolean tryUpdateUserMap(String prefix, Map<String, BasicAuthenticatorUser> userMap, byte[] oldValue, byte[] newValue) {
try {
MetadataCASUpdate update = new MetadataCASUpdate(connectorConfig.getConfigTable(), MetadataStorageConnector.CONFIG_TABLE_KEY_COLUMN, MetadataStorageConnector.CONFIG_TABLE_VALUE_COLUMN, getPrefixedKeyColumn(prefix, USERS), oldValue, newValue);
boolean succeeded = connector.compareAndSwap(Collections.singletonList(update));
if (succeeded) {
cachedUserMaps.put(prefix, new BasicAuthenticatorUserMapBundle(userMap, newValue));
cacheNotifier.addUserUpdate(prefix, newValue);
return true;
} else {
return false;
}
} catch (Exception e) {
throw new RuntimeException(e);
}
}
Also used :
MetadataCASUpdate(org.apache.druid.metadata.MetadataCASUpdate)
BasicAuthenticatorUserMapBundle(org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUserMapBundle)
BasicSecurityDBResourceException(org.apache.druid.security.basic.BasicSecurityDBResourceException)
Example 2 with BasicAuthenticatorUserMapBundle
use of org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUserMapBundle in project druid by druid-io.
the class CoordinatorBasicAuthenticatorMetadataStorageUpdater method getCachedSerializedUserMap.
@Override
public byte[] getCachedSerializedUserMap(String prefix) {
Preconditions.checkState(lifecycleLock.awaitStarted(1, TimeUnit.MILLISECONDS));
BasicAuthenticatorUserMapBundle bundle = cachedUserMaps.get(prefix);
if (bundle == null) {
return null;
} else {
return bundle.getSerializedUserMap();
}
}
Also used :
BasicAuthenticatorUserMapBundle(org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUserMapBundle)
Example 3 with BasicAuthenticatorUserMapBundle
use of org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUserMapBundle in project druid by druid-io.
the class CoordinatorBasicAuthenticatorMetadataStorageUpdater method getCachedUserMap.
@Override
public Map<String, BasicAuthenticatorUser> getCachedUserMap(String prefix) {
Preconditions.checkState(lifecycleLock.awaitStarted(1, TimeUnit.MILLISECONDS));
BasicAuthenticatorUserMapBundle bundle = cachedUserMaps.get(prefix);
if (bundle == null) {
return null;
} else {
return bundle.getUserMap();
}
}
Also used :
BasicAuthenticatorUserMapBundle(org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUserMapBundle)
Example 4 with BasicAuthenticatorUserMapBundle
use of org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUserMapBundle in project druid by druid-io.
the class CoordinatorBasicAuthenticatorMetadataStorageUpdater method start.
@LifecycleStart
public void start() {
if (!lifecycleLock.canStart()) {
throw new ISE("can't start.");
}
if (authenticatorMapper == null || authenticatorMapper.getAuthenticatorMap() == null) {
return;
}
try {
LOG.info("Starting CoordinatorBasicAuthenticatorMetadataStorageUpdater.");
BasicAuthUtils.maybeInitialize(() -> {
for (Map.Entry<String, Authenticator> entry : authenticatorMapper.getAuthenticatorMap().entrySet()) {
Authenticator authenticator = entry.getValue();
if (authenticator instanceof BasicHTTPAuthenticator) {
String authenticatorName = entry.getKey();
authenticatorPrefixes.add(authenticatorName);
BasicHTTPAuthenticator basicHTTPAuthenticator = (BasicHTTPAuthenticator) authenticator;
BasicAuthDBConfig dbConfig = basicHTTPAuthenticator.getDbConfig();
byte[] userMapBytes = getCurrentUserMapBytes(authenticatorName);
Map<String, BasicAuthenticatorUser> userMap = BasicAuthUtils.deserializeAuthenticatorUserMap(objectMapper, userMapBytes);
cachedUserMaps.put(authenticatorName, new BasicAuthenticatorUserMapBundle(userMap, userMapBytes));
if (dbConfig.getInitialAdminPassword() != null && !userMap.containsKey(BasicAuthUtils.ADMIN_NAME)) {
createUserInternal(authenticatorName, BasicAuthUtils.ADMIN_NAME);
setUserCredentialsInternal(authenticatorName, BasicAuthUtils.ADMIN_NAME, new BasicAuthenticatorCredentialUpdate(dbConfig.getInitialAdminPassword().getPassword(), BasicAuthUtils.DEFAULT_KEY_ITERATIONS));
}
if (dbConfig.getInitialInternalClientPassword() != null && !userMap.containsKey(BasicAuthUtils.INTERNAL_USER_NAME)) {
createUserInternal(authenticatorName, BasicAuthUtils.INTERNAL_USER_NAME);
setUserCredentialsInternal(authenticatorName, BasicAuthUtils.INTERNAL_USER_NAME, new BasicAuthenticatorCredentialUpdate(dbConfig.getInitialInternalClientPassword().getPassword(), BasicAuthUtils.DEFAULT_KEY_ITERATIONS));
}
}
}
return true;
});
ScheduledExecutors.scheduleWithFixedDelay(exec, new Duration(commonCacheConfig.getPollingPeriod()), new Duration(commonCacheConfig.getPollingPeriod()), new Callable<ScheduledExecutors.Signal>() {
@Override
public ScheduledExecutors.Signal call() {
if (stopped) {
return ScheduledExecutors.Signal.STOP;
}
try {
LOG.debug("Scheduled db userMap poll is running");
for (String authenticatorPrefix : authenticatorPrefixes) {
byte[] userMapBytes = getCurrentUserMapBytes(authenticatorPrefix);
Map<String, BasicAuthenticatorUser> userMap = BasicAuthUtils.deserializeAuthenticatorUserMap(objectMapper, userMapBytes);
if (userMapBytes != null) {
cachedUserMaps.put(authenticatorPrefix, new BasicAuthenticatorUserMapBundle(userMap, userMapBytes));
}
}
LOG.debug("Scheduled db userMap poll is done");
} catch (Throwable t) {
LOG.makeAlert(t, "Error occured while polling for cachedUserMaps.").emit();
}
return ScheduledExecutors.Signal.REPEAT;
}
});
lifecycleLock.started();
} finally {
lifecycleLock.exitStart();
}
}
Also used :
Duration(org.joda.time.Duration)
BasicAuthenticatorUser(org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser)
BasicAuthenticatorUserMapBundle(org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUserMapBundle)
BasicHTTPAuthenticator(org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator)
BasicAuthenticatorCredentialUpdate(org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorCredentialUpdate)
ISE(org.apache.druid.java.util.common.ISE)
Map(java.util.Map)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
Authenticator(org.apache.druid.server.security.Authenticator)
BasicHTTPAuthenticator(org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator)
BasicAuthDBConfig(org.apache.druid.security.basic.BasicAuthDBConfig)
LifecycleStart(org.apache.druid.java.util.common.lifecycle.LifecycleStart)
Aggregations
BasicAuthenticatorUserMapBundle (org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUserMapBundle)4
Map (java.util.Map)1
ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)1
ISE (org.apache.druid.java.util.common.ISE)1
LifecycleStart (org.apache.druid.java.util.common.lifecycle.LifecycleStart)1
MetadataCASUpdate (org.apache.druid.metadata.MetadataCASUpdate)1
BasicAuthDBConfig (org.apache.druid.security.basic.BasicAuthDBConfig)1
BasicSecurityDBResourceException (org.apache.druid.security.basic.BasicSecurityDBResourceException)1
BasicHTTPAuthenticator (org.apache.druid.security.basic.authentication.BasicHTTPAuthenticator)1
BasicAuthenticatorCredentialUpdate (org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorCredentialUpdate)1
BasicAuthenticatorUser (org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser)1
Authenticator (org.apache.druid.server.security.Authenticator)1
Duration (org.joda.time.Duration)1
