use of org.apache.druid.security.basic.authorization.BasicRoleBasedAuthorizer in project druid by druid-io.
the class BasicRoleBasedAuthorizerTest method setUp.
@Before
public void setUp() {
TestDerbyConnector connector = derbyConnectorRule.getConnector();
MetadataStorageTablesConfig tablesConfig = derbyConnectorRule.metadataTablesConfigSupplier().get();
connector.createConfigTable();
BasicAttributes userAttrs = new BasicAttributes(true);
userAttrs.put(new BasicAttribute("sAMAccountName", "druiduser"));
userAttrs.put(new BasicAttribute("memberOf", "CN=user,OU=Druid,OU=Application,OU=Groupings,DC=corp,DC=apache,DC=org"));
BasicAttributes adminAttrs = new BasicAttributes(true);
adminAttrs.put(new BasicAttribute("sAMAccountName", "druidadmin"));
adminAttrs.put(new BasicAttribute("memberOf", "CN=admin,OU=Platform,OU=Groupings,DC=corp,DC=apache,DC=org"));
userSearchResult = new SearchResult("CN=1234,OU=Employees,OU=People", null, userAttrs);
adminSearchResult = new SearchResult("CN=9876,OU=Employees,OU=People", null, adminAttrs);
updater = new CoordinatorBasicAuthorizerMetadataStorageUpdater(new AuthorizerMapper(ImmutableMap.of(DB_AUTHORIZER_NAME, new BasicRoleBasedAuthorizer(null, DB_AUTHORIZER_NAME, null, null, null, null, null, new MetadataStoreRoleProvider(null)), LDAP_AUTHORIZER_NAME, new BasicRoleBasedAuthorizer(null, LDAP_AUTHORIZER_NAME, null, null, null, null, null, new LDAPRoleProvider(null, groupFilters)))), connector, tablesConfig, new BasicAuthCommonCacheConfig(null, null, null, null), new ObjectMapper(new SmileFactory()), new NoopBasicAuthorizerCacheNotifier(), null);
updater.start();
authorizer = new BasicRoleBasedAuthorizer(null, DB_AUTHORIZER_NAME, null, null, null, null, null, new MetadataStoreRoleProvider(new MetadataStoragePollingBasicAuthorizerCacheManager(updater)));
ldapAuthorizer = new BasicRoleBasedAuthorizer(null, LDAP_AUTHORIZER_NAME, null, null, null, null, null, new LDAPRoleProvider(new MetadataStoragePollingBasicAuthorizerCacheManager(updater), groupFilters));
}
use of org.apache.druid.security.basic.authorization.BasicRoleBasedAuthorizer in project druid by druid-io.
the class CoordinatorBasicAuthorizerResourceTest method setUp.
@Before
public void setUp() {
connector = derbyConnectorRule.getConnector();
tablesConfig = derbyConnectorRule.metadataTablesConfigSupplier().get();
connector.createConfigTable();
AuthorizerMapper authorizerMapper = new AuthorizerMapper(ImmutableMap.of(AUTHORIZER_NAME, new BasicRoleBasedAuthorizer(null, AUTHORIZER_NAME, null, null, null, null, null, null), AUTHORIZER_NAME2, new BasicRoleBasedAuthorizer(null, AUTHORIZER_NAME2, null, null, null, null, null, null), AUTHORIZER_NAME3, new BasicRoleBasedAuthorizer(null, AUTHORIZER_NAME3, null, null, "adminGroupMapping", null, null, null)));
storageUpdater = new CoordinatorBasicAuthorizerMetadataStorageUpdater(authorizerMapper, connector, tablesConfig, new BasicAuthCommonCacheConfig(null, null, null, null), new ObjectMapper(new SmileFactory()), new NoopBasicAuthorizerCacheNotifier(), null);
resource = new BasicAuthorizerResource(new CoordinatorBasicAuthorizerResourceHandler(storageUpdater, authorizerMapper, new ObjectMapper(new SmileFactory())), authValidator);
storageUpdater.start();
}
use of org.apache.druid.security.basic.authorization.BasicRoleBasedAuthorizer in project druid by druid-io.
the class CoordinatorBasicAuthorizerCacheNotifier method getAuthorizerConfigMap.
private Map<String, BasicAuthDBConfig> getAuthorizerConfigMap(AuthorizerMapper mapper) {
Preconditions.checkNotNull(mapper);
Preconditions.checkNotNull(mapper.getAuthorizerMap());
Map<String, BasicAuthDBConfig> authorizerConfigMap = new HashMap<>();
for (Map.Entry<String, Authorizer> entry : mapper.getAuthorizerMap().entrySet()) {
Authorizer authorizer = entry.getValue();
if (authorizer instanceof BasicRoleBasedAuthorizer) {
String authorizerName = entry.getKey();
BasicRoleBasedAuthorizer basicRoleBasedAuthorizer = (BasicRoleBasedAuthorizer) authorizer;
BasicAuthDBConfig dbConfig = basicRoleBasedAuthorizer.getDbConfig();
authorizerConfigMap.put(authorizerName, dbConfig);
}
}
return authorizerConfigMap;
}
use of org.apache.druid.security.basic.authorization.BasicRoleBasedAuthorizer in project druid by druid-io.
the class CoordinatorBasicAuthorizerMetadataStorageUpdaterTest method setUp.
@Before
public void setUp() {
objectMapper = new ObjectMapper(new SmileFactory());
TestDerbyConnector connector = derbyConnectorRule.getConnector();
MetadataStorageTablesConfig tablesConfig = derbyConnectorRule.metadataTablesConfigSupplier().get();
connector.createConfigTable();
updater = new CoordinatorBasicAuthorizerMetadataStorageUpdater(new AuthorizerMapper(ImmutableMap.of(AUTHORIZER_NAME, new BasicRoleBasedAuthorizer(null, AUTHORIZER_NAME, null, null, null, null, null, null))), connector, tablesConfig, new BasicAuthCommonCacheConfig(null, null, null, null), objectMapper, new NoopBasicAuthorizerCacheNotifier(), null);
updater.start();
}
use of org.apache.druid.security.basic.authorization.BasicRoleBasedAuthorizer in project druid by druid-io.
the class DefaultBasicAuthorizerResourceHandler method authorizerGroupMappingUpdateListener.
@Override
public Response authorizerGroupMappingUpdateListener(String authorizerName, byte[] serializedGroupMappingAndRoleMap) {
final BasicRoleBasedAuthorizer authorizer = authorizerMap.get(authorizerName);
if (authorizer == null) {
log.error(UNKNOWN_AUTHORIZER_MSG_FORMAT, authorizerName);
return Response.status(Response.Status.BAD_REQUEST).entity(ImmutableMap.<String, Object>of("error", StringUtils.format(UNKNOWN_AUTHORIZER_MSG_FORMAT, authorizerName))).build();
}
cacheManager.handleAuthorizerGroupMappingUpdate(authorizerName, serializedGroupMappingAndRoleMap);
return Response.ok().build();
}
Aggregations