Examples with AuthSchemeProvider org.apache.http.auth.AuthSchemeProvider used on opensource projects

Search in sources :

Example 11 with AuthSchemeProvider

use of org.apache.http.auth.AuthSchemeProvider in project ranger by apache.

the class ElasticSearchIndexBootStrapper method getRestClientBuilder.

public static RestClientBuilder getRestClientBuilder(String urls, String protocol, String user, String password, int port) {
    RestClientBuilder restClientBuilder = RestClient.builder(EmbeddedServerUtil.toArray(urls, ",").stream().map(x -> new HttpHost(x, port, protocol)).<HttpHost>toArray(i -> new HttpHost[i]));
    if (StringUtils.isNotBlank(user) && StringUtils.isNotBlank(password) && !user.equalsIgnoreCase("NONE") && !password.equalsIgnoreCase("NONE")) {
        if (password.contains("keytab") && new File(password).exists()) {
            final KerberosCredentialsProvider credentialsProvider = CredentialsProviderUtil.getKerberosCredentials(user, password);
            Lookup<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create().register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory()).build();
            restClientBuilder.setHttpClientConfigCallback(clientBuilder -> {
                clientBuilder.setDefaultCredentialsProvider(credentialsProvider);
                clientBuilder.setDefaultAuthSchemeRegistry(authSchemeRegistry);
                return clientBuilder;
            });
        } else {
            final CredentialsProvider credentialsProvider = CredentialsProviderUtil.getBasicCredentials(user, password);
            restClientBuilder.setHttpClientConfigCallback(clientBuilder -> clientBuilder.setDefaultCredentialsProvider(credentialsProvider));
        }
    } else {
        LOG.severe("ElasticSearch Credentials not provided!!");
        final CredentialsProvider credentialsProvider = null;
        restClientBuilder.setHttpClientConfigCallback(clientBuilder -> clientBuilder.setDefaultCredentialsProvider(credentialsProvider));
    }
    return restClientBuilder;
}
Also used : RestClient(org.elasticsearch.client.RestClient) AuthSchemeProvider(org.apache.http.auth.AuthSchemeProvider) StringUtils(org.apache.commons.lang.StringUtils) RegistryBuilder(org.apache.http.config.RegistryBuilder) RestClientBuilder(org.elasticsearch.client.RestClientBuilder) XContentType(org.elasticsearch.common.xcontent.XContentType) AuthSchemes(org.apache.http.client.config.AuthSchemes) OpenIndexRequest(org.elasticsearch.action.admin.indices.open.OpenIndexRequest) Settings(org.elasticsearch.common.settings.Settings) KerberosCredentialsProvider(org.apache.ranger.authorization.credutils.kerberos.KerberosCredentialsProvider) Locale(java.util.Locale) CredentialReader(org.apache.ranger.credentialapi.CredentialReader) TimeValue(org.elasticsearch.common.unit.TimeValue) Lookup(org.apache.http.config.Lookup) RequestOptions(org.elasticsearch.client.RequestOptions) SPNegoSchemeFactory(org.apache.http.impl.auth.SPNegoSchemeFactory) Path(java.nio.file.Path) CreateIndexRequest(org.elasticsearch.client.indices.CreateIndexRequest) Files(java.nio.file.Files) IOException(java.io.IOException) KeyStore(java.security.KeyStore) Logger(java.util.logging.Logger) RestHighLevelClient(org.elasticsearch.client.RestHighLevelClient) File(java.io.File) StandardCharsets(java.nio.charset.StandardCharsets) TimeUnit(java.util.concurrent.TimeUnit) AtomicLong(java.util.concurrent.atomic.AtomicLong) Paths(java.nio.file.Paths) CredentialsProviderUtil(org.apache.ranger.authorization.credutils.CredentialsProviderUtil) CreateIndexResponse(org.elasticsearch.client.indices.CreateIndexResponse) CredentialsProvider(org.apache.http.client.CredentialsProvider) HttpHost(org.apache.http.HttpHost) KerberosCredentialsProvider(org.apache.ranger.authorization.credutils.kerberos.KerberosCredentialsProvider) HttpHost(org.apache.http.HttpHost) RestClientBuilder(org.elasticsearch.client.RestClientBuilder) AuthSchemeProvider(org.apache.http.auth.AuthSchemeProvider) SPNegoSchemeFactory(org.apache.http.impl.auth.SPNegoSchemeFactory) KerberosCredentialsProvider(org.apache.ranger.authorization.credutils.kerberos.KerberosCredentialsProvider) CredentialsProvider(org.apache.http.client.CredentialsProvider) File(java.io.File)

Example 12 with AuthSchemeProvider

use of org.apache.http.auth.AuthSchemeProvider in project ranger by apache.

the class ElasticSearchAuditDestination method getRestClientBuilder.

public static RestClientBuilder getRestClientBuilder(String urls, String protocol, String user, String password, int port) {
    RestClientBuilder restClientBuilder = RestClient.builder(MiscUtil.toArray(urls, ",").stream().map(x -> new HttpHost(x, port, protocol)).<HttpHost>toArray(i -> new HttpHost[i]));
    if (StringUtils.isNotBlank(user) && StringUtils.isNotBlank(password) && !user.equalsIgnoreCase("NONE") && !password.equalsIgnoreCase("NONE")) {
        if (password.contains("keytab") && new File(password).exists()) {
            final KerberosCredentialsProvider credentialsProvider = CredentialsProviderUtil.getKerberosCredentials(user, password);
            Lookup<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create().register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory()).build();
            restClientBuilder.setHttpClientConfigCallback(clientBuilder -> {
                clientBuilder.setDefaultCredentialsProvider(credentialsProvider);
                clientBuilder.setDefaultAuthSchemeRegistry(authSchemeRegistry);
                return clientBuilder;
            });
        } else {
            final CredentialsProvider credentialsProvider = CredentialsProviderUtil.getBasicCredentials(user, password);
            restClientBuilder.setHttpClientConfigCallback(clientBuilder -> clientBuilder.setDefaultCredentialsProvider(credentialsProvider));
        }
    } else {
        LOG.error("ElasticSearch Credentials not provided!!");
        final CredentialsProvider credentialsProvider = null;
        restClientBuilder.setHttpClientConfigCallback(clientBuilder -> clientBuilder.setDefaultCredentialsProvider(credentialsProvider));
    }
    return restClientBuilder;
}
Also used : RestClient(org.elasticsearch.client.RestClient) AuthSchemeProvider(org.apache.http.auth.AuthSchemeProvider) Arrays(java.util.Arrays) StringUtils(org.apache.commons.lang.StringUtils) RegistryBuilder(org.apache.http.config.RegistryBuilder) RestClientBuilder(org.elasticsearch.client.RestClientBuilder) Date(java.util.Date) LoggerFactory(org.slf4j.LoggerFactory) HashMap(java.util.HashMap) AuthSchemes(org.apache.http.client.config.AuthSchemes) OpenIndexRequest(org.elasticsearch.action.admin.indices.open.OpenIndexRequest) ArrayList(java.util.ArrayList) IndexRequest(org.elasticsearch.action.index.IndexRequest) KerberosCredentialsProvider(org.apache.ranger.authorization.credutils.kerberos.KerberosCredentialsProvider) Locale(java.util.Locale) Map(java.util.Map) Lookup(org.apache.http.config.Lookup) RequestOptions(org.elasticsearch.client.RequestOptions) SPNegoSchemeFactory(org.apache.http.impl.auth.SPNegoSchemeFactory) AuthzAuditEvent(org.apache.ranger.audit.model.AuthzAuditEvent) PrivilegedActionException(java.security.PrivilegedActionException) Properties(java.util.Properties) Logger(org.slf4j.Logger) BulkItemResponse(org.elasticsearch.action.bulk.BulkItemResponse) Collection(java.util.Collection) BulkResponse(org.elasticsearch.action.bulk.BulkResponse) KerberosTicket(javax.security.auth.kerberos.KerberosTicket) RestHighLevelClient(org.elasticsearch.client.RestHighLevelClient) File(java.io.File) Subject(javax.security.auth.Subject) TimeUnit(java.util.concurrent.TimeUnit) AtomicLong(java.util.concurrent.atomic.AtomicLong) MiscUtil(org.apache.ranger.audit.provider.MiscUtil) CredentialsProviderUtil(org.apache.ranger.authorization.credutils.CredentialsProviderUtil) AuditEventBase(org.apache.ranger.audit.model.AuditEventBase) CredentialsProvider(org.apache.http.client.CredentialsProvider) HttpHost(org.apache.http.HttpHost) BulkRequest(org.elasticsearch.action.bulk.BulkRequest) KerberosCredentialsProvider(org.apache.ranger.authorization.credutils.kerberos.KerberosCredentialsProvider) HttpHost(org.apache.http.HttpHost) RestClientBuilder(org.elasticsearch.client.RestClientBuilder) AuthSchemeProvider(org.apache.http.auth.AuthSchemeProvider) SPNegoSchemeFactory(org.apache.http.impl.auth.SPNegoSchemeFactory) KerberosCredentialsProvider(org.apache.ranger.authorization.credutils.kerberos.KerberosCredentialsProvider) CredentialsProvider(org.apache.http.client.CredentialsProvider) File(java.io.File)

Example 13 with AuthSchemeProvider

use of org.apache.http.auth.AuthSchemeProvider in project knox by apache.

the class BaseZookeeperURLManager method buildHttpClient.

/**
 * Construct an Apache HttpClient with suitable timeout and authentication.
 *
 * @return Apache HttpClient
 */
private CloseableHttpClient buildHttpClient() {
    CloseableHttpClient client;
    // Construct a HttpClient with short term timeout
    RequestConfig.Builder requestBuilder = RequestConfig.custom().setConnectTimeout(TIMEOUT).setSocketTimeout(TIMEOUT).setConnectionRequestTimeout(TIMEOUT);
    // If Kerberos is enabled, allow for challenge/response transparent to client
    if (Boolean.getBoolean(GatewayConfig.HADOOP_KERBEROS_SECURED)) {
        CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
        credentialsProvider.setCredentials(AuthScope.ANY, new NullCredentials());
        Registry<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create().register(AuthSchemes.SPNEGO, new KnoxSpnegoAuthSchemeFactory(true)).build();
        client = HttpClientBuilder.create().setDefaultRequestConfig(requestBuilder.build()).setDefaultAuthSchemeRegistry(authSchemeRegistry).setDefaultCredentialsProvider(credentialsProvider).build();
    } else {
        client = HttpClientBuilder.create().setDefaultRequestConfig(requestBuilder.build()).build();
    }
    return client;
}
Also used : KnoxSpnegoAuthSchemeFactory(org.apache.knox.gateway.dispatch.KnoxSpnegoAuthSchemeFactory) CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient) RequestConfig(org.apache.http.client.config.RequestConfig) BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) CredentialsProvider(org.apache.http.client.CredentialsProvider) AuthSchemeProvider(org.apache.http.auth.AuthSchemeProvider)

Example 14 with AuthSchemeProvider

use of org.apache.http.auth.AuthSchemeProvider in project lucene-solr by apache.

the class Krb5HttpClientBuilder method getBuilder.

public SolrHttpClientBuilder getBuilder(SolrHttpClientBuilder builder) {
    if (System.getProperty(LOGIN_CONFIG_PROP) != null) {
        String configValue = System.getProperty(LOGIN_CONFIG_PROP);
        if (configValue != null) {
            logger.info("Setting up SPNego auth with config: " + configValue);
            final String useSubjectCredsProp = "javax.security.auth.useSubjectCredsOnly";
            String useSubjectCredsVal = System.getProperty(useSubjectCredsProp);
            // authentication mechanism can load the credentials from the JAAS configuration.
            if (useSubjectCredsVal == null) {
                System.setProperty(useSubjectCredsProp, "false");
            } else if (!useSubjectCredsVal.toLowerCase(Locale.ROOT).equals("false")) {
                // Don't overwrite the prop value if it's already been written to something else,
                // but log because it is likely the Credentials won't be loaded correctly.
                logger.warn("System Property: " + useSubjectCredsProp + " set to: " + useSubjectCredsVal + " not false.  SPNego authentication may not be successful.");
            }
            javax.security.auth.login.Configuration.setConfiguration(jaasConfig);
            //Enable only SPNEGO authentication scheme.
            builder.setAuthSchemeRegistryProvider(() -> {
                Lookup<AuthSchemeProvider> authProviders = RegistryBuilder.<AuthSchemeProvider>create().register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true, false)).build();
                return authProviders;
            });
            // Get the credentials from the JAAS configuration rather than here
            Credentials useJaasCreds = new Credentials() {

                public String getPassword() {
                    return null;
                }

                public Principal getUserPrincipal() {
                    return null;
                }
            };
            HttpClientUtil.setCookiePolicy(SolrPortAwareCookieSpecFactory.POLICY_NAME);
            builder.setCookieSpecRegistryProvider(() -> {
                SolrPortAwareCookieSpecFactory cookieFactory = new SolrPortAwareCookieSpecFactory();
                Lookup<CookieSpecProvider> cookieRegistry = RegistryBuilder.<CookieSpecProvider>create().register(SolrPortAwareCookieSpecFactory.POLICY_NAME, cookieFactory).build();
                return cookieRegistry;
            });
            builder.setDefaultCredentialsProvider(() -> {
                CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
                credentialsProvider.setCredentials(AuthScope.ANY, useJaasCreds);
                return credentialsProvider;
            });
            HttpClientUtil.addRequestInterceptor(bufferedEntityInterceptor);
        }
    } else {
        logger.warn("{} is configured without specifying system property '{}'", getClass().getName(), LOGIN_CONFIG_PROP);
    }
    return builder;
}
Also used : BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) CookieSpecProvider(org.apache.http.cookie.CookieSpecProvider) AuthSchemeProvider(org.apache.http.auth.AuthSchemeProvider) SPNegoSchemeFactory(org.apache.http.impl.auth.SPNegoSchemeFactory) BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) CredentialsProvider(org.apache.http.client.CredentialsProvider) Credentials(org.apache.http.auth.Credentials)

Example 15 with AuthSchemeProvider

use of org.apache.http.auth.AuthSchemeProvider in project portal by ixinportal.

the class HttpAsyncClientUtil method createAsyncClient.

public CloseableHttpAsyncClient createAsyncClient(boolean proxy) throws KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, MalformedChallengeException, IOReactorException {
    RequestConfig requestConfig = RequestConfig.custom().setConnectTimeout(connectTimeout).setSocketTimeout(socketTimeout).build();
    SSLContext sslcontext = SSLContexts.createDefault();
    UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(username, password);
    CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
    credentialsProvider.setCredentials(AuthScope.ANY, credentials);
    // 设置协议http和https对应的处理socket链接工厂的对象
    Registry<SchemeIOSessionStrategy> sessionStrategyRegistry = RegistryBuilder.<SchemeIOSessionStrategy>create().register("http", NoopIOSessionStrategy.INSTANCE).register("https", new SSLIOSessionStrategy(sslcontext)).build();
    // 配置io线程
    IOReactorConfig ioReactorConfig = IOReactorConfig.custom().setIoThreadCount(Runtime.getRuntime().availableProcessors()).build();
    // 设置连接池大小
    ConnectingIOReactor ioReactor = new DefaultConnectingIOReactor(ioReactorConfig);
    PoolingNHttpClientConnectionManager conMgr = new PoolingNHttpClientConnectionManager(ioReactor, null, sessionStrategyRegistry, null);
    if (poolSize > 0) {
        conMgr.setMaxTotal(poolSize);
    }
    if (maxPerRoute > 0) {
        conMgr.setDefaultMaxPerRoute(maxPerRoute);
    } else {
        conMgr.setDefaultMaxPerRoute(10);
    }
    ConnectionConfig connectionConfig = ConnectionConfig.custom().setMalformedInputAction(CodingErrorAction.IGNORE).setUnmappableInputAction(CodingErrorAction.IGNORE).setCharset(Consts.UTF_8).build();
    Lookup<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create().register(AuthSchemes.BASIC, new BasicSchemeFactory()).register(AuthSchemes.DIGEST, new DigestSchemeFactory()).register(AuthSchemes.NTLM, new NTLMSchemeFactory()).register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory()).register(AuthSchemes.KERBEROS, new KerberosSchemeFactory()).build();
    conMgr.setDefaultConnectionConfig(connectionConfig);
    if (proxy) {
        return HttpAsyncClients.custom().setConnectionManager(conMgr).setDefaultCredentialsProvider(credentialsProvider).setDefaultAuthSchemeRegistry(authSchemeRegistry).setProxy(new HttpHost(host, port)).setDefaultCookieStore(new BasicCookieStore()).setDefaultRequestConfig(requestConfig).build();
    } else {
        return HttpAsyncClients.custom().setConnectionManager(conMgr).setDefaultCredentialsProvider(credentialsProvider).setDefaultAuthSchemeRegistry(authSchemeRegistry).setDefaultCookieStore(new BasicCookieStore()).build();
    }
}
Also used : ConnectingIOReactor(org.apache.http.nio.reactor.ConnectingIOReactor) DefaultConnectingIOReactor(org.apache.http.impl.nio.reactor.DefaultConnectingIOReactor) RequestConfig(org.apache.http.client.config.RequestConfig) BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) SchemeIOSessionStrategy(org.apache.http.nio.conn.SchemeIOSessionStrategy) SSLIOSessionStrategy(org.apache.http.nio.conn.ssl.SSLIOSessionStrategy) SSLContext(javax.net.ssl.SSLContext) BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) CredentialsProvider(org.apache.http.client.CredentialsProvider) UsernamePasswordCredentials(org.apache.http.auth.UsernamePasswordCredentials) IOReactorConfig(org.apache.http.impl.nio.reactor.IOReactorConfig) DefaultConnectingIOReactor(org.apache.http.impl.nio.reactor.DefaultConnectingIOReactor) BasicCookieStore(org.apache.http.impl.client.BasicCookieStore) HttpHost(org.apache.http.HttpHost) AuthSchemeProvider(org.apache.http.auth.AuthSchemeProvider) PoolingNHttpClientConnectionManager(org.apache.http.impl.nio.conn.PoolingNHttpClientConnectionManager) ConnectionConfig(org.apache.http.config.ConnectionConfig)

Aggregations

AuthSchemeProvider (org.apache.http.auth.AuthSchemeProvider)28 BasicCredentialsProvider (org.apache.http.impl.client.BasicCredentialsProvider)20 CredentialsProvider (org.apache.http.client.CredentialsProvider)19 AuthScope (org.apache.http.auth.AuthScope)12 CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)11 HttpClientBuilder (org.apache.http.impl.client.HttpClientBuilder)11 HttpHost (org.apache.http.HttpHost)10 RequestConfig (org.apache.http.client.config.RequestConfig)10 SPNegoSchemeFactory (org.apache.http.impl.auth.SPNegoSchemeFactory)10 Credentials (org.apache.http.auth.Credentials)8 UsernamePasswordCredentials (org.apache.http.auth.UsernamePasswordCredentials)8 BasicSchemeFactory (org.apache.http.impl.auth.BasicSchemeFactory)7 HttpResponse (org.apache.http.HttpResponse)6 IOException (java.io.IOException)5 PoolingHttpClientConnectionManager (org.apache.http.impl.conn.PoolingHttpClientConnectionManager)5 File (java.io.File)4 MalformedURLException (java.net.MalformedURLException)4 SSLContext (javax.net.ssl.SSLContext)4 DigestSchemeFactory (org.apache.http.impl.auth.DigestSchemeFactory)4 PrivilegedActionException (java.security.PrivilegedActionException)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial