Example 21 with SecurityContext
use of org.apache.ignite.internal.processors.security.SecurityContext in project ignite by apache.
the class ServerImpl method localAuthentication.
/**
* Authenticate local node.
*
* @param locCred Local security credentials for authentication.
* @throws IgniteSpiException If any error occurs.
*/
private void localAuthentication(SecurityCredentials locCred) {
assert spi.nodeAuth != null;
assert locCred != null;
try {
SecurityContext subj = spi.nodeAuth.authenticateNode(locNode, locCred);
if (subj == null)
throw new IgniteSpiException("Authentication failed for local node: " + locNode.id());
Map<String, Object> attrs = new HashMap<>(locNode.attributes());
attrs.put(IgniteNodeAttributes.ATTR_SECURITY_SUBJECT_V2, U.marshal(spi.marshaller(), subj));
attrs.put(IgniteNodeAttributes.ATTR_SECURITY_SUBJECT, marshalWithSecurityVersion(subj, 1));
locNode.setAttributes(attrs);
} catch (IgniteException | IgniteCheckedException e) {
throw new IgniteSpiException("Failed to authenticate local node (will shutdown local node).", e);
}
}
Also used :
IgniteCheckedException(org.apache.ignite.IgniteCheckedException)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
HashMap(java.util.HashMap)
IgniteException(org.apache.ignite.IgniteException)
SecurityContext(org.apache.ignite.internal.processors.security.SecurityContext)
IgniteSpiException(org.apache.ignite.spi.IgniteSpiException)
Example 22 with SecurityContext
use of org.apache.ignite.internal.processors.security.SecurityContext in project ignite by apache.
the class AuthenticationProcessorSelfTest method testDefaultUserUpdate.
/**
* @throws Exception If failed.
*/
@Test
public void testDefaultUserUpdate() throws Exception {
try (AutoCloseable ignored = withSecurityContextOnAllNodes(secCtxDflt)) {
// Change from all nodes
for (int nodeIdx = 0; nodeIdx < NODES_COUNT; ++nodeIdx) {
grid(nodeIdx).context().security().alterUser("ignite", ("ignite" + nodeIdx).toCharArray());
// Check each change from all nodes
for (int i = 0; i < NODES_COUNT; ++i) {
SecurityContext secCtx = authenticate(grid(i), "ignite", "ignite" + nodeIdx);
assertNotNull(secCtx);
assertEquals("ignite", secCtx.subject().login());
}
}
}
}
Also used :
SecurityContext(org.apache.ignite.internal.processors.security.SecurityContext)
OperationSecurityContext(org.apache.ignite.internal.processors.security.OperationSecurityContext)
GridCommonAbstractTest(org.apache.ignite.testframework.junits.common.GridCommonAbstractTest)
Test(org.junit.Test)
Example 23 with SecurityContext
use of org.apache.ignite.internal.processors.security.SecurityContext in project ignite by apache.
the class AuthenticationProcessorSelfTest method testAuthorizeOnClientDisconnect.
/**
* @throws Exception If failed.
*/
@Test
public void testAuthorizeOnClientDisconnect() throws Exception {
try (AutoCloseable ignored = withSecurityContextOnAllNodes(secCtxDflt)) {
grid(CLI_NODE).context().security().createUser("test", "test".toCharArray());
}
final IgniteInternalFuture stopServersFut = GridTestUtils.runAsync(new Runnable() {
@Override
public void run() {
try {
for (int i = 0; i < CLI_NODE; ++i) {
Thread.sleep(500);
stopGrid(i);
}
} catch (Exception e) {
e.printStackTrace();
fail("Unexpected exception");
}
}
});
GridTestUtils.assertThrows(log, new Callable<Object>() {
@Override
public Object call() throws Exception {
while (!stopServersFut.isDone()) {
SecurityContext secCtx = authenticate(grid(CLI_NODE), "test", "test");
assertNotNull(secCtx);
}
return null;
}
}, IgniteCheckedException.class, "Client node was disconnected from topology (operation result is unknown)");
stopServersFut.get();
}
Also used :
SecurityContext(org.apache.ignite.internal.processors.security.SecurityContext)
OperationSecurityContext(org.apache.ignite.internal.processors.security.OperationSecurityContext)
IgniteInternalFuture(org.apache.ignite.internal.IgniteInternalFuture)
IgniteCheckedException(org.apache.ignite.IgniteCheckedException)
GridCommonAbstractTest(org.apache.ignite.testframework.junits.common.GridCommonAbstractTest)
Test(org.junit.Test)
Example 24 with SecurityContext
use of org.apache.ignite.internal.processors.security.SecurityContext in project ignite by apache.
the class AuthenticationProcessorSelfTest method testDefaultUser.
/**
* @throws Exception If failed.
*/
@Test
public void testDefaultUser() throws Exception {
for (int i = 0; i < NODES_COUNT; ++i) {
SecurityContext secCtx = authenticate(grid(i), "ignite", "ignite");
assertNotNull(secCtx);
assertEquals("ignite", secCtx.subject().login());
}
}
Also used :
SecurityContext(org.apache.ignite.internal.processors.security.SecurityContext)
OperationSecurityContext(org.apache.ignite.internal.processors.security.OperationSecurityContext)
GridCommonAbstractTest(org.apache.ignite.testframework.junits.common.GridCommonAbstractTest)
Test(org.junit.Test)
Example 25 with SecurityContext
use of org.apache.ignite.internal.processors.security.SecurityContext in project ignite by apache.
the class AuthenticationProcessorSelfTest method testUserPersistence.
/**
* @throws Exception If failed.
*/
@Test
public void testUserPersistence() throws Exception {
try (AutoCloseable ignored = withSecurityContextOnAllNodes(secCtxDflt)) {
for (int i = 0; i < NODES_COUNT; ++i) grid(i).context().security().createUser("test" + i, ("passwd" + i).toCharArray());
grid(CLI_NODE).context().security().alterUser("ignite", "new_passwd".toCharArray());
stopAllGrids();
startGrids(NODES_COUNT - 1);
startClientGrid(CLI_NODE);
for (int i = 0; i < NODES_COUNT; ++i) {
for (int usrIdx = 0; usrIdx < NODES_COUNT; ++usrIdx) {
SecurityContext secCtx0 = authenticate(grid(i), "test" + usrIdx, "passwd" + usrIdx);
assertNotNull(secCtx0);
assertEquals("test" + usrIdx, secCtx0.subject().login());
}
SecurityContext secCtx = authenticate(grid(i), "ignite", "new_passwd");
assertNotNull(secCtx);
assertEquals("ignite", secCtx.subject().login());
}
}
}
Also used :
SecurityContext(org.apache.ignite.internal.processors.security.SecurityContext)
OperationSecurityContext(org.apache.ignite.internal.processors.security.OperationSecurityContext)
GridCommonAbstractTest(org.apache.ignite.testframework.junits.common.GridCommonAbstractTest)
Test(org.junit.Test)
Aggregations
SecurityContext (org.apache.ignite.internal.processors.security.SecurityContext)32
OperationSecurityContext (org.apache.ignite.internal.processors.security.OperationSecurityContext)15
Test (org.junit.Test)15
GridCommonAbstractTest (org.apache.ignite.testframework.junits.common.GridCommonAbstractTest)14
IgniteCheckedException (org.apache.ignite.IgniteCheckedException)10
IgniteException (org.apache.ignite.IgniteException)6
SecurityCredentials (org.apache.ignite.plugin.security.SecurityCredentials)4
IgniteClientDisconnectedException (org.apache.ignite.IgniteClientDisconnectedException)3
IgniteInterruptedException (org.apache.ignite.IgniteInterruptedException)3
ClusterNode (org.apache.ignite.cluster.ClusterNode)3
IgniteClientDisconnectedCheckedException (org.apache.ignite.internal.IgniteClientDisconnectedCheckedException)3
IgniteInternalFuture (org.apache.ignite.internal.IgniteInternalFuture)3
IgniteSpiException (org.apache.ignite.spi.IgniteSpiException)3
InetSocketAddress (java.net.InetSocketAddress)2
ArrayList (java.util.ArrayList)2
List (java.util.List)2
CopyOnWriteArrayList (java.util.concurrent.CopyOnWriteArrayList)2
DiscoveryEvent (org.apache.ignite.events.DiscoveryEvent)2
GridComponent (org.apache.ignite.internal.GridComponent)2
IgniteKernal (org.apache.ignite.internal.IgniteKernal)2
