Search in sources :

Example 1 with TestSecurityPluginProvider

use of org.apache.ignite.internal.processors.security.impl.TestSecurityPluginProvider in project ignite by apache.

the class CacheCreateDestroyEventSecurityContextTest method testNode.

/**
 */
private void testNode(boolean isClient) throws Exception {
    operationInitiatorLogin = isClient ? "cli" : "crd";
    Ignite ignite = grid(operationInitiatorLogin);
    CacheConfiguration<?, ?> ccfg = cacheConfiguration();
    checkCacheEvents(() -> ignite.createCache(ccfg), EVT_CACHE_STARTED);
    checkCacheEvents(() -> ignite.destroyCache(ccfg.getName()), EVT_CACHE_STOPPED);
    checkCacheEvents(() -> ignite.createCaches(singletonList(ccfg)), EVT_CACHE_STARTED);
    checkCacheEvents(() -> ignite.destroyCaches(singletonList(ccfg.getName())), EVT_CACHE_STOPPED);
    checkCacheEvents(() -> ignite.getOrCreateCache(cacheConfiguration()), EVT_CACHE_STARTED);
    checkCacheEvents(() -> ignite.cluster().state(INACTIVE), EVT_CACHE_STOPPED);
    checkCacheEvents(() -> ignite.cluster().state(ACTIVE), EVT_CACHE_STARTED);
    operationInitiatorLogin = "joining_" + (isClient ? "client_" : "server_") + "node";
    checkCacheEvents(() -> startGrid(getConfiguration(operationInitiatorLogin, new TestSecurityPluginProvider(operationInitiatorLogin, "", ALLOW_ALL, false)).setClientMode(isClient).setCacheConfiguration(cacheConfiguration())).close(), EVT_CACHE_STARTED);
}
Also used : TestSecurityPluginProvider(org.apache.ignite.internal.processors.security.impl.TestSecurityPluginProvider) Ignite(org.apache.ignite.Ignite)

Example 2 with TestSecurityPluginProvider

use of org.apache.ignite.internal.processors.security.impl.TestSecurityPluginProvider in project ignite by apache.

the class IgniteNodeValidationFailedEventTest method testNodeValidationFailedEvent.

/**
 */
@Test
public void testNodeValidationFailedEvent() throws Exception {
    startGrid(0);
    CountDownLatch evtLatch = new CountDownLatch(1);
    AtomicReference<Event> listenedEvtRef = new AtomicReference<>();
    grid(0).events().localListen(evt -> {
        assertTrue(listenedEvtRef.compareAndSet(null, evt));
        evtLatch.countDown();
        return true;
    }, EVT_NODE_VALIDATION_FAILED);
    startGrid(1);
    String invalidNodeName = getTestIgniteInstanceName(2);
    IgniteConfiguration invalidCfg = getConfiguration(invalidNodeName).setPluginProviders(new TestSecurityPluginProvider("login", "", ALLOW_ALL, false));
    assertThrowsWithCause(() -> startGrid(optimize(invalidCfg)), IgniteSpiException.class);
    evtLatch.await();
    Event listenedEvt = listenedEvtRef.get();
    assertTrue(listenedEvt instanceof NodeValidationFailedEvent);
    NodeValidationFailedEvent validationEvt = (NodeValidationFailedEvent) listenedEvt;
    assertEquals(invalidNodeName, validationEvt.eventNode().attribute(ATTR_NODE_CONSISTENT_ID));
    IgniteNodeValidationResult validationRes = validationEvt.validationResult();
    assertNotNull(validationRes);
    String errMsg = validationRes.message();
    assertNotNull(errMsg);
    assertTrue(errMsg.contains("Local node's grid security processor class is not equal to remote node's grid security processor class"));
}
Also used : IgniteConfiguration(org.apache.ignite.configuration.IgniteConfiguration) TestSecurityPluginProvider(org.apache.ignite.internal.processors.security.impl.TestSecurityPluginProvider) IgniteNodeValidationResult(org.apache.ignite.spi.IgniteNodeValidationResult) NodeValidationFailedEvent(org.apache.ignite.events.NodeValidationFailedEvent) Event(org.apache.ignite.events.Event) NodeValidationFailedEvent(org.apache.ignite.events.NodeValidationFailedEvent) AtomicReference(java.util.concurrent.atomic.AtomicReference) CountDownLatch(java.util.concurrent.CountDownLatch) GridCommonAbstractTest(org.apache.ignite.testframework.junits.common.GridCommonAbstractTest) Test(org.junit.Test)

Example 3 with TestSecurityPluginProvider

use of org.apache.ignite.internal.processors.security.impl.TestSecurityPluginProvider in project ignite by apache.

the class PlatformStartIgniteUtils method startWithSecurity.

/**
 * Starts an Ignite instance with test security plugin provider.
 *
 * @param name Ignite instance name.
 * @throws IgniteException Exception.
 */
public static void startWithSecurity(String name) throws IgniteException {
    TestSecurityPluginProvider securityPluginProvider = new TestSecurityPluginProvider("login1", "pass1", ALLOW_ALL, false, new TestSecurityData("CLIENT", "pass1", SecurityPermissionSetBuilder.create().defaultAllowAll(false).appendCachePermissions("DEFAULT_CACHE", CACHE_READ, CACHE_PUT, CACHE_REMOVE).appendCachePermissions("FORBIDDEN_CACHE").build(), new Permissions()));
    IgniteConfiguration cfg = new IgniteConfiguration().setPluginProviders(securityPluginProvider).setDiscoverySpi(new TcpDiscoverySpi().setIpFinder(GridAbstractTest.LOCAL_IP_FINDER)).setLocalHost("127.0.0.1").setIgniteInstanceName(name);
    Ignition.start(cfg);
}
Also used : TestSecurityData(org.apache.ignite.internal.processors.security.impl.TestSecurityData) IgniteConfiguration(org.apache.ignite.configuration.IgniteConfiguration) TestSecurityPluginProvider(org.apache.ignite.internal.processors.security.impl.TestSecurityPluginProvider) Permissions(java.security.Permissions) TcpDiscoverySpi(org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi)

Example 4 with TestSecurityPluginProvider

use of org.apache.ignite.internal.processors.security.impl.TestSecurityPluginProvider in project ignite by apache.

the class RestProcessorAuthorizationTest method getPluginProvider.

/**
 * {@inheritDoc}
 */
@Override
protected PluginProvider<?> getPluginProvider(String name) {
    return new TestSecurityPluginProvider(name, null, ALLOW_ALL, globalAuth, clientData()) {

        /**
         * {@inheritDoc}
         */
        @Override
        protected GridSecurityProcessor securityProcessor(GridKernalContext ctx) {
            return new TestSecurityProcessor(ctx, new TestSecurityData(login, pwd, perms, new Permissions()), Arrays.asList(clientData), globalAuth) {

                /**
                 * {@inheritDoc}
                 */
                @Override
                public void authorize(String name, SecurityPermission perm, SecurityContext securityCtx) throws SecurityException {
                    authorizationCtxList.add(F.t(name, perm, securityCtx));
                    super.authorize(name, perm, securityCtx);
                }
            };
        }
    };
}
Also used : TestSecurityData(org.apache.ignite.internal.processors.security.impl.TestSecurityData) TestSecurityProcessor(org.apache.ignite.internal.processors.security.impl.TestSecurityProcessor) TestSecurityPluginProvider(org.apache.ignite.internal.processors.security.impl.TestSecurityPluginProvider) GridKernalContext(org.apache.ignite.internal.GridKernalContext) Permissions(java.security.Permissions) SecurityContext(org.apache.ignite.internal.processors.security.SecurityContext) SecurityPermission(org.apache.ignite.plugin.security.SecurityPermission)

Example 5 with TestSecurityPluginProvider

use of org.apache.ignite.internal.processors.security.impl.TestSecurityPluginProvider in project ignite by apache.

the class AbstractEventSecurityContextTest method startGrid.

/**
 * {@inheritDoc}
 */
@Override
protected IgniteEx startGrid(String login, SecurityPermissionSet prmSet, Permissions sandboxPerms, boolean isClient) throws Exception {
    IgniteConfiguration cfg = getConfiguration(login, new TestSecurityPluginProvider(login, "", prmSet, sandboxPerms, globalAuth));
    cfg.setClientMode(isClient);
    cfg.setLocalHost("127.0.0.1");
    cfg.setConnectorConfiguration(new ConnectorConfiguration().setJettyPath("modules/clients/src/test/resources/jetty/rest-jetty.xml"));
    if (!isClient || includeClientNodes()) {
        cfg.setIncludeEventTypes(eventTypes());
        cfg.setLocalEventListeners(singletonMap(new IgnitePredicate<Event>() {

            /**
             */
            @IgniteInstanceResource
            IgniteEx ignite;

            /**
             * {@inheritDoc}
             */
            @Override
            public boolean apply(Event evt) {
                LISTENED_EVTS.computeIfAbsent(ignite.localNode(), k -> ConcurrentHashMap.newKeySet()).add(evt);
                return true;
            }
        }, eventTypes()));
    }
    return startGrid(cfg);
}
Also used : SecurityPermissionSet(org.apache.ignite.plugin.security.SecurityPermissionSet) URL(java.net.URL) JobEvent(org.apache.ignite.events.JobEvent) GridTestUtils.waitForCondition(org.apache.ignite.testframework.GridTestUtils.waitForCondition) IgniteEx(org.apache.ignite.internal.IgniteEx) TaskEvent(org.apache.ignite.events.TaskEvent) AbstractSecurityTest(org.apache.ignite.internal.processors.security.AbstractSecurityTest) CacheQueryExecutedEvent(org.apache.ignite.events.CacheQueryExecutedEvent) ClusterNode(org.apache.ignite.cluster.ClusterNode) IgnitePredicate(org.apache.ignite.lang.IgnitePredicate) URLConnection(java.net.URLConnection) Map(java.util.Map) JsonNode(com.fasterxml.jackson.databind.JsonNode) Collections.singletonMap(java.util.Collections.singletonMap) Permissions(java.security.Permissions) CacheEvent(org.apache.ignite.events.CacheEvent) TestSecurityPluginProvider(org.apache.ignite.internal.processors.security.impl.TestSecurityPluginProvider) G(org.apache.ignite.internal.util.typedef.G) UTF_8(java.nio.charset.StandardCharsets.UTF_8) Collection(java.util.Collection) IgniteCheckedException(org.apache.ignite.IgniteCheckedException) IgniteException(org.apache.ignite.IgniteException) Event(org.apache.ignite.events.Event) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) IgniteInstanceResource(org.apache.ignite.resources.IgniteInstanceResource) IOException(java.io.IOException) LineNumberReader(java.io.LineNumberReader) InputStreamReader(java.io.InputStreamReader) Collectors(java.util.stream.Collectors) GridJettyObjectMapper(org.apache.ignite.internal.processors.rest.protocols.http.jetty.GridJettyObjectMapper) IgniteConfiguration(org.apache.ignite.configuration.IgniteConfiguration) ConnectorConfiguration(org.apache.ignite.configuration.ConnectorConfiguration) CacheQueryReadEvent(org.apache.ignite.events.CacheQueryReadEvent) RunnableX(org.apache.ignite.testframework.GridTestUtils.RunnableX) GridRestCommand(org.apache.ignite.internal.processors.rest.GridRestCommand) IgniteConfiguration(org.apache.ignite.configuration.IgniteConfiguration) TestSecurityPluginProvider(org.apache.ignite.internal.processors.security.impl.TestSecurityPluginProvider) IgnitePredicate(org.apache.ignite.lang.IgnitePredicate) IgniteEx(org.apache.ignite.internal.IgniteEx) JobEvent(org.apache.ignite.events.JobEvent) TaskEvent(org.apache.ignite.events.TaskEvent) CacheQueryExecutedEvent(org.apache.ignite.events.CacheQueryExecutedEvent) CacheEvent(org.apache.ignite.events.CacheEvent) Event(org.apache.ignite.events.Event) CacheQueryReadEvent(org.apache.ignite.events.CacheQueryReadEvent) ConnectorConfiguration(org.apache.ignite.configuration.ConnectorConfiguration)

Aggregations

TestSecurityPluginProvider (org.apache.ignite.internal.processors.security.impl.TestSecurityPluginProvider)7 Permissions (java.security.Permissions)4 IgniteConfiguration (org.apache.ignite.configuration.IgniteConfiguration)4 Ignite (org.apache.ignite.Ignite)3 IgniteException (org.apache.ignite.IgniteException)2 Event (org.apache.ignite.events.Event)2 TestSecurityData (org.apache.ignite.internal.processors.security.impl.TestSecurityData)2 JsonNode (com.fasterxml.jackson.databind.JsonNode)1 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 IOException (java.io.IOException)1 InputStreamReader (java.io.InputStreamReader)1 LineNumberReader (java.io.LineNumberReader)1 URL (java.net.URL)1 URLConnection (java.net.URLConnection)1 UTF_8 (java.nio.charset.StandardCharsets.UTF_8)1 AccessControlContext (java.security.AccessControlContext)1 AllPermission (java.security.AllPermission)1 Collection (java.util.Collection)1 Collections.singletonMap (java.util.Collections.singletonMap)1 Map (java.util.Map)1