use of org.apache.kafka.common.config.types.Password in project kafka by apache.
the class SslTransportLayerTest method testInvalidKeyPassword.
/**
* Tests that client connections cannot be created to a server
* if key password is invalid
*/
@Test
public void testInvalidKeyPassword() throws Exception {
String node = "0";
sslServerConfigs.put(SslConfigs.SSL_KEY_PASSWORD_CONFIG, new Password("invalid"));
server = createEchoServer(SecurityProtocol.SSL);
createSelector(sslClientConfigs);
InetSocketAddress addr = new InetSocketAddress("localhost", server.port());
selector.connect(node, addr, BUFFER_SIZE, BUFFER_SIZE);
NetworkTestUtils.waitForChannelClose(selector, node);
}
use of org.apache.kafka.common.config.types.Password in project kafka by apache.
the class SslFactory method createSSLContext.
private SSLContext createSSLContext() throws GeneralSecurityException, IOException {
SSLContext sslContext;
if (provider != null)
sslContext = SSLContext.getInstance(protocol, provider);
else
sslContext = SSLContext.getInstance(protocol);
KeyManager[] keyManagers = null;
if (keystore != null) {
String kmfAlgorithm = this.kmfAlgorithm != null ? this.kmfAlgorithm : KeyManagerFactory.getDefaultAlgorithm();
KeyManagerFactory kmf = KeyManagerFactory.getInstance(kmfAlgorithm);
KeyStore ks = keystore.load();
Password keyPassword = this.keyPassword != null ? this.keyPassword : keystore.password;
kmf.init(ks, keyPassword.value().toCharArray());
keyManagers = kmf.getKeyManagers();
}
String tmfAlgorithm = this.tmfAlgorithm != null ? this.tmfAlgorithm : TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
KeyStore ts = truststore == null ? null : truststore.load();
tmf.init(ts);
sslContext.init(keyManagers, tmf.getTrustManagers(), this.secureRandomImplementation);
return sslContext;
}
use of org.apache.kafka.common.config.types.Password in project apache-kafka-on-k8s by banzaicloud.
the class JaasContextTest method configurationEntry.
private AppConfigurationEntry configurationEntry(JaasContext.Type contextType, String jaasConfigProp) {
Password saslJaasConfig = jaasConfigProp == null ? null : new Password(jaasConfigProp);
JaasContext context = JaasContext.load(contextType, null, contextType.name(), saslJaasConfig);
List<AppConfigurationEntry> entries = context.configurationEntries();
assertEquals(1, entries.size());
return entries.get(0);
}
use of org.apache.kafka.common.config.types.Password in project apache-kafka-on-k8s by banzaicloud.
the class LoginManagerTest method setUp.
@Before
public void setUp() {
dynamicPlainContext = new Password(PlainLoginModule.class.getName() + " required user=\"plainuser\" password=\"plain-secret\";");
dynamicDigestContext = new Password(TestDigestLoginModule.class.getName() + " required user=\"digestuser\" password=\"digest-secret\";");
TestJaasConfig.createConfiguration("SCRAM-SHA-256", Collections.singletonList("SCRAM-SHA-256"));
}
use of org.apache.kafka.common.config.types.Password in project apache-kafka-on-k8s by banzaicloud.
the class TestSslUtils method createSslConfig.
public static Map<String, Object> createSslConfig(boolean useClientCert, boolean trustStore, Mode mode, File trustStoreFile, String certAlias, String cn, CertificateBuilder certBuilder) throws IOException, GeneralSecurityException {
Map<String, X509Certificate> certs = new HashMap<>();
File keyStoreFile = null;
Password password = mode == Mode.SERVER ? new Password("ServerPassword") : new Password("ClientPassword");
Password trustStorePassword = new Password("TrustStorePassword");
if (mode == Mode.CLIENT && useClientCert) {
keyStoreFile = File.createTempFile("clientKS", ".jks");
KeyPair cKP = generateKeyPair("RSA");
X509Certificate cCert = certBuilder.generate("CN=" + cn + ", O=A client", cKP);
createKeyStore(keyStoreFile.getPath(), password, "client", cKP.getPrivate(), cCert);
certs.put(certAlias, cCert);
keyStoreFile.deleteOnExit();
} else if (mode == Mode.SERVER) {
keyStoreFile = File.createTempFile("serverKS", ".jks");
KeyPair sKP = generateKeyPair("RSA");
X509Certificate sCert = certBuilder.generate("CN=" + cn + ", O=A server", sKP);
createKeyStore(keyStoreFile.getPath(), password, password, "server", sKP.getPrivate(), sCert);
certs.put(certAlias, sCert);
keyStoreFile.deleteOnExit();
}
if (trustStore) {
createTrustStore(trustStoreFile.getPath(), trustStorePassword, certs);
trustStoreFile.deleteOnExit();
}
return createSslConfig(mode, keyStoreFile, password, password, trustStoreFile, trustStorePassword);
}
Aggregations