Example 1 with TransportLayer
use of org.apache.kafka.common.network.TransportLayer in project apache-kafka-on-k8s by banzaicloud.
the class DefaultKafkaPrincipalBuilderTest method testUseOldPrincipalBuilderForSslIfProvided.
@Test
@SuppressWarnings("deprecation")
public void testUseOldPrincipalBuilderForSslIfProvided() throws Exception {
TransportLayer transportLayer = mock(TransportLayer.class);
Authenticator authenticator = mock(Authenticator.class);
PrincipalBuilder oldPrincipalBuilder = mock(PrincipalBuilder.class);
SSLSession session = mock(SSLSession.class);
EasyMock.expect(oldPrincipalBuilder.buildPrincipal(transportLayer, authenticator)).andReturn(new DummyPrincipal("foo"));
oldPrincipalBuilder.close();
EasyMock.expectLastCall();
replayAll();
DefaultKafkaPrincipalBuilder builder = DefaultKafkaPrincipalBuilder.fromOldPrincipalBuilder(authenticator, transportLayer, oldPrincipalBuilder, null);
KafkaPrincipal principal = builder.build(new SslAuthenticationContext(session, InetAddress.getLocalHost()));
assertEquals(KafkaPrincipal.USER_TYPE, principal.getPrincipalType());
assertEquals("foo", principal.getName());
builder.close();
verifyAll();
}
Also used :
TransportLayer(org.apache.kafka.common.network.TransportLayer)
DefaultKafkaPrincipalBuilder(org.apache.kafka.common.security.authenticator.DefaultKafkaPrincipalBuilder)
DefaultKafkaPrincipalBuilder(org.apache.kafka.common.security.authenticator.DefaultKafkaPrincipalBuilder)
SSLSession(javax.net.ssl.SSLSession)
Authenticator(org.apache.kafka.common.network.Authenticator)
Test(org.junit.Test)
Example 2 with TransportLayer
use of org.apache.kafka.common.network.TransportLayer in project apache-kafka-on-k8s by banzaicloud.
the class SaslAuthenticatorTest method createClientConnectionWithoutSaslAuthenticateHeader.
private void createClientConnectionWithoutSaslAuthenticateHeader(final SecurityProtocol securityProtocol, final String saslMechanism, String node) throws Exception {
final ListenerName listenerName = ListenerName.forSecurityProtocol(securityProtocol);
final Map<String, ?> configs = Collections.emptyMap();
final JaasContext jaasContext = JaasContext.loadClientContext(configs);
final Map<String, JaasContext> jaasContexts = Collections.singletonMap(saslMechanism, jaasContext);
SaslChannelBuilder clientChannelBuilder = new SaslChannelBuilder(Mode.CLIENT, jaasContexts, securityProtocol, listenerName, false, saslMechanism, true, null, null) {
@Override
protected SaslClientAuthenticator buildClientAuthenticator(Map<String, ?> configs, String id, String serverHost, String servicePrincipal, TransportLayer transportLayer, Subject subject) throws IOException {
return new SaslClientAuthenticator(configs, id, subject, servicePrincipal, serverHost, saslMechanism, true, transportLayer) {
@Override
protected SaslHandshakeRequest createSaslHandshakeRequest(short version) {
return new SaslHandshakeRequest.Builder(saslMechanism).build((short) 0);
}
@Override
protected void saslAuthenticateVersion(short version) {
// Don't set version so that headers are disabled
}
};
}
};
clientChannelBuilder.configure(saslClientConfigs);
this.selector = NetworkTestUtils.createSelector(clientChannelBuilder);
InetSocketAddress addr = new InetSocketAddress("127.0.0.1", server.port());
selector.connect(node, addr, BUFFER_SIZE, BUFFER_SIZE);
}
Also used :
InetSocketAddress(java.net.InetSocketAddress)
ListenerName(org.apache.kafka.common.network.ListenerName)
Subject(javax.security.auth.Subject)
TransportLayer(org.apache.kafka.common.network.TransportLayer)
JaasContext(org.apache.kafka.common.security.JaasContext)
SaslChannelBuilder(org.apache.kafka.common.network.SaslChannelBuilder)
Map(java.util.Map)
HashMap(java.util.HashMap)
SaslHandshakeRequest(org.apache.kafka.common.requests.SaslHandshakeRequest)
Example 3 with TransportLayer
use of org.apache.kafka.common.network.TransportLayer in project apache-kafka-on-k8s by banzaicloud.
the class FileRecords method writeTo.
@Override
public long writeTo(GatheringByteChannel destChannel, long offset, int length) throws IOException {
long newSize = Math.min(channel.size(), end) - start;
int oldSize = sizeInBytes();
if (newSize < oldSize)
throw new KafkaException(String.format("Size of FileRecords %s has been truncated during write: old size %d, new size %d", file.getAbsolutePath(), oldSize, newSize));
long position = start + offset;
int count = Math.min(length, oldSize);
final long bytesTransferred;
if (destChannel instanceof TransportLayer) {
TransportLayer tl = (TransportLayer) destChannel;
bytesTransferred = tl.transferFrom(channel, position, count);
} else {
bytesTransferred = channel.transferTo(position, count, destChannel);
}
return bytesTransferred;
}
Also used :
TransportLayer(org.apache.kafka.common.network.TransportLayer)
KafkaException(org.apache.kafka.common.KafkaException)
Example 4 with TransportLayer
use of org.apache.kafka.common.network.TransportLayer in project kafka by apache.
the class SaslServerAuthenticatorTest method testOversizeRequest.
@Test
public void testOversizeRequest() throws IOException {
TransportLayer transportLayer = mock(TransportLayer.class);
Map<String, ?> configs = Collections.singletonMap(BrokerSecurityConfigs.SASL_ENABLED_MECHANISMS_CONFIG, Collections.singletonList(SCRAM_SHA_256.mechanismName()));
SaslServerAuthenticator authenticator = setupAuthenticator(configs, transportLayer, SCRAM_SHA_256.mechanismName(), new DefaultChannelMetadataRegistry());
when(transportLayer.read(any(ByteBuffer.class))).then(invocation -> {
invocation.<ByteBuffer>getArgument(0).putInt(SaslServerAuthenticator.MAX_RECEIVE_SIZE + 1);
return 4;
});
assertThrows(InvalidReceiveException.class, authenticator::authenticate);
verify(transportLayer).read(any(ByteBuffer.class));
}
Also used :
TransportLayer(org.apache.kafka.common.network.TransportLayer)
DefaultChannelMetadataRegistry(org.apache.kafka.common.network.DefaultChannelMetadataRegistry)
ByteBuffer(java.nio.ByteBuffer)
Test(org.junit.jupiter.api.Test)
Example 5 with TransportLayer
use of org.apache.kafka.common.network.TransportLayer in project kafka by apache.
the class FileRecords method writeTo.
@Override
public long writeTo(GatheringByteChannel destChannel, long offset, int length) throws IOException {
long newSize = Math.min(channel.size(), end) - start;
int oldSize = sizeInBytes();
if (newSize < oldSize)
throw new KafkaException(String.format("Size of FileRecords %s has been truncated during write: old size %d, new size %d", file.getAbsolutePath(), oldSize, newSize));
long position = start + offset;
int count = Math.min(length, oldSize);
final long bytesTransferred;
if (destChannel instanceof TransportLayer) {
TransportLayer tl = (TransportLayer) destChannel;
bytesTransferred = tl.transferFrom(channel, position, count);
} else {
bytesTransferred = channel.transferTo(position, count, destChannel);
}
return bytesTransferred;
}
Also used :
TransportLayer(org.apache.kafka.common.network.TransportLayer)
KafkaException(org.apache.kafka.common.KafkaException)
Aggregations
TransportLayer (org.apache.kafka.common.network.TransportLayer)13
HashMap (java.util.HashMap)6
Map (java.util.Map)6
ListenerName (org.apache.kafka.common.network.ListenerName)6
ByteBuffer (java.nio.ByteBuffer)5
ApiVersionsResponse (org.apache.kafka.common.requests.ApiVersionsResponse)5
Subject (javax.security.auth.Subject)4
SaslChannelBuilder (org.apache.kafka.common.network.SaslChannelBuilder)4
JaasContext (org.apache.kafka.common.security.JaasContext)4
Test (org.junit.Test)4
IllegalSaslStateException (org.apache.kafka.common.errors.IllegalSaslStateException)3
ChannelMetadataRegistry (org.apache.kafka.common.network.ChannelMetadataRegistry)3
DefaultChannelMetadataRegistry (org.apache.kafka.common.network.DefaultChannelMetadataRegistry)3
RequestHeader (org.apache.kafka.common.requests.RequestHeader)3
AuthenticateCallbackHandler (org.apache.kafka.common.security.auth.AuthenticateCallbackHandler)3
Test (org.junit.jupiter.api.Test)3
IOException (java.io.IOException)2
InetAddress (java.net.InetAddress)2
Collections (java.util.Collections)2
BrokerSecurityConfigs (org.apache.kafka.common.config.internals.BrokerSecurityConfigs)2
