Search in sources :

Example 1 with TransportLayer

use of org.apache.kafka.common.network.TransportLayer in project apache-kafka-on-k8s by banzaicloud.

the class DefaultKafkaPrincipalBuilderTest method testUseOldPrincipalBuilderForSslIfProvided.

@Test
@SuppressWarnings("deprecation")
public void testUseOldPrincipalBuilderForSslIfProvided() throws Exception {
    TransportLayer transportLayer = mock(TransportLayer.class);
    Authenticator authenticator = mock(Authenticator.class);
    PrincipalBuilder oldPrincipalBuilder = mock(PrincipalBuilder.class);
    SSLSession session = mock(SSLSession.class);
    EasyMock.expect(oldPrincipalBuilder.buildPrincipal(transportLayer, authenticator)).andReturn(new DummyPrincipal("foo"));
    oldPrincipalBuilder.close();
    EasyMock.expectLastCall();
    replayAll();
    DefaultKafkaPrincipalBuilder builder = DefaultKafkaPrincipalBuilder.fromOldPrincipalBuilder(authenticator, transportLayer, oldPrincipalBuilder, null);
    KafkaPrincipal principal = builder.build(new SslAuthenticationContext(session, InetAddress.getLocalHost()));
    assertEquals(KafkaPrincipal.USER_TYPE, principal.getPrincipalType());
    assertEquals("foo", principal.getName());
    builder.close();
    verifyAll();
}
Also used : TransportLayer(org.apache.kafka.common.network.TransportLayer) DefaultKafkaPrincipalBuilder(org.apache.kafka.common.security.authenticator.DefaultKafkaPrincipalBuilder) DefaultKafkaPrincipalBuilder(org.apache.kafka.common.security.authenticator.DefaultKafkaPrincipalBuilder) SSLSession(javax.net.ssl.SSLSession) Authenticator(org.apache.kafka.common.network.Authenticator) Test(org.junit.Test)

Example 2 with TransportLayer

use of org.apache.kafka.common.network.TransportLayer in project apache-kafka-on-k8s by banzaicloud.

the class SaslAuthenticatorTest method createClientConnectionWithoutSaslAuthenticateHeader.

private void createClientConnectionWithoutSaslAuthenticateHeader(final SecurityProtocol securityProtocol, final String saslMechanism, String node) throws Exception {
    final ListenerName listenerName = ListenerName.forSecurityProtocol(securityProtocol);
    final Map<String, ?> configs = Collections.emptyMap();
    final JaasContext jaasContext = JaasContext.loadClientContext(configs);
    final Map<String, JaasContext> jaasContexts = Collections.singletonMap(saslMechanism, jaasContext);
    SaslChannelBuilder clientChannelBuilder = new SaslChannelBuilder(Mode.CLIENT, jaasContexts, securityProtocol, listenerName, false, saslMechanism, true, null, null) {

        @Override
        protected SaslClientAuthenticator buildClientAuthenticator(Map<String, ?> configs, String id, String serverHost, String servicePrincipal, TransportLayer transportLayer, Subject subject) throws IOException {
            return new SaslClientAuthenticator(configs, id, subject, servicePrincipal, serverHost, saslMechanism, true, transportLayer) {

                @Override
                protected SaslHandshakeRequest createSaslHandshakeRequest(short version) {
                    return new SaslHandshakeRequest.Builder(saslMechanism).build((short) 0);
                }

                @Override
                protected void saslAuthenticateVersion(short version) {
                // Don't set version so that headers are disabled
                }
            };
        }
    };
    clientChannelBuilder.configure(saslClientConfigs);
    this.selector = NetworkTestUtils.createSelector(clientChannelBuilder);
    InetSocketAddress addr = new InetSocketAddress("127.0.0.1", server.port());
    selector.connect(node, addr, BUFFER_SIZE, BUFFER_SIZE);
}
Also used : InetSocketAddress(java.net.InetSocketAddress) ListenerName(org.apache.kafka.common.network.ListenerName) Subject(javax.security.auth.Subject) TransportLayer(org.apache.kafka.common.network.TransportLayer) JaasContext(org.apache.kafka.common.security.JaasContext) SaslChannelBuilder(org.apache.kafka.common.network.SaslChannelBuilder) Map(java.util.Map) HashMap(java.util.HashMap) SaslHandshakeRequest(org.apache.kafka.common.requests.SaslHandshakeRequest)

Example 3 with TransportLayer

use of org.apache.kafka.common.network.TransportLayer in project apache-kafka-on-k8s by banzaicloud.

the class FileRecords method writeTo.

@Override
public long writeTo(GatheringByteChannel destChannel, long offset, int length) throws IOException {
    long newSize = Math.min(channel.size(), end) - start;
    int oldSize = sizeInBytes();
    if (newSize < oldSize)
        throw new KafkaException(String.format("Size of FileRecords %s has been truncated during write: old size %d, new size %d", file.getAbsolutePath(), oldSize, newSize));
    long position = start + offset;
    int count = Math.min(length, oldSize);
    final long bytesTransferred;
    if (destChannel instanceof TransportLayer) {
        TransportLayer tl = (TransportLayer) destChannel;
        bytesTransferred = tl.transferFrom(channel, position, count);
    } else {
        bytesTransferred = channel.transferTo(position, count, destChannel);
    }
    return bytesTransferred;
}
Also used : TransportLayer(org.apache.kafka.common.network.TransportLayer) KafkaException(org.apache.kafka.common.KafkaException)

Example 4 with TransportLayer

use of org.apache.kafka.common.network.TransportLayer in project kafka by apache.

the class SaslServerAuthenticatorTest method testOversizeRequest.

@Test
public void testOversizeRequest() throws IOException {
    TransportLayer transportLayer = mock(TransportLayer.class);
    Map<String, ?> configs = Collections.singletonMap(BrokerSecurityConfigs.SASL_ENABLED_MECHANISMS_CONFIG, Collections.singletonList(SCRAM_SHA_256.mechanismName()));
    SaslServerAuthenticator authenticator = setupAuthenticator(configs, transportLayer, SCRAM_SHA_256.mechanismName(), new DefaultChannelMetadataRegistry());
    when(transportLayer.read(any(ByteBuffer.class))).then(invocation -> {
        invocation.<ByteBuffer>getArgument(0).putInt(SaslServerAuthenticator.MAX_RECEIVE_SIZE + 1);
        return 4;
    });
    assertThrows(InvalidReceiveException.class, authenticator::authenticate);
    verify(transportLayer).read(any(ByteBuffer.class));
}
Also used : TransportLayer(org.apache.kafka.common.network.TransportLayer) DefaultChannelMetadataRegistry(org.apache.kafka.common.network.DefaultChannelMetadataRegistry) ByteBuffer(java.nio.ByteBuffer) Test(org.junit.jupiter.api.Test)

Example 5 with TransportLayer

use of org.apache.kafka.common.network.TransportLayer in project kafka by apache.

the class FileRecords method writeTo.

@Override
public long writeTo(GatheringByteChannel destChannel, long offset, int length) throws IOException {
    long newSize = Math.min(channel.size(), end) - start;
    int oldSize = sizeInBytes();
    if (newSize < oldSize)
        throw new KafkaException(String.format("Size of FileRecords %s has been truncated during write: old size %d, new size %d", file.getAbsolutePath(), oldSize, newSize));
    long position = start + offset;
    int count = Math.min(length, oldSize);
    final long bytesTransferred;
    if (destChannel instanceof TransportLayer) {
        TransportLayer tl = (TransportLayer) destChannel;
        bytesTransferred = tl.transferFrom(channel, position, count);
    } else {
        bytesTransferred = channel.transferTo(position, count, destChannel);
    }
    return bytesTransferred;
}
Also used : TransportLayer(org.apache.kafka.common.network.TransportLayer) KafkaException(org.apache.kafka.common.KafkaException)

Aggregations

TransportLayer (org.apache.kafka.common.network.TransportLayer)13 HashMap (java.util.HashMap)6 Map (java.util.Map)6 ListenerName (org.apache.kafka.common.network.ListenerName)6 ByteBuffer (java.nio.ByteBuffer)5 ApiVersionsResponse (org.apache.kafka.common.requests.ApiVersionsResponse)5 Subject (javax.security.auth.Subject)4 SaslChannelBuilder (org.apache.kafka.common.network.SaslChannelBuilder)4 JaasContext (org.apache.kafka.common.security.JaasContext)4 Test (org.junit.Test)4 IllegalSaslStateException (org.apache.kafka.common.errors.IllegalSaslStateException)3 ChannelMetadataRegistry (org.apache.kafka.common.network.ChannelMetadataRegistry)3 DefaultChannelMetadataRegistry (org.apache.kafka.common.network.DefaultChannelMetadataRegistry)3 RequestHeader (org.apache.kafka.common.requests.RequestHeader)3 AuthenticateCallbackHandler (org.apache.kafka.common.security.auth.AuthenticateCallbackHandler)3 Test (org.junit.jupiter.api.Test)3 IOException (java.io.IOException)2 InetAddress (java.net.InetAddress)2 Collections (java.util.Collections)2 BrokerSecurityConfigs (org.apache.kafka.common.config.internals.BrokerSecurityConfigs)2