Examples with TransportLayer org.apache.kafka.common.network.TransportLayer used on opensource projects

Search in sources :

Example 6 with TransportLayer

use of org.apache.kafka.common.network.TransportLayer in project apache-kafka-on-k8s by banzaicloud.

the class DefaultKafkaPrincipalBuilderTest method testUseOldPrincipalBuilderForPlaintextIfProvided.

@Test
@SuppressWarnings("deprecation")
public void testUseOldPrincipalBuilderForPlaintextIfProvided() throws Exception {
    TransportLayer transportLayer = mock(TransportLayer.class);
    Authenticator authenticator = mock(Authenticator.class);
    PrincipalBuilder oldPrincipalBuilder = mock(PrincipalBuilder.class);
    EasyMock.expect(oldPrincipalBuilder.buildPrincipal(transportLayer, authenticator)).andReturn(new DummyPrincipal("foo"));
    oldPrincipalBuilder.close();
    EasyMock.expectLastCall();
    replayAll();
    DefaultKafkaPrincipalBuilder builder = DefaultKafkaPrincipalBuilder.fromOldPrincipalBuilder(authenticator, transportLayer, oldPrincipalBuilder, null);
    KafkaPrincipal principal = builder.build(new PlaintextAuthenticationContext(InetAddress.getLocalHost()));
    assertEquals(KafkaPrincipal.USER_TYPE, principal.getPrincipalType());
    assertEquals("foo", principal.getName());
    builder.close();
    verifyAll();
}
Also used : TransportLayer(org.apache.kafka.common.network.TransportLayer) DefaultKafkaPrincipalBuilder(org.apache.kafka.common.security.authenticator.DefaultKafkaPrincipalBuilder) DefaultKafkaPrincipalBuilder(org.apache.kafka.common.security.authenticator.DefaultKafkaPrincipalBuilder) Authenticator(org.apache.kafka.common.network.Authenticator) Test(org.junit.Test)

Example 7 with TransportLayer

use of org.apache.kafka.common.network.TransportLayer in project apache-kafka-on-k8s by banzaicloud.

the class SaslAuthenticatorTest method startServerWithoutSaslAuthenticateHeader.

private NioEchoServer startServerWithoutSaslAuthenticateHeader(final SecurityProtocol securityProtocol, String saslMechanism) throws Exception {
    final ListenerName listenerName = ListenerName.forSecurityProtocol(securityProtocol);
    final Map<String, ?> configs = Collections.emptyMap();
    final JaasContext jaasContext = JaasContext.loadServerContext(listenerName, saslMechanism, configs);
    final Map<String, JaasContext> jaasContexts = Collections.singletonMap(saslMechanism, jaasContext);
    boolean isScram = ScramMechanism.isScram(saslMechanism);
    if (isScram)
        ScramCredentialUtils.createCache(credentialCache, Arrays.asList(saslMechanism));
    SaslChannelBuilder serverChannelBuilder = new SaslChannelBuilder(Mode.SERVER, jaasContexts, securityProtocol, listenerName, false, saslMechanism, true, credentialCache, null) {

        @Override
        protected SaslServerAuthenticator buildServerAuthenticator(Map<String, ?> configs, String id, TransportLayer transportLayer, Map<String, Subject> subjects) throws IOException {
            return new SaslServerAuthenticator(configs, id, jaasContexts, subjects, null, credentialCache, listenerName, securityProtocol, transportLayer, null) {

                @Override
                protected ApiVersionsResponse apiVersionsResponse() {
                    List<ApiVersion> apiVersions = new ArrayList<>(ApiVersionsResponse.defaultApiVersionsResponse().apiVersions());
                    for (Iterator<ApiVersion> it = apiVersions.iterator(); it.hasNext(); ) {
                        ApiVersion apiVersion = it.next();
                        if (apiVersion.apiKey == ApiKeys.SASL_AUTHENTICATE.id) {
                            it.remove();
                            break;
                        }
                    }
                    return new ApiVersionsResponse(0, Errors.NONE, apiVersions);
                }

                @Override
                protected void enableKafkaSaslAuthenticateHeaders(boolean flag) {
                // Don't enable Kafka SASL_AUTHENTICATE headers
                }
            };
        }
    };
    serverChannelBuilder.configure(saslServerConfigs);
    server = new NioEchoServer(listenerName, securityProtocol, new TestSecurityConfig(saslServerConfigs), "localhost", serverChannelBuilder, credentialCache);
    server.start();
    return server;
}
Also used : ApiVersion(org.apache.kafka.common.requests.ApiVersionsResponse.ApiVersion) ApiVersionsResponse(org.apache.kafka.common.requests.ApiVersionsResponse) ArrayList(java.util.ArrayList) ListenerName(org.apache.kafka.common.network.ListenerName) TransportLayer(org.apache.kafka.common.network.TransportLayer) JaasContext(org.apache.kafka.common.security.JaasContext) NioEchoServer(org.apache.kafka.common.network.NioEchoServer) TestSecurityConfig(org.apache.kafka.common.security.TestSecurityConfig) SaslChannelBuilder(org.apache.kafka.common.network.SaslChannelBuilder) Map(java.util.Map) HashMap(java.util.HashMap)

Example 8 with TransportLayer

use of org.apache.kafka.common.network.TransportLayer in project apache-kafka-on-k8s by banzaicloud.

the class SaslServerAuthenticatorTest method testUnexpectedRequestType.

@Test
public void testUnexpectedRequestType() throws IOException {
    TransportLayer transportLayer = EasyMock.mock(TransportLayer.class);
    Map<String, ?> configs = Collections.singletonMap(BrokerSecurityConfigs.SASL_ENABLED_MECHANISMS_CONFIG, Collections.singletonList(SCRAM_SHA_256.mechanismName()));
    SaslServerAuthenticator authenticator = setupAuthenticator(configs, transportLayer, SCRAM_SHA_256.mechanismName());
    final RequestHeader header = new RequestHeader(ApiKeys.METADATA, (short) 0, "clientId", 13243);
    final Struct headerStruct = header.toStruct();
    final Capture<ByteBuffer> size = EasyMock.newCapture();
    EasyMock.expect(transportLayer.read(EasyMock.capture(size))).andAnswer(new IAnswer<Integer>() {

        @Override
        public Integer answer() throws Throwable {
            size.getValue().putInt(headerStruct.sizeOf());
            return 4;
        }
    });
    final Capture<ByteBuffer> payload = EasyMock.newCapture();
    EasyMock.expect(transportLayer.read(EasyMock.capture(payload))).andAnswer(new IAnswer<Integer>() {

        @Override
        public Integer answer() throws Throwable {
            // serialize only the request header. the authenticator should not parse beyond this
            headerStruct.writeTo(payload.getValue());
            return headerStruct.sizeOf();
        }
    });
    EasyMock.replay(transportLayer);
    try {
        authenticator.authenticate();
        fail("Expected authenticate() to raise an exception");
    } catch (IllegalSaslStateException e) {
    // expected exception
    }
}
Also used : IllegalSaslStateException(org.apache.kafka.common.errors.IllegalSaslStateException) ByteBuffer(java.nio.ByteBuffer) Struct(org.apache.kafka.common.protocol.types.Struct) TransportLayer(org.apache.kafka.common.network.TransportLayer) RequestHeader(org.apache.kafka.common.requests.RequestHeader) Test(org.junit.Test)

Example 9 with TransportLayer

use of org.apache.kafka.common.network.TransportLayer in project apache-kafka-on-k8s by banzaicloud.

the class SaslServerAuthenticatorTest method testOversizeRequest.

@Test(expected = InvalidReceiveException.class)
public void testOversizeRequest() throws IOException {
    TransportLayer transportLayer = EasyMock.mock(TransportLayer.class);
    Map<String, ?> configs = Collections.singletonMap(BrokerSecurityConfigs.SASL_ENABLED_MECHANISMS_CONFIG, Collections.singletonList(SCRAM_SHA_256.mechanismName()));
    SaslServerAuthenticator authenticator = setupAuthenticator(configs, transportLayer, SCRAM_SHA_256.mechanismName());
    final Capture<ByteBuffer> size = EasyMock.newCapture();
    EasyMock.expect(transportLayer.read(EasyMock.capture(size))).andAnswer(new IAnswer<Integer>() {

        @Override
        public Integer answer() throws Throwable {
            size.getValue().putInt(SaslServerAuthenticator.MAX_RECEIVE_SIZE + 1);
            return 4;
        }
    });
    EasyMock.replay(transportLayer);
    authenticator.authenticate();
}
Also used : TransportLayer(org.apache.kafka.common.network.TransportLayer) ByteBuffer(java.nio.ByteBuffer) Test(org.junit.Test)

Example 10 with TransportLayer

use of org.apache.kafka.common.network.TransportLayer in project kafka by apache.

the class SaslAuthenticatorTest method startServerWithoutSaslAuthenticateHeader.

private NioEchoServer startServerWithoutSaslAuthenticateHeader(final SecurityProtocol securityProtocol, String saslMechanism) throws Exception {
    final ListenerName listenerName = ListenerName.forSecurityProtocol(securityProtocol);
    final Map<String, ?> configs = Collections.emptyMap();
    final JaasContext jaasContext = JaasContext.loadServerContext(listenerName, saslMechanism, configs);
    final Map<String, JaasContext> jaasContexts = Collections.singletonMap(saslMechanism, jaasContext);
    boolean isScram = ScramMechanism.isScram(saslMechanism);
    if (isScram)
        ScramCredentialUtils.createCache(credentialCache, Arrays.asList(saslMechanism));
    Supplier<ApiVersionsResponse> apiVersionSupplier = () -> {
        ApiVersionsResponse defaultApiVersionResponse = ApiVersionsResponse.defaultApiVersionsResponse(ApiMessageType.ListenerType.ZK_BROKER);
        ApiVersionCollection apiVersions = new ApiVersionCollection();
        for (ApiVersion apiVersion : defaultApiVersionResponse.data().apiKeys()) {
            if (apiVersion.apiKey() != ApiKeys.SASL_AUTHENTICATE.id) {
                // ApiVersion can NOT be reused in second ApiVersionCollection
                // due to the internal pointers it contains.
                apiVersions.add(apiVersion.duplicate());
            }
        }
        ApiVersionsResponseData data = new ApiVersionsResponseData().setErrorCode(Errors.NONE.code()).setThrottleTimeMs(0).setApiKeys(apiVersions);
        return new ApiVersionsResponse(data);
    };
    SaslChannelBuilder serverChannelBuilder = new SaslChannelBuilder(Mode.SERVER, jaasContexts, securityProtocol, listenerName, false, saslMechanism, true, credentialCache, null, null, time, new LogContext(), apiVersionSupplier) {

        @Override
        protected SaslServerAuthenticator buildServerAuthenticator(Map<String, ?> configs, Map<String, AuthenticateCallbackHandler> callbackHandlers, String id, TransportLayer transportLayer, Map<String, Subject> subjects, Map<String, Long> connectionsMaxReauthMsByMechanism, ChannelMetadataRegistry metadataRegistry) {
            return new SaslServerAuthenticator(configs, callbackHandlers, id, subjects, null, listenerName, securityProtocol, transportLayer, connectionsMaxReauthMsByMechanism, metadataRegistry, time, apiVersionSupplier) {

                @Override
                protected void enableKafkaSaslAuthenticateHeaders(boolean flag) {
                // Don't enable Kafka SASL_AUTHENTICATE headers
                }
            };
        }
    };
    serverChannelBuilder.configure(saslServerConfigs);
    server = new NioEchoServer(listenerName, securityProtocol, new TestSecurityConfig(saslServerConfigs), "localhost", serverChannelBuilder, credentialCache, time);
    server.start();
    return server;
}
Also used : ApiVersionCollection(org.apache.kafka.common.message.ApiVersionsResponseData.ApiVersionCollection) ApiVersionsResponse(org.apache.kafka.common.requests.ApiVersionsResponse) ApiVersion(org.apache.kafka.common.message.ApiVersionsResponseData.ApiVersion) ChannelMetadataRegistry(org.apache.kafka.common.network.ChannelMetadataRegistry) LogContext(org.apache.kafka.common.utils.LogContext) ListenerName(org.apache.kafka.common.network.ListenerName) TransportLayer(org.apache.kafka.common.network.TransportLayer) JaasContext(org.apache.kafka.common.security.JaasContext) NioEchoServer(org.apache.kafka.common.network.NioEchoServer) TestSecurityConfig(org.apache.kafka.common.security.TestSecurityConfig) SaslChannelBuilder(org.apache.kafka.common.network.SaslChannelBuilder) Map(java.util.Map) HashMap(java.util.HashMap) ApiVersionsResponseData(org.apache.kafka.common.message.ApiVersionsResponseData)

Aggregations

TransportLayer (org.apache.kafka.common.network.TransportLayer)13 HashMap (java.util.HashMap)6 Map (java.util.Map)6 ListenerName (org.apache.kafka.common.network.ListenerName)6 ByteBuffer (java.nio.ByteBuffer)5 ApiVersionsResponse (org.apache.kafka.common.requests.ApiVersionsResponse)5 Subject (javax.security.auth.Subject)4 SaslChannelBuilder (org.apache.kafka.common.network.SaslChannelBuilder)4 JaasContext (org.apache.kafka.common.security.JaasContext)4 Test (org.junit.Test)4 IllegalSaslStateException (org.apache.kafka.common.errors.IllegalSaslStateException)3 ChannelMetadataRegistry (org.apache.kafka.common.network.ChannelMetadataRegistry)3 DefaultChannelMetadataRegistry (org.apache.kafka.common.network.DefaultChannelMetadataRegistry)3 RequestHeader (org.apache.kafka.common.requests.RequestHeader)3 AuthenticateCallbackHandler (org.apache.kafka.common.security.auth.AuthenticateCallbackHandler)3 Test (org.junit.jupiter.api.Test)3 IOException (java.io.IOException)2 InetAddress (java.net.InetAddress)2 Collections (java.util.Collections)2 BrokerSecurityConfigs (org.apache.kafka.common.config.internals.BrokerSecurityConfigs)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial