Examples with JaasContext org.apache.kafka.common.security.JaasContext used on opensource projects

Search in sources :

Example 1 with JaasContext

use of org.apache.kafka.common.security.JaasContext in project kafka by apache.

the class ChannelBuilders method create.

private static ChannelBuilder create(SecurityProtocol securityProtocol, Mode mode, JaasContext.Type contextType, AbstractConfig config, ListenerName listenerName, String clientSaslMechanism, boolean saslHandshakeRequestEnable, CredentialCache credentialCache) {
    Map<String, ?> configs;
    if (listenerName == null)
        configs = config.values();
    else
        configs = config.valuesWithPrefixOverride(listenerName.configPrefix());
    ChannelBuilder channelBuilder;
    switch(securityProtocol) {
        case SSL:
            requireNonNullMode(mode, securityProtocol);
            channelBuilder = new SslChannelBuilder(mode);
            break;
        case SASL_SSL:
        case SASL_PLAINTEXT:
            requireNonNullMode(mode, securityProtocol);
            JaasContext jaasContext = JaasContext.load(contextType, listenerName, configs);
            channelBuilder = new SaslChannelBuilder(mode, jaasContext, securityProtocol, clientSaslMechanism, saslHandshakeRequestEnable, credentialCache);
            break;
        case PLAINTEXT:
        case TRACE:
            channelBuilder = new PlaintextChannelBuilder();
            break;
        default:
            throw new IllegalArgumentException("Unexpected securityProtocol " + securityProtocol);
    }
    channelBuilder.configure(configs);
    return channelBuilder;
}
Also used : JaasContext(org.apache.kafka.common.security.JaasContext)

Example 2 with JaasContext

use of org.apache.kafka.common.security.JaasContext in project apache-kafka-on-k8s by banzaicloud.

the class LoginManagerTest method testClientLoginManager.

@Test
public void testClientLoginManager() throws Exception {
    Map<String, ?> configs = Collections.singletonMap("sasl.jaas.config", dynamicPlainContext);
    JaasContext dynamicContext = JaasContext.loadClientContext(configs);
    JaasContext staticContext = JaasContext.loadClientContext(Collections.<String, Object>emptyMap());
    LoginManager dynamicLogin = LoginManager.acquireLoginManager(dynamicContext, "PLAIN", false, configs);
    assertEquals(dynamicPlainContext, dynamicLogin.cacheKey());
    LoginManager staticLogin = LoginManager.acquireLoginManager(staticContext, "SCRAM-SHA-256", false, configs);
    assertNotSame(dynamicLogin, staticLogin);
    assertEquals("KafkaClient", staticLogin.cacheKey());
    assertSame(dynamicLogin, LoginManager.acquireLoginManager(dynamicContext, "PLAIN", false, configs));
    assertSame(staticLogin, LoginManager.acquireLoginManager(staticContext, "SCRAM-SHA-256", false, configs));
    verifyLoginManagerRelease(dynamicLogin, 2, dynamicContext, configs);
    verifyLoginManagerRelease(staticLogin, 2, staticContext, configs);
}
Also used : JaasContext(org.apache.kafka.common.security.JaasContext) Test(org.junit.Test)

Example 3 with JaasContext

use of org.apache.kafka.common.security.JaasContext in project apache-kafka-on-k8s by banzaicloud.

the class LoginManagerTest method testServerLoginManager.

@Test
public void testServerLoginManager() throws Exception {
    Map<String, Object> configs = new HashMap<>();
    configs.put("plain.sasl.jaas.config", dynamicPlainContext);
    configs.put("digest-md5.sasl.jaas.config", dynamicDigestContext);
    ListenerName listenerName = new ListenerName("listener1");
    JaasContext plainJaasContext = JaasContext.loadServerContext(listenerName, "PLAIN", configs);
    JaasContext digestJaasContext = JaasContext.loadServerContext(listenerName, "DIGEST-MD5", configs);
    JaasContext scramJaasContext = JaasContext.loadServerContext(listenerName, "SCRAM-SHA-256", configs);
    LoginManager dynamicPlainLogin = LoginManager.acquireLoginManager(plainJaasContext, "PLAIN", false, configs);
    assertEquals(dynamicPlainContext, dynamicPlainLogin.cacheKey());
    LoginManager dynamicDigestLogin = LoginManager.acquireLoginManager(digestJaasContext, "DIGEST-MD5", false, configs);
    assertNotSame(dynamicPlainLogin, dynamicDigestLogin);
    assertEquals(dynamicDigestContext, dynamicDigestLogin.cacheKey());
    LoginManager staticScramLogin = LoginManager.acquireLoginManager(scramJaasContext, "SCRAM-SHA-256", false, configs);
    assertNotSame(dynamicPlainLogin, staticScramLogin);
    assertEquals("KafkaServer", staticScramLogin.cacheKey());
    assertSame(dynamicPlainLogin, LoginManager.acquireLoginManager(plainJaasContext, "PLAIN", false, configs));
    assertSame(dynamicDigestLogin, LoginManager.acquireLoginManager(digestJaasContext, "DIGEST-MD5", false, configs));
    assertSame(staticScramLogin, LoginManager.acquireLoginManager(scramJaasContext, "SCRAM-SHA-256", false, configs));
    verifyLoginManagerRelease(dynamicPlainLogin, 2, plainJaasContext, configs);
    verifyLoginManagerRelease(dynamicDigestLogin, 2, digestJaasContext, configs);
    verifyLoginManagerRelease(staticScramLogin, 2, scramJaasContext, configs);
}
Also used : JaasContext(org.apache.kafka.common.security.JaasContext) HashMap(java.util.HashMap) ListenerName(org.apache.kafka.common.network.ListenerName) Test(org.junit.Test)

Example 4 with JaasContext

use of org.apache.kafka.common.security.JaasContext in project apache-kafka-on-k8s by banzaicloud.

the class SaslAuthenticatorTest method createClientConnectionWithoutSaslAuthenticateHeader.

private void createClientConnectionWithoutSaslAuthenticateHeader(final SecurityProtocol securityProtocol, final String saslMechanism, String node) throws Exception {
    final ListenerName listenerName = ListenerName.forSecurityProtocol(securityProtocol);
    final Map<String, ?> configs = Collections.emptyMap();
    final JaasContext jaasContext = JaasContext.loadClientContext(configs);
    final Map<String, JaasContext> jaasContexts = Collections.singletonMap(saslMechanism, jaasContext);
    SaslChannelBuilder clientChannelBuilder = new SaslChannelBuilder(Mode.CLIENT, jaasContexts, securityProtocol, listenerName, false, saslMechanism, true, null, null) {

        @Override
        protected SaslClientAuthenticator buildClientAuthenticator(Map<String, ?> configs, String id, String serverHost, String servicePrincipal, TransportLayer transportLayer, Subject subject) throws IOException {
            return new SaslClientAuthenticator(configs, id, subject, servicePrincipal, serverHost, saslMechanism, true, transportLayer) {

                @Override
                protected SaslHandshakeRequest createSaslHandshakeRequest(short version) {
                    return new SaslHandshakeRequest.Builder(saslMechanism).build((short) 0);
                }

                @Override
                protected void saslAuthenticateVersion(short version) {
                // Don't set version so that headers are disabled
                }
            };
        }
    };
    clientChannelBuilder.configure(saslClientConfigs);
    this.selector = NetworkTestUtils.createSelector(clientChannelBuilder);
    InetSocketAddress addr = new InetSocketAddress("127.0.0.1", server.port());
    selector.connect(node, addr, BUFFER_SIZE, BUFFER_SIZE);
}
Also used : InetSocketAddress(java.net.InetSocketAddress) ListenerName(org.apache.kafka.common.network.ListenerName) Subject(javax.security.auth.Subject) TransportLayer(org.apache.kafka.common.network.TransportLayer) JaasContext(org.apache.kafka.common.security.JaasContext) SaslChannelBuilder(org.apache.kafka.common.network.SaslChannelBuilder) Map(java.util.Map) HashMap(java.util.HashMap) SaslHandshakeRequest(org.apache.kafka.common.requests.SaslHandshakeRequest)

Example 5 with JaasContext

use of org.apache.kafka.common.security.JaasContext in project apache-kafka-on-k8s by banzaicloud.

the class SaslServerAuthenticatorTest method setupAuthenticator.

private SaslServerAuthenticator setupAuthenticator(Map<String, ?> configs, TransportLayer transportLayer, String mechanism) throws IOException {
    TestJaasConfig jaasConfig = new TestJaasConfig();
    jaasConfig.addEntry("jaasContext", PlainLoginModule.class.getName(), new HashMap<String, Object>());
    Map<String, JaasContext> jaasContexts = Collections.singletonMap(mechanism, new JaasContext("jaasContext", JaasContext.Type.SERVER, jaasConfig, null));
    Map<String, Subject> subjects = Collections.singletonMap(mechanism, new Subject());
    return new SaslServerAuthenticator(configs, "node", jaasContexts, subjects, null, new CredentialCache(), new ListenerName("ssl"), SecurityProtocol.SASL_SSL, transportLayer, new DelegationTokenCache(ScramMechanism.mechanismNames()));
}
Also used : PlainLoginModule(org.apache.kafka.common.security.plain.PlainLoginModule) ListenerName(org.apache.kafka.common.network.ListenerName) Subject(javax.security.auth.Subject) JaasContext(org.apache.kafka.common.security.JaasContext) DelegationTokenCache(org.apache.kafka.common.security.token.delegation.DelegationTokenCache)

Aggregations

JaasContext (org.apache.kafka.common.security.JaasContext)21 HashMap (java.util.HashMap)10 ListenerName (org.apache.kafka.common.network.ListenerName)9 Map (java.util.Map)6 SaslChannelBuilder (org.apache.kafka.common.network.SaslChannelBuilder)5 TestJaasConfig (org.apache.kafka.common.security.authenticator.TestJaasConfig)5 List (java.util.List)4 Subject (javax.security.auth.Subject)4 TransportLayer (org.apache.kafka.common.network.TransportLayer)4 ApiVersionsResponse (org.apache.kafka.common.requests.ApiVersionsResponse)4 LogContext (org.apache.kafka.common.utils.LogContext)4 NioEchoServer (org.apache.kafka.common.network.NioEchoServer)3 TestSecurityConfig (org.apache.kafka.common.security.TestSecurityConfig)3 PlainLoginModule (org.apache.kafka.common.security.plain.PlainLoginModule)3 Test (org.junit.jupiter.api.Test)3 IOException (java.io.IOException)2 InetSocketAddress (java.net.InetSocketAddress)2 KafkaException (org.apache.kafka.common.KafkaException)2 ApiVersionsResponseData (org.apache.kafka.common.message.ApiVersionsResponseData)2 ApiVersion (org.apache.kafka.common.message.ApiVersionsResponseData.ApiVersion)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial