use of org.apache.knox.gateway.config.GatewayConfig in project knox by apache.
the class DefaultRemoteConfigurationRegistriesTest method doTestPropertiesRemoteConfigurationRegistries.
/**
* Perform the actual test.
*
* @param testProperties The test properties
*/
private void doTestPropertiesRemoteConfigurationRegistries(Map<String, Properties> testProperties) throws Exception {
// Mock gateway config
GatewayConfig gc = mockGatewayConfig(testProperties);
// Create the RemoteConfigurationRegistries object to be tested from the GatewayConfig
RemoteConfigurationRegistries registries = new DefaultRemoteConfigurationRegistries(gc);
// Basic validation
assertNotNull(registries);
List<RemoteConfigurationRegistry> registryConfigs = registries.getRegistryConfigurations();
assertNotNull(registryConfigs);
assertEquals(testProperties.size(), registryConfigs.size());
// Validate the contents of the created object
for (RemoteConfigurationRegistry regConfig : registryConfigs) {
validateRemoteRegistryConfig(regConfig.getName(), testProperties.get(regConfig.getName()), regConfig);
}
}
use of org.apache.knox.gateway.config.GatewayConfig in project knox by apache.
the class RemoteConfigurationRegistryClientServiceTest method testZooKeeperWithSingleExternalRegistryConfig.
/**
* Test the remote registry configuration external to, and referenced from, the gateway configuration, for a secure
* client.
*/
@Test
public void testZooKeeperWithSingleExternalRegistryConfig() throws Exception {
final String AUTH_TYPE = "digest";
final String REGISTRY_CLIENT_NAME = "my-zookeeper_registryNAME";
final String PRINCIPAL = "knox";
final String PWD = "knoxtest";
final String CRED_ALIAS = "zkCredential";
// Configure and start a secure ZK cluster
TestingCluster zkCluster = setupAndStartSecureTestZooKeeper(PRINCIPAL, PWD);
File tmpRegConfigFile = null;
try {
// Create the setup client for the test cluster, and initialize the test znodes
CuratorFramework setupClient = initializeTestClientAndZNodes(zkCluster, PRINCIPAL);
// Mock configuration
Map<String, String> registryConfigProps = new HashMap<>();
registryConfigProps.put("type", ZooKeeperClientService.TYPE);
registryConfigProps.put("name", REGISTRY_CLIENT_NAME);
registryConfigProps.put("address", zkCluster.getConnectString());
registryConfigProps.put("secure", "true");
registryConfigProps.put("authType", AUTH_TYPE);
registryConfigProps.put("principal", PRINCIPAL);
registryConfigProps.put("credentialAlias", CRED_ALIAS);
String registryConfigXML = RemoteRegistryConfigTestUtils.createRemoteConfigRegistriesXML(Collections.singleton(registryConfigProps));
tmpRegConfigFile = File.createTempFile("myRemoteRegistryConfig", "xml");
FileUtils.writeStringToFile(tmpRegConfigFile, registryConfigXML);
System.setProperty("org.apache.knox.gateway.remote.registry.config.file", tmpRegConfigFile.getAbsolutePath());
GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
EasyMock.replay(config);
doTestZooKeeperClient(setupClient, REGISTRY_CLIENT_NAME, config, CRED_ALIAS, PWD);
} finally {
zkCluster.stop();
if (tmpRegConfigFile != null && tmpRegConfigFile.exists()) {
tmpRegConfigFile.delete();
}
System.clearProperty("org.apache.knox.gateway.remote.registry.config.file");
}
}
use of org.apache.knox.gateway.config.GatewayConfig in project knox by apache.
the class RemoteConfigurationRegistryClientServiceTest method testUnsecuredZooKeeperWithSimpleRegistryConfig.
/**
* Test a configuration for an unsecured remote registry, included in the gateway configuration.
*/
@Test
public void testUnsecuredZooKeeperWithSimpleRegistryConfig() throws Exception {
final String REGISTRY_CLIENT_NAME = "unsecured-zk-registry-name";
final String PRINCIPAL = null;
final String PWD = null;
final String CRED_ALIAS = null;
// Configure and start a secure ZK cluster
TestingCluster zkCluster = setupAndStartSecureTestZooKeeper(PRINCIPAL, PWD);
try {
// Create the setup client for the test cluster, and initialize the test znodes
CuratorFramework setupClient = initializeTestClientAndZNodes(zkCluster, PRINCIPAL);
// Mock configuration
GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
final String registryConfigValue = GatewayConfig.REMOTE_CONFIG_REGISTRY_TYPE + "=" + ZooKeeperClientService.TYPE + ";" + GatewayConfig.REMOTE_CONFIG_REGISTRY_ADDRESS + "=" + zkCluster.getConnectString();
EasyMock.expect(config.getRemoteRegistryConfiguration(REGISTRY_CLIENT_NAME)).andReturn(registryConfigValue).anyTimes();
EasyMock.expect(config.getRemoteRegistryConfigurationNames()).andReturn(Collections.singletonList(REGISTRY_CLIENT_NAME)).anyTimes();
EasyMock.replay(config);
doTestZooKeeperClient(setupClient, REGISTRY_CLIENT_NAME, config, CRED_ALIAS, PWD);
} finally {
zkCluster.stop();
}
}
use of org.apache.knox.gateway.config.GatewayConfig in project knox by apache.
the class DefaultHttpClientFactory method getConnectionTimeout.
private static int getConnectionTimeout(FilterConfig filterConfig) {
int timeout = -1;
GatewayConfig globalConfig = (GatewayConfig) filterConfig.getServletContext().getAttribute(GatewayConfig.GATEWAY_CONFIG_ATTRIBUTE);
if (globalConfig != null) {
timeout = globalConfig.getHttpClientConnectionTimeout();
}
String str = filterConfig.getInitParameter("httpclient.connectionTimeout");
if (str != null) {
try {
timeout = (int) parseTimeout(str);
} catch (Exception e) {
// Ignore it and use the default.
}
}
return timeout;
}
use of org.apache.knox.gateway.config.GatewayConfig in project knox by apache.
the class DefaultHttpClientFactory method createHttpClient.
@Override
public HttpClient createHttpClient(FilterConfig filterConfig) {
HttpClientBuilder builder = null;
GatewayConfig gatewayConfig = (GatewayConfig) filterConfig.getServletContext().getAttribute(GatewayConfig.GATEWAY_CONFIG_ATTRIBUTE);
GatewayServices services = (GatewayServices) filterConfig.getServletContext().getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE);
if (gatewayConfig != null && gatewayConfig.isMetricsEnabled()) {
MetricsService metricsService = services.getService(GatewayServices.METRICS_SERVICE);
builder = metricsService.getInstrumented(HttpClientBuilder.class);
} else {
builder = HttpClients.custom();
}
if (Boolean.parseBoolean(filterConfig.getInitParameter("useTwoWaySsl"))) {
char[] keypass = null;
MasterService ms = services.getService("MasterService");
AliasService as = services.getService(GatewayServices.ALIAS_SERVICE);
try {
keypass = as.getGatewayIdentityPassphrase();
} catch (AliasServiceException e) {
// nop - default passphrase will be used
}
if (keypass == null) {
// there has been no alias created for the key - let's assume it is the same as the keystore password
keypass = ms.getMasterSecret();
}
KeystoreService ks = services.getService(GatewayServices.KEYSTORE_SERVICE);
final SSLContext sslcontext;
try {
KeyStore keystoreForGateway = ks.getKeystoreForGateway();
sslcontext = SSLContexts.custom().loadTrustMaterial(keystoreForGateway, new TrustSelfSignedStrategy()).loadKeyMaterial(keystoreForGateway, keypass).build();
} catch (Exception e) {
throw new IllegalArgumentException("Unable to create SSLContext", e);
}
builder.setSSLSocketFactory(new SSLConnectionSocketFactory(sslcontext));
}
if ("true".equals(System.getProperty(GatewayConfig.HADOOP_KERBEROS_SECURED))) {
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY, new UseJaasCredentials());
Registry<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create().register(AuthSchemes.SPNEGO, new KnoxSpnegoAuthSchemeFactory(true)).build();
builder = builder.setDefaultAuthSchemeRegistry(authSchemeRegistry).setDefaultCookieStore(new HadoopAuthCookieStore()).setDefaultCredentialsProvider(credentialsProvider);
} else {
builder = builder.setDefaultCookieStore(new NoCookieStore());
}
builder.setKeepAliveStrategy(DefaultConnectionKeepAliveStrategy.INSTANCE);
builder.setConnectionReuseStrategy(DefaultConnectionReuseStrategy.INSTANCE);
builder.setRedirectStrategy(new NeverRedirectStrategy());
builder.setRetryHandler(new NeverRetryHandler());
int maxConnections = getMaxConnections(filterConfig);
builder.setMaxConnTotal(maxConnections);
builder.setMaxConnPerRoute(maxConnections);
builder.setDefaultRequestConfig(getRequestConfig(filterConfig));
HttpClient client = builder.build();
return client;
}
Aggregations