use of org.apache.knox.gateway.services.DefaultGatewayServices in project knox by apache.
the class DeploymentFactoryFuncTest method testServiceAnonAuth.
/**
* Test the case where topology has federation provider configured
* and service uses anonymous authentication in which case we should
* add AnonymousFilter to the filter chain.
* @since 1.1.0
* @throws IOException
* @throws SAXException
* @throws ParserConfigurationException
* @throws URISyntaxException
* @throws TransformerException
*/
@Test(timeout = MEDIUM_TIMEOUT)
public void testServiceAnonAuth() throws IOException, SAXException, ParserConfigurationException, URISyntaxException, TransformerException {
LOG_ENTER();
final GatewayConfig config = new GatewayTestConfig();
((GatewayTestConfig) config).setXForwardedEnabled(false);
final File targetDir = new File(System.getProperty("user.dir"), "target");
final File gatewayDir = new File(targetDir, "gateway-home-" + UUID.randomUUID());
gatewayDir.mkdirs();
((GatewayTestConfig) config).setGatewayHomeDir(gatewayDir.getAbsolutePath());
final File deployDir = new File(config.getGatewayDeploymentDir());
deployDir.mkdirs();
final DefaultGatewayServices srvcs = new DefaultGatewayServices();
final Map<String, String> options = new HashMap<>();
options.put("persist-master", "false");
options.put("master", "password");
try {
DeploymentFactory.setGatewayServices(srvcs);
srvcs.init(config, options);
} catch (ServiceLifecycleException e) {
// I18N not required.
e.printStackTrace();
}
final Topology federationTopology = new Topology();
final Topology authenticationTopology = new Topology();
federationTopology.setName("test-cluster");
authenticationTopology.setName("test-cluster");
final Service service = new Service();
service.setRole("RANGER");
service.addUrl("http://localhost:50070/");
federationTopology.addService(service);
authenticationTopology.addService(service);
/* Add federation provider to first topology */
final Provider provider = new Provider();
provider.setRole("federation");
provider.setName("SSOCookieProvider");
provider.setEnabled(true);
Param param = new Param();
param.setName("sso.authentication.provider.url");
param.setValue("https://www.local.com:8443/gateway/knoxsso/api/v1/websso");
provider.addParam(param);
federationTopology.addProvider(provider);
/* Add authentication provider to second topology */
final Provider provider2 = new Provider();
provider2.setRole("authentication");
provider2.setName("ShiroProvider");
provider2.setEnabled(true);
Param param2 = new Param();
param2.setName("contextConfigLocation");
param2.setValue("classpath:app-context-security.xml");
provider2.addParam(param2);
authenticationTopology.addProvider(provider2);
final Provider asserter = new Provider();
asserter.setRole("identity-assertion");
asserter.setName("Default");
asserter.setEnabled(true);
federationTopology.addProvider(asserter);
Provider authorizer = new Provider();
authorizer.setRole("authorization");
authorizer.setName("AclsAuthz");
authorizer.setEnabled(true);
federationTopology.addProvider(authorizer);
authenticationTopology.addProvider(authorizer);
final EnterpriseArchive war = DeploymentFactory.createDeployment(config, federationTopology);
final EnterpriseArchive war2 = DeploymentFactory.createDeployment(config, federationTopology);
final Document web = XmlUtils.readXml(war.get("%2F/WEB-INF/web.xml").getAsset().openStream());
final Document web2 = XmlUtils.readXml(war2.get("%2F/WEB-INF/web.xml").getAsset().openStream());
/* Make sure AnonymousAuthFilter is added to the chain */
final Document gateway = XmlUtils.readXml(war.get("%2F/WEB-INF/gateway.xml").getAsset().openStream());
assertThat(gateway, hasXPath("/gateway/resource[1]/pattern", equalTo("/ranger/service/public/**")));
assertThat(gateway, hasXPath("/gateway/resource[1]/filter[1]/role", equalTo("authentication")));
assertThat(gateway, hasXPath("/gateway/resource[1]/filter[1]/class", equalTo("org.apache.knox.gateway.filter.AnonymousAuthFilter")));
assertThat(gateway, hasXPath("/gateway/resource[1]/filter[2]/role", equalTo("rewrite")));
assertThat(gateway, hasXPath("/gateway/resource[1]/filter[2]/class", equalTo("org.apache.knox.gateway.filter.rewrite.api.UrlRewriteServletFilter")));
assertThat(gateway, hasXPath("/gateway/resource[1]/filter[3]/role", equalTo("authorization")));
assertThat(gateway, hasXPath("/gateway/resource[1]/filter[3]/class", equalTo("org.apache.knox.gateway.filter.AclsAuthorizationFilter")));
assertThat(gateway, hasXPath("/gateway/resource[1]/filter[4]/role", equalTo("dispatch")));
assertThat(gateway, hasXPath("/gateway/resource[1]/filter[4]/class", equalTo("org.apache.knox.gateway.dispatch.GatewayDispatchFilter")));
final Document gateway2 = XmlUtils.readXml(war.get("%2F/WEB-INF/gateway.xml").getAsset().openStream());
assertThat(gateway2, hasXPath("/gateway/resource[1]/pattern", equalTo("/ranger/service/public/**")));
assertThat(gateway2, hasXPath("/gateway/resource[1]/filter[1]/role", equalTo("authentication")));
assertThat(gateway2, hasXPath("/gateway/resource[1]/filter[1]/class", equalTo("org.apache.knox.gateway.filter.AnonymousAuthFilter")));
assertThat(gateway2, hasXPath("/gateway/resource[1]/filter[2]/role", equalTo("rewrite")));
assertThat(gateway2, hasXPath("/gateway/resource[1]/filter[2]/class", equalTo("org.apache.knox.gateway.filter.rewrite.api.UrlRewriteServletFilter")));
assertThat(gateway2, hasXPath("/gateway/resource[1]/filter[3]/role", equalTo("authorization")));
assertThat(gateway2, hasXPath("/gateway/resource[1]/filter[3]/class", equalTo("org.apache.knox.gateway.filter.AclsAuthorizationFilter")));
assertThat(gateway2, hasXPath("/gateway/resource[1]/filter[4]/role", equalTo("dispatch")));
assertThat(gateway2, hasXPath("/gateway/resource[1]/filter[4]/class", equalTo("org.apache.knox.gateway.dispatch.GatewayDispatchFilter")));
LOG_EXIT();
}
use of org.apache.knox.gateway.services.DefaultGatewayServices in project knox by apache.
the class BadUrlTest method setupGatewayConfig.
/**
* Initialize the configs and components required for this test.
*
* @param backend
* @throws IOException
*/
private static void setupGatewayConfig(final String backend) throws IOException {
services = new DefaultGatewayServices();
topoDir = createDir();
URL serviceUrl = ClassLoader.getSystemResource("websocket-services");
final File descriptor = new File(topoDir, "websocket.xml");
final FileOutputStream stream = new FileOutputStream(descriptor);
createKnoxTopology(backend).toStream(stream);
stream.close();
final TestTopologyListener topoListener = new TestTopologyListener();
final Map<String, String> options = new HashMap<>();
options.put("persist-master", "false");
options.put("master", "password");
gatewayConfig = EasyMock.createNiceMock(GatewayConfig.class);
EasyMock.expect(gatewayConfig.getGatewayTopologyDir()).andReturn(topoDir.toString()).anyTimes();
EasyMock.expect(gatewayConfig.getGatewayProvidersConfigDir()).andReturn(topoDir.getAbsolutePath() + "/shared-providers").anyTimes();
EasyMock.expect(gatewayConfig.getGatewayDescriptorsDir()).andReturn(topoDir.getAbsolutePath() + "/descriptors").anyTimes();
EasyMock.expect(gatewayConfig.getGatewayServicesDir()).andReturn(serviceUrl.getFile()).anyTimes();
EasyMock.expect(gatewayConfig.getEphemeralDHKeySize()).andReturn("2048").anyTimes();
EasyMock.expect(gatewayConfig.getGatewaySecurityDir()).andReturn(topoDir.toString()).anyTimes();
/* Websocket configs */
EasyMock.expect(gatewayConfig.isWebsocketEnabled()).andReturn(true).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketMaxTextMessageSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_TEXT_MESSAGE_SIZE).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketMaxBinaryMessageSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_BINARY_MESSAGE_SIZE).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketMaxTextMessageBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_TEXT_MESSAGE_BUFFER_SIZE).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketMaxBinaryMessageBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_BINARY_MESSAGE_BUFFER_SIZE).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketInputBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_INPUT_BUFFER_SIZE).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketAsyncWriteTimeout()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_ASYNC_WRITE_TIMEOUT).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketIdleTimeout()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_IDLE_TIMEOUT).anyTimes();
EasyMock.expect(gatewayConfig.getRemoteRegistryConfigurationNames()).andReturn(Collections.emptyList()).anyTimes();
EasyMock.replay(gatewayConfig);
try {
services.init(gatewayConfig, options);
} catch (ServiceLifecycleException e) {
e.printStackTrace();
}
DeploymentFactory.setGatewayServices(services);
final TopologyService monitor = services.getService(GatewayServices.TOPOLOGY_SERVICE);
monitor.addTopologyChangeListener(topoListener);
monitor.reloadTopologies();
}
use of org.apache.knox.gateway.services.DefaultGatewayServices in project knox by apache.
the class WebsocketEchoTest method setupGatewayConfig.
/**
* Initialize the configs and components required for this test.
*
* @param backend
* @throws IOException
*/
private static void setupGatewayConfig(final String backend) throws IOException {
services = new DefaultGatewayServices();
topoDir = createDir();
URL serviceUrl = ClassLoader.getSystemResource("websocket-services");
final File descriptor = new File(topoDir, "websocket.xml");
final FileOutputStream stream = new FileOutputStream(descriptor);
createKnoxTopology(backend).toStream(stream);
stream.close();
final TestTopologyListener topoListener = new TestTopologyListener();
final Map<String, String> options = new HashMap<>();
options.put("persist-master", "false");
options.put("master", "password");
gatewayConfig = EasyMock.createNiceMock(GatewayConfig.class);
EasyMock.expect(gatewayConfig.getGatewayTopologyDir()).andReturn(topoDir.toString()).anyTimes();
EasyMock.expect(gatewayConfig.getGatewayProvidersConfigDir()).andReturn(topoDir.getAbsolutePath() + "/shared-providers").anyTimes();
EasyMock.expect(gatewayConfig.getGatewayDescriptorsDir()).andReturn(topoDir.getAbsolutePath() + "/descriptors").anyTimes();
EasyMock.expect(gatewayConfig.getGatewayServicesDir()).andReturn(serviceUrl.getFile()).anyTimes();
EasyMock.expect(gatewayConfig.getEphemeralDHKeySize()).andReturn("2048").anyTimes();
EasyMock.expect(gatewayConfig.getGatewaySecurityDir()).andReturn(topoDir.toString()).anyTimes();
/* Websocket configs */
EasyMock.expect(gatewayConfig.isWebsocketEnabled()).andReturn(true).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketMaxTextMessageSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_TEXT_MESSAGE_SIZE).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketMaxBinaryMessageSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_BINARY_MESSAGE_SIZE).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketMaxTextMessageBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_TEXT_MESSAGE_BUFFER_SIZE).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketMaxBinaryMessageBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_BINARY_MESSAGE_BUFFER_SIZE).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketInputBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_INPUT_BUFFER_SIZE).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketAsyncWriteTimeout()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_ASYNC_WRITE_TIMEOUT).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketIdleTimeout()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_IDLE_TIMEOUT).anyTimes();
EasyMock.expect(gatewayConfig.getRemoteRegistryConfigurationNames()).andReturn(Collections.emptyList()).anyTimes();
EasyMock.replay(gatewayConfig);
try {
services.init(gatewayConfig, options);
} catch (ServiceLifecycleException e) {
e.printStackTrace();
}
DeploymentFactory.setGatewayServices(services);
final TopologyService monitor = services.getService(GatewayServices.TOPOLOGY_SERVICE);
monitor.addTopologyChangeListener(topoListener);
monitor.reloadTopologies();
}
use of org.apache.knox.gateway.services.DefaultGatewayServices in project knox by apache.
the class WebsocketMultipleConnectionTest method setupGatewayConfig.
/**
* Initialize the configs and components required for this test.
*
* @param backend
* @throws IOException
*/
private static void setupGatewayConfig(final String backend) throws IOException {
services = new DefaultGatewayServices();
topoDir = createDir();
URL serviceUrl = ClassLoader.getSystemResource("websocket-services");
final File descriptor = new File(topoDir, "websocket.xml");
final FileOutputStream stream = new FileOutputStream(descriptor);
createKnoxTopology(backend).toStream(stream);
stream.close();
final TestTopologyListener topoListener = new TestTopologyListener();
final Map<String, String> options = new HashMap<>();
options.put("persist-master", "false");
options.put("master", "password");
gatewayConfig = EasyMock.createNiceMock(GatewayConfig.class);
EasyMock.expect(gatewayConfig.getGatewayTopologyDir()).andReturn(topoDir.toString()).anyTimes();
EasyMock.expect(gatewayConfig.getGatewayProvidersConfigDir()).andReturn(topoDir.getAbsolutePath() + "/shared-providers").anyTimes();
EasyMock.expect(gatewayConfig.getGatewayDescriptorsDir()).andReturn(topoDir.getAbsolutePath() + "/descriptors").anyTimes();
EasyMock.expect(gatewayConfig.getGatewayServicesDir()).andReturn(serviceUrl.getFile()).anyTimes();
EasyMock.expect(gatewayConfig.getEphemeralDHKeySize()).andReturn("2048").anyTimes();
EasyMock.expect(gatewayConfig.getGatewaySecurityDir()).andReturn(topoDir.toString()).anyTimes();
/* Websocket configs */
EasyMock.expect(gatewayConfig.isWebsocketEnabled()).andReturn(true).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketMaxTextMessageSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_TEXT_MESSAGE_SIZE).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketMaxBinaryMessageSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_BINARY_MESSAGE_SIZE).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketMaxTextMessageBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_TEXT_MESSAGE_BUFFER_SIZE).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketMaxBinaryMessageBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_BINARY_MESSAGE_BUFFER_SIZE).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketInputBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_INPUT_BUFFER_SIZE).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketAsyncWriteTimeout()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_ASYNC_WRITE_TIMEOUT).anyTimes();
EasyMock.expect(gatewayConfig.getWebsocketIdleTimeout()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_IDLE_TIMEOUT).anyTimes();
EasyMock.expect(gatewayConfig.getRemoteRegistryConfigurationNames()).andReturn(Collections.emptyList()).anyTimes();
EasyMock.replay(gatewayConfig);
try {
services.init(gatewayConfig, options);
} catch (ServiceLifecycleException e) {
e.printStackTrace();
}
DeploymentFactory.setGatewayServices(services);
final TopologyService monitor = services.getService(GatewayServices.TOPOLOGY_SERVICE);
monitor.addTopologyChangeListener(topoListener);
monitor.reloadTopologies();
}
use of org.apache.knox.gateway.services.DefaultGatewayServices in project knox by apache.
the class GatewayAdminFuncTest method setupGateway.
public static void setupGateway() throws Exception {
File targetDir = new File(System.getProperty("user.dir"), "target");
File gatewayDir = new File(targetDir, "gateway-home-" + UUID.randomUUID());
gatewayDir.mkdirs();
GatewayTestConfig testConfig = new GatewayTestConfig();
config = testConfig;
testConfig.setGatewayHomeDir(gatewayDir.getAbsolutePath());
File topoDir = new File(testConfig.getGatewayTopologyDir());
topoDir.mkdirs();
File deployDir = new File(testConfig.getGatewayDeploymentDir());
deployDir.mkdirs();
File descriptor = new File(topoDir, "test-cluster.xml");
FileOutputStream stream = new FileOutputStream(descriptor);
createTopology().toStream(stream);
stream.close();
DefaultGatewayServices srvcs = new DefaultGatewayServices();
Map<String, String> options = new HashMap<>();
options.put("persist-master", "false");
options.put("master", "password");
try {
srvcs.init(testConfig, options);
} catch (ServiceLifecycleException e) {
// I18N not required.
e.printStackTrace();
}
gateway = GatewayServer.startGateway(testConfig, srvcs);
MatcherAssert.assertThat("Failed to start gateway.", gateway, notNullValue());
LOG.info("Gateway port = " + gateway.getAddresses()[0].getPort());
gatewayUrl = "http://localhost:" + gateway.getAddresses()[0].getPort() + "/" + config.getGatewayPath();
clusterUrl = gatewayUrl + "/test-cluster";
}
Aggregations