Search in sources :

Example 16 with DefaultGatewayServices

use of org.apache.knox.gateway.services.DefaultGatewayServices in project knox by apache.

the class DeploymentFactoryFuncTest method testServiceAnonAuth.

/**
 * Test the case where topology has federation provider configured
 * and service uses anonymous authentication in which case we should
 * add AnonymousFilter to the filter chain.
 * @since 1.1.0
 * @throws IOException
 * @throws SAXException
 * @throws ParserConfigurationException
 * @throws URISyntaxException
 * @throws TransformerException
 */
@Test(timeout = MEDIUM_TIMEOUT)
public void testServiceAnonAuth() throws IOException, SAXException, ParserConfigurationException, URISyntaxException, TransformerException {
    LOG_ENTER();
    final GatewayConfig config = new GatewayTestConfig();
    ((GatewayTestConfig) config).setXForwardedEnabled(false);
    final File targetDir = new File(System.getProperty("user.dir"), "target");
    final File gatewayDir = new File(targetDir, "gateway-home-" + UUID.randomUUID());
    gatewayDir.mkdirs();
    ((GatewayTestConfig) config).setGatewayHomeDir(gatewayDir.getAbsolutePath());
    final File deployDir = new File(config.getGatewayDeploymentDir());
    deployDir.mkdirs();
    final DefaultGatewayServices srvcs = new DefaultGatewayServices();
    final Map<String, String> options = new HashMap<>();
    options.put("persist-master", "false");
    options.put("master", "password");
    try {
        DeploymentFactory.setGatewayServices(srvcs);
        srvcs.init(config, options);
    } catch (ServiceLifecycleException e) {
        // I18N not required.
        e.printStackTrace();
    }
    final Topology federationTopology = new Topology();
    final Topology authenticationTopology = new Topology();
    federationTopology.setName("test-cluster");
    authenticationTopology.setName("test-cluster");
    final Service service = new Service();
    service.setRole("RANGER");
    service.addUrl("http://localhost:50070/");
    federationTopology.addService(service);
    authenticationTopology.addService(service);
    /* Add federation provider to first topology */
    final Provider provider = new Provider();
    provider.setRole("federation");
    provider.setName("SSOCookieProvider");
    provider.setEnabled(true);
    Param param = new Param();
    param.setName("sso.authentication.provider.url");
    param.setValue("https://www.local.com:8443/gateway/knoxsso/api/v1/websso");
    provider.addParam(param);
    federationTopology.addProvider(provider);
    /* Add authentication provider to second topology */
    final Provider provider2 = new Provider();
    provider2.setRole("authentication");
    provider2.setName("ShiroProvider");
    provider2.setEnabled(true);
    Param param2 = new Param();
    param2.setName("contextConfigLocation");
    param2.setValue("classpath:app-context-security.xml");
    provider2.addParam(param2);
    authenticationTopology.addProvider(provider2);
    final Provider asserter = new Provider();
    asserter.setRole("identity-assertion");
    asserter.setName("Default");
    asserter.setEnabled(true);
    federationTopology.addProvider(asserter);
    Provider authorizer = new Provider();
    authorizer.setRole("authorization");
    authorizer.setName("AclsAuthz");
    authorizer.setEnabled(true);
    federationTopology.addProvider(authorizer);
    authenticationTopology.addProvider(authorizer);
    final EnterpriseArchive war = DeploymentFactory.createDeployment(config, federationTopology);
    final EnterpriseArchive war2 = DeploymentFactory.createDeployment(config, federationTopology);
    final Document web = XmlUtils.readXml(war.get("%2F/WEB-INF/web.xml").getAsset().openStream());
    final Document web2 = XmlUtils.readXml(war2.get("%2F/WEB-INF/web.xml").getAsset().openStream());
    /* Make sure AnonymousAuthFilter is added to the chain */
    final Document gateway = XmlUtils.readXml(war.get("%2F/WEB-INF/gateway.xml").getAsset().openStream());
    assertThat(gateway, hasXPath("/gateway/resource[1]/pattern", equalTo("/ranger/service/public/**")));
    assertThat(gateway, hasXPath("/gateway/resource[1]/filter[1]/role", equalTo("authentication")));
    assertThat(gateway, hasXPath("/gateway/resource[1]/filter[1]/class", equalTo("org.apache.knox.gateway.filter.AnonymousAuthFilter")));
    assertThat(gateway, hasXPath("/gateway/resource[1]/filter[2]/role", equalTo("rewrite")));
    assertThat(gateway, hasXPath("/gateway/resource[1]/filter[2]/class", equalTo("org.apache.knox.gateway.filter.rewrite.api.UrlRewriteServletFilter")));
    assertThat(gateway, hasXPath("/gateway/resource[1]/filter[3]/role", equalTo("authorization")));
    assertThat(gateway, hasXPath("/gateway/resource[1]/filter[3]/class", equalTo("org.apache.knox.gateway.filter.AclsAuthorizationFilter")));
    assertThat(gateway, hasXPath("/gateway/resource[1]/filter[4]/role", equalTo("dispatch")));
    assertThat(gateway, hasXPath("/gateway/resource[1]/filter[4]/class", equalTo("org.apache.knox.gateway.dispatch.GatewayDispatchFilter")));
    final Document gateway2 = XmlUtils.readXml(war.get("%2F/WEB-INF/gateway.xml").getAsset().openStream());
    assertThat(gateway2, hasXPath("/gateway/resource[1]/pattern", equalTo("/ranger/service/public/**")));
    assertThat(gateway2, hasXPath("/gateway/resource[1]/filter[1]/role", equalTo("authentication")));
    assertThat(gateway2, hasXPath("/gateway/resource[1]/filter[1]/class", equalTo("org.apache.knox.gateway.filter.AnonymousAuthFilter")));
    assertThat(gateway2, hasXPath("/gateway/resource[1]/filter[2]/role", equalTo("rewrite")));
    assertThat(gateway2, hasXPath("/gateway/resource[1]/filter[2]/class", equalTo("org.apache.knox.gateway.filter.rewrite.api.UrlRewriteServletFilter")));
    assertThat(gateway2, hasXPath("/gateway/resource[1]/filter[3]/role", equalTo("authorization")));
    assertThat(gateway2, hasXPath("/gateway/resource[1]/filter[3]/class", equalTo("org.apache.knox.gateway.filter.AclsAuthorizationFilter")));
    assertThat(gateway2, hasXPath("/gateway/resource[1]/filter[4]/role", equalTo("dispatch")));
    assertThat(gateway2, hasXPath("/gateway/resource[1]/filter[4]/class", equalTo("org.apache.knox.gateway.dispatch.GatewayDispatchFilter")));
    LOG_EXIT();
}
Also used : EnterpriseArchive(org.jboss.shrinkwrap.api.spec.EnterpriseArchive) HashMap(java.util.HashMap) ServiceLifecycleException(org.apache.knox.gateway.services.ServiceLifecycleException) Service(org.apache.knox.gateway.topology.Service) Topology(org.apache.knox.gateway.topology.Topology) Document(org.w3c.dom.Document) GatewayTestConfig(org.apache.knox.gateway.GatewayTestConfig) Provider(org.apache.knox.gateway.topology.Provider) Param(org.apache.knox.gateway.topology.Param) DefaultGatewayServices(org.apache.knox.gateway.services.DefaultGatewayServices) File(java.io.File) GatewayConfig(org.apache.knox.gateway.config.GatewayConfig) Test(org.junit.Test)

Example 17 with DefaultGatewayServices

use of org.apache.knox.gateway.services.DefaultGatewayServices in project knox by apache.

the class BadUrlTest method setupGatewayConfig.

/**
 * Initialize the configs and components required for this test.
 *
 * @param backend
 * @throws IOException
 */
private static void setupGatewayConfig(final String backend) throws IOException {
    services = new DefaultGatewayServices();
    topoDir = createDir();
    URL serviceUrl = ClassLoader.getSystemResource("websocket-services");
    final File descriptor = new File(topoDir, "websocket.xml");
    final FileOutputStream stream = new FileOutputStream(descriptor);
    createKnoxTopology(backend).toStream(stream);
    stream.close();
    final TestTopologyListener topoListener = new TestTopologyListener();
    final Map<String, String> options = new HashMap<>();
    options.put("persist-master", "false");
    options.put("master", "password");
    gatewayConfig = EasyMock.createNiceMock(GatewayConfig.class);
    EasyMock.expect(gatewayConfig.getGatewayTopologyDir()).andReturn(topoDir.toString()).anyTimes();
    EasyMock.expect(gatewayConfig.getGatewayProvidersConfigDir()).andReturn(topoDir.getAbsolutePath() + "/shared-providers").anyTimes();
    EasyMock.expect(gatewayConfig.getGatewayDescriptorsDir()).andReturn(topoDir.getAbsolutePath() + "/descriptors").anyTimes();
    EasyMock.expect(gatewayConfig.getGatewayServicesDir()).andReturn(serviceUrl.getFile()).anyTimes();
    EasyMock.expect(gatewayConfig.getEphemeralDHKeySize()).andReturn("2048").anyTimes();
    EasyMock.expect(gatewayConfig.getGatewaySecurityDir()).andReturn(topoDir.toString()).anyTimes();
    /* Websocket configs */
    EasyMock.expect(gatewayConfig.isWebsocketEnabled()).andReturn(true).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketMaxTextMessageSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_TEXT_MESSAGE_SIZE).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketMaxBinaryMessageSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_BINARY_MESSAGE_SIZE).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketMaxTextMessageBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_TEXT_MESSAGE_BUFFER_SIZE).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketMaxBinaryMessageBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_BINARY_MESSAGE_BUFFER_SIZE).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketInputBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_INPUT_BUFFER_SIZE).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketAsyncWriteTimeout()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_ASYNC_WRITE_TIMEOUT).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketIdleTimeout()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_IDLE_TIMEOUT).anyTimes();
    EasyMock.expect(gatewayConfig.getRemoteRegistryConfigurationNames()).andReturn(Collections.emptyList()).anyTimes();
    EasyMock.replay(gatewayConfig);
    try {
        services.init(gatewayConfig, options);
    } catch (ServiceLifecycleException e) {
        e.printStackTrace();
    }
    DeploymentFactory.setGatewayServices(services);
    final TopologyService monitor = services.getService(GatewayServices.TOPOLOGY_SERVICE);
    monitor.addTopologyChangeListener(topoListener);
    monitor.reloadTopologies();
}
Also used : HashMap(java.util.HashMap) FileOutputStream(java.io.FileOutputStream) ServiceLifecycleException(org.apache.knox.gateway.services.ServiceLifecycleException) DefaultGatewayServices(org.apache.knox.gateway.services.DefaultGatewayServices) File(java.io.File) URL(java.net.URL) GatewayConfig(org.apache.knox.gateway.config.GatewayConfig) TopologyService(org.apache.knox.gateway.services.topology.TopologyService)

Example 18 with DefaultGatewayServices

use of org.apache.knox.gateway.services.DefaultGatewayServices in project knox by apache.

the class WebsocketEchoTest method setupGatewayConfig.

/**
 * Initialize the configs and components required for this test.
 *
 * @param backend
 * @throws IOException
 */
private static void setupGatewayConfig(final String backend) throws IOException {
    services = new DefaultGatewayServices();
    topoDir = createDir();
    URL serviceUrl = ClassLoader.getSystemResource("websocket-services");
    final File descriptor = new File(topoDir, "websocket.xml");
    final FileOutputStream stream = new FileOutputStream(descriptor);
    createKnoxTopology(backend).toStream(stream);
    stream.close();
    final TestTopologyListener topoListener = new TestTopologyListener();
    final Map<String, String> options = new HashMap<>();
    options.put("persist-master", "false");
    options.put("master", "password");
    gatewayConfig = EasyMock.createNiceMock(GatewayConfig.class);
    EasyMock.expect(gatewayConfig.getGatewayTopologyDir()).andReturn(topoDir.toString()).anyTimes();
    EasyMock.expect(gatewayConfig.getGatewayProvidersConfigDir()).andReturn(topoDir.getAbsolutePath() + "/shared-providers").anyTimes();
    EasyMock.expect(gatewayConfig.getGatewayDescriptorsDir()).andReturn(topoDir.getAbsolutePath() + "/descriptors").anyTimes();
    EasyMock.expect(gatewayConfig.getGatewayServicesDir()).andReturn(serviceUrl.getFile()).anyTimes();
    EasyMock.expect(gatewayConfig.getEphemeralDHKeySize()).andReturn("2048").anyTimes();
    EasyMock.expect(gatewayConfig.getGatewaySecurityDir()).andReturn(topoDir.toString()).anyTimes();
    /* Websocket configs */
    EasyMock.expect(gatewayConfig.isWebsocketEnabled()).andReturn(true).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketMaxTextMessageSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_TEXT_MESSAGE_SIZE).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketMaxBinaryMessageSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_BINARY_MESSAGE_SIZE).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketMaxTextMessageBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_TEXT_MESSAGE_BUFFER_SIZE).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketMaxBinaryMessageBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_BINARY_MESSAGE_BUFFER_SIZE).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketInputBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_INPUT_BUFFER_SIZE).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketAsyncWriteTimeout()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_ASYNC_WRITE_TIMEOUT).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketIdleTimeout()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_IDLE_TIMEOUT).anyTimes();
    EasyMock.expect(gatewayConfig.getRemoteRegistryConfigurationNames()).andReturn(Collections.emptyList()).anyTimes();
    EasyMock.replay(gatewayConfig);
    try {
        services.init(gatewayConfig, options);
    } catch (ServiceLifecycleException e) {
        e.printStackTrace();
    }
    DeploymentFactory.setGatewayServices(services);
    final TopologyService monitor = services.getService(GatewayServices.TOPOLOGY_SERVICE);
    monitor.addTopologyChangeListener(topoListener);
    monitor.reloadTopologies();
}
Also used : HashMap(java.util.HashMap) FileOutputStream(java.io.FileOutputStream) ServiceLifecycleException(org.apache.knox.gateway.services.ServiceLifecycleException) DefaultGatewayServices(org.apache.knox.gateway.services.DefaultGatewayServices) File(java.io.File) URL(java.net.URL) GatewayConfig(org.apache.knox.gateway.config.GatewayConfig) TopologyService(org.apache.knox.gateway.services.topology.TopologyService)

Example 19 with DefaultGatewayServices

use of org.apache.knox.gateway.services.DefaultGatewayServices in project knox by apache.

the class WebsocketMultipleConnectionTest method setupGatewayConfig.

/**
 * Initialize the configs and components required for this test.
 *
 * @param backend
 * @throws IOException
 */
private static void setupGatewayConfig(final String backend) throws IOException {
    services = new DefaultGatewayServices();
    topoDir = createDir();
    URL serviceUrl = ClassLoader.getSystemResource("websocket-services");
    final File descriptor = new File(topoDir, "websocket.xml");
    final FileOutputStream stream = new FileOutputStream(descriptor);
    createKnoxTopology(backend).toStream(stream);
    stream.close();
    final TestTopologyListener topoListener = new TestTopologyListener();
    final Map<String, String> options = new HashMap<>();
    options.put("persist-master", "false");
    options.put("master", "password");
    gatewayConfig = EasyMock.createNiceMock(GatewayConfig.class);
    EasyMock.expect(gatewayConfig.getGatewayTopologyDir()).andReturn(topoDir.toString()).anyTimes();
    EasyMock.expect(gatewayConfig.getGatewayProvidersConfigDir()).andReturn(topoDir.getAbsolutePath() + "/shared-providers").anyTimes();
    EasyMock.expect(gatewayConfig.getGatewayDescriptorsDir()).andReturn(topoDir.getAbsolutePath() + "/descriptors").anyTimes();
    EasyMock.expect(gatewayConfig.getGatewayServicesDir()).andReturn(serviceUrl.getFile()).anyTimes();
    EasyMock.expect(gatewayConfig.getEphemeralDHKeySize()).andReturn("2048").anyTimes();
    EasyMock.expect(gatewayConfig.getGatewaySecurityDir()).andReturn(topoDir.toString()).anyTimes();
    /* Websocket configs */
    EasyMock.expect(gatewayConfig.isWebsocketEnabled()).andReturn(true).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketMaxTextMessageSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_TEXT_MESSAGE_SIZE).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketMaxBinaryMessageSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_BINARY_MESSAGE_SIZE).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketMaxTextMessageBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_TEXT_MESSAGE_BUFFER_SIZE).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketMaxBinaryMessageBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_MAX_BINARY_MESSAGE_BUFFER_SIZE).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketInputBufferSize()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_INPUT_BUFFER_SIZE).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketAsyncWriteTimeout()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_ASYNC_WRITE_TIMEOUT).anyTimes();
    EasyMock.expect(gatewayConfig.getWebsocketIdleTimeout()).andReturn(GatewayConfigImpl.DEFAULT_WEBSOCKET_IDLE_TIMEOUT).anyTimes();
    EasyMock.expect(gatewayConfig.getRemoteRegistryConfigurationNames()).andReturn(Collections.emptyList()).anyTimes();
    EasyMock.replay(gatewayConfig);
    try {
        services.init(gatewayConfig, options);
    } catch (ServiceLifecycleException e) {
        e.printStackTrace();
    }
    DeploymentFactory.setGatewayServices(services);
    final TopologyService monitor = services.getService(GatewayServices.TOPOLOGY_SERVICE);
    monitor.addTopologyChangeListener(topoListener);
    monitor.reloadTopologies();
}
Also used : HashMap(java.util.HashMap) FileOutputStream(java.io.FileOutputStream) ServiceLifecycleException(org.apache.knox.gateway.services.ServiceLifecycleException) DefaultGatewayServices(org.apache.knox.gateway.services.DefaultGatewayServices) File(java.io.File) URL(java.net.URL) GatewayConfig(org.apache.knox.gateway.config.GatewayConfig) TopologyService(org.apache.knox.gateway.services.topology.TopologyService)

Example 20 with DefaultGatewayServices

use of org.apache.knox.gateway.services.DefaultGatewayServices in project knox by apache.

the class GatewayAdminFuncTest method setupGateway.

public static void setupGateway() throws Exception {
    File targetDir = new File(System.getProperty("user.dir"), "target");
    File gatewayDir = new File(targetDir, "gateway-home-" + UUID.randomUUID());
    gatewayDir.mkdirs();
    GatewayTestConfig testConfig = new GatewayTestConfig();
    config = testConfig;
    testConfig.setGatewayHomeDir(gatewayDir.getAbsolutePath());
    File topoDir = new File(testConfig.getGatewayTopologyDir());
    topoDir.mkdirs();
    File deployDir = new File(testConfig.getGatewayDeploymentDir());
    deployDir.mkdirs();
    File descriptor = new File(topoDir, "test-cluster.xml");
    FileOutputStream stream = new FileOutputStream(descriptor);
    createTopology().toStream(stream);
    stream.close();
    DefaultGatewayServices srvcs = new DefaultGatewayServices();
    Map<String, String> options = new HashMap<>();
    options.put("persist-master", "false");
    options.put("master", "password");
    try {
        srvcs.init(testConfig, options);
    } catch (ServiceLifecycleException e) {
        // I18N not required.
        e.printStackTrace();
    }
    gateway = GatewayServer.startGateway(testConfig, srvcs);
    MatcherAssert.assertThat("Failed to start gateway.", gateway, notNullValue());
    LOG.info("Gateway port = " + gateway.getAddresses()[0].getPort());
    gatewayUrl = "http://localhost:" + gateway.getAddresses()[0].getPort() + "/" + config.getGatewayPath();
    clusterUrl = gatewayUrl + "/test-cluster";
}
Also used : HashMap(java.util.HashMap) FileOutputStream(java.io.FileOutputStream) ServiceLifecycleException(org.apache.knox.gateway.services.ServiceLifecycleException) DefaultGatewayServices(org.apache.knox.gateway.services.DefaultGatewayServices) File(java.io.File)

Aggregations

DefaultGatewayServices (org.apache.knox.gateway.services.DefaultGatewayServices)30 ServiceLifecycleException (org.apache.knox.gateway.services.ServiceLifecycleException)30 HashMap (java.util.HashMap)29 File (java.io.File)26 FileOutputStream (java.io.FileOutputStream)14 GatewayConfig (org.apache.knox.gateway.config.GatewayConfig)11 GatewayTestConfig (org.apache.knox.gateway.GatewayTestConfig)8 Topology (org.apache.knox.gateway.topology.Topology)8 Test (org.junit.Test)8 Service (org.apache.knox.gateway.topology.Service)7 Param (org.apache.knox.gateway.topology.Param)6 EnterpriseArchive (org.jboss.shrinkwrap.api.spec.EnterpriseArchive)6 Document (org.w3c.dom.Document)6 URL (java.net.URL)5 Provider (org.apache.knox.gateway.topology.Provider)5 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)5 Properties (java.util.Properties)4 GatewayServices (org.apache.knox.gateway.services.GatewayServices)4 AliasService (org.apache.knox.gateway.services.security.AliasService)4 TopologyService (org.apache.knox.gateway.services.topology.TopologyService)3