Examples with Authentication org.apache.pulsar.client.api.Authentication used on opensource projects

Example 1 with Authentication

use of org.apache.pulsar.client.api.Authentication in project incubator-pulsar by apache.

the class ProxyWithAuthorizationTest method createPulsarClient.

@SuppressWarnings("deprecation")
private PulsarClient createPulsarClient(String proxyServiceUrl, ClientBuilder clientBuilder) throws PulsarClientException {
    Map<String, String> authParams = Maps.newHashMap();
    authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
    authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);
    Authentication authTls = new AuthenticationTls();
    authTls.configure(authParams);
    return clientBuilder.serviceUrl(proxyServiceUrl).statsInterval(0, TimeUnit.SECONDS).tlsTrustCertsFilePath(TLS_PROXY_TRUST_CERT_FILE_PATH).allowTlsInsecureConnection(true).authentication(authTls).enableTls(true).build();
}

Example 2 with Authentication

use of org.apache.pulsar.client.api.Authentication in project incubator-pulsar by apache.

the class ProxyWithoutServiceDiscoveryTest method testDiscoveryService.

/**
 * <pre>
 * It verifies e2e tls + Authentication + Authorization (client -> proxy -> broker>
 *
 * 1. client connects to proxy over tls and pass auth-data
 * 2. proxy authenticate client and retrieve client-role
 *    and send it to broker as originalPrincipal over tls
 * 3. client creates producer/consumer via proxy
 * 4. broker authorize producer/consumer create request using originalPrincipal
 *
 * </pre>
 *
 * @throws Exception
 */
@Test
public void testDiscoveryService() throws Exception {
    log.info("-- Starting {} test --", methodName);
    final String proxyServiceUrl = "pulsar://localhost:" + proxyConfig.getServicePortTls();
    Map<String, String> authParams = Maps.newHashMap();
    authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
    authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);
    Authentication authTls = new AuthenticationTls();
    authTls.configure(authParams);
    // create a client which connects to proxy over tls and pass authData
    PulsarClient proxyClient = createPulsarClient(authTls, proxyServiceUrl);
    admin.properties().createProperty("my-property", new PropertyAdmin(Lists.newArrayList("appid1", "appid2"), Sets.newHashSet("without-service-discovery")));
    admin.namespaces().createNamespace("my-property/without-service-discovery/my-ns");
    Consumer<byte[]> consumer = proxyClient.newConsumer().topic("persistent://my-property/without-service-discovery/my-ns/my-topic1").subscriptionName("my-subscriber-name").subscribe();
    Producer<byte[]> producer = proxyClient.newProducer().topic("persistent://my-property/without-service-discovery/my-ns/my-topic1").create();
    final int msgs = 10;
    for (int i = 0; i < msgs; i++) {
        String message = "my-message-" + i;
        producer.send(message.getBytes());
    }
    Message<byte[]> msg = null;
    Set<String> messageSet = Sets.newHashSet();
    int count = 0;
    for (int i = 0; i < 10; i++) {
        msg = consumer.receive(5, TimeUnit.SECONDS);
        String receivedMessage = new String(msg.getData());
        log.debug("Received message: [{}]", receivedMessage);
        String expectedMessage = "my-message-" + i;
        testMessageOrderAndDuplicates(messageSet, receivedMessage, expectedMessage);
        count++;
    }
    // Acknowledge the consumption of all messages at once
    Assert.assertEquals(msgs, count);
    consumer.acknowledgeCumulative(msg);
    consumer.close();
    log.info("-- Exiting {} test --", methodName);
}

Example 3 with Authentication

use of org.apache.pulsar.client.api.Authentication in project incubator-pulsar by apache.

the class ReplicatorTestBase method setup.

void setup() throws Exception {
    log.info("--- Starting ReplicatorTestBase::setup ---");
    int globalZKPort = PortManager.nextFreePort();
    globalZkS = new ZookeeperServerTest(globalZKPort);
    globalZkS.start();
    // Start region 1
    int zkPort1 = PortManager.nextFreePort();
    bkEnsemble1 = new LocalBookkeeperEnsemble(3, zkPort1, PortManager.nextFreePort());
    bkEnsemble1.start();
    int webServicePort1 = PortManager.nextFreePort();
    int webServicePortTls1 = PortManager.nextFreePort();
    // NOTE: we have to instantiate a new copy of System.getProperties() to make sure pulsar1 and pulsar2 have
    // completely
    // independent config objects instead of referring to the same properties object
    config1.setClusterName("r1");
    config1.setAdvertisedAddress("localhost");
    config1.setWebServicePort(webServicePort1);
    config1.setWebServicePortTls(webServicePortTls1);
    config1.setZookeeperServers("127.0.0.1:" + zkPort1);
    config1.setGlobalZookeeperServers("127.0.0.1:" + globalZKPort + "/foo");
    config1.setBrokerDeleteInactiveTopicsEnabled(isBrokerServicePurgeInactiveTopic());
    config1.setBrokerServicePurgeInactiveFrequencyInSeconds(inSec(getBrokerServicePurgeInactiveFrequency(), TimeUnit.SECONDS));
    config1.setBrokerServicePort(PortManager.nextFreePort());
    config1.setBrokerServicePortTls(PortManager.nextFreePort());
    config1.setTlsEnabled(true);
    config1.setTlsCertificateFilePath(TLS_SERVER_CERT_FILE_PATH);
    config1.setTlsKeyFilePath(TLS_SERVER_KEY_FILE_PATH);
    config1.setTlsTrustCertsFilePath(TLS_SERVER_CERT_FILE_PATH);
    config1.setBacklogQuotaCheckIntervalInSeconds(TIME_TO_CHECK_BACKLOG_QUOTA);
    config1.setDefaultNumberOfNamespaceBundles(1);
    pulsar1 = new PulsarService(config1);
    pulsar1.start();
    ns1 = pulsar1.getBrokerService();
    url1 = new URL("http://localhost:" + webServicePort1);
    urlTls1 = new URL("https://localhost:" + webServicePortTls1);
    admin1 = new PulsarAdmin(url1, (Authentication) null);
    // Start region 2
    // Start zk & bks
    int zkPort2 = PortManager.nextFreePort();
    bkEnsemble2 = new LocalBookkeeperEnsemble(3, zkPort2, PortManager.nextFreePort());
    bkEnsemble2.start();
    int webServicePort2 = PortManager.nextFreePort();
    int webServicePortTls2 = PortManager.nextFreePort();
    config2.setClusterName("r2");
    config2.setAdvertisedAddress("localhost");
    config2.setWebServicePort(webServicePort2);
    config2.setWebServicePortTls(webServicePortTls2);
    config2.setZookeeperServers("127.0.0.1:" + zkPort2);
    config2.setGlobalZookeeperServers("127.0.0.1:" + globalZKPort + "/foo");
    config2.setBrokerDeleteInactiveTopicsEnabled(isBrokerServicePurgeInactiveTopic());
    config2.setBrokerServicePurgeInactiveFrequencyInSeconds(inSec(getBrokerServicePurgeInactiveFrequency(), TimeUnit.SECONDS));
    config2.setBrokerServicePort(PortManager.nextFreePort());
    config2.setBrokerServicePortTls(PortManager.nextFreePort());
    config2.setTlsEnabled(true);
    config2.setTlsCertificateFilePath(TLS_SERVER_CERT_FILE_PATH);
    config2.setTlsKeyFilePath(TLS_SERVER_KEY_FILE_PATH);
    config2.setTlsTrustCertsFilePath(TLS_SERVER_CERT_FILE_PATH);
    config2.setBacklogQuotaCheckIntervalInSeconds(TIME_TO_CHECK_BACKLOG_QUOTA);
    config2.setDefaultNumberOfNamespaceBundles(1);
    pulsar2 = new PulsarService(config2);
    pulsar2.start();
    ns2 = pulsar2.getBrokerService();
    url2 = new URL("http://localhost:" + webServicePort2);
    urlTls2 = new URL("https://localhost:" + webServicePortTls2);
    admin2 = new PulsarAdmin(url2, (Authentication) null);
    // Start region 3
    // Start zk & bks
    int zkPort3 = PortManager.nextFreePort();
    bkEnsemble3 = new LocalBookkeeperEnsemble(3, zkPort3, PortManager.nextFreePort());
    bkEnsemble3.start();
    int webServicePort3 = PortManager.nextFreePort();
    int webServicePortTls3 = PortManager.nextFreePort();
    config3.setClusterName("r3");
    config3.setAdvertisedAddress("localhost");
    config3.setWebServicePort(webServicePort3);
    config3.setWebServicePortTls(webServicePortTls3);
    config3.setZookeeperServers("127.0.0.1:" + zkPort3);
    config3.setGlobalZookeeperServers("127.0.0.1:" + globalZKPort + "/foo");
    config3.setBrokerDeleteInactiveTopicsEnabled(isBrokerServicePurgeInactiveTopic());
    config3.setBrokerServicePurgeInactiveFrequencyInSeconds(inSec(getBrokerServicePurgeInactiveFrequency(), TimeUnit.SECONDS));
    config3.setBrokerServicePort(PortManager.nextFreePort());
    config3.setBrokerServicePortTls(PortManager.nextFreePort());
    config3.setTlsEnabled(true);
    config3.setTlsCertificateFilePath(TLS_SERVER_CERT_FILE_PATH);
    config3.setTlsKeyFilePath(TLS_SERVER_KEY_FILE_PATH);
    config3.setTlsTrustCertsFilePath(TLS_SERVER_CERT_FILE_PATH);
    config3.setDefaultNumberOfNamespaceBundles(1);
    pulsar3 = new PulsarService(config3);
    pulsar3.start();
    ns3 = pulsar3.getBrokerService();
    url3 = new URL("http://localhost:" + webServicePort3);
    urlTls3 = new URL("https://localhost:" + webServicePortTls3);
    admin3 = new PulsarAdmin(url3, (Authentication) null);
    // Provision the global namespace
    admin1.clusters().createCluster("r1", new ClusterData(url1.toString(), urlTls1.toString(), pulsar1.getBrokerServiceUrl(), pulsar1.getBrokerServiceUrlTls()));
    admin1.clusters().createCluster("r2", new ClusterData(url2.toString(), urlTls2.toString(), pulsar2.getBrokerServiceUrl(), pulsar2.getBrokerServiceUrlTls()));
    admin1.clusters().createCluster("r3", new ClusterData(url3.toString(), urlTls3.toString(), pulsar3.getBrokerServiceUrl(), pulsar3.getBrokerServiceUrlTls()));
    admin1.clusters().createCluster("global", new ClusterData("http://global:8080", "https://global:8443"));
    admin1.properties().createProperty("pulsar", new PropertyAdmin(Lists.newArrayList("appid1", "appid2", "appid3"), Sets.newHashSet("r1", "r2", "r3")));
    admin1.namespaces().createNamespace("pulsar/global/ns");
    admin1.namespaces().setNamespaceReplicationClusters("pulsar/global/ns", Lists.newArrayList("r1", "r2", "r3"));
    admin1.namespaces().createNamespace("pulsar/global/ns1");
    admin1.namespaces().setNamespaceReplicationClusters("pulsar/global/ns1", Lists.newArrayList("r1", "r2"));
    assertEquals(admin2.clusters().getCluster("r1").getServiceUrl(), url1.toString());
    assertEquals(admin2.clusters().getCluster("r2").getServiceUrl(), url2.toString());
    assertEquals(admin2.clusters().getCluster("r3").getServiceUrl(), url3.toString());
    assertEquals(admin2.clusters().getCluster("r1").getBrokerServiceUrl(), pulsar1.getBrokerServiceUrl());
    assertEquals(admin2.clusters().getCluster("r2").getBrokerServiceUrl(), pulsar2.getBrokerServiceUrl());
    assertEquals(admin2.clusters().getCluster("r3").getBrokerServiceUrl(), pulsar3.getBrokerServiceUrl());
    Thread.sleep(100);
    log.info("--- ReplicatorTestBase::setup completed ---");
}

Example 4 with Authentication

use of org.apache.pulsar.client.api.Authentication in project incubator-pulsar by apache.

the class LoadBalancerTest method setup.

@BeforeMethod
void setup() throws Exception {
    // Start local bookkeeper ensemble
    bkEnsemble = new LocalBookkeeperEnsemble(3, ZOOKEEPER_PORT, PortManager.nextFreePort());
    bkEnsemble.start();
    ZkUtils.createFullPathOptimistic(bkEnsemble.getZkClient(), SimpleLoadManagerImpl.LOADBALANCER_DYNAMIC_SETTING_STRATEGY_ZPATH, "{\"loadBalancerStrategy\":\"leastLoadedServer\"}".getBytes(), ZooDefs.Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT);
    final String localhost = InetAddress.getLocalHost().getHostName();
    // start brokers
    for (int i = 0; i < BROKER_COUNT; i++) {
        brokerWebServicePorts[i] = PortManager.nextFreePort();
        brokerNativeBrokerPorts[i] = PortManager.nextFreePort();
        ServiceConfiguration config = new ServiceConfiguration();
        config.setBrokerServicePort(brokerNativeBrokerPorts[i]);
        config.setClusterName("use");
        config.setAdvertisedAddress("localhost");
        config.setWebServicePort(brokerWebServicePorts[i]);
        config.setZookeeperServers("127.0.0.1" + ":" + ZOOKEEPER_PORT);
        config.setBrokerServicePort(brokerNativeBrokerPorts[i]);
        config.setLoadManagerClassName(SimpleLoadManagerImpl.class.getName());
        config.setAdvertisedAddress(localhost + i);
        config.setLoadBalancerEnabled(false);
        pulsarServices[i] = new PulsarService(config);
        pulsarServices[i].start();
        brokerUrls[i] = new URL("http://127.0.0.1" + ":" + brokerWebServicePorts[i]);
        lookupAddresses[i] = pulsarServices[i].getAdvertisedAddress() + ":" + config.getWebServicePort();
        pulsarAdmins[i] = new PulsarAdmin(brokerUrls[i], (Authentication) null);
    }
    createNamespacePolicies(pulsarServices[0]);
    Thread.sleep(100);
}

Example 5 with Authentication

use of org.apache.pulsar.client.api.Authentication in project incubator-pulsar by apache.

the class BrokerBkEnsemblesTests method setup.

@BeforeMethod
void setup() throws Exception {
    try {
        // start local bookie and zookeeper
        bkEnsemble = new LocalBookkeeperEnsemble(3, ZOOKEEPER_PORT, 5001);
        bkEnsemble.start();
        // start pulsar service
        config = new ServiceConfiguration();
        config.setZookeeperServers("127.0.0.1" + ":" + ZOOKEEPER_PORT);
        config.setAdvertisedAddress("localhost");
        config.setWebServicePort(BROKER_WEBSERVICE_PORT);
        config.setClusterName("usc");
        config.setBrokerServicePort(BROKER_SERVICE_PORT);
        config.setAuthorizationEnabled(false);
        config.setAuthenticationEnabled(false);
        config.setManagedLedgerMaxEntriesPerLedger(5);
        config.setManagedLedgerMinLedgerRolloverTimeMinutes(0);
        config.setAdvertisedAddress("127.0.0.1");
        pulsar = new PulsarService(config);
        pulsar.start();
        adminUrl = new URL("http://127.0.0.1" + ":" + BROKER_WEBSERVICE_PORT);
        admin = new PulsarAdmin(adminUrl, (Authentication) null);
        admin.clusters().createCluster("usc", new ClusterData(adminUrl.toString()));
        admin.properties().createProperty("prop", new PropertyAdmin(Lists.newArrayList("appid1"), Sets.newHashSet("usc")));
    } catch (Throwable t) {
        LOG.error("Error setting up broker test", t);
        Assert.fail("Broker test setup failed");
    }
}