Examples with Authentication org.apache.pulsar.client.api.Authentication used on opensource projects

Search in sources :

Example 6 with Authentication

use of org.apache.pulsar.client.api.Authentication in project incubator-pulsar by apache.

the class BrokerServiceTest method testTlsAuthDisallowInsecure.

@SuppressWarnings("deprecation")
@Test
public void testTlsAuthDisallowInsecure() throws Exception {
    final String topicName = "persistent://prop/usw/my-ns/newTopic";
    final String subName = "newSub";
    Authentication auth;
    Set<String> providers = new HashSet<>();
    providers.add("org.apache.pulsar.broker.authentication.AuthenticationProviderTls");
    conf.setAuthenticationEnabled(true);
    conf.setAuthenticationProviders(providers);
    conf.setTlsEnabled(true);
    conf.setTlsCertificateFilePath(TLS_SERVER_CERT_FILE_PATH);
    conf.setTlsKeyFilePath(TLS_SERVER_KEY_FILE_PATH);
    conf.setTlsAllowInsecureConnection(false);
    restartBroker();
    Map<String, String> authParams = new HashMap<>();
    authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
    authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);
    PulsarClient pulsarClient = null;
    // Case 1: Access without client certificate
    try {
        pulsarClient = PulsarClient.builder().serviceUrl(brokerUrlTls.toString()).enableTls(true).allowTlsInsecureConnection(true).statsInterval(0, TimeUnit.SECONDS).build();
        @Cleanup Consumer<byte[]> consumer = pulsarClient.newConsumer().topic(topicName).subscriptionName(subName).subscribe();
        fail("should fail");
    } catch (Exception e) {
        assertTrue(e.getMessage().contains("Authentication required"));
    } finally {
        pulsarClient.close();
    }
    // Case 2: Access with client certificate
    try {
        auth = new AuthenticationTls();
        auth.configure(authParams);
        pulsarClient = PulsarClient.builder().authentication(auth).serviceUrl(brokerUrlTls.toString()).enableTls(true).allowTlsInsecureConnection(true).statsInterval(0, TimeUnit.SECONDS).build();
        @Cleanup Consumer<byte[]> consumer = pulsarClient.newConsumer().topic(topicName).subscriptionName(subName).subscribe();
        fail("should fail");
    } catch (Exception e) {
        assertTrue(e.getMessage().contains("Authentication required"));
    } finally {
        pulsarClient.close();
    }
}
Also used : AuthenticationTls(org.apache.pulsar.client.impl.auth.AuthenticationTls) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) HashMap(java.util.HashMap) Authentication(org.apache.pulsar.client.api.Authentication) PulsarClient(org.apache.pulsar.client.api.PulsarClient) Cleanup(lombok.Cleanup) TimeoutException(java.util.concurrent.TimeoutException) ManagedLedgerException(org.apache.bookkeeper.mledger.ManagedLedgerException) IOException(java.io.IOException) PersistenceException(org.apache.pulsar.broker.service.BrokerServiceException.PersistenceException) ExecutionException(java.util.concurrent.ExecutionException) HashSet(java.util.HashSet) Test(org.testng.annotations.Test)

Example 7 with Authentication

use of org.apache.pulsar.client.api.Authentication in project incubator-pulsar by apache.

the class BrokerServiceTest method testTlsAuthAllowInsecure.

@SuppressWarnings("deprecation")
@Test
public void testTlsAuthAllowInsecure() throws Exception {
    final String topicName = "persistent://prop/usw/my-ns/newTopic";
    final String subName = "newSub";
    Authentication auth;
    Set<String> providers = new HashSet<>();
    providers.add("org.apache.pulsar.broker.authentication.AuthenticationProviderTls");
    conf.setAuthenticationEnabled(true);
    conf.setAuthenticationProviders(providers);
    conf.setTlsEnabled(true);
    conf.setTlsCertificateFilePath(TLS_SERVER_CERT_FILE_PATH);
    conf.setTlsKeyFilePath(TLS_SERVER_KEY_FILE_PATH);
    conf.setTlsAllowInsecureConnection(true);
    restartBroker();
    Map<String, String> authParams = new HashMap<>();
    authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
    authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);
    PulsarClient pulsarClient = null;
    // Case 1: Access without client certificate
    try {
        pulsarClient = PulsarClient.builder().serviceUrl(brokerUrlTls.toString()).enableTls(true).allowTlsInsecureConnection(true).statsInterval(0, TimeUnit.SECONDS).build();
        @Cleanup Consumer<byte[]> consumer = pulsarClient.newConsumer().topic(topicName).subscriptionName(subName).subscribe();
        fail("should fail");
    } catch (Exception e) {
        assertTrue(e.getMessage().contains("Authentication required"));
    } finally {
        pulsarClient.close();
    }
    // Case 2: Access with client certificate
    try {
        auth = new AuthenticationTls();
        auth.configure(authParams);
        pulsarClient = PulsarClient.builder().authentication(auth).serviceUrl(brokerUrlTls.toString()).enableTls(true).allowTlsInsecureConnection(true).statsInterval(0, TimeUnit.SECONDS).build();
        @Cleanup Consumer<byte[]> consumer = pulsarClient.newConsumer().topic(topicName).subscriptionName(subName).subscribe();
    } catch (Exception e) {
        fail("should not fail");
    } finally {
        pulsarClient.close();
    }
}
Also used : AuthenticationTls(org.apache.pulsar.client.impl.auth.AuthenticationTls) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) HashMap(java.util.HashMap) Authentication(org.apache.pulsar.client.api.Authentication) PulsarClient(org.apache.pulsar.client.api.PulsarClient) Cleanup(lombok.Cleanup) TimeoutException(java.util.concurrent.TimeoutException) ManagedLedgerException(org.apache.bookkeeper.mledger.ManagedLedgerException) IOException(java.io.IOException) PersistenceException(org.apache.pulsar.broker.service.BrokerServiceException.PersistenceException) ExecutionException(java.util.concurrent.ExecutionException) HashSet(java.util.HashSet) Test(org.testng.annotations.Test)

Example 8 with Authentication

use of org.apache.pulsar.client.api.Authentication in project incubator-pulsar by apache.

the class BrokerServiceTest method testTlsAuthUseTrustCert.

@SuppressWarnings("deprecation")
@Test
public void testTlsAuthUseTrustCert() throws Exception {
    final String topicName = "persistent://prop/usw/my-ns/newTopic";
    final String subName = "newSub";
    Authentication auth;
    Set<String> providers = new HashSet<>();
    providers.add("org.apache.pulsar.broker.authentication.AuthenticationProviderTls");
    conf.setAuthenticationEnabled(true);
    conf.setAuthenticationProviders(providers);
    conf.setTlsEnabled(true);
    conf.setTlsCertificateFilePath(TLS_SERVER_CERT_FILE_PATH);
    conf.setTlsKeyFilePath(TLS_SERVER_KEY_FILE_PATH);
    conf.setTlsAllowInsecureConnection(false);
    conf.setTlsTrustCertsFilePath(TLS_CLIENT_CERT_FILE_PATH);
    restartBroker();
    Map<String, String> authParams = new HashMap<>();
    authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
    authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);
    PulsarClient pulsarClient = null;
    // Case 1: Access without client certificate
    try {
        pulsarClient = PulsarClient.builder().serviceUrl(brokerUrlTls.toString()).enableTls(true).allowTlsInsecureConnection(true).statsInterval(0, TimeUnit.SECONDS).build();
        @Cleanup Consumer<byte[]> consumer = pulsarClient.newConsumer().topic(topicName).subscriptionName(subName).subscribe();
        fail("should fail");
    } catch (Exception e) {
        assertTrue(e.getMessage().contains("Authentication required"));
    } finally {
        pulsarClient.close();
    }
    // Case 2: Access with client certificate
    try {
        auth = new AuthenticationTls();
        auth.configure(authParams);
        pulsarClient = PulsarClient.builder().authentication(auth).serviceUrl(brokerUrlTls.toString()).enableTls(true).allowTlsInsecureConnection(true).statsInterval(0, TimeUnit.SECONDS).build();
        @Cleanup Consumer<byte[]> consumer = pulsarClient.newConsumer().topic(topicName).subscriptionName(subName).subscribe();
    } catch (Exception e) {
        fail("should not fail");
    } finally {
        pulsarClient.close();
    }
}
Also used : AuthenticationTls(org.apache.pulsar.client.impl.auth.AuthenticationTls) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) HashMap(java.util.HashMap) Authentication(org.apache.pulsar.client.api.Authentication) PulsarClient(org.apache.pulsar.client.api.PulsarClient) Cleanup(lombok.Cleanup) TimeoutException(java.util.concurrent.TimeoutException) ManagedLedgerException(org.apache.bookkeeper.mledger.ManagedLedgerException) IOException(java.io.IOException) PersistenceException(org.apache.pulsar.broker.service.BrokerServiceException.PersistenceException) ExecutionException(java.util.concurrent.ExecutionException) HashSet(java.util.HashSet) Test(org.testng.annotations.Test)

Example 9 with Authentication

use of org.apache.pulsar.client.api.Authentication in project incubator-pulsar by apache.

the class WebServiceTest method setupEnv.

private void setupEnv(boolean enableFilter, String minApiVersion, boolean allowUnversionedClients, boolean enableTls, boolean enableAuth, boolean allowInsecure) throws Exception {
    Set<String> providers = new HashSet<>();
    providers.add("org.apache.pulsar.broker.authentication.AuthenticationProviderTls");
    Set<String> roles = new HashSet<>();
    roles.add("client");
    ServiceConfiguration config = new ServiceConfiguration();
    config.setAdvertisedAddress("localhost");
    config.setWebServicePort(BROKER_WEBSERVICE_PORT);
    config.setWebServicePortTls(BROKER_WEBSERVICE_PORT_TLS);
    config.setClientLibraryVersionCheckEnabled(enableFilter);
    config.setAuthenticationEnabled(enableAuth);
    config.setAuthenticationProviders(providers);
    config.setAuthorizationEnabled(false);
    config.setSuperUserRoles(roles);
    config.setTlsEnabled(enableTls);
    config.setTlsCertificateFilePath(TLS_SERVER_CERT_FILE_PATH);
    config.setTlsKeyFilePath(TLS_SERVER_KEY_FILE_PATH);
    config.setTlsAllowInsecureConnection(allowInsecure);
    config.setTlsTrustCertsFilePath(allowInsecure ? "" : TLS_CLIENT_CERT_FILE_PATH);
    config.setClusterName("local");
    // TLS certificate expects localhost
    config.setAdvertisedAddress("localhost");
    config.setZookeeperServers("localhost:2181");
    pulsar = spy(new PulsarService(config));
    doReturn(new MockedZooKeeperClientFactoryImpl()).when(pulsar).getZooKeeperClientFactory();
    doReturn(new MockedBookKeeperClientFactory()).when(pulsar).getBookKeeperClientFactory();
    pulsar.start();
    try {
        pulsar.getZkClient().delete("/minApiVersion", -1);
    } catch (Exception ex) {
    }
    pulsar.getZkClient().create("/minApiVersion", minApiVersion.getBytes(), null, CreateMode.PERSISTENT);
    String serviceUrl = BROKER_URL_BASE;
    ClientConfiguration clientConfig = new ClientConfiguration();
    if (enableTls && enableAuth) {
        serviceUrl = BROKER_URL_BASE_TLS;
        Map<String, String> authParams = new HashMap<>();
        authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
        authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);
        Authentication auth = new AuthenticationTls();
        auth.configure(authParams);
        clientConfig.setAuthentication(auth);
        clientConfig.setUseTls(true);
        clientConfig.setTlsAllowInsecureConnection(true);
    }
    PulsarAdmin pulsarAdmin = new PulsarAdmin(new URL(serviceUrl), clientConfig);
    try {
        pulsarAdmin.clusters().createCluster(config.getClusterName(), new ClusterData(pulsar.getWebServiceAddress()));
    } catch (ConflictException ce) {
    // This is OK.
    } finally {
        pulsarAdmin.close();
    }
}
Also used : MockedBookKeeperClientFactory(org.apache.pulsar.broker.MockedBookKeeperClientFactory) PulsarAdmin(org.apache.pulsar.client.admin.PulsarAdmin) HashMap(java.util.HashMap) ConflictException(org.apache.pulsar.client.admin.PulsarAdminException.ConflictException) ConflictException(org.apache.pulsar.client.admin.PulsarAdminException.ConflictException) URL(java.net.URL) MockedZooKeeperClientFactoryImpl(org.apache.pulsar.zookeeper.MockedZooKeeperClientFactoryImpl) AuthenticationTls(org.apache.pulsar.client.impl.auth.AuthenticationTls) ClusterData(org.apache.pulsar.common.policies.data.ClusterData) ServiceConfiguration(org.apache.pulsar.broker.ServiceConfiguration) PulsarService(org.apache.pulsar.broker.PulsarService) Authentication(org.apache.pulsar.client.api.Authentication) ClientConfiguration(org.apache.pulsar.client.api.ClientConfiguration) HashSet(java.util.HashSet)

Example 10 with Authentication

use of org.apache.pulsar.client.api.Authentication in project incubator-pulsar by apache.

the class SLAMonitoringTest method setup.

@BeforeClass
void setup() throws Exception {
    log.info("---- Initializing SLAMonitoringTest -----");
    // Start local bookkeeper ensemble
    bkEnsemble = new LocalBookkeeperEnsemble(3, ZOOKEEPER_PORT, PortManager.nextFreePort());
    bkEnsemble.start();
    // start brokers
    for (int i = 0; i < BROKER_COUNT; i++) {
        brokerWebServicePorts[i] = PortManager.nextFreePort();
        brokerNativeBrokerPorts[i] = PortManager.nextFreePort();
        ServiceConfiguration config = new ServiceConfiguration();
        config.setBrokerServicePort(brokerNativeBrokerPorts[i]);
        config.setClusterName("my-cluster");
        config.setAdvertisedAddress("localhost");
        config.setWebServicePort(brokerWebServicePorts[i]);
        config.setZookeeperServers("127.0.0.1" + ":" + ZOOKEEPER_PORT);
        config.setBrokerServicePort(brokerNativeBrokerPorts[i]);
        config.setDefaultNumberOfNamespaceBundles(1);
        config.setLoadBalancerEnabled(false);
        configurations[i] = config;
        pulsarServices[i] = new PulsarService(config);
        pulsarServices[i].start();
        brokerUrls[i] = new URL("http://127.0.0.1" + ":" + brokerWebServicePorts[i]);
        pulsarAdmins[i] = new PulsarAdmin(brokerUrls[i], (Authentication) null);
    }
    Thread.sleep(100);
    createProperty(pulsarAdmins[BROKER_COUNT - 1]);
    for (int i = 0; i < BROKER_COUNT; i++) {
        String topic = String.format("%s/%s/%s:%s", NamespaceService.SLA_NAMESPACE_PROPERTY, "my-cluster", pulsarServices[i].getAdvertisedAddress(), brokerWebServicePorts[i]);
        pulsarAdmins[0].namespaces().createNamespace(topic);
    }
}
Also used : ServiceConfiguration(org.apache.pulsar.broker.ServiceConfiguration) PulsarService(org.apache.pulsar.broker.PulsarService) PulsarAdmin(org.apache.pulsar.client.admin.PulsarAdmin) Authentication(org.apache.pulsar.client.api.Authentication) LocalBookkeeperEnsemble(org.apache.pulsar.zookeeper.LocalBookkeeperEnsemble) URL(java.net.URL) BeforeClass(org.testng.annotations.BeforeClass)

Aggregations

Authentication (org.apache.pulsar.client.api.Authentication)20 PulsarAdmin (org.apache.pulsar.client.admin.PulsarAdmin)11 AuthenticationTls (org.apache.pulsar.client.impl.auth.AuthenticationTls)10 URL (java.net.URL)9 PulsarService (org.apache.pulsar.broker.PulsarService)9 ServiceConfiguration (org.apache.pulsar.broker.ServiceConfiguration)8 LocalBookkeeperEnsemble (org.apache.pulsar.zookeeper.LocalBookkeeperEnsemble)8 BeforeMethod (org.testng.annotations.BeforeMethod)6 HashMap (java.util.HashMap)5 PulsarClient (org.apache.pulsar.client.api.PulsarClient)5 ClusterData (org.apache.pulsar.common.policies.data.ClusterData)5 PropertyAdmin (org.apache.pulsar.common.policies.data.PropertyAdmin)5 Test (org.testng.annotations.Test)5 IOException (java.io.IOException)4 HashSet (java.util.HashSet)4 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)3 ExecutionException (java.util.concurrent.ExecutionException)3 TimeoutException (java.util.concurrent.TimeoutException)3 Cleanup (lombok.Cleanup)3 ManagedLedgerException (org.apache.bookkeeper.mledger.ManagedLedgerException)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial