Examples with PropertyAdmin org.apache.pulsar.common.policies.data.PropertyAdmin used on opensource projects

Example 26 with PropertyAdmin

use of org.apache.pulsar.common.policies.data.PropertyAdmin in project incubator-pulsar by apache.

the class AntiAffinityNamespaceGroupTest method testLoadSheddingWithAntiAffinityNamespace.

/**
 * It verifies that load-manager::shouldAntiAffinityNamespaceUnload checks that unloading should only happen if all
 * brokers have same number of anti-affinity namespaces
 *
 * @throws Exception
 */
@Test
public void testLoadSheddingWithAntiAffinityNamespace() throws Exception {
    final String namespace = "my-property/use/my-ns";
    final int totalNamespaces = 5;
    final String namespaceAntiAffinityGroup = "my-antiaffinity";
    final String bundle = "0x00000000_0xffffffff";
    admin1.properties().createProperty("my-property", new PropertyAdmin(Lists.newArrayList("appid1", "appid2"), Sets.newHashSet("use")));
    for (int i = 0; i < totalNamespaces; i++) {
        final String ns = namespace + i;
        admin1.namespaces().createNamespace(ns);
        admin1.namespaces().setNamespaceAntiAffinityGroup(ns, namespaceAntiAffinityGroup);
    }
    PulsarClient pulsarClient = PulsarClient.builder().serviceUrl(pulsar1.getWebServiceAddress()).build();
    Producer<byte[]> producer = pulsarClient.newProducer().topic("persistent://" + namespace + "0/my-topic1").create();
    ModularLoadManagerImpl loadManager = (ModularLoadManagerImpl) ((ModularLoadManagerWrapper) pulsar1.getLoadManager().get()).getLoadManager();
    pulsar1.getBrokerService().updateRates();
    loadManager.updateAll();
    assertTrue(loadManager.shouldAntiAffinityNamespaceUnload(namespace + "0", bundle, primaryHost));
    producer.close();
    pulsarClient.close();
}

Example 27 with PropertyAdmin

use of org.apache.pulsar.common.policies.data.PropertyAdmin in project incubator-pulsar by apache.

the class AuthenticatedProducerConsumerTest method testAnonymousSyncProducerAndConsumer.

@Test(dataProvider = "batch")
public void testAnonymousSyncProducerAndConsumer(int batchMessageDelayMs) throws Exception {
    log.info("-- Starting {} test --", methodName);
    Map<String, String> authParams = new HashMap<>();
    authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
    authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);
    Authentication authTls = new AuthenticationTls();
    authTls.configure(authParams);
    internalSetup(authTls);
    admin.clusters().createCluster("use", new ClusterData(brokerUrl.toString(), brokerUrlTls.toString(), "pulsar://localhost:" + BROKER_PORT, "pulsar+ssl://localhost:" + BROKER_PORT_TLS));
    admin.properties().createProperty("my-property", new PropertyAdmin(Lists.newArrayList("anonymousUser"), Sets.newHashSet("use")));
    // make a PulsarAdmin instance as "anonymousUser" for http request
    admin.close();
    ClientConfiguration clientConf = new ClientConfiguration();
    clientConf.setOperationTimeout(1, TimeUnit.SECONDS);
    admin = spy(new PulsarAdmin(brokerUrl, clientConf));
    admin.namespaces().createNamespace("my-property/use/my-ns");
    admin.persistentTopics().grantPermission("persistent://my-property/use/my-ns/my-topic", "anonymousUser", EnumSet.allOf(AuthAction.class));
    // setup the client
    pulsarClient.close();
    pulsarClient = PulsarClient.builder().serviceUrl("pulsar://localhost:" + BROKER_PORT).operationTimeout(1, TimeUnit.SECONDS).build();
    // unauthorized topic test
    Exception pulsarClientException = null;
    try {
        pulsarClient.newConsumer().topic("persistent://my-property/use/my-ns/other-topic").subscriptionName("my-subscriber-name").subscribe();
    } catch (Exception e) {
        pulsarClientException = e;
    }
    Assert.assertTrue(pulsarClientException instanceof PulsarClientException);
    testSyncProducerAndConsumer(batchMessageDelayMs);
    log.info("-- Exiting {} test --", methodName);
}

Example 28 with PropertyAdmin

use of org.apache.pulsar.common.policies.data.PropertyAdmin in project incubator-pulsar by apache.

the class AuthenticatedProducerConsumerTest method testBasicCryptSyncProducerAndConsumer.

@Test(dataProvider = "batch")
public void testBasicCryptSyncProducerAndConsumer(int batchMessageDelayMs) throws Exception {
    log.info("-- Starting {} test --", methodName);
    AuthenticationBasic authPassword = new AuthenticationBasic();
    authPassword.configure("{\"userId\":\"superUser\",\"password\":\"supepass\"}");
    internalSetup(authPassword);
    admin.properties().createProperty("my-property", new PropertyAdmin(Lists.newArrayList(), Sets.newHashSet("use")));
    admin.namespaces().createNamespace("my-property/use/my-ns");
    testSyncProducerAndConsumer(batchMessageDelayMs);
    log.info("-- Exiting {} test --", methodName);
}

Example 29 with PropertyAdmin

use of org.apache.pulsar.common.policies.data.PropertyAdmin in project incubator-pulsar by apache.

the class AuthorizationProducerConsumerTest method testProducerAndConsumerAuthorization.

/**
 * It verifies plugable authorization service
 *
 * <pre>
 * 1. Client passes correct authorization plugin-name + correct auth role: SUCCESS
 * 2. Client passes correct authorization plugin-name + incorrect auth-role: FAIL
 * 3. Client passes incorrect authorization plugin-name + correct auth-role: FAIL
 * </pre>
 *
 * @throws Exception
 */
@Test
public void testProducerAndConsumerAuthorization() throws Exception {
    log.info("-- Starting {} test --", methodName);
    conf.setAuthorizationProvider(TestAuthorizationProvider.class.getName());
    setup();
    ClientConfiguration adminConf = new ClientConfiguration();
    Authentication adminAuthentication = new ClientAuthentication("superUser");
    adminConf.setAuthentication(adminAuthentication);
    admin = spy(new PulsarAdmin(brokerUrl, adminConf));
    String lookupUrl;
    lookupUrl = new URI("pulsar://localhost:" + BROKER_PORT).toString();
    Authentication authentication = new ClientAuthentication(clientRole);
    Authentication authenticationInvalidRole = new ClientAuthentication("test-role");
    pulsarClient = PulsarClient.builder().serviceUrl(lookupUrl).authentication(authentication).build();
    PulsarClient pulsarClientInvalidRole = PulsarClient.builder().serviceUrl(lookupUrl).authentication(authenticationInvalidRole).build();
    admin.properties().createProperty("my-property", new PropertyAdmin(Lists.newArrayList("appid1", "appid2"), Sets.newHashSet("use")));
    admin.namespaces().createNamespace("my-property/use/my-ns");
    // (1) Valid Producer and consumer creation
    Consumer<byte[]> consumer = pulsarClient.newConsumer().topic("persistent://my-property/use/my-ns/my-topic").subscriptionName("my-subscriber-name").subscribe();
    Producer<byte[]> producer = pulsarClient.newProducer().topic("persistent://my-property/use/my-ns/my-topic").create();
    consumer.close();
    producer.close();
    // (2) InValid user auth-role will be rejected by authorization service
    try {
        consumer = pulsarClientInvalidRole.newConsumer().topic("persistent://my-property/use/my-ns/my-topic").subscriptionName("my-subscriber-name").subscribe();
        Assert.fail("should have failed with authorization error");
    } catch (PulsarClientException.AuthorizationException pa) {
    // Ok
    }
    try {
        producer = pulsarClientInvalidRole.newProducer().topic("persistent://my-property/use/my-ns/my-topic").create();
        Assert.fail("should have failed with authorization error");
    } catch (PulsarClientException.AuthorizationException pa) {
    // Ok
    }
    log.info("-- Exiting {} test --", methodName);
}

Example 30 with PropertyAdmin

use of org.apache.pulsar.common.policies.data.PropertyAdmin in project incubator-pulsar by apache.

the class BrokerServiceLookupTest method testMultipleBrokerDifferentClusterLookup.

/**
 * Usecase: Redirection due to different cluster 1. Broker1 runs on cluster: "use" and Broker2 runs on cluster:
 * "use2" 2. Broker1 receives "use2" cluster request => Broker1 reads "/clusters" from global-zookkeeper and
 * redirects request to Broker2 whch serves "use2" 3. Broker2 receives redirect request and own namespace bundle
 *
 * @throws Exception
 */
@Test
public void testMultipleBrokerDifferentClusterLookup() throws Exception {
    log.info("-- Starting {} test --", methodName);
    /**
     ** start broker-2 ***
     */
    final String newCluster = "use2";
    final String property = "my-property2";
    ServiceConfiguration conf2 = new ServiceConfiguration();
    conf2.setAdvertisedAddress("localhost");
    conf2.setBrokerServicePort(PortManager.nextFreePort());
    conf2.setBrokerServicePortTls(PortManager.nextFreePort());
    conf2.setWebServicePort(PortManager.nextFreePort());
    conf2.setWebServicePortTls(PortManager.nextFreePort());
    conf2.setAdvertisedAddress("localhost");
    // Broker2 serves newCluster
    conf2.setClusterName(newCluster);
    conf2.setZookeeperServers("localhost:2181");
    String broker2ServiceUrl = "pulsar://localhost:" + conf2.getBrokerServicePort();
    admin.clusters().createCluster(newCluster, new ClusterData("http://127.0.0.1:" + BROKER_WEBSERVICE_PORT, null, broker2ServiceUrl, null));
    admin.properties().createProperty(property, new PropertyAdmin(Lists.newArrayList("appid1", "appid2"), Sets.newHashSet(newCluster)));
    admin.namespaces().createNamespace(property + "/" + newCluster + "/my-ns");
    PulsarService pulsar2 = startBroker(conf2);
    pulsar.getLoadManager().get().writeLoadReportOnZookeeper();
    pulsar2.getLoadManager().get().writeLoadReportOnZookeeper();
    URI brokerServiceUrl = new URI(broker2ServiceUrl);
    PulsarClient pulsarClient2 = PulsarClient.builder().serviceUrl(brokerServiceUrl.toString()).build();
    // enable authorization: so, broker can validate cluster and redirect if finds different cluster
    pulsar.getConfiguration().setAuthorizationEnabled(true);
    // restart broker with authorization enabled: it initialize AuthorizationService
    stopBroker();
    startBroker();
    LoadManager loadManager2 = spy(pulsar2.getLoadManager().get());
    Field loadManagerField = NamespaceService.class.getDeclaredField("loadManager");
    loadManagerField.setAccessible(true);
    // mock: return Broker2 as a Least-loaded broker when leader receies request
    doReturn(true).when(loadManager2).isCentralized();
    SimpleResourceUnit resourceUnit = new SimpleResourceUnit(pulsar2.getWebServiceAddress(), null);
    doReturn(Optional.of(resourceUnit)).when(loadManager2).getLeastLoaded(any(ServiceUnitId.class));
    loadManagerField.set(pulsar.getNamespaceService(), new AtomicReference<>(loadManager2));
    /**
     ** started broker-2 ***
     */
    // load namespace-bundle by calling Broker2
    Consumer<byte[]> consumer = pulsarClient.newConsumer().topic("persistent://my-property2/use2/my-ns/my-topic1").subscriptionName("my-subscriber-name").subscribe();
    Producer<byte[]> producer = pulsarClient2.newProducer().topic("persistent://my-property2/use2/my-ns/my-topic1").create();
    for (int i = 0; i < 10; i++) {
        String message = "my-message-" + i;
        producer.send(message.getBytes());
    }
    Message<byte[]> msg = null;
    Set<String> messageSet = Sets.newHashSet();
    for (int i = 0; i < 10; i++) {
        msg = consumer.receive(5, TimeUnit.SECONDS);
        String receivedMessage = new String(msg.getData());
        log.debug("Received message: [{}]", receivedMessage);
        String expectedMessage = "my-message-" + i;
        testMessageOrderAndDuplicates(messageSet, receivedMessage, expectedMessage);
    }
    // Acknowledge the consumption of all messages at once
    consumer.acknowledgeCumulative(msg);
    consumer.close();
    producer.close();
    // disable authorization
    pulsar.getConfiguration().setAuthorizationEnabled(false);
    pulsarClient2.close();
    pulsar2.close();
    loadManager2 = null;
}