Examples with DRPCSimpleACLAuthorizer org.apache.storm.security.auth.authorizer.DRPCSimpleACLAuthorizer used on opensource projects

Search in sources :

Example 1 with DRPCSimpleACLAuthorizer

use of org.apache.storm.security.auth.authorizer.DRPCSimpleACLAuthorizer in project storm by apache.

the class DRPCTest method testNotStrict.

@Test
public void testNotStrict() throws Exception {
    ReqContext jt = new ReqContext(new Subject());
    SingleUserPrincipal jumpTopo = new SingleUserPrincipal("jump_topo");
    jt.subject().getPrincipals().add(jumpTopo);
    ReqContext jc = new ReqContext(new Subject());
    SingleUserPrincipal jumpClient = new SingleUserPrincipal("jump_client");
    jc.subject().getPrincipals().add(jumpClient);
    ReqContext other = new ReqContext(new Subject());
    SingleUserPrincipal otherUser = new SingleUserPrincipal("other");
    other.subject().getPrincipals().add(otherUser);
    Map<String, AclFunctionEntry> acl = new HashMap<>();
    acl.put("jump", new AclFunctionEntry(Arrays.asList(jumpClient.getName()), jumpTopo.getName()));
    Map<String, Object> conf = new HashMap<>();
    conf.put(Config.DRPC_AUTHORIZER_ACL_STRICT, false);
    conf.put(Config.STORM_PRINCIPAL_TO_LOCAL_PLUGIN, DefaultPrincipalToLocal.class.getName());
    DRPCSimpleACLAuthorizer auth = new DRPCSimpleACLAuthorizer() {

        @Override
        protected Map<String, AclFunctionEntry> readAclFromConfig() {
            return acl;
        }
    };
    auth.prepare(conf);
    // JUMP
    DRPC.checkAuthorization(jt, auth, "fetchRequest", "jump");
    assertThrows(() -> DRPC.checkAuthorization(jc, auth, "fetchRequest", "jump"), AuthorizationException.class);
    assertThrows(() -> DRPC.checkAuthorization(other, auth, "fetchRequest", "jump"), AuthorizationException.class);
    DRPC.checkAuthorization(jt, auth, "result", "jump");
    assertThrows(() -> DRPC.checkAuthorization(jc, auth, "result", "jump"), AuthorizationException.class);
    assertThrows(() -> DRPC.checkAuthorization(other, auth, "result", "jump"), AuthorizationException.class);
    assertThrows(() -> DRPC.checkAuthorization(jt, auth, "execute", "jump"), AuthorizationException.class);
    DRPC.checkAuthorization(jc, auth, "execute", "jump");
    assertThrows(() -> DRPC.checkAuthorization(other, auth, "execute", "jump"), AuthorizationException.class);
    // not_jump (open in not strict mode)
    DRPC.checkAuthorization(jt, auth, "fetchRequest", "not_jump");
    DRPC.checkAuthorization(jc, auth, "fetchRequest", "not_jump");
    DRPC.checkAuthorization(other, auth, "fetchRequest", "not_jump");
    DRPC.checkAuthorization(jt, auth, "result", "not_jump");
    DRPC.checkAuthorization(jc, auth, "result", "not_jump");
    DRPC.checkAuthorization(other, auth, "result", "not_jump");
    DRPC.checkAuthorization(jt, auth, "execute", "not_jump");
    DRPC.checkAuthorization(jc, auth, "execute", "not_jump");
    DRPC.checkAuthorization(other, auth, "execute", "not_jump");
}
Also used : HashMap(java.util.HashMap) AclFunctionEntry(org.apache.storm.security.auth.authorizer.DRPCSimpleACLAuthorizer.AclFunctionEntry) DRPCSimpleACLAuthorizer(org.apache.storm.security.auth.authorizer.DRPCSimpleACLAuthorizer) ReqContext(org.apache.storm.security.auth.ReqContext) SingleUserPrincipal(org.apache.storm.security.auth.SingleUserPrincipal) Subject(javax.security.auth.Subject) DefaultPrincipalToLocal(org.apache.storm.security.auth.DefaultPrincipalToLocal) Test(org.junit.Test)

Example 2 with DRPCSimpleACLAuthorizer

use of org.apache.storm.security.auth.authorizer.DRPCSimpleACLAuthorizer in project storm by apache.

the class DRPCTest method testStrict.

@Test
public void testStrict() throws Exception {
    ReqContext jt = new ReqContext(new Subject());
    SingleUserPrincipal jumpTopo = new SingleUserPrincipal("jump_topo");
    jt.subject().getPrincipals().add(jumpTopo);
    ReqContext jc = new ReqContext(new Subject());
    SingleUserPrincipal jumpClient = new SingleUserPrincipal("jump_client");
    jc.subject().getPrincipals().add(jumpClient);
    ReqContext other = new ReqContext(new Subject());
    SingleUserPrincipal otherUser = new SingleUserPrincipal("other");
    other.subject().getPrincipals().add(otherUser);
    Map<String, AclFunctionEntry> acl = new HashMap<>();
    acl.put("jump", new AclFunctionEntry(Arrays.asList(jumpClient.getName()), jumpTopo.getName()));
    Map<String, Object> conf = new HashMap<>();
    conf.put(Config.DRPC_AUTHORIZER_ACL_STRICT, true);
    conf.put(Config.STORM_PRINCIPAL_TO_LOCAL_PLUGIN, DefaultPrincipalToLocal.class.getName());
    DRPCSimpleACLAuthorizer auth = new DRPCSimpleACLAuthorizer() {

        @Override
        protected Map<String, AclFunctionEntry> readAclFromConfig() {
            return acl;
        }
    };
    auth.prepare(conf);
    // JUMP
    DRPC.checkAuthorization(jt, auth, "fetchRequest", "jump");
    assertThrows(() -> DRPC.checkAuthorization(jc, auth, "fetchRequest", "jump"), AuthorizationException.class);
    assertThrows(() -> DRPC.checkAuthorization(other, auth, "fetchRequest", "jump"), AuthorizationException.class);
    DRPC.checkAuthorization(jt, auth, "result", "jump");
    assertThrows(() -> DRPC.checkAuthorization(jc, auth, "result", "jump"), AuthorizationException.class);
    assertThrows(() -> DRPC.checkAuthorization(other, auth, "result", "jump"), AuthorizationException.class);
    assertThrows(() -> DRPC.checkAuthorization(jt, auth, "execute", "jump"), AuthorizationException.class);
    DRPC.checkAuthorization(jc, auth, "execute", "jump");
    assertThrows(() -> DRPC.checkAuthorization(other, auth, "execute", "jump"), AuthorizationException.class);
    // not_jump (closed in strict mode)
    assertThrows(() -> DRPC.checkAuthorization(jt, auth, "fetchRequest", "not_jump"), AuthorizationException.class);
    assertThrows(() -> DRPC.checkAuthorization(jc, auth, "fetchRequest", "not_jump"), AuthorizationException.class);
    assertThrows(() -> DRPC.checkAuthorization(other, auth, "fetchRequest", "not_jump"), AuthorizationException.class);
    assertThrows(() -> DRPC.checkAuthorization(jt, auth, "result", "not_jump"), AuthorizationException.class);
    assertThrows(() -> DRPC.checkAuthorization(jc, auth, "result", "not_jump"), AuthorizationException.class);
    assertThrows(() -> DRPC.checkAuthorization(other, auth, "result", "not_jump"), AuthorizationException.class);
    assertThrows(() -> DRPC.checkAuthorization(jt, auth, "execute", "not_jump"), AuthorizationException.class);
    assertThrows(() -> DRPC.checkAuthorization(jc, auth, "execute", "not_jump"), AuthorizationException.class);
    assertThrows(() -> DRPC.checkAuthorization(other, auth, "execute", "not_jump"), AuthorizationException.class);
}
Also used : HashMap(java.util.HashMap) AclFunctionEntry(org.apache.storm.security.auth.authorizer.DRPCSimpleACLAuthorizer.AclFunctionEntry) DRPCSimpleACLAuthorizer(org.apache.storm.security.auth.authorizer.DRPCSimpleACLAuthorizer) ReqContext(org.apache.storm.security.auth.ReqContext) SingleUserPrincipal(org.apache.storm.security.auth.SingleUserPrincipal) Subject(javax.security.auth.Subject) DefaultPrincipalToLocal(org.apache.storm.security.auth.DefaultPrincipalToLocal) Test(org.junit.Test)

Aggregations

HashMap (java.util.HashMap)2 Subject (javax.security.auth.Subject)2 DefaultPrincipalToLocal (org.apache.storm.security.auth.DefaultPrincipalToLocal)2 ReqContext (org.apache.storm.security.auth.ReqContext)2 SingleUserPrincipal (org.apache.storm.security.auth.SingleUserPrincipal)2 DRPCSimpleACLAuthorizer (org.apache.storm.security.auth.authorizer.DRPCSimpleACLAuthorizer)2 AclFunctionEntry (org.apache.storm.security.auth.authorizer.DRPCSimpleACLAuthorizer.AclFunctionEntry)2 Test (org.junit.Test)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial