Example 1 with X509AuthenticationProvider
use of org.apache.zookeeper.server.auth.X509AuthenticationProvider in project zookeeper by apache.
the class X509AuthTest method testTrustedAuth.
@Test
public void testTrustedAuth() {
X509AuthenticationProvider provider = createProvider(clientCert);
MockServerCnxn cnxn = new MockServerCnxn();
cnxn.clientChain = new X509Certificate[] { clientCert };
Assert.assertEquals(KeeperException.Code.OK, provider.handleAuthentication(cnxn, null));
}
Also used :
X509AuthenticationProvider(org.apache.zookeeper.server.auth.X509AuthenticationProvider)
MockServerCnxn(org.apache.zookeeper.server.MockServerCnxn)
Test(org.junit.Test)
Example 2 with X509AuthenticationProvider
use of org.apache.zookeeper.server.auth.X509AuthenticationProvider in project zookeeper by apache.
the class X509AuthTest method testUntrustedAuth.
@Test
public void testUntrustedAuth() {
X509AuthenticationProvider provider = createProvider(clientCert);
MockServerCnxn cnxn = new MockServerCnxn();
cnxn.clientChain = new X509Certificate[] { unknownCert };
Assert.assertEquals(KeeperException.Code.AUTHFAILED, provider.handleAuthentication(cnxn, null));
}
Also used :
X509AuthenticationProvider(org.apache.zookeeper.server.auth.X509AuthenticationProvider)
MockServerCnxn(org.apache.zookeeper.server.MockServerCnxn)
Test(org.junit.Test)
Example 3 with X509AuthenticationProvider
use of org.apache.zookeeper.server.auth.X509AuthenticationProvider in project zookeeper by apache.
the class NettyServerCnxnFactory method initSSL.
private synchronized void initSSL(ChannelPipeline p) throws X509Exception, KeyManagementException, NoSuchAlgorithmException {
String authProviderProp = System.getProperty(ZKConfig.SSL_AUTHPROVIDER);
SSLContext sslContext;
if (authProviderProp == null) {
sslContext = X509Util.createSSLContext();
} else {
sslContext = SSLContext.getInstance("TLSv1");
X509AuthenticationProvider authProvider = (X509AuthenticationProvider) ProviderRegistry.getProvider(System.getProperty(ZKConfig.SSL_AUTHPROVIDER, "x509"));
if (authProvider == null) {
LOG.error("Auth provider not found: {}", authProviderProp);
throw new SSLContextException("Could not create SSLContext with specified auth provider: " + authProviderProp);
}
sslContext.init(new X509KeyManager[] { authProvider.getKeyManager() }, new X509TrustManager[] { authProvider.getTrustManager() }, null);
}
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setUseClientMode(false);
sslEngine.setNeedClientAuth(true);
p.addLast("ssl", new SslHandler(sslEngine));
LOG.info("SSL handler added for channel: {}", p.getChannel());
}
Also used :
X509AuthenticationProvider(org.apache.zookeeper.server.auth.X509AuthenticationProvider)
SSLEngine(javax.net.ssl.SSLEngine)
SSLContextException(org.apache.zookeeper.common.X509Exception.SSLContextException)
SSLContext(javax.net.ssl.SSLContext)
SslHandler(org.jboss.netty.handler.ssl.SslHandler)
Example 4 with X509AuthenticationProvider
use of org.apache.zookeeper.server.auth.X509AuthenticationProvider in project zookeeper by apache.
the class X509AuthTest method testSuperAuth.
@Test
public void testSuperAuth() {
X509AuthenticationProvider provider = createProvider(superCert);
MockServerCnxn cnxn = new MockServerCnxn();
cnxn.clientChain = new X509Certificate[] { superCert };
Assert.assertEquals(KeeperException.Code.OK, provider.handleAuthentication(cnxn, null));
Assert.assertEquals("super", cnxn.getAuthInfo().get(0).getScheme());
}
Also used :
X509AuthenticationProvider(org.apache.zookeeper.server.auth.X509AuthenticationProvider)
MockServerCnxn(org.apache.zookeeper.server.MockServerCnxn)
Test(org.junit.Test)
Aggregations
X509AuthenticationProvider (org.apache.zookeeper.server.auth.X509AuthenticationProvider)4
MockServerCnxn (org.apache.zookeeper.server.MockServerCnxn)3
Test (org.junit.Test)3
SSLContext (javax.net.ssl.SSLContext)1
SSLEngine (javax.net.ssl.SSLEngine)1
SSLContextException (org.apache.zookeeper.common.X509Exception.SSLContextException)1
SslHandler (org.jboss.netty.handler.ssl.SslHandler)1
