Example 26 with CredData
use of org.ow2.proactive.authentication.crypto.CredData in project scheduling by ow2-proactive.
the class AuthenticationTest method loginAsAdmin.
private void loginAsAdmin(SchedulerAuthenticationInterface auth, PublicKey pubKey) throws KeyException, LoginException, AlreadyConnectedException, NotConnectedException, PermissionException {
log("Test 1");
log("Trying to authorized as an admin with correct user name and password");
Credentials cred = Credentials.createCredentials(new CredData(TestUsers.DEMO.username, TestUsers.DEMO.password), pubKey);
Scheduler admin = auth.login(cred);
String userName = admin.getCurrentUser();
Assert.assertEquals(TestUsers.DEMO.username, userName);
UserData userData = admin.getCurrentUserData();
Assert.assertNotNull(userData);
Assert.assertNotNull(userData.getUserName());
Assert.assertNotNull(userData.getGroups());
Assert.assertTrue(userData.getGroups().contains("admin"));
admin.disconnect();
log("Passed: successful authentication");
}
Also used :
UserData(org.ow2.proactive.authentication.UserData)
Scheduler(org.ow2.proactive.scheduler.common.Scheduler)
CredData(org.ow2.proactive.authentication.crypto.CredData)
Credentials(org.ow2.proactive.authentication.crypto.Credentials)
Example 27 with CredData
use of org.ow2.proactive.authentication.crypto.CredData in project scheduling by ow2-proactive.
the class SmartProxyImpl method init.
private void init(String url, Credentials credentials, CredData credData) throws SchedulerException, LoginException {
if (this.connectionInfo == null) {
this.connectionInfo = new ConnectionInfo(url, null, null, null, false);
}
this.connectionInfo.setUrl(url);
this.credentials = credentials;
this.credData = credData;
SchedulerAuthenticationInterface auth = SchedulerConnection.join(url);
PublicKey pubKey = auth.getPublicKey();
if (this.credentials != null) {
this.credentials = credentials;
this.credData = null;
} else if (this.credData != null) {
this.credData = credData;
try {
this.credentials = Credentials.createCredentials(credData, pubKey);
} catch (KeyException e) {
throw new InternalSchedulerException(e);
}
} else {
throw new IllegalStateException("No valid credential available to connect to the scheduler");
}
this.schedulerProxy = auth.login(this.credentials);
jobTracker.loadJobs();
setInitialized(true);
registerAsListener();
syncAwaitedJobs();
}
Also used :
InternalSchedulerException(org.ow2.proactive.scheduler.common.exception.InternalSchedulerException)
PublicKey(java.security.PublicKey)
SchedulerAuthenticationInterface(org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface)
ConnectionInfo(org.ow2.proactive.authentication.ConnectionInfo)
KeyException(java.security.KeyException)
Example 28 with CredData
use of org.ow2.proactive.authentication.crypto.CredData in project scheduling by ow2-proactive.
the class TestRMProxy method setUp.
@BeforeClass
public static void setUp() throws Exception {
if (TestScheduler.isStarted()) {
SchedulerTHelper.log("Killing previous scheduler.");
TestScheduler.kill();
}
rmHelper = new RMTHelper();
rmHelper.getResourceManager();
user1Credentials = Credentials.createCredentials(new CredData("admin", "admin"), rmHelper.getRMAuth().getPublicKey());
user2Credentials = Credentials.createCredentials(new CredData("demo", "demo"), rmHelper.getRMAuth().getPublicKey());
rmHelper.createNodeSource(nsName, NODES_NUMBER);
}Example 29 with CredData
use of org.ow2.proactive.authentication.crypto.CredData in project scheduling by ow2-proactive.
the class TestRMProxyRebind method createRMs.
@Before
public void createRMs() throws Exception {
schedulerProxyCredentials = Credentials.getCredentials(PASchedulerProperties.getAbsolutePath(PASchedulerProperties.RESOURCE_MANAGER_CREDS.getValueAsString()));
helper1 = new TestRM();
helper2 = new TestRM();
pnpPort1 = CentralPAPropertyRepository.PA_RMI_PORT.getValue() + 1;
jmxPort1 = PAResourceManagerProperties.RM_JMX_PORT.getValueAsInt() + 1;
pnpPort2 = CentralPAPropertyRepository.PA_RMI_PORT.getValue() + 2;
jmxPort2 = PAResourceManagerProperties.RM_JMX_PORT.getValueAsInt() + 2;
helper1.start(config1.getAbsolutePath(), pnpPort1, RMTHelper.testClasspath(), PAResourceManagerProperties.RM_JMX_PORT.getCmdLine() + jmxPort1);
Credentials connectedUserCreds = Credentials.createCredentials(new CredData(CredData.parseLogin(TestUsers.DEMO.username), CredData.parseDomain(TestUsers.DEMO.username), TestUsers.DEMO.password), helper1.getAuth().getPublicKey());
Map.Entry<RMMonitorsHandler, RMMonitorEventReceiver> entry1 = connectToRM(helper1.getUrl(), connectedUserCreds);
monitorsHandler1 = entry1.getKey();
rm1 = entry1.getValue();
testNodes.addAll(RMTHelper.addNodesToDefaultNodeSource(NODES_NUMBER, new ArrayList<String>(), rm1, monitorsHandler1));
helper2.start(config2.getAbsolutePath(), pnpPort2, RMTHelper.testClasspath(), PAResourceManagerProperties.RM_JMX_PORT.getCmdLine() + jmxPort2);
Map.Entry<RMMonitorsHandler, RMMonitorEventReceiver> entry2 = connectToRM(helper2.getUrl(), connectedUserCreds);
monitorsHandler2 = entry2.getKey();
rm2 = entry2.getValue();
testNodes.addAll(RMTHelper.addNodesToDefaultNodeSource(NODES_NUMBER, new ArrayList<String>(), rm2, monitorsHandler2));
checkFreeNodes(rm1, NODES_NUMBER);
checkFreeNodes(rm2, NODES_NUMBER);
}
Also used :
CredData(org.ow2.proactive.authentication.crypto.CredData)
ArrayList(java.util.ArrayList)
Map(java.util.Map)
AbstractMap(java.util.AbstractMap)
Credentials(org.ow2.proactive.authentication.crypto.Credentials)
RMMonitorEventReceiver(functionaltests.monitor.RMMonitorEventReceiver)
RMMonitorsHandler(functionaltests.monitor.RMMonitorsHandler)
Before(org.junit.Before)
Example 30 with CredData
use of org.ow2.proactive.authentication.crypto.CredData in project scheduling by ow2-proactive.
the class SchedulerJMXTest method action.
@Test
public void action() throws Exception {
final String userLogin = TestUsers.DEMO.username;
final String userPassword = TestUsers.DEMO.password;
final String adminLogin = TestUsers.TEST.username;
final String adminPassword = TestUsers.TEST.password;
final SchedulerAuthenticationInterface auth = schedulerHelper.getSchedulerAuth();
final PublicKey pubKey = auth.getPublicKey();
// final Credentials userCreds =
// Credentials.createCredentials(userLogin, userPassword, pubKey);
final Credentials adminCreds = Credentials.createCredentials(new CredData(adminLogin, adminPassword), pubKey);
final JMXServiceURL jmxRmiServiceURL = new JMXServiceURL(auth.getJMXConnectorURL(JMXTransportProtocol.RMI));
final JMXServiceURL jmxRoServiceURL = new JMXServiceURL(auth.getJMXConnectorURL(JMXTransportProtocol.RO));
final ObjectName allAccountsMBeanName = new ObjectName(SchedulerJMXHelper.ALLACCOUNTS_MBEAN_NAME);
final ObjectName myAccountMBeanName = new ObjectName(SchedulerJMXHelper.MYACCOUNT_MBEAN_NAME);
final ObjectName runtimeDataMBeanName = new ObjectName(SchedulerJMXHelper.RUNTIMEDATA_MBEAN_NAME);
final ObjectName managementMBeanName = new ObjectName(SchedulerJMXHelper.MANAGEMENT_MBEAN_NAME);
final String suffix = "/" + PASchedulerProperties.SCHEDULER_JMX_CONNECTOR_NAME.getValueAsString();
{
RMTHelper.log("Test jmxRmiServiceURL is well formed");
assertTrue("The jmxRmiServiceURL protocol must be rmi", jmxRmiServiceURL.getProtocol().equals("rmi"));
assertTrue("The jmxRmiServiceURL URLPath must end with " + suffix, jmxRmiServiceURL.getURLPath().endsWith(suffix));
}
{
RMTHelper.log("Test jmxRoServiceURL is well formed");
assertTrue("The jmxRoServiceURL protocol must be ro", jmxRoServiceURL.getProtocol().equals("ro"));
assertTrue("The jmxRoServiceURL URLPath must end with " + suffix, jmxRoServiceURL.getURLPath().endsWith(suffix));
}
{
log("Test jmxRmiServiceURL and jmxRoServiceURL are not equal");
Assert.assertFalse("The jmxRmiServiceURL and jmxRoServiceURL must not be equal", jmxRmiServiceURL.equals(jmxRoServiceURL));
}
{
log("Test invalid JMX auth without creds (expect SecurityException)");
try {
JMXConnectorFactory.connect(jmxRmiServiceURL, new HashMap<String, Object>(0));
} catch (Exception e) {
assertTrue("JMX auth must throw SecurityException if a client tries to connect without creds in the " + "env", e instanceof SecurityException);
}
}
{
log("Test invalid JMX auth with null login/password creds (expect SecurityException)");
// Create the environment
final HashMap<String, Object> env = new HashMap<String, Object>(1);
env.put(JMXConnector.CREDENTIALS, new Object[] { null, null });
try {
JMXConnectorFactory.connect(jmxRmiServiceURL, env);
} catch (Exception e) {
assertTrue("JMX auth must throw SecurityException if a client tries to connect with null credentials" + " the env", e instanceof SecurityException);
}
}
{
log("Test invalid JMX auth with bad login/password creds");
// Create the environment
final HashMap<String, Object> env = new HashMap<>(1);
env.put(JMXConnector.CREDENTIALS, new Object[] { "abra", "cadabra" });
try {
JMXConnectorFactory.connect(jmxRmiServiceURL, env);
} catch (Exception e) {
assertTrue("JMX auth must throw SecurityException if a client tries to connect with bad " + "login/password credentials the env", e instanceof SecurityException);
}
}
// Tests as user over RMI
{
log("Test as user 1 - Auth with login/pass over RMI and check connection");
// Create the environment
final HashMap<String, Object> env = new HashMap<>(1);
env.put(JMXConnector.CREDENTIALS, new Object[] { userLogin, userPassword });
// Connect to the JMX RMI Connector Server
final JMXConnector jmxConnector = JMXConnectorFactory.connect(jmxRmiServiceURL, env);
final MBeanServerConnection conn = jmxConnector.getMBeanServerConnection();
// Check that the MBean Server connection is not null
assertNotNull("Unable to obtain the MBean server connection over RMI", conn);
log("Test as user 2 - Check all mbeans are registered in the server");
assertTrue("AllAccountsMBean is not registered", conn.isRegistered(allAccountsMBeanName));
assertTrue("MyAccountMBean is not registered", conn.isRegistered(myAccountMBeanName));
assertTrue("RuntimeDataMBean is not registered", conn.isRegistered(runtimeDataMBeanName));
assertTrue("ManagementMBean is not registered", conn.isRegistered(managementMBeanName));
log("Test as user 3 - Check MyAccountMBean attributes do not throw exceptions");
final MBeanInfo info = conn.getMBeanInfo(myAccountMBeanName);
for (final MBeanAttributeInfo att : info.getAttributes()) {
final String attName = att.getName();
try {
conn.getAttribute(myAccountMBeanName, attName);
} catch (Exception e) {
fail("The attribute " + attName + " of MyAccountMBean must not throw " + e);
}
}
log("Test as user 4 - Check RuntimeDataMBeanName attributes are correct");
final String[] attributesToCheck = new String[] { "Status", "TotalJobsCount", "FinishedJobsCount", "TotalTasksCount", "FinishedTasksCount" };
// Get all attributes to test BEFORE JOB SUBMISSION
AttributeList list = conn.getAttributes(runtimeDataMBeanName, attributesToCheck);
// Status
Attribute att = (Attribute) list.get(0);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", "Started", att.getValue());
// TotalJobsCount
att = (Attribute) list.get(1);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 0, att.getValue());
// FinishedJobsCount
att = (Attribute) list.get(2);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 0, att.getValue());
// NumberOfTasksCount
att = (Attribute) list.get(3);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 0, att.getValue());
// FinishedTasksCount
att = (Attribute) list.get(4);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 0, att.getValue());
// Create a job then submit it to the scheduler
final int taskPerJob = 2;
final TaskFlowJob job = new TaskFlowJob();
for (int i = 0; i < taskPerJob; i++) {
JavaTask task = new JavaTask();
task.setName("" + i);
task.setExecutableClassName(WaitAndPrint.class.getName());
task.addArgument("sleepTime", "1");
job.addTask(task);
}
// log as admin since its creds are already available
final JobId id = schedulerHelper.submitJob(job);
schedulerHelper.waitForEventJobFinished(id);
// Get all attributes to test AFTER JOB EXECUTION
list = conn.getAttributes(runtimeDataMBeanName, attributesToCheck);
// Check SchedulerStatus
att = (Attribute) list.get(0);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", "Started", att.getValue());
// Check TotalNumberOfJobs
att = (Attribute) list.get(1);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 1, att.getValue());
// Check NumberOfFinishedJobs
att = (Attribute) list.get(2);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 1, att.getValue());
// Check TotalNumberOfTasks
att = (Attribute) list.get(3);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", taskPerJob, att.getValue());
// Check NumberOfFinishedTasks
att = (Attribute) list.get(4);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", taskPerJob, att.getValue());
jmxConnector.close();
}
// Test as admin over RO
{
log("Test as admin 1, auth with login/creds over RO and check connection");
// Create the environment
final HashMap<String, Object> env = new HashMap<>(1);
env.put(JMXConnector.CREDENTIALS, new Object[] { adminLogin, adminCreds });
env.put(JMXConnectorFactory.PROTOCOL_PROVIDER_PACKAGES, JMXProviderUtils.RO_PROVIDER_PKGS);
// Connect to the JMX RO Connector Server
final JMXConnector jmxConnector = JMXConnectorFactory.connect(jmxRoServiceURL, env);
final MBeanServerConnection conn = jmxConnector.getMBeanServerConnection();
// Check that the MBean Server connection is not null
assertNotNull("Unable to obtain the MBean server connection over RO", conn);
log("Test as admin 2 - Check ManagementMBean is registered in the MBean server");
assertTrue("ManagementMBean is not registered", conn.isRegistered(managementMBeanName));
RMTHelper.log("Test as admin 3 - Check ManagementMBean attributes do not throw exception");
final MBeanInfo mInfo = conn.getMBeanInfo(managementMBeanName);
for (final MBeanAttributeInfo att : mInfo.getAttributes()) {
final String attName = att.getName();
try {
conn.getAttribute(managementMBeanName, attName);
} catch (Exception e) {
fail("The attribute " + attName + " of ManagementMBean must not throw " + e);
}
}
RMTHelper.log("Test as admin 4 - Check AllAccountsMBean Username attribute");
final String username = "Username";
try {
conn.setAttribute(allAccountsMBeanName, new Attribute(username, adminLogin));
} catch (Exception e) {
fail("Setting Username attribute of the AllAccountsMBean must not throw " + e);
}
String res = "";
try {
res = (String) conn.getAttribute(allAccountsMBeanName, username);
} catch (Exception e) {
fail("The attribute " + username + " of AllAccountsMBean must not throw " + e);
}
assertTrue("The attribute " + username + " of returns incorrect value", res.equals(adminLogin));
jmxConnector.close();
}
// Test simultaneous RMI and RO connections
{
log("Test simultaneous JMX-RMI and JMX-RO connections as admin");
final HashMap<String, Object> env = new HashMap<>(1);
env.put(JMXConnector.CREDENTIALS, new Object[] { adminLogin, adminCreds });
// Connect to the JMX-RMI Connector Server
final JMXConnector jmxRmiConnector = JMXConnectorFactory.connect(jmxRmiServiceURL, env);
final MBeanServerConnection conRmi = jmxRmiConnector.getMBeanServerConnection();
// Connect to the JMX-RO Connector Server
env.put(JMXConnectorFactory.PROTOCOL_PROVIDER_PACKAGES, JMXProviderUtils.RO_PROVIDER_PKGS);
final JMXConnector jmxRoConnector1 = JMXConnectorFactory.connect(jmxRoServiceURL, env);
final MBeanServerConnection conRo = jmxRoConnector1.getMBeanServerConnection();
Assert.assertFalse("In case of simultaneous RMI and RO JMX connections they must not be equal", conRmi.equals(conRo));
Assert.assertFalse("In case of simultaneous RMI and RO JMX connections the connectors must not provide the same connection ids", jmxRmiConnector.getConnectionId().equals(jmxRoConnector1.getConnectionId()));
log("Test JMX-RO connection unicity (two connections over RO must not have the same id)");
final JMXConnector jmxRoConnector2 = JMXConnectorFactory.connect(jmxRoServiceURL, env);
Assert.assertFalse("In case of multiple RO JMX connections the connectors must not provide the same connection ids", jmxRoConnector1.getConnectionId().equals(jmxRoConnector2.getConnectionId()));
// Close all connectors
jmxRoConnector2.close();
jmxRoConnector1.close();
jmxRmiConnector.close();
}
// Test Helper class
{
log("Test JMXClientHelper as admin over RMI with connect() method");
final JMXClientHelper client = new JMXClientHelper(auth, new Object[] { adminLogin, adminCreds });
// default is over
final boolean isConnected1 = client.connect();
// RMI
assertTrue("Unable to connect, exception is " + client.getLastException(), isConnected1);
assertTrue("Incorrect default behavior of connect() method it must use RMI protocol", client.getConnector().getConnectionId().startsWith("rmi"));
client.disconnect();
Assert.assertFalse("The helper disconnect() must set the helper as disconnected", client.isConnected());
final boolean isConnected2 = client.connect(JMXTransportProtocol.RO);
assertTrue("Unable to connect, exception is " + client.getLastException(), isConnected2);
assertTrue("The helper connect(JMXTransportProtocol.RO) method must use RO protocol", client.getConnector().getConnectionId().startsWith("ro"));
client.disconnect();
Assert.assertFalse("The helper disconnect() must set the helper as disconnected", client.isConnected());
}
}
Also used :
JMXServiceURL(javax.management.remote.JMXServiceURL)
HashMap(java.util.HashMap)
PublicKey(java.security.PublicKey)
TaskFlowJob(org.ow2.proactive.scheduler.common.job.TaskFlowJob)
CredData(org.ow2.proactive.authentication.crypto.CredData)
SchedulerAuthenticationInterface(org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface)
JavaTask(org.ow2.proactive.scheduler.common.task.JavaTask)
JMXConnector(javax.management.remote.JMXConnector)
JMXClientHelper(org.ow2.proactive.jmx.JMXClientHelper)
Credentials(org.ow2.proactive.authentication.crypto.Credentials)
JobId(org.ow2.proactive.scheduler.common.job.JobId)
Test(org.junit.Test)
Aggregations
CredData (org.ow2.proactive.authentication.crypto.CredData)53
Credentials (org.ow2.proactive.authentication.crypto.Credentials)41
PublicKey (java.security.PublicKey)15
Test (org.junit.Test)15
LoginException (javax.security.auth.login.LoginException)13
KeyException (java.security.KeyException)10
ResourceManager (org.ow2.proactive.resourcemanager.frontend.ResourceManager)10
SchedulerAuthenticationInterface (org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface)10
RMAuthentication (org.ow2.proactive.resourcemanager.authentication.RMAuthentication)9
HashMap (java.util.HashMap)8
RMFunctionalTest (functionaltests.utils.RMFunctionalTest)6
JMXServiceURL (javax.management.remote.JMXServiceURL)6
JMXConnector (javax.management.remote.JMXConnector)5
RMProxyUserInterface (org.ow2.proactive.resourcemanager.common.util.RMProxyUserInterface)5
Scheduler (org.ow2.proactive.scheduler.common.Scheduler)5
SchedulerProxyUserInterface (org.ow2.proactive.scheduler.common.util.SchedulerProxyUserInterface)5
Decrypter (org.ow2.proactive.scheduler.task.utils.Decrypter)5
MBeanServerConnection (javax.management.MBeanServerConnection)4
ObjectName (javax.management.ObjectName)4
POST (javax.ws.rs.POST)4
