Examples with Credentials org.ow2.proactive.authentication.crypto.Credentials used on opensource projects

Example 1 with Credentials

use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.

the class RMProxyActiveObject method handleCleaningScript.

/**
 * Execute the given script on the given node.
 * Also register a callback on {@link #cleanCallBack(Future, NodeSet)} method when script has returned.
 * @param nodes           the nodeset on which to start the script
 * @param cleaningScript the script to be executed
 * @param variables
 * @param genericInformation
 * @param taskId
 * @param creds credentials with CredData containing third party credentials
 */
private void handleCleaningScript(NodeSet nodes, Script<?> cleaningScript, VariablesMap variables, Map<String, String> genericInformation, TaskId taskId, Credentials creds) {
    TaskLogger instance = TaskLogger.getInstance();
    try {
        this.nodesTaskId.put(nodes, taskId);
        // create a decrypter to access scheduler and retrieve Third Party User Credentials
        String privateKeyPath = PASchedulerProperties.getAbsolutePath(PASchedulerProperties.SCHEDULER_AUTH_PRIVKEY_PATH.getValueAsString());
        Decrypter decrypter = new Decrypter(Credentials.getPrivateKey(privateKeyPath));
        decrypter.setCredentials(creds);
        HashMap<String, Serializable> dictionary = new HashMap<>();
        dictionary.putAll(variables.getScriptMap());
        dictionary.putAll(variables.getInheritedMap());
        dictionary.putAll(variables.getPropagatedVariables());
        dictionary.putAll(variables.getScopeMap());
        // start handler for binding
        ScriptHandler handler = ScriptLoader.createHandler(nodes.get(0));
        VariablesMap resolvedMap = new VariablesMap();
        resolvedMap.setInheritedMap(VariableSubstitutor.resolveVariables(variables.getInheritedMap(), dictionary));
        resolvedMap.setScopeMap(VariableSubstitutor.resolveVariables(variables.getScopeMap(), dictionary));
        handler.addBinding(SchedulerConstants.VARIABLES_BINDING_NAME, (Serializable) resolvedMap);
        handler.addBinding(SchedulerConstants.GENERIC_INFO_BINDING_NAME, (Serializable) genericInformation);
        // retrieve scheduler URL to bind with schedulerapi, globalspaceapi, and userspaceapi
        String schedulerUrl = PASchedulerProperties.SCHEDULER_REST_URL.getValueAsString();
        logger.debug("Binding schedulerapi...");
        SchedulerNodeClient client = new SchedulerNodeClient(decrypter, schedulerUrl);
        handler.addBinding(SchedulerConstants.SCHEDULER_CLIENT_BINDING_NAME, (Serializable) client);
        logger.debug("Binding globalspaceapi...");
        RemoteSpace globalSpaceClient = new DataSpaceNodeClient(client, IDataSpaceClient.Dataspace.GLOBAL, schedulerUrl);
        handler.addBinding(SchedulerConstants.DS_GLOBAL_API_BINDING_NAME, (Serializable) globalSpaceClient);
        logger.debug("Binding userspaceapi...");
        RemoteSpace userSpaceClient = new DataSpaceNodeClient(client, IDataSpaceClient.Dataspace.USER, schedulerUrl);
        handler.addBinding(SchedulerConstants.DS_USER_API_BINDING_NAME, (Serializable) userSpaceClient);
        logger.debug("Binding credentials...");
        Map<String, String> resolvedThirdPartyCredentials = VariableSubstitutor.filterAndUpdate(decrypter.decrypt().getThirdPartyCredentials(), dictionary);
        handler.addBinding(SchedulerConstants.CREDENTIALS_VARIABLE, (Serializable) resolvedThirdPartyCredentials);
        ScriptResult<?> future = handler.handle(cleaningScript);
        try {
            PAEventProgramming.addActionOnFuture(future, "cleanCallBack", nodes);
        } catch (IllegalArgumentException e) {
            // TODO - linked to PROACTIVE-936 -> IllegalArgumentException is raised if method name is unknown
            // should be replaced by checked exception
            instance.error(taskId, "ERROR : Callback method won't be executed, node won't be released. This is a critical state, check the callback method name", e);
        }
        instance.info(taskId, "Cleaning Script started on node " + nodes.get(0).getNodeInformation().getURL());
    } catch (Exception e) {
        // if active object cannot be created or script has failed
        instance.error(taskId, "Error while starting cleaning script for task " + taskId + " on " + nodes.get(0), e);
        releaseNodes(nodes).booleanValue();
    }
}

Example 2 with Credentials

use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.

the class AuthenticationImpl method authenticate.

/**
 * Performs login.
 *
 * @param cred encrypted username and password
 * @return the name of the user logged
 * @throws LoginException if username or password is incorrect.
 */
public Subject authenticate(Credentials cred) throws LoginException {
    if (activated == false) {
        throw new LoginException("Authentication active object is not activated.");
    }
    CredData credentials = null;
    try {
        credentials = cred.decrypt(privateKeyPath);
    } catch (KeyException e) {
        throw new LoginException("Could not decrypt credentials: " + e);
    }
    String username = credentials.getLogin();
    String password = credentials.getPassword();
    if (username == null || username.equals("")) {
        throw new LoginException("Bad user name (user is null or empty)");
    }
    try {
        // Verify that this user//password can connect to this existing scheduler
        getLogger().info(username + " is trying to connect");
        Map<String, Object> params = new HashMap<>(4);
        // user name to check
        params.put("username", username);
        // password to check
        params.put("pw", password);
        // Load LoginContext according to login method defined in jaas.config
        LoginContext lc = new LoginContext(getLoginMethod(), new NoCallbackHandler(params));
        lc.login();
        getLogger().info("User " + username + " logged successfully");
        return lc.getSubject();
    } catch (LoginException e) {
        getLogger().info(e.getMessage());
        // user about the reason of non authentication
        throw new LoginException("Authentication failed");
    }
}

Example 3 with Credentials

use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.

the class RMNodeStarter method getDefaultCredentials.

private Credentials getDefaultCredentials() {
    try {
        return Credentials.getCredentials();
    } catch (KeyException fromDiskKeyException) {
        try {
            Credentials credentialsFromRMHome = Credentials.getCredentials(new File(PAResourceManagerProperties.RM_HOME.getValueAsStringOrNull(), CONFIG_RM_CRED_PATH_RELATIVE).getAbsolutePath());
            logger.info("Using default credentials from ProActive home, authenticating as user rm");
            return credentialsFromRMHome;
        } catch (KeyException fromRMHomeKeyException) {
            try {
                Credentials credentialsFromJar = Credentials.getCredentials(RMNodeStarter.class.getResourceAsStream("/" + CONFIG_RM_CRED_PATH_RELATIVE));
                logger.info("Using default credentials from ProActive jars, authenticating as user rm");
                return credentialsFromJar;
            } catch (Exception fromJarKeyException) {
                logger.error("Failed to read credentials, from location obtained using system property, RM home or ProActive jars", fromJarKeyException);
                System.exit(ExitStatus.CRED_UNREADABLE.exitCode);
            }
        }
    }
    return null;
}

Example 4 with Credentials

use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.

the class RMNodeStarter method registerInRM.

/**
 * Tries to join to the Resource Manager with a specified timeout
 * at the given URL, logs with provided credentials and adds the local node to
 * the Resource Manager. Handles all errors/exceptions.
 */
protected ResourceManager registerInRM(final Credentials credentials, final String rmURL, String nodeName, Collection<Node> nodes) {
    RMAuthentication rmAuth = joinResourceManager(rmURL);
    ResourceManager rm = loginToResourceManager(credentials, rmAuth);
    startMonitoring(rmAuth);
    for (final Node node : nodes) {
        nodeSetJmxUrl(sigarExposer, node);
        addNodeToResourceManager(rmURL, node, rm);
    }
    return rm;
}

Example 5 with Credentials

use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.

the class RMNodeStarter method reconnectToResourceManager.

private ResourceManager reconnectToResourceManager() {
    try {
        numberOfReconnectionAttemptsLeft--;
        // trying to reconnect to the resource manager
        ResourceManager rm = null;
        RMAuthentication rmAuth = RMConnection.waitAndJoin(rmURL, WAIT_ON_JOIN_TIMEOUT_IN_MS);
        rm = rmAuth.login(credentials);
        startMonitoring(rmAuth);
        return rm;
    } catch (Exception ex) {
        logger.error(ex.getMessage(), ex);
    }
    return null;
}