Search in sources :

Example 31 with Credentials

use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.

the class RMProxyActiveObject method handleCleaningScript.

/**
 * Execute the given script on the given node.
 * Also register a callback on {@link #cleanCallBack(Future, NodeSet)} method when script has returned.
 * @param nodes           the nodeset on which to start the script
 * @param cleaningScript the script to be executed
 * @param variables
 * @param genericInformation
 * @param taskId
 * @param creds credentials with CredData containing third party credentials
 */
private void handleCleaningScript(NodeSet nodes, Script<?> cleaningScript, VariablesMap variables, Map<String, String> genericInformation, TaskId taskId, Credentials creds) {
    TaskLogger instance = TaskLogger.getInstance();
    try {
        this.nodesTaskId.put(nodes, taskId);
        // create a decrypter to access scheduler and retrieve Third Party User Credentials
        String privateKeyPath = PASchedulerProperties.getAbsolutePath(PASchedulerProperties.SCHEDULER_AUTH_PRIVKEY_PATH.getValueAsString());
        Decrypter decrypter = new Decrypter(Credentials.getPrivateKey(privateKeyPath));
        decrypter.setCredentials(creds);
        HashMap<String, Serializable> dictionary = new HashMap<>();
        dictionary.putAll(variables.getScriptMap());
        dictionary.putAll(variables.getInheritedMap());
        dictionary.putAll(variables.getPropagatedVariables());
        dictionary.putAll(variables.getScopeMap());
        // start handler for binding
        ScriptHandler handler = ScriptLoader.createHandler(nodes.get(0));
        VariablesMap resolvedMap = new VariablesMap();
        resolvedMap.setInheritedMap(VariableSubstitutor.resolveVariables(variables.getInheritedMap(), dictionary));
        resolvedMap.setScopeMap(VariableSubstitutor.resolveVariables(variables.getScopeMap(), dictionary));
        handler.addBinding(SchedulerConstants.VARIABLES_BINDING_NAME, (Serializable) resolvedMap);
        handler.addBinding(SchedulerConstants.GENERIC_INFO_BINDING_NAME, (Serializable) genericInformation);
        // retrieve scheduler URL to bind with schedulerapi, globalspaceapi, and userspaceapi
        String schedulerUrl = PASchedulerProperties.SCHEDULER_REST_URL.getValueAsString();
        logger.debug("Binding schedulerapi...");
        SchedulerNodeClient client = new SchedulerNodeClient(decrypter, schedulerUrl);
        handler.addBinding(SchedulerConstants.SCHEDULER_CLIENT_BINDING_NAME, (Serializable) client);
        logger.debug("Binding globalspaceapi...");
        RemoteSpace globalSpaceClient = new DataSpaceNodeClient(client, IDataSpaceClient.Dataspace.GLOBAL, schedulerUrl);
        handler.addBinding(SchedulerConstants.DS_GLOBAL_API_BINDING_NAME, (Serializable) globalSpaceClient);
        logger.debug("Binding userspaceapi...");
        RemoteSpace userSpaceClient = new DataSpaceNodeClient(client, IDataSpaceClient.Dataspace.USER, schedulerUrl);
        handler.addBinding(SchedulerConstants.DS_USER_API_BINDING_NAME, (Serializable) userSpaceClient);
        logger.debug("Binding credentials...");
        Map<String, String> resolvedThirdPartyCredentials = VariableSubstitutor.filterAndUpdate(decrypter.decrypt().getThirdPartyCredentials(), dictionary);
        handler.addBinding(SchedulerConstants.CREDENTIALS_VARIABLE, (Serializable) resolvedThirdPartyCredentials);
        ScriptResult<?> future = handler.handle(cleaningScript);
        try {
            PAEventProgramming.addActionOnFuture(future, "cleanCallBack", nodes);
        } catch (IllegalArgumentException e) {
            // TODO - linked to PROACTIVE-936 -> IllegalArgumentException is raised if method name is unknown
            // should be replaced by checked exception
            instance.error(taskId, "ERROR : Callback method won't be executed, node won't be released. This is a critical state, check the callback method name", e);
        }
        instance.info(taskId, "Cleaning Script started on node " + nodes.get(0).getNodeInformation().getURL());
    } catch (Exception e) {
        // if active object cannot be created or script has failed
        instance.error(taskId, "Error while starting cleaning script for task " + taskId + " on " + nodes.get(0), e);
        releaseNodes(nodes).booleanValue();
    }
}
Also used : Serializable(java.io.Serializable) HashMap(java.util.HashMap) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) SchedulerNodeClient(org.ow2.proactive.scheduler.task.client.SchedulerNodeClient) Decrypter(org.ow2.proactive.scheduler.task.utils.Decrypter) LoginException(javax.security.auth.login.LoginException) TaskLogger(org.ow2.proactive.scheduler.util.TaskLogger) RemoteSpace(org.ow2.proactive.scheduler.common.task.dataspaces.RemoteSpace) VariablesMap(org.ow2.proactive.scheduler.task.utils.VariablesMap) DataSpaceNodeClient(org.ow2.proactive.scheduler.task.client.DataSpaceNodeClient) ScriptHandler(org.ow2.proactive.scripting.ScriptHandler)

Example 32 with Credentials

use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.

the class InternalJobFactory method createJob.

/**
 * Create a new internal job with the given job (user).
 *
 * @param job the user job that will be used to create the internal job.
 * @return the created internal job.
 * @throws JobCreationException an exception if the factory cannot create the given job.
 */
public static InternalJob createJob(Job job, Credentials cred) throws JobCreationException {
    InternalJob iJob;
    if (logger.isDebugEnabled()) {
        logger.debug("Create job '" + job.getName() + "' - " + job.getClass().getName());
    }
    switch(job.getType()) {
        case PARAMETER_SWEEPING:
            logger.error("The type of the given job is not yet implemented !");
            throw new JobCreationException("The type of the given job is not yet implemented !");
        case TASKSFLOW:
            iJob = createJob((TaskFlowJob) job);
            break;
        default:
            logger.error("The type of the given job is unknown !");
            throw new JobCreationException("The type of the given job is unknown !");
    }
    try {
        // set the job common properties
        iJob.setCredentials(cred);
        setJobCommonProperties(job, iJob);
        return iJob;
    } catch (Exception e) {
        logger.error("", e);
        throw new InternalException("Error while creating the internalJob !", e);
    }
}
Also used : TaskFlowJob(org.ow2.proactive.scheduler.common.job.TaskFlowJob) JobCreationException(org.ow2.proactive.scheduler.common.exception.JobCreationException) JobCreationException(org.ow2.proactive.scheduler.common.exception.JobCreationException) InvalidScriptException(org.ow2.proactive.scripting.InvalidScriptException) InternalException(org.ow2.proactive.scheduler.common.exception.InternalException) InternalException(org.ow2.proactive.scheduler.common.exception.InternalException)

Example 33 with Credentials

use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.

the class AuthenticationTest method loginAsUserIncorrectPassword.

private void loginAsUserIncorrectPassword(SchedulerAuthenticationInterface auth, PublicKey pubKey) {
    log("Test 4");
    log("Trying to authorized as a user with incorrect user name and password");
    try {
        Credentials cred = Credentials.createCredentials(new CredData(TestUsers.USER.username, "b"), pubKey);
        auth.login(cred);
        fail("Error: successful authentication");
    } catch (Exception e) {
        log("Passed: expected error " + e.getMessage());
    }
}
Also used : CredData(org.ow2.proactive.authentication.crypto.CredData) Credentials(org.ow2.proactive.authentication.crypto.Credentials) LoginException(javax.security.auth.login.LoginException) KeyException(java.security.KeyException) PermissionException(org.ow2.proactive.scheduler.common.exception.PermissionException) NotConnectedException(org.ow2.proactive.scheduler.common.exception.NotConnectedException) AlreadyConnectedException(org.ow2.proactive.scheduler.common.exception.AlreadyConnectedException)

Example 34 with Credentials

use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.

the class AuthenticationTest method loginAsAdmin.

private void loginAsAdmin(SchedulerAuthenticationInterface auth, PublicKey pubKey) throws KeyException, LoginException, AlreadyConnectedException, NotConnectedException, PermissionException {
    log("Test 1");
    log("Trying to authorized as an admin with correct user name and password");
    Credentials cred = Credentials.createCredentials(new CredData(TestUsers.DEMO.username, TestUsers.DEMO.password), pubKey);
    Scheduler admin = auth.login(cred);
    String userName = admin.getCurrentUser();
    Assert.assertEquals(TestUsers.DEMO.username, userName);
    UserData userData = admin.getCurrentUserData();
    Assert.assertNotNull(userData);
    Assert.assertNotNull(userData.getUserName());
    Assert.assertNotNull(userData.getGroups());
    Assert.assertTrue(userData.getGroups().contains("admin"));
    admin.disconnect();
    log("Passed: successful authentication");
}
Also used : UserData(org.ow2.proactive.authentication.UserData) Scheduler(org.ow2.proactive.scheduler.common.Scheduler) CredData(org.ow2.proactive.authentication.crypto.CredData) Credentials(org.ow2.proactive.authentication.crypto.Credentials)

Example 35 with Credentials

use of org.ow2.proactive.authentication.crypto.Credentials in project scheduling by ow2-proactive.

the class TestThirdPartyCredentialsDefined method createAndSubmitTaskPrintingCredentials.

public String createAndSubmitTaskPrintingCredentials() throws Exception {
    ScriptTask scriptTask = new ScriptTask();
    scriptTask.setName("task");
    scriptTask.setScript(new TaskScript(new SimpleScript("print credentials", "python")));
    TaskFlowJob job = new TaskFlowJob();
    job.addTask(scriptTask);
    JobId id = schedulerHelper.submitJob(job);
    schedulerHelper.waitForEventJobFinished(id);
    JobResult jobResult = schedulerHelper.getJobResult(id);
    TaskResult result = jobResult.getResult(scriptTask.getName());
    return result.getOutput().getStdoutLogs(false).replaceAll("\n|\r", "");
}
Also used : ScriptTask(org.ow2.proactive.scheduler.common.task.ScriptTask) TaskScript(org.ow2.proactive.scripting.TaskScript) JobResult(org.ow2.proactive.scheduler.common.job.JobResult) SimpleScript(org.ow2.proactive.scripting.SimpleScript) TaskFlowJob(org.ow2.proactive.scheduler.common.job.TaskFlowJob) TaskResult(org.ow2.proactive.scheduler.common.task.TaskResult) JobId(org.ow2.proactive.scheduler.common.job.JobId)

Aggregations

Credentials (org.ow2.proactive.authentication.crypto.Credentials)50 CredData (org.ow2.proactive.authentication.crypto.CredData)42 KeyException (java.security.KeyException)17 ResourceManager (org.ow2.proactive.resourcemanager.frontend.ResourceManager)17 PublicKey (java.security.PublicKey)15 LoginException (javax.security.auth.login.LoginException)15 Test (org.junit.Test)14 SchedulerAuthenticationInterface (org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface)13 RMAuthentication (org.ow2.proactive.resourcemanager.authentication.RMAuthentication)12 IOException (java.io.IOException)11 HashMap (java.util.HashMap)11 File (java.io.File)9 RMFunctionalTest (functionaltests.utils.RMFunctionalTest)6 JMXServiceURL (javax.management.remote.JMXServiceURL)6 JMXConnector (javax.management.remote.JMXConnector)5 Node (org.objectweb.proactive.core.node.Node)5 Scheduler (org.ow2.proactive.scheduler.common.Scheduler)5 MBeanServerConnection (javax.management.MBeanServerConnection)4 ObjectName (javax.management.ObjectName)4 POST (javax.ws.rs.POST)4