Example 11 with SchedulerAuthenticationInterface
use of org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface in project scheduling by ow2-proactive.
the class SchedulerJMXTest method action.
@Test
public void action() throws Exception {
final String userLogin = TestUsers.DEMO.username;
final String userPassword = TestUsers.DEMO.password;
final String adminLogin = TestUsers.TEST.username;
final String adminPassword = TestUsers.TEST.password;
final SchedulerAuthenticationInterface auth = schedulerHelper.getSchedulerAuth();
final PublicKey pubKey = auth.getPublicKey();
// final Credentials userCreds =
// Credentials.createCredentials(userLogin, userPassword, pubKey);
final Credentials adminCreds = Credentials.createCredentials(new CredData(adminLogin, adminPassword), pubKey);
final JMXServiceURL jmxRmiServiceURL = new JMXServiceURL(auth.getJMXConnectorURL(JMXTransportProtocol.RMI));
final JMXServiceURL jmxRoServiceURL = new JMXServiceURL(auth.getJMXConnectorURL(JMXTransportProtocol.RO));
final ObjectName allAccountsMBeanName = new ObjectName(SchedulerJMXHelper.ALLACCOUNTS_MBEAN_NAME);
final ObjectName myAccountMBeanName = new ObjectName(SchedulerJMXHelper.MYACCOUNT_MBEAN_NAME);
final ObjectName runtimeDataMBeanName = new ObjectName(SchedulerJMXHelper.RUNTIMEDATA_MBEAN_NAME);
final ObjectName managementMBeanName = new ObjectName(SchedulerJMXHelper.MANAGEMENT_MBEAN_NAME);
final String suffix = "/" + PASchedulerProperties.SCHEDULER_JMX_CONNECTOR_NAME.getValueAsString();
{
RMTHelper.log("Test jmxRmiServiceURL is well formed");
assertTrue("The jmxRmiServiceURL protocol must be rmi", jmxRmiServiceURL.getProtocol().equals("rmi"));
assertTrue("The jmxRmiServiceURL URLPath must end with " + suffix, jmxRmiServiceURL.getURLPath().endsWith(suffix));
}
{
RMTHelper.log("Test jmxRoServiceURL is well formed");
assertTrue("The jmxRoServiceURL protocol must be ro", jmxRoServiceURL.getProtocol().equals("ro"));
assertTrue("The jmxRoServiceURL URLPath must end with " + suffix, jmxRoServiceURL.getURLPath().endsWith(suffix));
}
{
log("Test jmxRmiServiceURL and jmxRoServiceURL are not equal");
Assert.assertFalse("The jmxRmiServiceURL and jmxRoServiceURL must not be equal", jmxRmiServiceURL.equals(jmxRoServiceURL));
}
{
log("Test invalid JMX auth without creds (expect SecurityException)");
try {
JMXConnectorFactory.connect(jmxRmiServiceURL, new HashMap<String, Object>(0));
} catch (Exception e) {
assertTrue("JMX auth must throw SecurityException if a client tries to connect without creds in the " + "env", e instanceof SecurityException);
}
}
{
log("Test invalid JMX auth with null login/password creds (expect SecurityException)");
// Create the environment
final HashMap<String, Object> env = new HashMap<String, Object>(1);
env.put(JMXConnector.CREDENTIALS, new Object[] { null, null });
try {
JMXConnectorFactory.connect(jmxRmiServiceURL, env);
} catch (Exception e) {
assertTrue("JMX auth must throw SecurityException if a client tries to connect with null credentials" + " the env", e instanceof SecurityException);
}
}
{
log("Test invalid JMX auth with bad login/password creds");
// Create the environment
final HashMap<String, Object> env = new HashMap<>(1);
env.put(JMXConnector.CREDENTIALS, new Object[] { "abra", "cadabra" });
try {
JMXConnectorFactory.connect(jmxRmiServiceURL, env);
} catch (Exception e) {
assertTrue("JMX auth must throw SecurityException if a client tries to connect with bad " + "login/password credentials the env", e instanceof SecurityException);
}
}
// Tests as user over RMI
{
log("Test as user 1 - Auth with login/pass over RMI and check connection");
// Create the environment
final HashMap<String, Object> env = new HashMap<>(1);
env.put(JMXConnector.CREDENTIALS, new Object[] { userLogin, userPassword });
// Connect to the JMX RMI Connector Server
final JMXConnector jmxConnector = JMXConnectorFactory.connect(jmxRmiServiceURL, env);
final MBeanServerConnection conn = jmxConnector.getMBeanServerConnection();
// Check that the MBean Server connection is not null
assertNotNull("Unable to obtain the MBean server connection over RMI", conn);
log("Test as user 2 - Check all mbeans are registered in the server");
assertTrue("AllAccountsMBean is not registered", conn.isRegistered(allAccountsMBeanName));
assertTrue("MyAccountMBean is not registered", conn.isRegistered(myAccountMBeanName));
assertTrue("RuntimeDataMBean is not registered", conn.isRegistered(runtimeDataMBeanName));
assertTrue("ManagementMBean is not registered", conn.isRegistered(managementMBeanName));
log("Test as user 3 - Check MyAccountMBean attributes do not throw exceptions");
final MBeanInfo info = conn.getMBeanInfo(myAccountMBeanName);
for (final MBeanAttributeInfo att : info.getAttributes()) {
final String attName = att.getName();
try {
conn.getAttribute(myAccountMBeanName, attName);
} catch (Exception e) {
fail("The attribute " + attName + " of MyAccountMBean must not throw " + e);
}
}
log("Test as user 4 - Check RuntimeDataMBeanName attributes are correct");
final String[] attributesToCheck = new String[] { "Status", "TotalJobsCount", "FinishedJobsCount", "TotalTasksCount", "FinishedTasksCount" };
// Get all attributes to test BEFORE JOB SUBMISSION
AttributeList list = conn.getAttributes(runtimeDataMBeanName, attributesToCheck);
// Status
Attribute att = (Attribute) list.get(0);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", "Started", att.getValue());
// TotalJobsCount
att = (Attribute) list.get(1);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 0, att.getValue());
// FinishedJobsCount
att = (Attribute) list.get(2);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 0, att.getValue());
// NumberOfTasksCount
att = (Attribute) list.get(3);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 0, att.getValue());
// FinishedTasksCount
att = (Attribute) list.get(4);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 0, att.getValue());
// Create a job then submit it to the scheduler
final int taskPerJob = 2;
final TaskFlowJob job = new TaskFlowJob();
for (int i = 0; i < taskPerJob; i++) {
JavaTask task = new JavaTask();
task.setName("" + i);
task.setExecutableClassName(WaitAndPrint.class.getName());
task.addArgument("sleepTime", "1");
job.addTask(task);
}
// log as admin since its creds are already available
final JobId id = schedulerHelper.submitJob(job);
schedulerHelper.waitForEventJobFinished(id);
// Get all attributes to test AFTER JOB EXECUTION
list = conn.getAttributes(runtimeDataMBeanName, attributesToCheck);
// Check SchedulerStatus
att = (Attribute) list.get(0);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", "Started", att.getValue());
// Check TotalNumberOfJobs
att = (Attribute) list.get(1);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 1, att.getValue());
// Check NumberOfFinishedJobs
att = (Attribute) list.get(2);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 1, att.getValue());
// Check TotalNumberOfTasks
att = (Attribute) list.get(3);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", taskPerJob, att.getValue());
// Check NumberOfFinishedTasks
att = (Attribute) list.get(4);
Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", taskPerJob, att.getValue());
jmxConnector.close();
}
// Test as admin over RO
{
log("Test as admin 1, auth with login/creds over RO and check connection");
// Create the environment
final HashMap<String, Object> env = new HashMap<>(1);
env.put(JMXConnector.CREDENTIALS, new Object[] { adminLogin, adminCreds });
env.put(JMXConnectorFactory.PROTOCOL_PROVIDER_PACKAGES, JMXProviderUtils.RO_PROVIDER_PKGS);
// Connect to the JMX RO Connector Server
final JMXConnector jmxConnector = JMXConnectorFactory.connect(jmxRoServiceURL, env);
final MBeanServerConnection conn = jmxConnector.getMBeanServerConnection();
// Check that the MBean Server connection is not null
assertNotNull("Unable to obtain the MBean server connection over RO", conn);
log("Test as admin 2 - Check ManagementMBean is registered in the MBean server");
assertTrue("ManagementMBean is not registered", conn.isRegistered(managementMBeanName));
RMTHelper.log("Test as admin 3 - Check ManagementMBean attributes do not throw exception");
final MBeanInfo mInfo = conn.getMBeanInfo(managementMBeanName);
for (final MBeanAttributeInfo att : mInfo.getAttributes()) {
final String attName = att.getName();
try {
conn.getAttribute(managementMBeanName, attName);
} catch (Exception e) {
fail("The attribute " + attName + " of ManagementMBean must not throw " + e);
}
}
RMTHelper.log("Test as admin 4 - Check AllAccountsMBean Username attribute");
final String username = "Username";
try {
conn.setAttribute(allAccountsMBeanName, new Attribute(username, adminLogin));
} catch (Exception e) {
fail("Setting Username attribute of the AllAccountsMBean must not throw " + e);
}
String res = "";
try {
res = (String) conn.getAttribute(allAccountsMBeanName, username);
} catch (Exception e) {
fail("The attribute " + username + " of AllAccountsMBean must not throw " + e);
}
assertTrue("The attribute " + username + " of returns incorrect value", res.equals(adminLogin));
jmxConnector.close();
}
// Test simultaneous RMI and RO connections
{
log("Test simultaneous JMX-RMI and JMX-RO connections as admin");
final HashMap<String, Object> env = new HashMap<>(1);
env.put(JMXConnector.CREDENTIALS, new Object[] { adminLogin, adminCreds });
// Connect to the JMX-RMI Connector Server
final JMXConnector jmxRmiConnector = JMXConnectorFactory.connect(jmxRmiServiceURL, env);
final MBeanServerConnection conRmi = jmxRmiConnector.getMBeanServerConnection();
// Connect to the JMX-RO Connector Server
env.put(JMXConnectorFactory.PROTOCOL_PROVIDER_PACKAGES, JMXProviderUtils.RO_PROVIDER_PKGS);
final JMXConnector jmxRoConnector1 = JMXConnectorFactory.connect(jmxRoServiceURL, env);
final MBeanServerConnection conRo = jmxRoConnector1.getMBeanServerConnection();
Assert.assertFalse("In case of simultaneous RMI and RO JMX connections they must not be equal", conRmi.equals(conRo));
Assert.assertFalse("In case of simultaneous RMI and RO JMX connections the connectors must not provide the same connection ids", jmxRmiConnector.getConnectionId().equals(jmxRoConnector1.getConnectionId()));
log("Test JMX-RO connection unicity (two connections over RO must not have the same id)");
final JMXConnector jmxRoConnector2 = JMXConnectorFactory.connect(jmxRoServiceURL, env);
Assert.assertFalse("In case of multiple RO JMX connections the connectors must not provide the same connection ids", jmxRoConnector1.getConnectionId().equals(jmxRoConnector2.getConnectionId()));
// Close all connectors
jmxRoConnector2.close();
jmxRoConnector1.close();
jmxRmiConnector.close();
}
// Test Helper class
{
log("Test JMXClientHelper as admin over RMI with connect() method");
final JMXClientHelper client = new JMXClientHelper(auth, new Object[] { adminLogin, adminCreds });
// default is over
final boolean isConnected1 = client.connect();
// RMI
assertTrue("Unable to connect, exception is " + client.getLastException(), isConnected1);
assertTrue("Incorrect default behavior of connect() method it must use RMI protocol", client.getConnector().getConnectionId().startsWith("rmi"));
client.disconnect();
Assert.assertFalse("The helper disconnect() must set the helper as disconnected", client.isConnected());
final boolean isConnected2 = client.connect(JMXTransportProtocol.RO);
assertTrue("Unable to connect, exception is " + client.getLastException(), isConnected2);
assertTrue("The helper connect(JMXTransportProtocol.RO) method must use RO protocol", client.getConnector().getConnectionId().startsWith("ro"));
client.disconnect();
Assert.assertFalse("The helper disconnect() must set the helper as disconnected", client.isConnected());
}
}
Also used :
JMXServiceURL(javax.management.remote.JMXServiceURL)
HashMap(java.util.HashMap)
PublicKey(java.security.PublicKey)
TaskFlowJob(org.ow2.proactive.scheduler.common.job.TaskFlowJob)
CredData(org.ow2.proactive.authentication.crypto.CredData)
SchedulerAuthenticationInterface(org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface)
JavaTask(org.ow2.proactive.scheduler.common.task.JavaTask)
JMXConnector(javax.management.remote.JMXConnector)
JMXClientHelper(org.ow2.proactive.jmx.JMXClientHelper)
Credentials(org.ow2.proactive.authentication.crypto.Credentials)
JobId(org.ow2.proactive.scheduler.common.job.JobId)
Test(org.junit.Test)
Example 12 with SchedulerAuthenticationInterface
use of org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface in project scheduling by ow2-proactive.
the class SchedulerAuthenticationGUIHelper method login.
/**
* This method will log a client to the scheduler by requesting his URL, username and password from a
* graphical interface.
*
* @param schedulerURL The default URL of the scheduler to connect
* @return The connection to the scheduler as a {@link Scheduler} if logging successful.
* If the username is empty or if the user cancel the authentication, this method will return null.
* @throws LoginException If a problem occurs while logging the user.
* @throws SchedulerException If a problem occurs at scheduler level.
*/
public static Scheduler login(String schedulerURL) throws LoginException, SchedulerException {
AuthResultContainer auth = connect(schedulerURL);
if (auth == null) {
return null;
} else {
SchedulerAuthenticationInterface schedAuth = auth.getAuth();
Credentials cred = null;
try {
cred = Credentials.createCredentials(new CredData(CredData.parseLogin(auth.getUsername()), CredData.parseDomain(auth.getUsername()), auth.getPassword()), schedAuth.getPublicKey());
} catch (LoginException e) {
throw new LoginException("Could not retrieve public key from Scheduler " + schedulerURL + ", contact the administrator" + e);
} catch (KeyException e) {
throw new LoginException("Could not encrypt credentials " + e);
}
return schedAuth.login(cred);
}
}
Also used :
CredData(org.ow2.proactive.authentication.crypto.CredData)
LoginException(javax.security.auth.login.LoginException)
Credentials(org.ow2.proactive.authentication.crypto.Credentials)
KeyException(java.security.KeyException)
Example 13 with SchedulerAuthenticationInterface
use of org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface in project scheduling by ow2-proactive.
the class SchedulerFactory method startLocal.
/**
* Creates and starts a Scheduler on the local host.
* This call considered that the JVM is correctly configured for starting Scheduler.
* The "pa.scheduler.home" and required JVM properties MUST be set.
*
* @param rmURL the URL of a started Resource Manager
* @param policy the full class name of the Scheduling policy to use.
*
* @return a Scheduler authentication that allow you to administer the Scheduler or get its connection URL.
*
* @throws ActiveObjectCreationException If Scheduler cannot be created
*/
public static SchedulerAuthenticationInterface startLocal(URI rmURL, String policy) throws Exception {
SchedulerInitializer init = new SchedulerInitializer();
init.setPolicyFullClassName(policy);
allowNullInit = true;
SchedulerAuthenticationInterface sai = startLocal(rmURL, init);
allowNullInit = false;
return sai;
}
Also used :
SchedulerAuthenticationInterface(org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface)
Example 14 with SchedulerAuthenticationInterface
use of org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface in project scheduling by ow2-proactive.
the class SchedulerFactory method createScheduler.
/**
* Create a new scheduler on the local host plugged on the given resource manager.<br>
* This constructor also requires the credentials of the client to connect.<br><br>
* It will return a client scheduler able to managed the scheduler.<br><br>
* <font color="red">WARNING :</font> this method provides a way to connect to the scheduler after its creation,
* BUT if the scheduler is restarting after failure, this method will create the scheduler
* but will throw a SchedulerException due to the failure of client connection.<br>
* In fact, while the scheduler is restarting after a crash, no one can connect it during the whole restore process.<br><br>
* In any other case, the method will block until connection is allowed or error occurred.
*
* @param rmURL the resource manager URL on which the scheduler will connect
* @param policyFullClassName the full policy class name for the scheduler.
* @return a scheduler interface to manage the scheduler.
* @throws SchedulerException if the scheduler cannot be created.
* @throws AdminSchedulerException if a client connection exception occurs.
* @throws LoginException if a user login/password exception occurs.
*/
public static Scheduler createScheduler(Credentials creds, URI rmURL, String policyFullClassName) throws AdminSchedulerException, SchedulerException, LoginException {
createScheduler(rmURL, policyFullClassName);
SchedulerAuthenticationInterface auth = SchedulerConnection.waitAndJoin(null);
return auth.login(creds);
}
Also used :
SchedulerAuthenticationInterface(org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface)
Example 15 with SchedulerAuthenticationInterface
use of org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface in project scheduling by ow2-proactive.
the class SchedulerFactory method startLocal.
/**
* Creates and starts a Scheduler on the local host using the given initializer to configure it.
* Only one Scheduler can be started by JVM.
*
* @param rmURL the URL of a started Resource Manager
* @param initializer Use to configure the Scheduler before starting it.
* This parameter cannot be null.
*
* @return a Scheduler authentication that allow you to administer it or get its connection URL.
*
* @throws InternalSchedulerException If Scheduler cannot be created
*/
public static synchronized SchedulerAuthenticationInterface startLocal(URI rmURL, SchedulerInitializer initializer) throws InternalSchedulerException {
if (!schedulerStarted) {
if (!allowNullInit) {
if (initializer != null) {
// configure application
configure(initializer);
} else {
throw new IllegalArgumentException("Initializer cannot be null!");
}
}
if (rmURL == null) {
throw new IllegalArgumentException("RM url is null!");
}
try {
String policy = initializer.getPolicyFullClassName();
// start scheduler
createScheduler(rmURL, policy);
SchedulerAuthenticationInterface sai = SchedulerConnection.waitAndJoin(null);
schedulerStarted = true;
return sai;
} catch (Exception e) {
throw new InternalSchedulerException(e);
}
} else {
throw new InternalSchedulerException("Scheduler already localy running");
}
}
Also used :
InternalSchedulerException(org.ow2.proactive.scheduler.common.exception.InternalSchedulerException)
SchedulerAuthenticationInterface(org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface)
LoginException(javax.security.auth.login.LoginException)
ActiveObjectCreationException(org.objectweb.proactive.ActiveObjectCreationException)
AdminSchedulerException(org.ow2.proactive.scheduler.exception.AdminSchedulerException)
InternalSchedulerException(org.ow2.proactive.scheduler.common.exception.InternalSchedulerException)
SchedulerException(org.ow2.proactive.scheduler.common.exception.SchedulerException)
RMException(org.ow2.proactive.resourcemanager.exception.RMException)
Aggregations
SchedulerAuthenticationInterface (org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface)22
Credentials (org.ow2.proactive.authentication.crypto.Credentials)15
CredData (org.ow2.proactive.authentication.crypto.CredData)13
KeyException (java.security.KeyException)7
PublicKey (java.security.PublicKey)7
Test (org.junit.Test)6
Scheduler (org.ow2.proactive.scheduler.common.Scheduler)6
LoginException (javax.security.auth.login.LoginException)5
JobId (org.ow2.proactive.scheduler.common.job.JobId)5
InternalSchedulerException (org.ow2.proactive.scheduler.common.exception.InternalSchedulerException)4
HashMap (java.util.HashMap)3
JMXConnector (javax.management.remote.JMXConnector)3
JMXServiceURL (javax.management.remote.JMXServiceURL)3
NotConnectedException (org.ow2.proactive.scheduler.common.exception.NotConnectedException)3
MBeanServerConnection (javax.management.MBeanServerConnection)2
ObjectName (javax.management.ObjectName)2
UserData (org.ow2.proactive.authentication.UserData)2
AlreadyConnectedException (org.ow2.proactive.scheduler.common.exception.AlreadyConnectedException)2
ConnectionException (org.ow2.proactive.scheduler.common.exception.ConnectionException)2
PermissionException (org.ow2.proactive.scheduler.common.exception.PermissionException)2
