Search in sources :

Example 11 with SchedulerAuthenticationInterface

use of org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface in project scheduling by ow2-proactive.

the class SchedulerJMXTest method action.

@Test
public void action() throws Exception {
    final String userLogin = TestUsers.DEMO.username;
    final String userPassword = TestUsers.DEMO.password;
    final String adminLogin = TestUsers.TEST.username;
    final String adminPassword = TestUsers.TEST.password;
    final SchedulerAuthenticationInterface auth = schedulerHelper.getSchedulerAuth();
    final PublicKey pubKey = auth.getPublicKey();
    // final Credentials userCreds =
    // Credentials.createCredentials(userLogin, userPassword, pubKey);
    final Credentials adminCreds = Credentials.createCredentials(new CredData(adminLogin, adminPassword), pubKey);
    final JMXServiceURL jmxRmiServiceURL = new JMXServiceURL(auth.getJMXConnectorURL(JMXTransportProtocol.RMI));
    final JMXServiceURL jmxRoServiceURL = new JMXServiceURL(auth.getJMXConnectorURL(JMXTransportProtocol.RO));
    final ObjectName allAccountsMBeanName = new ObjectName(SchedulerJMXHelper.ALLACCOUNTS_MBEAN_NAME);
    final ObjectName myAccountMBeanName = new ObjectName(SchedulerJMXHelper.MYACCOUNT_MBEAN_NAME);
    final ObjectName runtimeDataMBeanName = new ObjectName(SchedulerJMXHelper.RUNTIMEDATA_MBEAN_NAME);
    final ObjectName managementMBeanName = new ObjectName(SchedulerJMXHelper.MANAGEMENT_MBEAN_NAME);
    final String suffix = "/" + PASchedulerProperties.SCHEDULER_JMX_CONNECTOR_NAME.getValueAsString();
    {
        RMTHelper.log("Test jmxRmiServiceURL is well formed");
        assertTrue("The jmxRmiServiceURL protocol must be rmi", jmxRmiServiceURL.getProtocol().equals("rmi"));
        assertTrue("The jmxRmiServiceURL URLPath must end with " + suffix, jmxRmiServiceURL.getURLPath().endsWith(suffix));
    }
    {
        RMTHelper.log("Test jmxRoServiceURL is well formed");
        assertTrue("The jmxRoServiceURL protocol must be ro", jmxRoServiceURL.getProtocol().equals("ro"));
        assertTrue("The jmxRoServiceURL URLPath must end with " + suffix, jmxRoServiceURL.getURLPath().endsWith(suffix));
    }
    {
        log("Test jmxRmiServiceURL and jmxRoServiceURL are not equal");
        Assert.assertFalse("The jmxRmiServiceURL and jmxRoServiceURL must not be equal", jmxRmiServiceURL.equals(jmxRoServiceURL));
    }
    {
        log("Test invalid JMX auth without creds (expect SecurityException)");
        try {
            JMXConnectorFactory.connect(jmxRmiServiceURL, new HashMap<String, Object>(0));
        } catch (Exception e) {
            assertTrue("JMX auth must throw SecurityException if a client tries to connect without creds in the " + "env", e instanceof SecurityException);
        }
    }
    {
        log("Test invalid JMX auth with null login/password creds (expect SecurityException)");
        // Create the environment
        final HashMap<String, Object> env = new HashMap<String, Object>(1);
        env.put(JMXConnector.CREDENTIALS, new Object[] { null, null });
        try {
            JMXConnectorFactory.connect(jmxRmiServiceURL, env);
        } catch (Exception e) {
            assertTrue("JMX auth must throw SecurityException if a client tries to connect with null credentials" + " the env", e instanceof SecurityException);
        }
    }
    {
        log("Test invalid JMX auth with bad login/password creds");
        // Create the environment
        final HashMap<String, Object> env = new HashMap<>(1);
        env.put(JMXConnector.CREDENTIALS, new Object[] { "abra", "cadabra" });
        try {
            JMXConnectorFactory.connect(jmxRmiServiceURL, env);
        } catch (Exception e) {
            assertTrue("JMX auth must throw SecurityException if a client tries to connect with bad " + "login/password credentials the env", e instanceof SecurityException);
        }
    }
    // Tests as user over RMI
    {
        log("Test as user 1 - Auth with login/pass over RMI and check connection");
        // Create the environment
        final HashMap<String, Object> env = new HashMap<>(1);
        env.put(JMXConnector.CREDENTIALS, new Object[] { userLogin, userPassword });
        // Connect to the JMX RMI Connector Server
        final JMXConnector jmxConnector = JMXConnectorFactory.connect(jmxRmiServiceURL, env);
        final MBeanServerConnection conn = jmxConnector.getMBeanServerConnection();
        // Check that the MBean Server connection is not null
        assertNotNull("Unable to obtain the MBean server connection over RMI", conn);
        log("Test as user 2 - Check all mbeans are registered in the server");
        assertTrue("AllAccountsMBean is not registered", conn.isRegistered(allAccountsMBeanName));
        assertTrue("MyAccountMBean is not registered", conn.isRegistered(myAccountMBeanName));
        assertTrue("RuntimeDataMBean is not registered", conn.isRegistered(runtimeDataMBeanName));
        assertTrue("ManagementMBean is not registered", conn.isRegistered(managementMBeanName));
        log("Test as user 3 - Check MyAccountMBean attributes do not throw exceptions");
        final MBeanInfo info = conn.getMBeanInfo(myAccountMBeanName);
        for (final MBeanAttributeInfo att : info.getAttributes()) {
            final String attName = att.getName();
            try {
                conn.getAttribute(myAccountMBeanName, attName);
            } catch (Exception e) {
                fail("The attribute " + attName + " of MyAccountMBean must not throw " + e);
            }
        }
        log("Test as user 4 - Check RuntimeDataMBeanName attributes are correct");
        final String[] attributesToCheck = new String[] { "Status", "TotalJobsCount", "FinishedJobsCount", "TotalTasksCount", "FinishedTasksCount" };
        // Get all attributes to test BEFORE JOB SUBMISSION
        AttributeList list = conn.getAttributes(runtimeDataMBeanName, attributesToCheck);
        // Status
        Attribute att = (Attribute) list.get(0);
        Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", "Started", att.getValue());
        // TotalJobsCount
        att = (Attribute) list.get(1);
        Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 0, att.getValue());
        // FinishedJobsCount
        att = (Attribute) list.get(2);
        Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 0, att.getValue());
        // NumberOfTasksCount
        att = (Attribute) list.get(3);
        Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 0, att.getValue());
        // FinishedTasksCount
        att = (Attribute) list.get(4);
        Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 0, att.getValue());
        // Create a job then submit it to the scheduler
        final int taskPerJob = 2;
        final TaskFlowJob job = new TaskFlowJob();
        for (int i = 0; i < taskPerJob; i++) {
            JavaTask task = new JavaTask();
            task.setName("" + i);
            task.setExecutableClassName(WaitAndPrint.class.getName());
            task.addArgument("sleepTime", "1");
            job.addTask(task);
        }
        // log as admin since its creds are already available
        final JobId id = schedulerHelper.submitJob(job);
        schedulerHelper.waitForEventJobFinished(id);
        // Get all attributes to test AFTER JOB EXECUTION
        list = conn.getAttributes(runtimeDataMBeanName, attributesToCheck);
        // Check SchedulerStatus
        att = (Attribute) list.get(0);
        Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", "Started", att.getValue());
        // Check TotalNumberOfJobs
        att = (Attribute) list.get(1);
        Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 1, att.getValue());
        // Check NumberOfFinishedJobs
        att = (Attribute) list.get(2);
        Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", 1, att.getValue());
        // Check TotalNumberOfTasks
        att = (Attribute) list.get(3);
        Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", taskPerJob, att.getValue());
        // Check NumberOfFinishedTasks
        att = (Attribute) list.get(4);
        Assert.assertEquals("Incorrect value of " + att.getName() + " attribute", taskPerJob, att.getValue());
        jmxConnector.close();
    }
    // Test as admin over RO
    {
        log("Test as admin 1, auth with login/creds over RO and check connection");
        // Create the environment
        final HashMap<String, Object> env = new HashMap<>(1);
        env.put(JMXConnector.CREDENTIALS, new Object[] { adminLogin, adminCreds });
        env.put(JMXConnectorFactory.PROTOCOL_PROVIDER_PACKAGES, JMXProviderUtils.RO_PROVIDER_PKGS);
        // Connect to the JMX RO Connector Server
        final JMXConnector jmxConnector = JMXConnectorFactory.connect(jmxRoServiceURL, env);
        final MBeanServerConnection conn = jmxConnector.getMBeanServerConnection();
        // Check that the MBean Server connection is not null
        assertNotNull("Unable to obtain the MBean server connection over RO", conn);
        log("Test as admin 2 - Check ManagementMBean is registered in the MBean server");
        assertTrue("ManagementMBean is not registered", conn.isRegistered(managementMBeanName));
        RMTHelper.log("Test as admin 3 - Check ManagementMBean attributes do not throw exception");
        final MBeanInfo mInfo = conn.getMBeanInfo(managementMBeanName);
        for (final MBeanAttributeInfo att : mInfo.getAttributes()) {
            final String attName = att.getName();
            try {
                conn.getAttribute(managementMBeanName, attName);
            } catch (Exception e) {
                fail("The attribute " + attName + " of ManagementMBean must not throw " + e);
            }
        }
        RMTHelper.log("Test as admin 4 - Check AllAccountsMBean Username attribute");
        final String username = "Username";
        try {
            conn.setAttribute(allAccountsMBeanName, new Attribute(username, adminLogin));
        } catch (Exception e) {
            fail("Setting Username attribute of the AllAccountsMBean must not throw " + e);
        }
        String res = "";
        try {
            res = (String) conn.getAttribute(allAccountsMBeanName, username);
        } catch (Exception e) {
            fail("The attribute " + username + " of AllAccountsMBean must not throw " + e);
        }
        assertTrue("The attribute " + username + " of returns incorrect value", res.equals(adminLogin));
        jmxConnector.close();
    }
    // Test simultaneous RMI and RO connections
    {
        log("Test simultaneous JMX-RMI and JMX-RO connections as admin");
        final HashMap<String, Object> env = new HashMap<>(1);
        env.put(JMXConnector.CREDENTIALS, new Object[] { adminLogin, adminCreds });
        // Connect to the JMX-RMI Connector Server
        final JMXConnector jmxRmiConnector = JMXConnectorFactory.connect(jmxRmiServiceURL, env);
        final MBeanServerConnection conRmi = jmxRmiConnector.getMBeanServerConnection();
        // Connect to the JMX-RO Connector Server
        env.put(JMXConnectorFactory.PROTOCOL_PROVIDER_PACKAGES, JMXProviderUtils.RO_PROVIDER_PKGS);
        final JMXConnector jmxRoConnector1 = JMXConnectorFactory.connect(jmxRoServiceURL, env);
        final MBeanServerConnection conRo = jmxRoConnector1.getMBeanServerConnection();
        Assert.assertFalse("In case of simultaneous RMI and RO JMX connections they must not be equal", conRmi.equals(conRo));
        Assert.assertFalse("In case of simultaneous RMI and RO JMX connections the connectors must not provide the same connection ids", jmxRmiConnector.getConnectionId().equals(jmxRoConnector1.getConnectionId()));
        log("Test JMX-RO connection unicity (two connections over RO must not have the same id)");
        final JMXConnector jmxRoConnector2 = JMXConnectorFactory.connect(jmxRoServiceURL, env);
        Assert.assertFalse("In case of multiple RO JMX connections the connectors must not provide the same connection ids", jmxRoConnector1.getConnectionId().equals(jmxRoConnector2.getConnectionId()));
        // Close all connectors
        jmxRoConnector2.close();
        jmxRoConnector1.close();
        jmxRmiConnector.close();
    }
    // Test Helper class
    {
        log("Test JMXClientHelper as admin over RMI with connect() method");
        final JMXClientHelper client = new JMXClientHelper(auth, new Object[] { adminLogin, adminCreds });
        // default is over
        final boolean isConnected1 = client.connect();
        // RMI
        assertTrue("Unable to connect, exception is " + client.getLastException(), isConnected1);
        assertTrue("Incorrect default behavior of connect() method it must use RMI protocol", client.getConnector().getConnectionId().startsWith("rmi"));
        client.disconnect();
        Assert.assertFalse("The helper disconnect() must set the helper as disconnected", client.isConnected());
        final boolean isConnected2 = client.connect(JMXTransportProtocol.RO);
        assertTrue("Unable to connect, exception is " + client.getLastException(), isConnected2);
        assertTrue("The helper connect(JMXTransportProtocol.RO) method must use RO protocol", client.getConnector().getConnectionId().startsWith("ro"));
        client.disconnect();
        Assert.assertFalse("The helper disconnect() must set the helper as disconnected", client.isConnected());
    }
}
Also used : JMXServiceURL(javax.management.remote.JMXServiceURL) HashMap(java.util.HashMap) PublicKey(java.security.PublicKey) TaskFlowJob(org.ow2.proactive.scheduler.common.job.TaskFlowJob) CredData(org.ow2.proactive.authentication.crypto.CredData) SchedulerAuthenticationInterface(org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface) JavaTask(org.ow2.proactive.scheduler.common.task.JavaTask) JMXConnector(javax.management.remote.JMXConnector) JMXClientHelper(org.ow2.proactive.jmx.JMXClientHelper) Credentials(org.ow2.proactive.authentication.crypto.Credentials) JobId(org.ow2.proactive.scheduler.common.job.JobId) Test(org.junit.Test)

Example 12 with SchedulerAuthenticationInterface

use of org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface in project scheduling by ow2-proactive.

the class SchedulerAuthenticationGUIHelper method login.

/**
 * This method will log a client to the scheduler by requesting his URL, username and password from a
 * graphical interface.
 *
 * @param schedulerURL The default URL of the scheduler to connect
 * @return The connection to the scheduler as a {@link Scheduler} if logging successful.
 * 			If the username is empty or if the user cancel the authentication, this method will return null.
 * @throws LoginException If a problem occurs while logging the user.
 * @throws SchedulerException If a problem occurs at scheduler level.
 */
public static Scheduler login(String schedulerURL) throws LoginException, SchedulerException {
    AuthResultContainer auth = connect(schedulerURL);
    if (auth == null) {
        return null;
    } else {
        SchedulerAuthenticationInterface schedAuth = auth.getAuth();
        Credentials cred = null;
        try {
            cred = Credentials.createCredentials(new CredData(CredData.parseLogin(auth.getUsername()), CredData.parseDomain(auth.getUsername()), auth.getPassword()), schedAuth.getPublicKey());
        } catch (LoginException e) {
            throw new LoginException("Could not retrieve public key from Scheduler " + schedulerURL + ", contact the administrator" + e);
        } catch (KeyException e) {
            throw new LoginException("Could not encrypt credentials " + e);
        }
        return schedAuth.login(cred);
    }
}
Also used : CredData(org.ow2.proactive.authentication.crypto.CredData) LoginException(javax.security.auth.login.LoginException) Credentials(org.ow2.proactive.authentication.crypto.Credentials) KeyException(java.security.KeyException)

Example 13 with SchedulerAuthenticationInterface

use of org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface in project scheduling by ow2-proactive.

the class SchedulerFactory method startLocal.

/**
 * Creates and starts a Scheduler on the local host.
 * This call considered that the JVM is correctly configured for starting Scheduler.
 * The "pa.scheduler.home" and required JVM properties MUST be set.
 *
 * @param rmURL the URL of a started Resource Manager
 * @param policy the full class name of the Scheduling policy to use.
 *
 * @return a Scheduler authentication that allow you to administer the Scheduler or get its connection URL.
 *
 * @throws ActiveObjectCreationException If Scheduler cannot be created
 */
public static SchedulerAuthenticationInterface startLocal(URI rmURL, String policy) throws Exception {
    SchedulerInitializer init = new SchedulerInitializer();
    init.setPolicyFullClassName(policy);
    allowNullInit = true;
    SchedulerAuthenticationInterface sai = startLocal(rmURL, init);
    allowNullInit = false;
    return sai;
}
Also used : SchedulerAuthenticationInterface(org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface)

Example 14 with SchedulerAuthenticationInterface

use of org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface in project scheduling by ow2-proactive.

the class SchedulerFactory method createScheduler.

/**
 * Create a new scheduler on the local host plugged on the given resource manager.<br>
 * This constructor also requires the credentials of the client to connect.<br><br>
 * It will return a client scheduler able to managed the scheduler.<br><br>
 * <font color="red">WARNING :</font> this method provides a way to connect to the scheduler after its creation,
 * BUT if the scheduler is restarting after failure, this method will create the scheduler
 * but will throw a SchedulerException due to the failure of client connection.<br>
 * In fact, while the scheduler is restarting after a crash, no one can connect it during the whole restore process.<br><br>
 * In any other case, the method will block until connection is allowed or error occurred.
 *
 * @param rmURL the resource manager URL on which the scheduler will connect
 * @param policyFullClassName the full policy class name for the scheduler.
 * @return a scheduler interface to manage the scheduler.
 * @throws SchedulerException if the scheduler cannot be created.
 * @throws AdminSchedulerException if a client connection exception occurs.
 * @throws LoginException if a user login/password exception occurs.
 */
public static Scheduler createScheduler(Credentials creds, URI rmURL, String policyFullClassName) throws AdminSchedulerException, SchedulerException, LoginException {
    createScheduler(rmURL, policyFullClassName);
    SchedulerAuthenticationInterface auth = SchedulerConnection.waitAndJoin(null);
    return auth.login(creds);
}
Also used : SchedulerAuthenticationInterface(org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface)

Example 15 with SchedulerAuthenticationInterface

use of org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface in project scheduling by ow2-proactive.

the class SchedulerFactory method startLocal.

/**
 * Creates and starts a Scheduler on the local host using the given initializer to configure it.
 * Only one Scheduler can be started by JVM.
 *
 * @param rmURL the URL of a started Resource Manager
 * @param initializer Use to configure the Scheduler before starting it.
 * 		This parameter cannot be null.
 *
 * @return a Scheduler authentication that allow you to administer it or get its connection URL.
 *
 * @throws InternalSchedulerException If Scheduler cannot be created
 */
public static synchronized SchedulerAuthenticationInterface startLocal(URI rmURL, SchedulerInitializer initializer) throws InternalSchedulerException {
    if (!schedulerStarted) {
        if (!allowNullInit) {
            if (initializer != null) {
                // configure application
                configure(initializer);
            } else {
                throw new IllegalArgumentException("Initializer cannot be null!");
            }
        }
        if (rmURL == null) {
            throw new IllegalArgumentException("RM url is null!");
        }
        try {
            String policy = initializer.getPolicyFullClassName();
            // start scheduler
            createScheduler(rmURL, policy);
            SchedulerAuthenticationInterface sai = SchedulerConnection.waitAndJoin(null);
            schedulerStarted = true;
            return sai;
        } catch (Exception e) {
            throw new InternalSchedulerException(e);
        }
    } else {
        throw new InternalSchedulerException("Scheduler already localy running");
    }
}
Also used : InternalSchedulerException(org.ow2.proactive.scheduler.common.exception.InternalSchedulerException) SchedulerAuthenticationInterface(org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface) LoginException(javax.security.auth.login.LoginException) ActiveObjectCreationException(org.objectweb.proactive.ActiveObjectCreationException) AdminSchedulerException(org.ow2.proactive.scheduler.exception.AdminSchedulerException) InternalSchedulerException(org.ow2.proactive.scheduler.common.exception.InternalSchedulerException) SchedulerException(org.ow2.proactive.scheduler.common.exception.SchedulerException) RMException(org.ow2.proactive.resourcemanager.exception.RMException)

Aggregations

SchedulerAuthenticationInterface (org.ow2.proactive.scheduler.common.SchedulerAuthenticationInterface)22 Credentials (org.ow2.proactive.authentication.crypto.Credentials)15 CredData (org.ow2.proactive.authentication.crypto.CredData)13 KeyException (java.security.KeyException)7 PublicKey (java.security.PublicKey)7 Test (org.junit.Test)6 Scheduler (org.ow2.proactive.scheduler.common.Scheduler)6 LoginException (javax.security.auth.login.LoginException)5 JobId (org.ow2.proactive.scheduler.common.job.JobId)5 InternalSchedulerException (org.ow2.proactive.scheduler.common.exception.InternalSchedulerException)4 HashMap (java.util.HashMap)3 JMXConnector (javax.management.remote.JMXConnector)3 JMXServiceURL (javax.management.remote.JMXServiceURL)3 NotConnectedException (org.ow2.proactive.scheduler.common.exception.NotConnectedException)3 MBeanServerConnection (javax.management.MBeanServerConnection)2 ObjectName (javax.management.ObjectName)2 UserData (org.ow2.proactive.authentication.UserData)2 AlreadyConnectedException (org.ow2.proactive.scheduler.common.exception.AlreadyConnectedException)2 ConnectionException (org.ow2.proactive.scheduler.common.exception.ConnectionException)2 PermissionException (org.ow2.proactive.scheduler.common.exception.PermissionException)2