Examples with Decrypter org.ow2.proactive.scheduler.task.utils.Decrypter used on opensource projects
Example 16 with Decrypter
use of org.ow2.proactive.scheduler.task.utils.Decrypter in project scheduling by ow2-proactive.
the class ForkerUtils method checkConfigAndGetUser.
/**
* If the process must be run under a specific user,
* check the configuration of '{@value #FORK_METHOD_KEY}' property and proceed as follow:
* <ul>
* <li><b>if {@value #FORK_METHOD_KEY}=none :</b> throws IllegalAccessException</li>
* <li><b>if {@value #FORK_METHOD_KEY}=pwd :</b> return the user using its login and password</li>
* <li><b>if {@value #FORK_METHOD_KEY}=key :</b> return the user using its ssh key</li>
* </ul>
*
* @param taskContext the task context.
* @return the OSUser to be passed to the OSPRocess if node fork method is configured.
* @throws IllegalAccessException if the node configuration method is not compatible with incoming credentials
* @throws KeyException decryption failure, malformed data
* @throws IllegalArgumentException if decrypter is null
* @throws IllegalAccessException if node fork method is not set
*/
public OSUser checkConfigAndGetUser(TaskContext taskContext) throws IllegalAccessException, KeyException {
Decrypter decrypter = taskContext.getDecrypter();
Map<String, String> genericInformation = taskContext.getInitializer().getGenericInformation();
if (decrypter != null) {
CredData data = decrypter.decrypt();
OSUser u;
switch(getForkMethod(genericInformation)) {
case NONE:
u = new OSUser(getLogin(data, genericInformation));
u.setDomain(getDomain(data, genericInformation));
return u;
case PWD:
String password = getPassword(data, genericInformation, data.getThirdPartyCredentials());
if (password == null) {
throw new IllegalAccessException("Password not found in Credentials, cannot fork using password");
}
u = new OSUser(getLogin(data, genericInformation), password);
u.setDomain(getDomain(data, genericInformation));
return u;
case KEY:
byte[] key = getKey(data, genericInformation, data.getThirdPartyCredentials());
if (key == null) {
throw new IllegalAccessException("SSH key not found in Credentials, cannot fork using ssh Key");
}
u = new OSUser(getLogin(data, genericInformation), key);
u.setDomain(getDomain(data, genericInformation));
return u;
default:
throw new IllegalAccessException("Cannot fork under " + data.getLogin() + ", Property " + FORK_METHOD_KEY + " is not configured.");
}
} else {
throw new IllegalArgumentException("Decrypter cannot be null");
}
}Example 17 with Decrypter
use of org.ow2.proactive.scheduler.task.utils.Decrypter in project scheduling by ow2-proactive.
the class ForkedTaskExecutorTest method runAsMe_userDoesNotExist.
@Test
public void runAsMe_userDoesNotExist() throws Throwable {
TestTaskOutput taskOutput = new TestTaskOutput();
Decrypter decrypter = createCredentials("somebody_that_does_not_exists");
ForkedTaskExecutor taskExecutor = new ForkedTaskExecutor(tmpFolder.newFolder());
TaskLauncherInitializer initializer = new TaskLauncherInitializer();
initializer.setTaskId((TaskIdImpl.createTaskId(JobIdImpl.makeJobId("1000"), "job", 1000L)));
ScriptExecutableContainer container = new ScriptExecutableContainer(new TaskScript(new SimpleScript("print('hello'); result='hello'", "javascript")));
container.setRunAsUser(true);
TaskContext taskContext = new TaskContext(container, initializer, null, new NodeDataSpacesURIs("", "", "", "", "", ""), "", new NodeInfo("", "", "", ""), decrypter);
TaskResultImpl result = taskExecutor.execute(taskContext, taskOutput.outputStream, taskOutput.error);
assertNotNull(result.getException());
}
Also used :
TaskScript(org.ow2.proactive.scripting.TaskScript)
TaskContext(org.ow2.proactive.scheduler.task.context.TaskContext)
TaskResultImpl(org.ow2.proactive.scheduler.task.TaskResultImpl)
NodeInfo(org.ow2.proactive.scheduler.task.context.NodeInfo)
ForkedTaskExecutor(org.ow2.proactive.scheduler.task.executors.ForkedTaskExecutor)
SimpleScript(org.ow2.proactive.scripting.SimpleScript)
Decrypter(org.ow2.proactive.scheduler.task.utils.Decrypter)
ScriptExecutableContainer(org.ow2.proactive.scheduler.task.containers.ScriptExecutableContainer)
NodeDataSpacesURIs(org.ow2.proactive.scheduler.task.context.NodeDataSpacesURIs)
TestTaskOutput(org.ow2.proactive.scheduler.task.TestTaskOutput)
TaskLauncherInitializer(org.ow2.proactive.scheduler.task.TaskLauncherInitializer)
Test(org.junit.Test)
Example 18 with Decrypter
use of org.ow2.proactive.scheduler.task.utils.Decrypter in project scheduling by ow2-proactive.
the class TaskLauncherTest method taskLogsAreNotCopiedToUserSpace_PreciousLogsDisabled.
@Test
public void taskLogsAreNotCopiedToUserSpace_PreciousLogsDisabled() throws Exception {
ScriptExecutableContainer executableContainer = new ScriptExecutableContainer(new TaskScript(new SimpleScript("print('hello'); result='hello'", "groovy")));
TaskLauncherInitializer initializer = new TaskLauncherInitializer();
initializer.setPreciousLogs(false);
initializer.setTaskId(TaskIdImpl.createTaskId(JobIdImpl.makeJobId("1000"), "job", 1000L));
final TaskDataspaces dataspacesMock = mock(TaskDataspaces.class);
when(dataspacesMock.getScratchFolder()).thenReturn(tmpFolder.newFolder());
runTaskLauncher(createLauncherWithInjectedMocks(initializer, new TestTaskLauncherFactory() {
@Override
public TaskDataspaces createTaskDataspaces(TaskId taskId, NamingService namingService, boolean isRunAsUser, Decrypter decrypter, TaskLogger taskLogger) {
return dataspacesMock;
}
}), executableContainer);
verify(dataspacesMock, times(1)).copyScratchDataToOutput(Matchers.<List<OutputSelector>>any());
}
Also used :
TaskScript(org.ow2.proactive.scripting.TaskScript)
TaskId(org.ow2.proactive.scheduler.common.task.TaskId)
OutputSelector(org.ow2.proactive.scheduler.common.task.dataspaces.OutputSelector)
TaskDataspaces(org.ow2.proactive.scheduler.task.data.TaskDataspaces)
NamingService(org.objectweb.proactive.extensions.dataspaces.core.naming.NamingService)
SimpleScript(org.ow2.proactive.scripting.SimpleScript)
ScriptExecutableContainer(org.ow2.proactive.scheduler.task.containers.ScriptExecutableContainer)
Decrypter(org.ow2.proactive.scheduler.task.utils.Decrypter)
Test(org.junit.Test)
Example 19 with Decrypter
use of org.ow2.proactive.scheduler.task.utils.Decrypter in project scheduling by ow2-proactive.
the class TaskLauncherTest method taskLogsAreCopiedToUserSpace.
@Test
public void taskLogsAreCopiedToUserSpace() throws Exception {
ScriptExecutableContainer executableContainer = new ScriptExecutableContainer(new TaskScript(new SimpleScript("print('hello'); result='hello'", "groovy")));
TaskLauncherInitializer initializer = new TaskLauncherInitializer();
initializer.setPreciousLogs(true);
initializer.setTaskId(TaskIdImpl.createTaskId(JobIdImpl.makeJobId("1000"), "job", 1000L));
final TaskDataspaces dataspacesMock = mock(TaskDataspaces.class);
when(dataspacesMock.getScratchFolder()).thenReturn(tmpFolder.newFolder());
runTaskLauncher(createLauncherWithInjectedMocks(initializer, new TestTaskLauncherFactory() {
@Override
public TaskDataspaces createTaskDataspaces(TaskId taskId, NamingService namingService, boolean isRunAsUser, Decrypter decrypter, TaskLogger taskLogger) {
return dataspacesMock;
}
}), executableContainer);
verify(dataspacesMock, times(2)).copyScratchDataToOutput(Matchers.<List<OutputSelector>>any());
}
Also used :
TaskScript(org.ow2.proactive.scripting.TaskScript)
TaskId(org.ow2.proactive.scheduler.common.task.TaskId)
OutputSelector(org.ow2.proactive.scheduler.common.task.dataspaces.OutputSelector)
TaskDataspaces(org.ow2.proactive.scheduler.task.data.TaskDataspaces)
NamingService(org.objectweb.proactive.extensions.dataspaces.core.naming.NamingService)
SimpleScript(org.ow2.proactive.scripting.SimpleScript)
ScriptExecutableContainer(org.ow2.proactive.scheduler.task.containers.ScriptExecutableContainer)
Decrypter(org.ow2.proactive.scheduler.task.utils.Decrypter)
Test(org.junit.Test)
Example 20 with Decrypter
use of org.ow2.proactive.scheduler.task.utils.Decrypter in project scheduling by ow2-proactive.
the class SchedulingService method addThirdPartyCredentials.
/**
* Create a new Credential object containing users' 3rd Party Credentials.
*
* @param creds credentials for specific user
* @return in case of success new object containing the 3rd party credentials used to create bindings
* at clean script
*/
Credentials addThirdPartyCredentials(Credentials creds) throws KeyException, IllegalAccessException {
// retrieve scheduler key pair
String privateKeyPath = PASchedulerProperties.getAbsolutePath(PASchedulerProperties.SCHEDULER_AUTH_PRIVKEY_PATH.getValueAsString());
String publicKeyPath = PASchedulerProperties.getAbsolutePath(PASchedulerProperties.SCHEDULER_AUTH_PUBKEY_PATH.getValueAsString());
// get keys from task
PrivateKey privateKey = Credentials.getPrivateKey(privateKeyPath);
PublicKey publicKey = Credentials.getPublicKey(publicKeyPath);
// retrieve the current creData from task
CredData credData = creds.decrypt(privateKey);
// retrive database to get third party credentials from
SchedulerDBManager dbManager = getInfrastructure().getDBManager();
if (dbManager != null) {
Map<String, HybridEncryptedData> thirdPartyCredentials = dbManager.thirdPartyCredentialsMap(credData.getLogin());
if (thirdPartyCredentials == null) {
logger.error("Failed to retrieve Third Party Credentials!");
throw new KeyException("Failed to retrieve thirdPartyCredentials!");
} else {
// cycle third party credentials, add one-by-one to the decrypter
for (Map.Entry<String, HybridEncryptedData> thirdPartyCredential : thirdPartyCredentials.entrySet()) {
String decryptedValue = HybridEncryptionUtil.decryptString(thirdPartyCredential.getValue(), privateKey);
credData.addThirdPartyCredential(thirdPartyCredential.getKey(), decryptedValue);
}
}
}
return Credentials.createCredentials(credData, publicKey);
}
Also used :
PrivateKey(java.security.PrivateKey)
HybridEncryptedData(org.ow2.proactive.authentication.crypto.HybridEncryptionUtil.HybridEncryptedData)
PublicKey(java.security.PublicKey)
SchedulerDBManager(org.ow2.proactive.scheduler.core.db.SchedulerDBManager)
CredData(org.ow2.proactive.authentication.crypto.CredData)
Map(java.util.Map)
KeyException(java.security.KeyException)
Aggregations
Decrypter (org.ow2.proactive.scheduler.task.utils.Decrypter)16
Test (org.junit.Test)9
ScriptExecutableContainer (org.ow2.proactive.scheduler.task.containers.ScriptExecutableContainer)9
CredData (org.ow2.proactive.authentication.crypto.CredData)7
NodeDataSpacesURIs (org.ow2.proactive.scheduler.task.context.NodeDataSpacesURIs)7
NodeInfo (org.ow2.proactive.scheduler.task.context.NodeInfo)7
TaskContext (org.ow2.proactive.scheduler.task.context.TaskContext)7
SimpleScript (org.ow2.proactive.scripting.SimpleScript)6
TaskScript (org.ow2.proactive.scripting.TaskScript)6
TaskLauncherInitializer (org.ow2.proactive.scheduler.task.TaskLauncherInitializer)5
KeyPair (java.security.KeyPair)4
Credentials (org.ow2.proactive.authentication.crypto.Credentials)4
TaskDataspaces (org.ow2.proactive.scheduler.task.data.TaskDataspaces)4
VariablesMap (org.ow2.proactive.scheduler.task.utils.VariablesMap)4
ScriptHandler (org.ow2.proactive.scripting.ScriptHandler)4
Serializable (java.io.Serializable)3
KeyPairGenerator (java.security.KeyPairGenerator)3
SecureRandom (java.security.SecureRandom)3
HashMap (java.util.HashMap)3
NamingService (org.objectweb.proactive.extensions.dataspaces.core.naming.NamingService)3
