List of usage examples for org.apache.hadoop.security.alias JavaKeyStoreProvider SCHEME_NAME
String SCHEME_NAME
To view the source code for org.apache.hadoop.security.alias JavaKeyStoreProvider SCHEME_NAME.
Click Source Link
From source file:org.apache.atlas.CredentialProviderUtilityIT.java
License:Apache License
@Test public void testEnterValidValues() throws Exception { Path testPath = null;//from w ww. j a v a2 s .com try { testPath = new Path(Files.createTempDirectory("tempproviders").toString(), "test.jks"); } catch (IOException e) { e.printStackTrace(); } new File(testPath.toUri().getPath()).delete(); final Path finalTestPath = testPath; CredentialProviderUtility.textDevice = new CredentialProviderUtility.TextDevice() { @Override public void printf(String fmt, Object... params) { System.out.print(String.format(fmt, params)); } public String readLine(String fmt, Object... args) { return finalTestPath.toString(); } @Override public char[] readPassword(String fmt, Object... args) { return defaultPass; } }; CredentialProviderUtility.main(new String[] {}); String providerUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file/" + testPath.toUri(); Configuration conf = new Configuration(false); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, providerUrl); CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); CredentialProvider.CredentialEntry entry = provider .getCredentialEntry(SecurityProperties.KEYSTORE_PASSWORD_KEY); assertCredentialEntryCorrect(entry); entry = provider.getCredentialEntry(SecurityProperties.TRUSTSTORE_PASSWORD_KEY); assertCredentialEntryCorrect(entry); entry = provider.getCredentialEntry(SecurityProperties.SERVER_CERT_PASSWORD_KEY); assertCredentialEntryCorrect(entry); }
From source file:org.apache.atlas.CredentialProviderUtilityIT.java
License:Apache License
@Test public void testEnterEmptyValues() throws Exception { Path testPath = null;/* w ww . j a v a 2 s . c om*/ try { testPath = new Path(Files.createTempDirectory("tempproviders").toString(), "test.jks"); } catch (IOException e) { e.printStackTrace(); } new File(testPath.toUri().getPath()).delete(); final Path finalTestPath = testPath; CredentialProviderUtility.textDevice = new CredentialProviderUtility.TextDevice() { private Random random = new Random(); @Override public void printf(String fmt, Object... params) { System.out.print(String.format(fmt, params)); } public String readLine(String fmt, Object... args) { return finalTestPath.toString(); } @Override public char[] readPassword(String fmt, Object... args) { List<char[]> responses = new ArrayList<>(); responses.add(new char[0]); responses.add(defaultPass); int size = responses.size(); int item = random.nextInt(size); return responses.get(item); } }; CredentialProviderUtility.main(new String[] {}); String providerUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file/" + testPath.toUri(); Configuration conf = new Configuration(false); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, providerUrl); CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); CredentialProvider.CredentialEntry entry = provider .getCredentialEntry(SecurityProperties.KEYSTORE_PASSWORD_KEY); assertCredentialEntryCorrect(entry); entry = provider.getCredentialEntry(SecurityProperties.TRUSTSTORE_PASSWORD_KEY); assertCredentialEntryCorrect(entry); entry = provider.getCredentialEntry(SecurityProperties.SERVER_CERT_PASSWORD_KEY); assertCredentialEntryCorrect(entry); }
From source file:org.apache.atlas.CredentialProviderUtilityIT.java
License:Apache License
@Test public void testEnterMismatchedValues() throws Exception { Path testPath = null;/*from ww w .j a v a2 s . c o m*/ try { testPath = new Path(Files.createTempDirectory("tempproviders").toString(), "test.jks"); } catch (IOException e) { e.printStackTrace(); } new File(testPath.toUri().getPath()).delete(); final Path finalTestPath = testPath; CredentialProviderUtility.textDevice = new CredentialProviderUtility.TextDevice() { int i = 0; @Override public void printf(String fmt, Object... params) { System.out.print(String.format(fmt, params)); } public String readLine(String fmt, Object... args) { return finalTestPath.toString(); } @Override public char[] readPassword(String fmt, Object... args) { List<char[]> responses = new ArrayList<>(); responses.add(defaultPass); responses.add(new char[] { 'b', 'a', 'd', 'p', 'a', 's', 's' }); responses.add(defaultPass); int item = i % 3; i++; return responses.get(item); } }; CredentialProviderUtility.main(new String[] {}); String providerUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file/" + testPath.toUri(); Configuration conf = new Configuration(false); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, providerUrl); CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); CredentialProvider.CredentialEntry entry = provider .getCredentialEntry(SecurityProperties.KEYSTORE_PASSWORD_KEY); assertCredentialEntryCorrect(entry); entry = provider.getCredentialEntry(SecurityProperties.TRUSTSTORE_PASSWORD_KEY); assertCredentialEntryCorrect(entry); entry = provider.getCredentialEntry(SecurityProperties.SERVER_CERT_PASSWORD_KEY); assertCredentialEntryCorrect(entry); }
From source file:org.apache.atlas.CredentialProviderUtilityIT.java
License:Apache License
@Test public void testOverwriteValues() throws Exception { Path testPath = null;/*from ww w.j a v a 2s . c o m*/ try { testPath = new Path(Files.createTempDirectory("tempproviders").toString(), "test.jks"); } catch (IOException e) { e.printStackTrace(); } new File(testPath.toUri().getPath()).delete(); final Path finalTestPath = testPath; CredentialProviderUtility.textDevice = new CredentialProviderUtility.TextDevice() { @Override public void printf(String fmt, Object... params) { System.out.print(String.format(fmt, params)); } public String readLine(String fmt, Object... args) { return finalTestPath.toString(); } @Override public char[] readPassword(String fmt, Object... args) { return defaultPass; } }; CredentialProviderUtility.main(new String[] {}); // now attempt to overwrite values CredentialProviderUtility.textDevice = new CredentialProviderUtility.TextDevice() { int i = 0; @Override public void printf(String fmt, Object... params) { System.out.print(String.format(fmt, params)); } public String readLine(String fmt, Object... args) { return i++ == 0 ? finalTestPath.toString() : "y"; } @Override public char[] readPassword(String fmt, Object... args) { return new char[] { 'n', 'e', 'w', 'p', 'a', 's', 's' }; } }; CredentialProviderUtility.main(new String[] {}); String providerUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file/" + testPath.toUri(); Configuration conf = new Configuration(false); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, providerUrl); CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); char[] newpass = "newpass".toCharArray(); CredentialProvider.CredentialEntry entry = provider .getCredentialEntry(SecurityProperties.KEYSTORE_PASSWORD_KEY); assertCredentialEntryCorrect(entry, newpass); entry = provider.getCredentialEntry(SecurityProperties.TRUSTSTORE_PASSWORD_KEY); assertCredentialEntryCorrect(entry, newpass); entry = provider.getCredentialEntry(SecurityProperties.SERVER_CERT_PASSWORD_KEY); assertCredentialEntryCorrect(entry, newpass); }
From source file:org.apache.atlas.util.CredentialProviderUtility.java
License:Apache License
/**\ * Returns a credential provider for the entered JKS path. * @param textDevice the system console. * @return the Credential provider// w w w . j a v a2 s . c o m * @throws IOException */ private static CredentialProvider getCredentialProvider(TextDevice textDevice) throws IOException { String providerPath = textDevice.readLine("Please enter the full path to the credential provider:"); File file = new File(providerPath); if (file.exists()) { textDevice.printf("%s already exists. You will need to specify whether existing entries should be " + "overwritten " + "(default is 'yes')\n", providerPath); } String providerURI = JavaKeyStoreProvider.SCHEME_NAME + "://file/" + providerPath; Configuration conf = new Configuration(false); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, providerURI); return CredentialProviderFactory.getProviders(conf).get(0); }
From source file:org.apache.atlas.web.security.NegativeSSLAndKerberosTest.java
License:Apache License
@BeforeClass public void setUp() throws Exception { jksPath = new Path(Files.createTempDirectory("tempproviders").toString(), "test.jks"); providerUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file/" + jksPath.toUri(); String persistDir = TestUtils.getTempDirectory(); setupKDCAndPrincipals();// w w w . j a va2 s. c o m setupCredentials(); // client will actually only leverage subset of these properties final PropertiesConfiguration configuration = getSSLConfiguration(providerUrl); TestUtils.writeConfiguration(configuration, persistDir + File.separator + ApplicationProperties.APPLICATION_PROPERTIES); String confLocation = System.getProperty("atlas.conf"); URL url; if (confLocation == null) { url = NegativeSSLAndKerberosTest.class.getResource("/" + ApplicationProperties.APPLICATION_PROPERTIES); } else { url = new File(confLocation, ApplicationProperties.APPLICATION_PROPERTIES).toURI().toURL(); } configuration.load(url); configuration.setProperty(TLS_ENABLED, true); configuration.setProperty("atlas.http.authentication.enabled", "true"); configuration.setProperty("atlas.http.authentication.type", "kerberos"); configuration.setProperty("atlas.http.authentication.kerberos.principal", "HTTP/localhost@" + kdc.getRealm()); configuration.setProperty("atlas.http.authentication.kerberos.keytab", httpKeytabFile.getAbsolutePath()); configuration.setProperty("atlas.http.authentication.kerberos.name.rules", "RULE:[1:$1@$0](.*@EXAMPLE.COM)s/@.*//\nDEFAULT"); TestUtils.writeConfiguration(configuration, persistDir + File.separator + ApplicationProperties.APPLICATION_PROPERTIES); // save original setting originalConf = System.getProperty("atlas.conf"); System.setProperty("atlas.conf", persistDir); dgiClient = new AtlasClient(DGI_URL) { @Override protected PropertiesConfiguration getClientProperties() { return configuration; } }; secureEmbeddedServer = new TestSecureEmbeddedServer(21443, getWarPath()) { @Override public Configuration getConfiguration() { return configuration; } }; secureEmbeddedServer.getServer().start(); }
From source file:org.apache.atlas.web.security.SSLAndKerberosTest.java
License:Apache License
@BeforeClass public void setUp() throws Exception { jksPath = new Path(Files.createTempDirectory("tempproviders").toString(), "test.jks"); providerUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file/" + jksPath.toUri(); String persistDir = TestUtils.getTempDirectory(); setupKDCAndPrincipals();// w w w. jav a 2 s.c o m setupCredentials(); // client will actually only leverage subset of these properties final PropertiesConfiguration configuration = getSSLConfiguration(providerUrl); TestUtils.writeConfiguration(configuration, persistDir + File.separator + ApplicationProperties.APPLICATION_PROPERTIES); String confLocation = System.getProperty("atlas.conf"); URL url; if (confLocation == null) { url = SSLAndKerberosTest.class.getResource("/" + ApplicationProperties.APPLICATION_PROPERTIES); } else { url = new File(confLocation, ApplicationProperties.APPLICATION_PROPERTIES).toURI().toURL(); } configuration.load(url); configuration.setProperty(TLS_ENABLED, true); configuration.setProperty("atlas.http.authentication.enabled", "true"); configuration.setProperty("atlas.http.authentication.type", "kerberos"); configuration.setProperty("atlas.http.authentication.kerberos.principal", "HTTP/localhost@" + kdc.getRealm()); configuration.setProperty("atlas.http.authentication.kerberos.keytab", httpKeytabFile.getAbsolutePath()); configuration.setProperty("atlas.http.authentication.kerberos.name.rules", "RULE:[1:$1@$0](.*@EXAMPLE.COM)s/@.*//\nDEFAULT"); TestUtils.writeConfiguration(configuration, persistDir + File.separator + "atlas-application.properties"); subject = loginTestUser(); UserGroupInformation.loginUserFromSubject(subject); UserGroupInformation proxyUser = UserGroupInformation.createProxyUser("testUser", UserGroupInformation.getLoginUser()); dgiCLient = proxyUser.doAs(new PrivilegedExceptionAction<AtlasClient>() { @Override public AtlasClient run() throws Exception { return new AtlasClient(DGI_URL) { @Override protected PropertiesConfiguration getClientProperties() { return configuration; } }; } }); // save original setting originalConf = System.getProperty("atlas.conf"); System.setProperty("atlas.conf", persistDir); secureEmbeddedServer = new TestSecureEmbeddedServer(21443, getWarPath()) { @Override public PropertiesConfiguration getConfiguration() { return configuration; } }; secureEmbeddedServer.getServer().start(); }
From source file:org.apache.atlas.web.security.SSLTest.java
License:Apache License
@BeforeClass public void setUp() throws Exception { jksPath = new Path(Files.createTempDirectory("tempproviders").toString(), "test.jks"); providerUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file/" + jksPath.toUri(); setupCredentials();//from ww w. ja v a2 s . c o m final PropertiesConfiguration configuration = getSSLConfiguration(providerUrl); String persistDir = writeConfiguration(configuration); atlasClient = new AtlasClient(DGI_URL) { @Override protected PropertiesConfiguration getClientProperties() { return configuration; } }; originalConf = System.getProperty("atlas.conf"); System.setProperty("atlas.conf", persistDir); secureEmbeddedServer = new TestSecureEmbeddedServer(21443, getWarPath()) { @Override public PropertiesConfiguration getConfiguration() { return configuration; } }; secureEmbeddedServer.getServer().start(); }
From source file:org.apache.atlas.web.service.SecureEmbeddedServerTestBase.java
License:Apache License
@BeforeMethod public void setup() throws Exception { jksPath = new Path(Files.createTempDirectory("tempproviders").toString(), "test.jks"); providerUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file/" + jksPath.toUri(); String baseUrl = String.format("https://localhost:%d/", securePort); DefaultClientConfig config = new DefaultClientConfig(); Client client = Client.create(config); client.resource(UriBuilder.fromUri(baseUrl).build()); service = client.resource(UriBuilder.fromUri(baseUrl).build()); }
From source file:org.apache.ranger.credentialapi.CredentialReader.java
License:Apache License
public static String getDecryptedString(String CrendentialProviderPath, String alias) { String credential = null;/*from w w w. j a v a 2s . co m*/ try { if (CrendentialProviderPath == null || alias == null || CrendentialProviderPath.trim().isEmpty() || alias.trim().isEmpty()) { return null; } char[] pass = null; Configuration conf = new Configuration(); String crendentialProviderPrefixJceks = JavaKeyStoreProvider.SCHEME_NAME + "://file"; String crendentialProviderPrefixLocalJceks = "localjceks://file"; crendentialProviderPrefixJceks = crendentialProviderPrefixJceks.toLowerCase(); CrendentialProviderPath = CrendentialProviderPath.trim(); alias = alias.trim(); if (CrendentialProviderPath.toLowerCase().startsWith(crendentialProviderPrefixJceks) || CrendentialProviderPath.toLowerCase().startsWith(crendentialProviderPrefixLocalJceks)) { conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, //UserProvider.SCHEME_NAME + ":///," + CrendentialProviderPath); } else { if (CrendentialProviderPath.startsWith("/")) { conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, //UserProvider.SCHEME_NAME + ":///," + JavaKeyStoreProvider.SCHEME_NAME + "://file" + CrendentialProviderPath); } else { conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, //UserProvider.SCHEME_NAME + ":///," + JavaKeyStoreProvider.SCHEME_NAME + "://file/" + CrendentialProviderPath); } } List<CredentialProvider> providers = CredentialProviderFactory.getProviders(conf); List<String> aliasesList = new ArrayList<String>(); CredentialProvider.CredentialEntry credEntry = null; for (CredentialProvider provider : providers) { //System.out.println("Credential Provider :" + provider); aliasesList = provider.getAliases(); if (aliasesList != null && aliasesList.contains(alias.toLowerCase())) { credEntry = null; credEntry = provider.getCredentialEntry(alias); pass = credEntry.getCredential(); if (pass != null && pass.length > 0) { credential = String.valueOf(pass); break; } } } } catch (Exception ex) { ex.printStackTrace(); credential = null; } return credential; }