serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, IP_RANGE); conf.set(BLOCKED_HOST_CONFIG, "1.2.3.4"); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider());
serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf,
serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf,
serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, IP_RANGE); conf.set(BLOCKED_HOST_CONFIG, "1.2.3.4"); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider());
Configuration conf = new Configuration (); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, "security.service.authorization.default.hosts", IP_RANGE); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf,
serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol1.class, conf, "user2 group2"); conf.set(ACL_CONFIG + ServiceAuthorizationManager.BLOCKED, "user2"); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider());
serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol1.class, conf, "user2 group2"); conf.set(ACL_CONFIG + ServiceAuthorizationManager.BLOCKED, "user2"); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider());
serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho,
serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho,
Configuration conf = new Configuration (); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, "security.service.authorization.default.hosts", IP_RANGE); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf,
@Test public void testMachineList() throws UnknownHostException { UserGroupInformation drwho = UserGroupInformation.createUserForTesting("drwho@EXAMPLE.COM", new String[] { "group1", "group2" }); ServiceAuthorizationManager serviceAuthorizationManager = new ServiceAuthorizationManager(); Configuration conf = new Configuration (); conf.set(HOST_CONFIG, "1.2.3.4"); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName(AUTHORIZED_IP)); } catch (AuthorizationException e) { fail(); } try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName(UNAUTHORIZED_IP)); fail(); } catch (AuthorizationException e) { // expects Exception } }
@Test public void testDefaultAcl() { ServiceAuthorizationManager serviceAuthorizationManager = new ServiceAuthorizationManager(); Configuration conf = new Configuration (); // test without setting a default acl conf.set(ACL_CONFIG, "user1 group1"); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); AccessControlList acl = serviceAuthorizationManager.getProtocolsAcls(TestProtocol.class); assertEquals("user1 group1", acl.getAclString()); acl = serviceAuthorizationManager.getProtocolsAcls(TestProtocol1.class); assertEquals(AccessControlList.WILDCARD_ACL_VALUE, acl.getAclString()); // test with a default acl conf.set( CommonConfigurationKeys.HADOOP_SECURITY_SERVICE_AUTHORIZATION_DEFAULT_ACL, "user2 group2"); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); acl = serviceAuthorizationManager.getProtocolsAcls(TestProtocol.class); assertEquals("user1 group1", acl.getAclString()); acl = serviceAuthorizationManager.getProtocolsAcls(TestProtocol1.class); assertEquals("user2 group2", acl.getAclString()); }
@Test public void testMachineList() throws UnknownHostException { UserGroupInformation drwho = UserGroupInformation.createUserForTesting("drwho@EXAMPLE.COM", new String[] { "group1", "group2" }); ServiceAuthorizationManager serviceAuthorizationManager = new ServiceAuthorizationManager(); Configuration conf = new Configuration (); conf.set(HOST_CONFIG, "1.2.3.4"); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName(AUTHORIZED_IP)); } catch (AuthorizationException e) { fail(); } try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName(UNAUTHORIZED_IP)); fail(); } catch (AuthorizationException e) { // expects Exception } }
@Test public void testDefaultAcl() { ServiceAuthorizationManager serviceAuthorizationManager = new ServiceAuthorizationManager(); Configuration conf = new Configuration (); // test without setting a default acl conf.set(ACL_CONFIG, "user1 group1"); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); AccessControlList acl = serviceAuthorizationManager.getProtocolsAcls(TestProtocol.class); assertEquals("user1 group1", acl.getAclString()); acl = serviceAuthorizationManager.getProtocolsAcls(TestProtocol1.class); assertEquals(AccessControlList.WILDCARD_ACL_VALUE, acl.getAclString()); // test with a default acl conf.set( CommonConfigurationKeys.HADOOP_SECURITY_SERVICE_AUTHORIZATION_DEFAULT_ACL, "user2 group2"); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); acl = serviceAuthorizationManager.getProtocolsAcls(TestProtocol.class); assertEquals("user1 group1", acl.getAclString()); acl = serviceAuthorizationManager.getProtocolsAcls(TestProtocol1.class); assertEquals("user2 group2", acl.getAclString()); }