private void authenticateUserAndCheckSearchIsClosed(String user) throws IOException { auth = new LdapAuthenticationProviderImpl(conf, factory); try { auth.Authenticate(user, "password doesn't matter"); } finally { verify(search, atLeastOnce()).close(); } } }
@Override public void Authenticate(String user, String password) throws AuthenticationException { DirSearch search = null; try { search = createDirSearch(user, password); applyFilter(search, user); } finally { ServiceUtils.cleanup(LOG, search); } }
@VisibleForTesting LdapAuthenticationProviderImpl(HiveConf conf, DirSearchFactory searchFactory) { this.conf = conf; this.searchFactory = searchFactory; filter = resolveFilter(conf); }
private LdapAuthenticationTestCase(Builder builder) { this.ldapProvider = new LdapAuthenticationProviderImpl(builder.conf); }
if (!hasDomain(user) && ldapDomain != null) { user = user + "@" + ldapDomain;
public void assertAuthenticateFails(String user, String password) { try { ldapProvider.Authenticate(user, password); Assert.fail(String.format("Expected authentication to fail for %s", user)); } catch (AuthenticationException expected) { Assert.assertNotNull("Expected authentication exception", expected); } }
public static PasswdAuthenticationProvider getAuthenticationProvider(AuthMethods authMethod, HiveConf conf) throws AuthenticationException { if (authMethod == AuthMethods.LDAP) { return new LdapAuthenticationProviderImpl(conf); } else if (authMethod == AuthMethods.PAM) { return new PamAuthenticationProviderImpl(conf); } else if (authMethod == AuthMethods.CUSTOM) { return new CustomAuthenticationProviderImpl(conf); } else if (authMethod == AuthMethods.NONE) { return new AnonymousAuthenticationProviderImpl(); } else { throw new AuthenticationException("Unsupported authentication method"); } } }
if (!hasDomain(user) && ldapDomain != null) { user = user + "@" + ldapDomain;
public void assertAuthenticatePasses(Credentials credentials) { try { ldapProvider.Authenticate(credentials.getUser(), credentials.getPassword()); } catch (AuthenticationException e) { String message = String.format("Authentication failed for user '%s' with password '%s'", credentials.getUser(), credentials.getPassword()); throw new AssertionError(message, e); } }
@Test public void testAuthenticateNoUserOrGroupFilter() throws NamingException, AuthenticationException, IOException { conf.setVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_USERDNPATTERN, "cn=%s,ou=Users,dc=mycorp,dc=com:cn=%s,ou=PowerUsers,dc=mycorp,dc=com"); DirSearchFactory factory = mock(DirSearchFactory.class); when(search.findUserDn("user1")).thenReturn("cn=user1,ou=PowerUsers,dc=mycorp,dc=com"); when(factory.getInstance(conf, "cn=user1,ou=PowerUsers,dc=mycorp,dc=com", "Blah")).thenReturn(search); when(factory.getInstance(conf, "cn=user1,ou=Users,dc=mycorp,dc=com", "Blah")).thenThrow(AuthenticationException.class); auth = new LdapAuthenticationProviderImpl(conf, factory); auth.Authenticate("user1", "Blah"); verify(factory, times(2)).getInstance(isA(HiveConf.class), anyString(), eq("Blah")); verify(search, atLeastOnce()).close(); }
public static PasswdAuthenticationProvider getAuthenticationProvider(AuthMethods authMethod, HiveConf conf) throws AuthenticationException { if (authMethod == AuthMethods.LDAP) { return new LdapAuthenticationProviderImpl(conf); } else if (authMethod == AuthMethods.PAM) { return new PamAuthenticationProviderImpl(conf); } else if (authMethod == AuthMethods.CUSTOM) { return new CustomAuthenticationProviderImpl(conf); } else if (authMethod == AuthMethods.NONE) { return new AnonymousAuthenticationProviderImpl(); } else { throw new AuthenticationException("Unsupported authentication method"); } } }
if (!hasDomain(user) && ldapDomain != null) { user = user + "@" + ldapDomain;
@Override public void Authenticate(String user, String password) throws AuthenticationException { DirSearch search = null; try { search = createDirSearch(user, password); applyFilter(search, user); } finally { ServiceUtils.cleanup(LOG, search); } }
@VisibleForTesting LdapAuthenticationProviderImpl(HiveConf conf, DirSearchFactory searchFactory) { this.conf = conf; this.searchFactory = searchFactory; filter = resolveFilter(conf); }
@Test public void authenticateGivenBlankPassword() throws Exception { auth = new LdapAuthenticationProviderImpl(conf, new LdapSearchFactory()); expectAuthenticationExceptionForInvalidPassword(); auth.Authenticate("user", ""); }
public static PasswdAuthenticationProvider getAuthenticationProvider(AuthMethods authMethod) throws AuthenticationException { if (authMethod == AuthMethods.LDAP) { return new LdapAuthenticationProviderImpl(); } else if (authMethod == AuthMethods.PAM) { return new PamAuthenticationProviderImpl(); } else if (authMethod == AuthMethods.CUSTOM) { return new CustomAuthenticationProviderImpl(); } else if (authMethod == AuthMethods.NONE) { return new AnonymousAuthenticationProviderImpl(); } else { throw new AuthenticationException("Unsupported authentication method"); } } }
if (!hasDomain(user) && ldapDomain != null) { user = user + "@" + ldapDomain;
@Test public void authenticateGivenNullForPassword() throws Exception { auth = new LdapAuthenticationProviderImpl(conf, new LdapSearchFactory()); expectAuthenticationExceptionForInvalidPassword(); auth.Authenticate("user", null); }
public static PasswdAuthenticationProvider getAuthenticationProvider(AuthMethods authMethod) throws AuthenticationException { if (authMethod == AuthMethods.LDAP) { return new LdapAuthenticationProviderImpl(); } else if (authMethod == AuthMethods.PAM) { return new PamAuthenticationProviderImpl(); } else if (authMethod == AuthMethods.CUSTOM) { return new CustomAuthenticationProviderImpl(); } else if (authMethod == AuthMethods.NONE) { return new AnonymousAuthenticationProviderImpl(); } else { throw new AuthenticationException("Unsupported authentication method"); } } }
@Test public void authenticateGivenStringWithNullCharacterForPassword() throws Exception { auth = new LdapAuthenticationProviderImpl(conf, new LdapSearchFactory()); expectAuthenticationExceptionForInvalidPassword(); auth.Authenticate("user", "\0"); }