protected static CConfiguration createCConf() throws IOException { CConfiguration cConf = DatasetServiceTestBase.createCConf(); cConf.setBoolean(Constants.Security.ENABLED, true); cConf.setBoolean(Constants.Security.Authorization.ENABLED, true); // we only want to test authorization, but we don't specify principal/keytab, so disable kerberos cConf.setBoolean(Constants.Security.KERBEROS_ENABLED, false); cConf.setInt(Constants.Security.Authorization.CACHE_MAX_ENTRIES, 0); Location authorizerJar = AppJarHelper.createDeploymentJar(locationFactory, InMemoryAuthorizer.class); cConf.set(Constants.Security.Authorization.EXTENSION_JAR_PATH, authorizerJar.toURI().getPath()); return cConf; }
@Override protected Injector doInit(TwillContext context) { CConfiguration cConf = getCConfiguration(); cConf.set(Constants.MessagingSystem.HTTP_SERVER_BIND_ADDRESS, context.getHost().getHostName()); cConf.setInt(Constants.MessagingSystem.CONTAINER_INSTANCE_ID, context.getInstanceId()); injector = createInjector(cConf, getConfiguration()); injector.getInstance(LogAppenderInitializer.class).initialize(); LoggingContextAccessor.setLoggingContext(new ServiceLoggingContext(NamespaceId.SYSTEM.getNamespace(), Constants.Logging.COMPONENT_NAME, Constants.Service.MESSAGING_SERVICE)); return injector; }
@BeforeClass public static void setup() throws IOException { CCONF.set(Constants.CFG_LOCAL_DATA_DIR, TEMPORARY_FOLDER.newFolder().getAbsolutePath()); CCONF.setBoolean(Constants.Security.ENABLED, true); CCONF.setBoolean(Constants.Security.Authorization.ENABLED, true); locationFactory = new LocalLocationFactory(TEMPORARY_FOLDER.newFolder()); } }
@BeforeClass public static void setupClass() throws IOException { Manifest manifest = new Manifest(); manifest.getMainAttributes().put(Attributes.Name.MAIN_CLASS, InMemoryAuthorizer.class.getName()); Location externalAuthJar = AppJarHelper.createDeploymentJar(locationFactory, InMemoryAuthorizer.class, manifest); CCONF.set(Constants.Security.Authorization.EXTENSION_JAR_PATH, externalAuthJar.toString()); }
@Override protected void configure() { CConfiguration conf = CConfiguration.create(); conf.set(Constants.CFG_DATA_LEVELDB_DIR, dataDir); bind(CConfiguration.class).toInstance(conf); bind(LevelDBTableService.class).toInstance(levelDBTableService); } });
private static CConfiguration createCConf() throws IOException { CConfiguration cConf = CConfiguration.create(); cConf.setBoolean(Constants.Security.ENABLED, true); cConf.setBoolean(Constants.Security.Authorization.ENABLED, true); // we only want to test authorization, but we don't specify principal/keytab, so disable kerberos cConf.setBoolean(Constants.Security.KERBEROS_ENABLED, false); cConf.setInt(Constants.Security.Authorization.CACHE_MAX_ENTRIES, 0); LocationFactory locationFactory = new LocalLocationFactory(new File(TEMPORARY_FOLDER.newFolder().toURI())); Location authorizerJar = AppJarHelper.createDeploymentJar(locationFactory, InMemoryAuthorizer.class); cConf.set(Constants.Security.Authorization.EXTENSION_JAR_PATH, authorizerJar.toURI().getPath()); return cConf; }
@Test public void testAuthenticationDisabled() throws IOException { CConfiguration cConf = CConfiguration.create(); cConf.set(Constants.CFG_LOCAL_DATA_DIR, TEMPORARY_FOLDER.newFolder().getAbsolutePath()); cConf.setBoolean(Constants.Security.Authorization.ENABLED, true); assertDisabled(cConf, FeatureDisabledException.Feature.AUTHENTICATION); }
@BeforeClass public static void setupTests() { CConfiguration cConf = CConfiguration.create(); cConf.set(AlwaysFailCheck.FAILURE_MESSAGE_KEY, FAILURE_MESSAGE); injector = Guice.createInjector(new ConfigModule(cConf)); }
@Test public void testAuthorizationDisabled() throws IOException { CConfiguration cConf = CConfiguration.create(); cConf.setBoolean(Constants.Security.ENABLED, true); cConf.set(Constants.CFG_LOCAL_DATA_DIR, TEMPORARY_FOLDER.newFolder().getAbsolutePath()); assertDisabled(cConf, FeatureDisabledException.Feature.AUTHORIZATION); }
@Test public void testGetACLs() throws Exception { CConfiguration kerbConf = CConfiguration.create(); kerbConf.set(Constants.Security.KERBEROS_ENABLED, "true"); kerbConf.set(Constants.Security.CFG_CDAP_MASTER_KRB_PRINCIPAL, "prinicpal@REALM.NET"); kerbConf.set(Constants.Security.CFG_CDAP_MASTER_KRB_KEYTAB_PATH, "/path/to/keytab"); Assert.assertEquals(ZooDefs.Ids.CREATOR_ALL_ACL, DistributedKeyManager.getACLs(kerbConf)); CConfiguration noKerbConf = CConfiguration.create(); noKerbConf.unset(Constants.Security.CFG_CDAP_MASTER_KRB_PRINCIPAL); Assert.assertEquals(ZooDefs.Ids.OPEN_ACL_UNSAFE, DistributedKeyManager.getACLs(noKerbConf)); }
@Test(expected = IllegalArgumentException.class) public void testDefaultNotInteger() throws Exception { CConfiguration cConfiguration = CConfiguration.create(); cConfiguration.set(TxConstants.Manager.CFG_TX_TIMEOUT, "NaN"); run(cConfiguration); }
@Test(expected = InvalidAuthorizerException.class) public void testAuthorizerJarPathIsNotJar() throws Throwable { CCONF.set(Constants.Security.Authorization.EXTENSION_JAR_PATH, TEMPORARY_FOLDER.newFile("abc.txt").getPath()); try (AuthorizerInstantiator instantiator = new AuthorizerInstantiator(CCONF, AUTH_CONTEXT_FACTORY)) { instantiator.get(); Assert.fail("Instantiation of Authorizer should have failed because extension jar is not a jar file"); } catch (Throwable e) { throw Throwables.getRootCause(e); } }
@Test(expected = IllegalArgumentException.class) public void testMaxNotInteger() throws Exception { CConfiguration cConfiguration = CConfiguration.create(); cConfiguration.set(TxConstants.Manager.CFG_TX_MAX_TIMEOUT, "NaN"); run(cConfiguration); }
@Test(expected = InvalidAuthorizerException.class) public void testAuthorizerJarPathIsDirectory() throws Throwable { CCONF.set(Constants.Security.Authorization.EXTENSION_JAR_PATH, TEMPORARY_FOLDER.newFolder().getPath()); try (AuthorizerInstantiator instantiator = new AuthorizerInstantiator(CCONF, AUTH_CONTEXT_FACTORY)) { instantiator.get(); Assert.fail("Instantiation of Authorizer should have failed because extension jar is a directory"); } catch (Throwable e) { throw Throwables.getRootCause(e); } }
@Test(expected = InvalidAuthorizerException.class) public void testMissingManifest() throws Throwable { Location externalAuthJar = createInvalidExternalAuthJar(null); CCONF.set(Constants.Security.Authorization.EXTENSION_JAR_PATH, externalAuthJar.toString()); try (AuthorizerInstantiator instantiator = new AuthorizerInstantiator(CCONF, AUTH_CONTEXT_FACTORY)) { instantiator.get(); Assert.fail("Instantiation of Authorizer should have failed because extension jar does not have a manifest"); } catch (Throwable e) { throw Throwables.getRootCause(e); } }
@BeforeClass public static void setup() throws IOException { conf = CConfiguration.create(); conf.set(Constants.CFG_LOCAL_DATA_DIR, TMP_FOLDER.newFolder().getAbsolutePath()); Injector injector = Guice.createInjector(new ConfigModule(conf), new AuthorizationTestModule(), new AuthorizationEnforcementModule().getInMemoryModules(), new AuthenticationContextModules().getNoOpModule()); authEnforcer = injector.getInstance(AuthorizationEnforcer.class); authenticationContext = injector.getInstance(AuthenticationContext.class); }
@BeforeClass public static void init() throws IOException { zkServer = InMemoryZKServer.builder().setDataDir(TEMP_FOLDER.newFolder()).build(); zkServer.startAndWait(); cConf = CConfiguration.create(); cConf.set(Constants.Zookeeper.QUORUM, zkServer.getConnectionStr()); cConf.set(Constants.CFG_LOCAL_DATA_DIR, TEMP_FOLDER.newFolder().getAbsolutePath()); }
@BeforeClass public static void init() throws Exception { cConf = CConfiguration.create(); cConf.set(Constants.CFG_LOCAL_DATA_DIR, TEMP_FOLDER.newFolder().getAbsolutePath()); Injector injector = AppFabricTestHelper.getInjector(cConf, new AuditModule().getDistributedModules()); messagingService = injector.getInstance(MessagingService.class); if (messagingService instanceof Service) { ((Service) messagingService).startAndWait(); } auditTopic = NamespaceId.SYSTEM.topic(cConf.get(Constants.Audit.TOPIC)); }
@BeforeClass public static void setup() throws Exception { CConfiguration cConf = CConfiguration.create(); cConf.set(Constants.CFG_LOCAL_DATA_DIR, TMP_FOLDER.newFolder().getAbsolutePath()); classLoaderFactory = new ArtifactClassLoaderFactory(cConf, new DummyProgramRunnerFactory()); artifactInspector = new ArtifactInspector(cConf, classLoaderFactory); }
@BeforeClass public static void init() throws IOException { zkServer = InMemoryZKServer.builder().setDataDir(TMP_FOLDER.newFolder()).build(); zkServer.startAndWait(); CConfiguration cConf = CConfiguration.create(); cConf.set(Constants.Zookeeper.QUORUM, zkServer.getConnectionStr()); Injector injector = Guice.createInjector(new ConfigModule(cConf), new ZKClientModule()); zkClientService = injector.getInstance(ZKClientService.class); zkClientService.startAndWait(); }