public String getAuthorizationID() { return saslServer.getAuthorizationID(); }
public String getUserName() { return saslServer.getAuthorizationID(); }
public String getUserName() { return saslServer.getAuthorizationID(); }
public String getAuthorizationID() { return saslServer.getAuthorizationID(); }
public String getAuthorizationID() { return delegate.getAuthorizationID(); }
public String getAuthorizationID() { return server.getAuthorizationID(); }
public String getAuthorizationID() { return saslServer.getAuthorizationID(); }
@Override public void onCompleted() { mAuthenticationServer.registerChannel(mChannelId, mSaslServer.getAuthorizationID(), mSaslServer); mRequestObserver.onCompleted(); } }
private void setUserName(final TProtocol in) { TTransport transport = in.getTransport(); if (transport instanceof TSaslServerTransport) { String userName = ((TSaslServerTransport) transport).getSaslServer().getAuthorizationID(); THREAD_LOCAL_USER_NAME.set(userName); } }
@Override public KafkaPrincipal build(AuthenticationContext context) { if (context instanceof PlaintextAuthenticationContext) { if (oldPrincipalBuilder != null) return convertToKafkaPrincipal(oldPrincipalBuilder.buildPrincipal(transportLayer, authenticator)); return KafkaPrincipal.ANONYMOUS; } else if (context instanceof SslAuthenticationContext) { SSLSession sslSession = ((SslAuthenticationContext) context).session(); if (oldPrincipalBuilder != null) return convertToKafkaPrincipal(oldPrincipalBuilder.buildPrincipal(transportLayer, authenticator)); try { return applySslPrincipalMapper(sslSession.getPeerPrincipal()); } catch (SSLPeerUnverifiedException se) { return KafkaPrincipal.ANONYMOUS; } } else if (context instanceof SaslAuthenticationContext) { SaslServer saslServer = ((SaslAuthenticationContext) context).server(); if (SaslConfigs.GSSAPI_MECHANISM.equals(saslServer.getMechanismName())) return applyKerberosShortNamer(saslServer.getAuthorizationID()); else return new KafkaPrincipal(KafkaPrincipal.USER_TYPE, saslServer.getAuthorizationID()); } else { throw new IllegalArgumentException("Unhandled authentication context type: " + context.getClass().getName()); } }
public boolean process(final TProtocol inProt, final TProtocol outProt) throws TException { //populating request context ReqContext reqContext = ReqContext.context(); TTransport trans = inProt.getTransport(); //Sasl transport TSaslServerTransport saslTrans = (TSaslServerTransport) trans; if (trans instanceof NoOpTTrasport) { return false; } //remote address TSocket tsocket = (TSocket) saslTrans.getUnderlyingTransport(); Socket socket = tsocket.getSocket(); reqContext.setRemoteAddress(socket.getInetAddress()); //remote subject SaslServer saslServer = saslTrans.getSaslServer(); String authId = saslServer.getAuthorizationID(); Subject remoteUser = new Subject(); remoteUser.getPrincipals().add(new User(authId)); reqContext.setSubject(remoteUser); //invoke service handler return wrapped.process(inProt, outProt); } }
public boolean process(final TProtocol inProt, final TProtocol outProt) throws TException { // populating request context ReqContext req_context = ReqContext.context(); TTransport trans = inProt.getTransport(); // Sasl transport TSaslServerTransport saslTrans = (TSaslServerTransport) trans; // remote address TSocket tsocket = (TSocket) saslTrans.getUnderlyingTransport(); Socket socket = tsocket.getSocket(); req_context.setRemoteAddress(socket.getInetAddress()); // remote subject SaslServer saslServer = saslTrans.getSaslServer(); String authId = saslServer.getAuthorizationID(); Subject remoteUser = new Subject(); remoteUser.getPrincipals().add(new User(authId)); req_context.setSubject(remoteUser); // invoke service handler return wrapped.process(inProt, outProt); } }
@Test public void testPrincipalBuilderGssapi() throws Exception { SaslServer server = mock(SaslServer.class); KerberosShortNamer kerberosShortNamer = mock(KerberosShortNamer.class); when(server.getMechanismName()).thenReturn(SaslConfigs.GSSAPI_MECHANISM); when(server.getAuthorizationID()).thenReturn("foo/host@REALM.COM"); when(kerberosShortNamer.shortName(any())).thenReturn("foo"); DefaultKafkaPrincipalBuilder builder = new DefaultKafkaPrincipalBuilder(kerberosShortNamer, null); KafkaPrincipal principal = builder.build(new SaslAuthenticationContext(server, SecurityProtocol.SASL_PLAINTEXT, InetAddress.getLocalHost(), SecurityProtocol.SASL_PLAINTEXT.name())); assertEquals(KafkaPrincipal.USER_TYPE, principal.getPrincipalType()); assertEquals("foo", principal.getName()); builder.close(); verify(server, atLeastOnce()).getMechanismName(); verify(server, atLeastOnce()).getAuthorizationID(); verify(kerberosShortNamer, atLeastOnce()).shortName(any()); }
@Test public void testPrincipalBuilderScram() throws Exception { SaslServer server = mock(SaslServer.class); when(server.getMechanismName()).thenReturn(ScramMechanism.SCRAM_SHA_256.mechanismName()); when(server.getAuthorizationID()).thenReturn("foo"); DefaultKafkaPrincipalBuilder builder = new DefaultKafkaPrincipalBuilder(null, null); KafkaPrincipal principal = builder.build(new SaslAuthenticationContext(server, SecurityProtocol.SASL_PLAINTEXT, InetAddress.getLocalHost(), SecurityProtocol.SASL_PLAINTEXT.name())); assertEquals(KafkaPrincipal.USER_TYPE, principal.getPrincipalType()); assertEquals("foo", principal.getName()); builder.close(); verify(server, atLeastOnce()).getMechanismName(); verify(server, atLeastOnce()).getAuthorizationID(); }
String authId = saslServer.getAuthorizationID(); LOG.debug("AUTH ID ======>" + authId); String endUser = authId;
/** * Tests the {@link PlainSaslServer#getAuthorizationID()} method. */ @Test public void authenticationNotComplete() { mThrown.expect(IllegalStateException.class); mThrown.expectMessage("PLAIN authentication not completed"); mPlainSaslServer.getAuthorizationID(); }
+ saslServer.getNegotiatedProperty(Sasl.QOP)); user = getAuthorizedUgi(saslServer.getAuthorizationID()); if (LOG.isDebugEnabled()) { LOG.debug("SASL server successfully authenticated client: " + user);
(TSaslServerTransport)inProt.getTransport(); SaslServer saslServer = saslServerTransport.getSaslServer(); String principal = saslServer.getAuthorizationID(); hbaseServiceHandler.setEffectiveUser(principal); return processor.process(inProt, outProt);
/** * Tests the {@link PlainSaslServer#getAuthorizationID()} to retrieve the correct user. */ @Test public void userPasswordReceive() throws Exception { String testUser = "alluxio"; String password = "anonymous"; mPlainSaslServer.evaluateResponse(getUserInfo(testUser, password)); Assert.assertEquals(testUser, mPlainSaslServer.getAuthorizationID()); }
if ( verify ) if ( verifyCertificates( session.getConnection().getPeerCertificates(), saslServer.getAuthorizationID(), true ) ) authenticationSuccessful( session, saslServer.getAuthorizationID(), challenge ); session.removeSessionData( "SaslServer" ); return Status.authenticated;