for (CredentialProvider provider : providers) { try { CredentialEntry entry = provider.getCredentialEntry(name); if (entry != null) { pass = entry.getCredential();
CredentialEntry entry = provider.getCredentialEntry(name); if (entry != null) { return entry; entry = provider.getCredentialEntry(oldName); if (entry != null) { logDeprecationOnce(oldName, provider.toString()); if (keyInfo != null && keyInfo.newKeys != null) { for (String newName : keyInfo.newKeys) { entry = provider.getCredentialEntry(newName); if (entry != null) { logDeprecationOnce(name, null);
CredentialEntry entry = provider.getCredentialEntry(name); if (entry != null) { return entry; entry = provider.getCredentialEntry(oldName); if (entry != null) { logDeprecationOnce(oldName, provider.toString()); if (keyInfo != null && keyInfo.newKeys != null) { for (String newName : keyInfo.newKeys) { entry = provider.getCredentialEntry(newName); if (entry != null) { logDeprecationOnce(name, null);
/** * Retrieves a password from a configured credential provider or prompts for the password and stores it in the * configured credential provider. * @param config application configuration * @param key the key/alias for the password. * @return the password. * @throws IOException */ private String getPassword(org.apache.commons.configuration.Configuration config, String key) throws IOException { String password; String provider = config.getString(CERT_STORES_CREDENTIAL_PROVIDER_PATH); if (provider != null) { LOG.info("Attempting to retrieve password from configured credential provider path"); Configuration c = new Configuration(); c.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, provider); CredentialProvider credentialProvider = CredentialProviderFactory.getProviders(c).get(0); CredentialProvider.CredentialEntry entry = credentialProvider.getCredentialEntry(key); if (entry == null) { throw new IOException(String.format("No credential entry found for %s. " + "Please create an entry in the configured credential provider", key)); } else { password = String.valueOf(entry.getCredential()); } } else { throw new IOException("No credential provider path configured for storage of certificate store passwords"); } return password; }
public char[] getCredentialString(String url, String alias) { List<CredentialProvider> providers = getCredentialProviders(url); if (providers != null) { for (CredentialProvider provider : providers) { try { CredentialProvider.CredentialEntry credEntry = provider.getCredentialEntry(alias); if (credEntry != null) { return credEntry.getCredential(); } } catch(Exception ie) { LOG.error("Unable to get the Credential Provider from the Configuration", ie); } } } return null; }
for (CredentialProvider provider : providers) { try { CredentialEntry entry = provider.getCredentialEntry(name); if (entry != null) { pass = entry.getCredential();
for (CredentialProvider provider : providers) { try { CredentialEntry entry = provider.getCredentialEntry(name); if (entry != null) { pass = entry.getCredential();
for (CredentialProvider provider : providers) { try { CredentialEntry entry = provider.getCredentialEntry(name); if (entry != null) { pass = entry.getCredential();
for (CredentialProvider provider : providers) { try { CredentialEntry entry = provider.getCredentialEntry(name); if (entry != null) { pass = entry.getCredential();
@BeforeClass public static void setup() throws Exception { conf = new Configuration(true); final String ourUrl = UserProvider.SCHEME_NAME + ":///"; conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl); // THis should be a UserGroupInformation provider CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); // The user credentials are stored as a static variable by UserGrouoInformation provider. // We need to only set the password the first time, an attempt to set it for the second // time fails with an exception. if(provider.getCredentialEntry(ServerConfig.SENTRY_STORE_JDBC_PASS) == null) { provider.createCredentialEntry(ServerConfig.SENTRY_STORE_JDBC_PASS, passwd); provider.flush(); } dataDir = new File(Files.createTempDir(), "sentry_policy_db"); conf.set(ServerConfig.SENTRY_VERIFY_SCHEM_VERSION, "false"); conf.set(ServerConfig.SENTRY_STORE_JDBC_URL, "jdbc:derby:;databaseName=" + dataDir.getPath() + ";create=true"); conf.set(ServerConfig.SENTRY_STORE_JDBC_PASS, "dummy"); conf.setStrings(ServerConfig.ADMIN_GROUPS, adminGroups); conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING, ServerConfig.SENTRY_STORE_LOCAL_GROUP_MAPPING); policyFilePath = new File(dataDir, "local_policy_file.ini"); conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING_RESOURCE, policyFilePath.getPath()); conf.setInt(ServerConfig.SENTRY_STORE_TRANSACTION_RETRY, 10); }
if(provider.getCredentialEntry(ServerConfig.SENTRY_STORE_JDBC_PASS) == null) { provider.createCredentialEntry(ServerConfig.SENTRY_STORE_JDBC_PASS, passwd); provider.flush();
assertEquals(null, provider.getCredentialEntry( WebAppUtils.WEB_APP_KEY_PASSWORD_KEY)); assertEquals(null, provider.getCredentialEntry( WebAppUtils.WEB_APP_KEYSTORE_PASSWORD_KEY)); assertEquals(null, provider.getCredentialEntry( WebAppUtils.WEB_APP_TRUSTSTORE_PASSWORD_KEY)); assertArrayEquals(keypass, provider.getCredentialEntry( WebAppUtils.WEB_APP_KEY_PASSWORD_KEY).getCredential()); assertArrayEquals(storepass, provider.getCredentialEntry( WebAppUtils.WEB_APP_KEYSTORE_PASSWORD_KEY).getCredential()); assertArrayEquals(trustpass, provider.getCredentialEntry( WebAppUtils.WEB_APP_TRUSTSTORE_PASSWORD_KEY).getCredential()); return conf;
assertEquals(null, provider.getCredentialEntry( WebAppUtils.WEB_APP_KEY_PASSWORD_KEY)); assertEquals(null, provider.getCredentialEntry( WebAppUtils.WEB_APP_KEYSTORE_PASSWORD_KEY)); assertEquals(null, provider.getCredentialEntry( WebAppUtils.WEB_APP_TRUSTSTORE_PASSWORD_KEY)); assertArrayEquals(keypass, provider.getCredentialEntry( WebAppUtils.WEB_APP_KEY_PASSWORD_KEY).getCredential()); assertArrayEquals(storepass, provider.getCredentialEntry( WebAppUtils.WEB_APP_KEYSTORE_PASSWORD_KEY).getCredential()); assertArrayEquals(trustpass, provider.getCredentialEntry( WebAppUtils.WEB_APP_TRUSTSTORE_PASSWORD_KEY).getCredential()); return conf;
assertEquals(null, provider.getCredentialEntry( WebAppUtils.WEB_APP_KEY_PASSWORD_KEY)); assertEquals(null, provider.getCredentialEntry( WebAppUtils.WEB_APP_KEYSTORE_PASSWORD_KEY)); assertEquals(null, provider.getCredentialEntry( WebAppUtils.WEB_APP_TRUSTSTORE_PASSWORD_KEY)); assertArrayEquals(keypass, provider.getCredentialEntry( WebAppUtils.WEB_APP_KEY_PASSWORD_KEY).getCredential()); assertArrayEquals(storepass, provider.getCredentialEntry( WebAppUtils.WEB_APP_KEYSTORE_PASSWORD_KEY).getCredential()); assertArrayEquals(trustpass, provider.getCredentialEntry( WebAppUtils.WEB_APP_TRUSTSTORE_PASSWORD_KEY).getCredential()); return conf;
public static void main(String[] args) throws IOException { // prompt for the provider name CredentialProvider provider = getCredentialProvider(textDevice); if(provider != null) { char[] cred; for (String key : KEYS) { cred = getPassword(textDevice, key); // create a credential entry and store it boolean overwrite = true; if (provider.getCredentialEntry(key) != null) { String choice = textDevice.readLine("Entry for %s already exists. Overwrite? (y/n) [y]:", key); overwrite = StringUtils.isEmpty(choice) || choice.equalsIgnoreCase("y"); if (overwrite) { provider.deleteCredentialEntry(key); provider.flush(); provider.createCredentialEntry(key, cred); provider.flush(); textDevice.printf("Entry for %s was overwritten with the new value.\n", key); } else { textDevice.printf("Entry for %s was not overwritten.\n", key); } } else { provider.createCredentialEntry(key, cred); provider.flush(); } } } }
public void checkPermissionRetention(Configuration conf, String ourUrl, Path path) throws Exception { CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); // let's add a new credential and flush and check that permissions are still set to 777 char[] cred = new char[32]; for(int i =0; i < cred.length; ++i) { cred[i] = (char) i; } // create a new key try { provider.createCredentialEntry("key5", cred); } catch (Exception e) { e.printStackTrace(); throw e; } provider.flush(); // get a new instance of the provider to ensure it was saved correctly provider = CredentialProviderFactory.getProviders(conf).get(0); assertArrayEquals(cred, provider.getCredentialEntry("key5").getCredential()); FileSystem fs = path.getFileSystem(conf); FileStatus s = fs.getFileStatus(path); assertTrue("Permissions should have been retained from the preexisting " + "keystore.", s.getPermission().toString().equals("rwxrwxrwx")); } }
public void checkPermissionRetention(Configuration conf, String ourUrl, Path path) throws Exception { CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); // let's add a new credential and flush and check that permissions are still set to 777 char[] cred = new char[32]; for(int i =0; i < cred.length; ++i) { cred[i] = (char) i; } // create a new key try { provider.createCredentialEntry("key5", cred); } catch (Exception e) { e.printStackTrace(); throw e; } provider.flush(); // get a new instance of the provider to ensure it was saved correctly provider = CredentialProviderFactory.getProviders(conf).get(0); assertArrayEquals(cred, provider.getCredentialEntry("key5").getCredential()); FileSystem fs = path.getFileSystem(conf); FileStatus s = fs.getFileStatus(path); assertTrue("Permissions should have been retained from the preexisting " + "keystore.", s.getPermission().toString().equals("rwxrwxrwx")); } }
assertEquals(null, provider.getCredentialEntry( LdapGroupsMapping.BIND_PASSWORD_KEY)); assertEquals(null, provider.getCredentialEntry (LdapGroupsMapping.LDAP_KEYSTORE_PASSWORD_KEY)); assertArrayEquals(bindpass, provider.getCredentialEntry( LdapGroupsMapping.BIND_PASSWORD_KEY).getCredential()); assertArrayEquals(storepass, provider.getCredentialEntry( LdapGroupsMapping.LDAP_KEYSTORE_PASSWORD_KEY).getCredential());
assertEquals(null, provider.getCredentialEntry( LdapGroupsMapping.BIND_PASSWORD_KEY)); assertEquals(null, provider.getCredentialEntry (LdapGroupsMapping.LDAP_KEYSTORE_PASSWORD_KEY)); assertArrayEquals(bindpass, provider.getCredentialEntry( LdapGroupsMapping.BIND_PASSWORD_KEY).getCredential()); assertArrayEquals(storepass, provider.getCredentialEntry( LdapGroupsMapping.LDAP_KEYSTORE_PASSWORD_KEY).getCredential());
assertEquals(null, provider.getCredentialEntry("no-such-key")); assertEquals(null, provider.getCredentialEntry("key")); assertArrayEquals(passwd, provider.getCredentialEntry("pass").getCredential()); provider.createCredentialEntry("pass2", passTwo); assertArrayEquals(passTwo, provider.getCredentialEntry("pass2").getCredential()); assertTrue(provider != null); assertArrayEquals(new char[]{'1', '2', '3'}, provider.getCredentialEntry("pass2").getCredential()); assertArrayEquals(passwd, provider.getCredentialEntry("pass").getCredential());