@Override public boolean exec() throws CliException { byte[] b = null; if (args.length >= 3) { b = args[2].getBytes(); } zk.addAuthInfo(args[1], b); return false; } }
@Override public void authenticate(ZooKeeper zooKeeper) { zooKeeper.addAuthInfo("digest", String.format("%s:%s", username, password).getBytes(UTF_8)); } }
private ZooKeeper getZooKeeper(String zooKeeperConnectString, AuthMode authMode, byte[] authData) throws IOException { CountDownLatch connectionLatch = new CountDownLatch(1); ZooKeeper zooKeeper = new ZooKeeper(zooKeeperConnectString, 3000, watchedEvent -> { if (LOGGER.isDebugEnabled()) { LOGGER.debug("ZooKeeper server state changed to {} in {}", watchedEvent.getState(), zooKeeperConnectString); } if (watchedEvent.getType().equals(Watcher.Event.EventType.None) && watchedEvent.getState().equals(Watcher.Event.KeeperState.SyncConnected)) { connectionLatch.countDown(); } }); final boolean connected; try { connected = connectionLatch.await(5, TimeUnit.SECONDS); } catch (InterruptedException e) { closeZooKeeper(zooKeeper); Thread.currentThread().interrupt(); throw new IOException(String.format("interrupted while waiting for ZooKeeper connection to %s", zooKeeperConnectString), e); } if (!connected) { closeZooKeeper(zooKeeper); throw new IOException(String.format("unable to connect to %s", zooKeeperConnectString)); } if (authMode.equals(AuthMode.DIGEST)) { zooKeeper.addAuthInfo(SCHEME_DIGEST, authData); } return zooKeeper; }
synchronized ZooKeeper getZooKeeper() throws IOException { if (zooKeeper != null && !zooKeeper.getState().isAlive()) { invalidateClient(); } if (zooKeeper == null) { zooKeeper = new ZooKeeper(connectionString, timeoutMillis, new Watcher() { @Override public void process(WatchedEvent event) { } }); if (auth != null) { zooKeeper.addAuthInfo("digest", auth); } } return zooKeeper; }
@Test public void testSuperACL() throws Exception { ZooKeeper zk = createClient(); try { zk.addAuthInfo("digest", "pat:pass".getBytes()); zk.create("/path1", null, Ids.CREATOR_ALL_ACL, CreateMode.PERSISTENT); zk.close(); // verify super can do anything and ignores ACLs zk = createClient(); zk.addAuthInfo("digest", "super:test".getBytes()); zk.getData("/path1", false, null); zk.setACL("/path1", Ids.READ_ACL_UNSAFE, -1); zk.create("/path1/foo", null, Ids.CREATOR_ALL_ACL, CreateMode.PERSISTENT); zk.setACL("/path1", Ids.OPEN_ACL_UNSAFE, -1); } finally { zk.close(); } } }
public void validAuth() throws Exception { ZooKeeper zk = createClient(); // any multiple of 5 will do... zk.addAuthInfo("key", "25".getBytes()); try { createNodePrintAcl(zk, "/valid", "testValidAuth"); zk.getData("/abc", false, null); zk.setData("/abc", "testData3".getBytes(), -1); } catch (KeeperException.AuthFailedException e) { Assert.fail("test failed :" + e); } finally { zk.close(); } }
public void validAuth2() throws Exception { ZooKeeper zk = createClient(); // any multiple of 5 will do... zk.addAuthInfo("key", "125".getBytes()); try { createNodePrintAcl(zk, "/valid2", "testValidAuth2"); zk.getData("/abc", false, null); zk.setData("/abc", "testData3".getBytes(), -1); } catch (KeeperException.AuthFailedException e) { Assert.fail("test failed :" + e); } finally { zk.close(); } }
@Before @Override public void setUp() throws Exception { super.setUp(); LOG.info("Creating client " + getTestName()); zk = createClient(); zk.addAuthInfo("digest", "ben:passwd".getBytes()); }
@Test public void testBadAuthThenSendOtherCommands() throws Exception { ZooKeeper zk = createClient(); try { zk.addAuthInfo("INVALID", "BAR".getBytes()); zk.exists("/foobar", false); zk.getData("/path1", false, null); Assert.fail("Should get auth state error"); } catch(KeeperException.AuthFailedException e) { if(!authFailed.await(CONNECTION_TIMEOUT, TimeUnit.MILLISECONDS)) { Assert.fail("Should have called my watcher"); } } finally { zk.close(); } }
@Test public void testBadAuthNotifiesWatch() throws Exception { ZooKeeper zk = createClient(); try { zk.addAuthInfo("FOO", "BAR".getBytes()); zk.getData("/path1", false, null); Assert.fail("Should get auth state error"); } catch(KeeperException.AuthFailedException e) { if(!authFailed.await(CONNECTION_TIMEOUT, TimeUnit.MILLISECONDS)) { Assert.fail("Should have called my watcher"); } } finally { zk.close(); } }
public void preAuth() throws Exception { ZooKeeper zk = createClient(); zk.addAuthInfo("key", "25".getBytes()); try { createNodePrintAcl(zk, "/pre", "testPreAuth"); zk.setACL("/", Ids.CREATOR_ALL_ACL, -1); zk.getChildren("/", false); zk.create("/abc", null, Ids.CREATOR_ALL_ACL, CreateMode.PERSISTENT); zk.setData("/abc", "testData1".getBytes(), -1); zk.create("/key", null, Ids.CREATOR_ALL_ACL, CreateMode.PERSISTENT); zk.setData("/key", "5".getBytes(), -1); Thread.sleep(1000); } catch (KeeperException e) { Assert.fail("test failed :" + e); } finally { zk.close(); } }
ZooKeeper zk = createClient(); try { zk.addAuthInfo("digest", "pat:pass".getBytes()); zk.create("/path1", null, Ids.CREATOR_ALL_ACL, CreateMode.PERSISTENT); zk.addAuthInfo("digest", "pat:pass2".getBytes()); try { zk.getData("/path1", false, null); zk.addAuthInfo("digest", "super:test2".getBytes()); try { zk.getData("/path1", false, null); zk.addAuthInfo("digest", "super:test".getBytes()); zk.getData("/path1", false, null); } finally {
/** * Get a new zookeeper client instance. protected so that test class can * inherit and mock out the zookeeper instance * * @return new zookeeper client instance * @throws IOException * @throws KeeperException zookeeper connectionloss exception */ protected synchronized ZooKeeper connectToZooKeeper() throws IOException, KeeperException { // Unfortunately, the ZooKeeper constructor connects to ZooKeeper and // may trigger the Connected event immediately. So, if we register the // watcher after constructing ZooKeeper, we may miss that event. Instead, // we construct the watcher first, and have it block any events it receives // before we can set its ZooKeeper reference. watcher = new WatcherWithClientRef(); ZooKeeper zk = createZooKeeper(); watcher.setZooKeeperRef(zk); // Wait for the asynchronous success/failure. This may throw an exception // if we don't connect within the session timeout. watcher.waitForZKConnectionEvent(zkSessionTimeout); for (ZKAuthInfo auth : zkAuthInfo) { zk.addAuthInfo(auth.getScheme(), auth.getAuth()); } return zk; }
zk = createClient(); try { zk.addAuthInfo("digest", "ben:passwd".getBytes()); zk.create("/ben", new byte[0], Ids.READ_ACL_UNSAFE, CreateMode.PERSISTENT, this, results); zk.create("/ben/2", new byte[0], Ids.CREATOR_ALL_ACL, CreateMode.PERSISTENT, this, results); zk.addAuthInfo("digest", "ben:passwd2".getBytes()); try { zk.getData("/ben2", false, new Stat()); zk.addAuthInfo("digest", "ben:passwd".getBytes()); zk.getData("/ben2", false, new Stat()); } finally {
watcher.waitForConnected(CONNECTION_TIMEOUT); try { zk.addAuthInfo("FOO", "BAR".getBytes()); zk.getData("/path1", false, null); Assert.fail("Should get auth state error");
try { zk = createClient(); zk.addAuthInfo("digest", "ben:passwd".getBytes()); ArrayList<ACL> testACL = new ArrayList<ACL>(); testACL.add(new ACL(Perms.ALL, new Id("auth", null))); zk.close(); zk = createClient(); zk.addAuthInfo("digest", "ben:passwd2".getBytes()); if (skipACL) { try { zk.addAuthInfo("digest", "ben:passwd".getBytes()); zk.getData("/acltest", false, null); zk.setACL("/acltest", Ids.OPEN_ACL_UNSAFE, -1);
try { zk.addAuthInfo("digest", "pat:test".getBytes()); zk.setACL("/", Ids.CREATOR_ALL_ACL, -1); zk.getData("/", false, null); zk.addAuthInfo("digest", "world:anyone".getBytes()); try { zk.create("/apps", null, Ids.CREATOR_ALL_ACL, zk.addAuthInfo("digest", "pat:test".getBytes()); zk.getData("/", false, null); zk.create("/apps", null, Ids.CREATOR_ALL_ACL, zk.addAuthInfo("digest", "world:anyone".getBytes()); zk.create("/apps", null, Ids.CREATOR_ALL_ACL, CreateMode.PERSISTENT);
+ e.getMessage()); zk.addAuthInfo("digest", "ben:passwd".getBytes()); ArrayList<ACL> testACL = new ArrayList<ACL>(); testACL.add(new ACL(Perms.ALL, new Id("auth",""))); zk.close(); zk = createClient(); zk.addAuthInfo("digest", "ben:passwd2".getBytes()); if (skipACL) { try { zk.addAuthInfo("digest", "ben:passwd".getBytes()); zk.getData("/acltest", false, null); zk.setACL("/acltest", Ids.OPEN_ACL_UNSAFE, -1);
@Test public void testDisconnectedAddAuth() throws Exception { File tmpDir = ClientBase.createTmpDir(); ClientBase.setupTestEnv(); ZooKeeperServer zks = new ZooKeeperServer(tmpDir, tmpDir, 3000); SyncRequestProcessor.setSnapCount(1000); final int PORT = Integer.parseInt(HOSTPORT.split(":")[1]); ServerCnxnFactory f = ServerCnxnFactory.createFactory(PORT, -1); f.startup(zks); try { LOG.info("starting up the zookeeper server .. waiting"); Assert.assertTrue("waiting for server being up", ClientBase.waitForServerUp(HOSTPORT, CONNECTION_TIMEOUT)); ZooKeeper zk = ClientBase.createZKClient(HOSTPORT); try { zk.addAuthInfo("digest", "pat:test".getBytes()); zk.setACL("/", Ids.CREATOR_ALL_ACL, -1); } finally { zk.close(); } } finally { f.shutdown(); zks.shutdown(); Assert.assertTrue("waiting for server down", ClientBase.waitForServerDown(HOSTPORT, ClientBase.CONNECTION_TIMEOUT)); } }
zk = ClientBase.createZKClient(HOSTPORT); zk.addAuthInfo("digest", "pat:test".getBytes()); zk.setACL("/", Ids.CREATOR_ALL_ACL, -1);