Tabnine Logo
SecurityUtils
Code IndexAdd Tabnine to your IDE (free)

How to use
SecurityUtils
in
alluxio.util

Best Java code snippets using alluxio.util.SecurityUtils (Showing top 20 results out of 315)

origin: Alluxio/alluxio

/**
 * Creates {@link ChannelAuthenticator} instance.
 *
 * @param subject javax subject to use for authentication
 * @param conf Alluxio configuration
 */
public ChannelAuthenticator(Subject subject, AlluxioConfiguration conf) {
 mUseSubject = true;
 mChannelId = UUID.randomUUID();
 mParentSubject = subject;
 mAuthType = conf.getEnum(PropertyKey.SECURITY_AUTHENTICATION_TYPE, AuthType.class);
 mSecurityEnabled = SecurityUtils.isSecurityEnabled(conf);
 mGrpcAuthTimeoutMs = conf.getMs(PropertyKey.MASTER_GRPC_CHANNEL_AUTH_TIMEOUT);
}
origin: Alluxio/alluxio

/**
 * Creates context with given option data.
 *
 * @param optionsBuilder the options builder
 */
protected CreatePathContext(T optionsBuilder) {
 super(optionsBuilder);
 mMountPoint = false;
 mOperationTimeMs = System.currentTimeMillis();
 mAcl = Collections.emptyList();
 mMetadataLoad = false;
 mGroup = "";
 mOwner = "";
 if (SecurityUtils.isAuthenticationEnabled(ServerConfiguration.global())) {
  mOwner = SecurityUtils.getOwnerFromGrpcClient(ServerConfiguration.global());
  mGroup = SecurityUtils.getGroupFromGrpcClient(ServerConfiguration.global());
 }
 // Initialize mPersisted based on proto write type.
 WritePType writeType = WritePType.NONE;
 if (optionsBuilder instanceof CreateFilePOptions.Builder) {
  writeType = ((CreateFilePOptions.Builder) optionsBuilder).getWriteType();
 } else if (optionsBuilder instanceof CreateDirectoryPOptions.Builder) {
  writeType = ((CreateDirectoryPOptions.Builder) optionsBuilder).getWriteType();
 }
 mPersisted = WriteType.fromProto(writeType).isThrough();
}
origin: Alluxio/alluxio

 private CreateUfsFileOptions(AlluxioConfiguration alluxioConf) {
  mOwner = SecurityUtils.getOwnerFromLoginModule(alluxioConf);
  mGroup = SecurityUtils.getGroupFromLoginModule(alluxioConf);
  mMode = ModeUtils.applyFileUMask(Mode.defaults(), alluxioConf
    .get(PropertyKey.SECURITY_AUTHORIZATION_PERMISSION_UMASK));
  // TODO(chaomin): set permission based on the alluxio file. Not needed for now since the
  // file is always created with default permission.
 }
}
origin: Alluxio/alluxio

/**
 * Checks if security is enabled.
 *
 * @param conf Alluxio configuration
 * @return true if security is enabled, false otherwise
 */
public static boolean isSecurityEnabled(AlluxioConfiguration conf) {
 return isAuthenticationEnabled(conf) && isAuthorizationEnabled(conf);
}
origin: Alluxio/alluxio

try (JournalContext context = createJournalContext()) {
 mInodeTree.initializeRoot(
   SecurityUtils.getOwnerFromLoginModule(ServerConfiguration.global()),
   SecurityUtils.getGroupFromLoginModule(ServerConfiguration.global()),
   ModeUtils.applyDirectoryUMask(Mode.createFullAccess(),
     ServerConfiguration.get(PropertyKey.SECURITY_AUTHORIZATION_PERMISSION_UMASK)),
String serverOwner = SecurityUtils.getOwnerFromLoginModule(ServerConfiguration.global());
if (SecurityUtils.isSecurityEnabled(ServerConfiguration.global())
  && !root.getOwner().isEmpty() && !root.getOwner().equals(serverOwner)) {
origin: Alluxio/alluxio

private AlluxioURI createTestFile() throws Exception {
 AlluxioURI path = new AlluxioURI("/" + CommonUtils.randomAlphaNumString(10));
 String owner = SecurityUtils.getOwnerFromGrpcClient(ServerConfiguration.global());
 String group = SecurityUtils.getGroupFromGrpcClient(ServerConfiguration.global());
 mFileSystemMaster.createFile(path,
   CreateFileContext
     .defaults(
       CreateFilePOptions.newBuilder().setMode(Mode.createFullAccess().toProto()))
     .setOwner(owner).setGroup(group));
 mFileSystemMaster.completeFile(path, CompleteFileContext.defaults());
 return path;
}
origin: Alluxio/alluxio

/**
 * Gets the {@link User} from the {@link ThreadLocal} variable.
 *
 * @param conf Alluxio configuration
 * @return the client user, null if the user is not present
 */
// TODO(peis): Fail early if the user is not able to be set to avoid returning null.
public static User get(AlluxioConfiguration conf) throws IOException {
 if (!SecurityUtils.isAuthenticationEnabled(conf)) {
  throw new IOException(ExceptionMessage.AUTHENTICATION_IS_NOT_ENABLED.getMessage());
 }
 return sUserThreadLocal.get();
}
origin: org.alluxio/alluxio-core-server-master

/**
 * Constructs an instance of {@link CreateFileOptions} from {@link CreateFileTOptions}. The option
 * of permission is constructed with the username obtained from thrift transport.
 *
 * @param options the {@link CreateFileTOptions} to use
 */
public CreateFileOptions(CreateFileTOptions options) {
 this();
 if (options != null) {
  if (options.isSetCommonOptions()) {
   mCommonOptions = new CommonOptions(options.getCommonOptions());
  }
  mBlockSizeBytes = options.getBlockSizeBytes();
  mPersisted = options.isPersisted();
  mRecursive = options.isRecursive();
  mTtl = options.getTtl();
  mTtlAction = TtlAction.fromThrift(options.getTtlAction());
  if (SecurityUtils.isAuthenticationEnabled()) {
   mOwner = SecurityUtils.getOwnerFromThriftClient();
   mGroup = SecurityUtils.getGroupFromThriftClient();
  }
  if (options.isSetMode()) {
   mMode = new Mode(options.getMode());
  } else {
   mMode.applyFileUMask();
  }
 }
}
origin: Alluxio/alluxio

/**
 * Tests the {@link SecurityUtils#getOwnerFromGrpcClient()} ()} method.
 */
@Test
public void getOwnerFromGrpcClient() throws Exception {
 // When security is not enabled, user and group are not set
 mConfiguration.set(PropertyKey.SECURITY_AUTHENTICATION_TYPE, AuthType.NOSASL.getAuthName());
 Assert.assertEquals("", SecurityUtils.getOwnerFromGrpcClient(mConfiguration));
 mConfiguration.set(PropertyKey.SECURITY_AUTHENTICATION_TYPE, AuthType.SIMPLE.getAuthName());
 mConfiguration.set(PropertyKey.SECURITY_GROUP_MAPPING_CLASS,
   IdentityUserGroupsMapping.class.getName());
 AuthenticatedClientUser.set("test_client_user");
 Assert.assertEquals("test_client_user", SecurityUtils.getOwnerFromGrpcClient(mConfiguration));
}
origin: Alluxio/alluxio

/**
 * Tests the {@link SecurityUtils#getGroupFromGrpcClient()} ()} method.
 */
@Test
public void getGroupFromGrpcClient() throws Exception {
 // When security is not enabled, user and group are not set
 mConfiguration.set(PropertyKey.SECURITY_AUTHENTICATION_TYPE, AuthType.NOSASL.getAuthName());
 Assert.assertEquals("", SecurityUtils.getGroupFromGrpcClient(mConfiguration));
 mConfiguration.set(PropertyKey.SECURITY_AUTHENTICATION_TYPE, AuthType.SIMPLE.getAuthName());
 mConfiguration.set(PropertyKey.SECURITY_GROUP_MAPPING_CLASS,
   IdentityUserGroupsMapping.class.getName());
 AuthenticatedClientUser.set("test_client_user");
 Assert.assertEquals("test_client_user", SecurityUtils.getGroupFromGrpcClient(mConfiguration));
}
origin: Alluxio/alluxio

/**
 * Tests the {@link SecurityUtils#getOwnerFromLoginModule()} method.
 */
@Test
public void getOwnerFromLoginModule() throws Exception {
 // When security is not enabled, user and group are not set
 mConfiguration.set(PropertyKey.SECURITY_AUTHENTICATION_TYPE, AuthType.NOSASL.getAuthName());
 Assert.assertEquals("", SecurityUtils.getOwnerFromLoginModule(mConfiguration));
 // When authentication is enabled, user and group are inferred from login module
 mConfiguration.set(PropertyKey.SECURITY_AUTHENTICATION_TYPE, AuthType.SIMPLE.getAuthName());
 mConfiguration.set(PropertyKey.SECURITY_LOGIN_USERNAME, "test_login_user");
 mConfiguration.set(PropertyKey.SECURITY_GROUP_MAPPING_CLASS,
   IdentityUserGroupsMapping.class.getName());
 Assert.assertEquals("test_login_user", SecurityUtils.getOwnerFromLoginModule(mConfiguration));
}
origin: Alluxio/alluxio

 /**
  * Tests the {@link SecurityUtils#getGroupFromLoginModule()} method.
  */
 @Test
 public void getGroupFromLoginModuleError() throws Exception {
  // When security is not enabled, user and group are not set
  mConfiguration.set(PropertyKey.SECURITY_AUTHENTICATION_TYPE, AuthType.NOSASL.getAuthName());
  Assert.assertEquals("", SecurityUtils.getGroupFromLoginModule(mConfiguration));

  // When authentication is enabled, user and group are inferred from login module
  mConfiguration.set(PropertyKey.SECURITY_AUTHENTICATION_TYPE, AuthType.SIMPLE.getAuthName());
  mConfiguration.set(PropertyKey.SECURITY_LOGIN_USERNAME, "test_login_user");
  mConfiguration.set(PropertyKey.SECURITY_GROUP_MAPPING_CLASS,
    IdentityUserGroupsMapping.class.getName());
  LoginUserTestUtils.resetLoginUser();
  Assert.assertEquals("test_login_user", SecurityUtils.getGroupFromLoginModule(mConfiguration));
 }
}
origin: org.alluxio/alluxio-core-server-master

if (root == null) {
 try (JournalContext context = createJournalContext()) {
  mInodeTree.initializeRoot(SecurityUtils.getOwnerFromLoginModule(),
    SecurityUtils.getGroupFromLoginModule(),
    Mode.createFullAccess().applyDirectoryUMask(), context);
  context.append(mInodeTree.getRoot().toJournalEntry());
 String serverOwner = SecurityUtils.getOwnerFromLoginModule();
 if (SecurityUtils.isSecurityEnabled() && !root.getOwner().isEmpty()
   && !root.getOwner().equals(serverOwner)) {
origin: Alluxio/alluxio

private void verifyCreateFile(TestUser user, String path, boolean recursive) throws Exception {
 try (Closeable r = new AuthenticatedUserRule(user.getUser(),
   ServerConfiguration.global()).toResource()) {
  CreateFileContext context = CreateFileContext
    .defaults(
      CreateFilePOptions.newBuilder().setRecursive(recursive))
    .setOwner(SecurityUtils.getOwnerFromGrpcClient(ServerConfiguration.global()))
    .setGroup(SecurityUtils.getGroupFromGrpcClient(ServerConfiguration.global()))
    .setPersisted(true);
  long fileId = mFileSystemMaster.createFile(new AlluxioURI(path), context);
  FileInfo fileInfo = mFileSystemMaster.getFileInfo(fileId);
  String[] pathComponents = path.split("/");
  assertEquals(pathComponents[pathComponents.length - 1], fileInfo.getName());
  assertEquals(user.getUser(), fileInfo.getOwner());
 }
}
origin: Alluxio/alluxio

private GrpcServerBuilder(NettyServerBuilder nettyServerBuilder, AlluxioConfiguration conf) {
 mConfiguration = conf;
 mServices = new HashSet<>();
 mNettyServerBuilder = nettyServerBuilder;
 if (SecurityUtils.isAuthenticationEnabled(conf)) {
  LoggerFactory.getLogger(GrpcServerBuilder.class).warn("Authentication ENABLED");
  mAuthenticationServer = new DefaultAuthenticationServer(conf);
  addService(new GrpcService(mAuthenticationServer).disableAuthentication());
 }
}
origin: org.alluxio/alluxio-core-server-master

/**
 * Constructs an instance of {@link CreateDirectoryOptions} from {@link CreateDirectoryTOptions}.
 * The option of permission is constructed with the username obtained from thrift
 * transport.
 *
 * @param options the {@link CreateDirectoryTOptions} to use
 */
public CreateDirectoryOptions(CreateDirectoryTOptions options) {
 this();
 if (options != null) {
  if (options.isSetCommonOptions()) {
   mCommonOptions = new CommonOptions(options.getCommonOptions());
  }
  mAllowExists = options.isAllowExists();
  mPersisted = options.isPersisted();
  mRecursive = options.isRecursive();
  mTtl = options.getTtl();
  mTtlAction = TtlAction.fromThrift(options.getTtlAction());
  if (SecurityUtils.isAuthenticationEnabled()) {
   mOwner = SecurityUtils.getOwnerFromThriftClient();
   mGroup = SecurityUtils.getGroupFromThriftClient();
  }
  if (options.isSetMode()) {
   mMode = new Mode(options.getMode());
  } else {
   mMode.applyDirectoryUMask();
  }
 }
}
origin: org.alluxio/alluxio-core-common

/**
 * Checks if security is enabled.
 *
 * @return true if security is enabled, false otherwise
 */
public static boolean isSecurityEnabled() {
 return isAuthenticationEnabled() && isAuthorizationEnabled();
}
origin: Alluxio/alluxio

@Override
public List<ServerInterceptor> getInterceptors() {
 if (!SecurityUtils.isSecurityEnabled(mConfiguration)) {
  return Collections.emptyList();
 }
 List<ServerInterceptor> interceptorsList = new ArrayList<>(2);
 AuthType authType = mConfiguration.getEnum(PropertyKey.SECURITY_AUTHENTICATION_TYPE,
   AuthType.class);
 checkSupported(authType);
 switch (authType) {
  case SIMPLE:
  case CUSTOM:
   interceptorsList.add(new AuthenticatedUserInjector(this));
   break;
  default:
   throw new RuntimeException("Unsupported authentication type:" + authType);
 }
 return interceptorsList;
}
origin: Alluxio/alluxio

 private CompleteUfsFileOptions(AlluxioConfiguration alluxioConf) {
  mOwner = SecurityUtils.getOwnerFromLoginModule(alluxioConf);
  mGroup = SecurityUtils.getGroupFromLoginModule(alluxioConf);
  mMode = ModeUtils.applyFileUMask(Mode.defaults(),
    alluxioConf.get(PropertyKey.SECURITY_AUTHORIZATION_PERMISSION_UMASK));
  // TODO(chaomin): set permission based on the alluxio file. Not needed for now since the
  // file is always created with default permission.
 }
}
origin: Alluxio/alluxio

private void verifyCreateDirectory(TestUser user, String path, boolean recursive)
  throws Exception {
 try (Closeable r = new AuthenticatedUserRule(user.getUser(),
   ServerConfiguration.global()).toResource()) {
  CreateDirectoryContext context = CreateDirectoryContext
    .defaults(CreateDirectoryPOptions.newBuilder().setRecursive(recursive))
    .setOwner(SecurityUtils.getOwnerFromGrpcClient(ServerConfiguration.global()))
    .setGroup(SecurityUtils.getGroupFromGrpcClient(ServerConfiguration.global()));
  mFileSystemMaster.createDirectory(new AlluxioURI(path), context);
  FileInfo fileInfo =
    mFileSystemMaster.getFileInfo(mFileSystemMaster.getFileId(new AlluxioURI(path)));
  String[] pathComponents = path.split("/");
  assertEquals(pathComponents[pathComponents.length - 1], fileInfo.getName());
  assertEquals(true, fileInfo.isFolder());
  assertEquals(user.getUser(), fileInfo.getOwner());
 }
}
alluxio.utilSecurityUtils

Javadoc

Utility methods for security.

Most used methods

  • isSecurityEnabled
    Checks if security is enabled.
  • getGroupFromGrpcClient
  • getGroupFromLoginModule
  • getOwnerFromGrpcClient
  • getOwnerFromLoginModule
  • isAuthenticationEnabled
    Checks if authentication is enabled.
  • getGroupFromThriftClient
  • getOwnerFromThriftClient
  • isAuthorizationEnabled
    Checks if authorization is enabled.

Popular in Java

  • Reactive rest calls using spring rest template
  • runOnUiThread (Activity)
  • onCreateOptionsMenu (Activity)
  • orElseThrow (Optional)
    Return the contained value, if present, otherwise throw an exception to be created by the provided s
  • LinkedList (java.util)
    Doubly-linked list implementation of the List and Dequeinterfaces. Implements all optional list oper
  • Executor (java.util.concurrent)
    An object that executes submitted Runnable tasks. This interface provides a way of decoupling task s
  • Collectors (java.util.stream)
  • Cipher (javax.crypto)
    This class provides access to implementations of cryptographic ciphers for encryption and decryption
  • JList (javax.swing)
  • LoggerFactory (org.slf4j)
    The LoggerFactory is a utility class producing Loggers for various logging APIs, most notably for lo
  • Best plugins for Eclipse
Tabnine Logo
  • Products

    Search for Java codeSearch for JavaScript code
  • IDE Plugins

    IntelliJ IDEAWebStormVisual StudioAndroid StudioEclipseVisual Studio CodePyCharmSublime TextPhpStormVimGoLandRubyMineEmacsJupyter NotebookJupyter LabRiderDataGripAppCode
  • Company

    About UsContact UsCareers
  • Resources

    FAQBlogTabnine AcademyTerms of usePrivacy policyJava Code IndexJavascript Code Index
Get Tabnine for your IDE now