/** * @throws Exception If failed. */ @Test public void testDefaultUserUpdate() throws Exception { AuthorizationContext.context(actxDflt); try { // Change from all nodes for (int nodeIdx = 0; nodeIdx < NODES_COUNT; ++nodeIdx) { grid(nodeIdx).context().authentication().updateUser("ignite", "ignite" + nodeIdx); // Check each change from all nodes for (int i = 0; i < NODES_COUNT; ++i) { AuthorizationContext actx = grid(i).context().authentication().authenticate("ignite", "ignite" + nodeIdx); assertNotNull(actx); assertEquals("ignite", actx.userName()); } } } finally { AuthorizationContext.clear(); } }
continue; return new AuthorizationContext(User.create(login)); return new AuthorizationContext(authenticateOnServer(login, passwd));
/** * @param op User operation. * @return Operation future. * @throws IgniteCheckedException On error. */ private UserOperationFinishFuture execUserOperation(UserManagementOperation op) throws IgniteCheckedException { checkActivate(); checkEnabled(); synchronized (mux) { if (disconnected) { throw new UserManagementException("Failed to initiate user management operation because " + "client node is disconnected."); } AuthorizationContext actx = AuthorizationContext.context(); if (actx == null) throw new IgniteAccessControlException("Operation not allowed: authorized context is empty."); actx.checkUserOperation(op); UserOperationFinishFuture fut = new UserOperationFinishFuture(op.id()); opFinishFuts.put(op.id(), fut); UserProposedMessage msg = new UserProposedMessage(op); ctx.discovery().sendCustomEvent(msg); return fut; } }
/** * @param passwd User's password to check. */ private void checkInvalidPassword(final String passwd) { AuthorizationContext.context(actxDflt); GridTestUtils.assertThrows(log, new Callable<Object>() { @Override public Object call() throws Exception { grid(CLI_NODE).context().authentication().addUser("test", passwd); return null; } }, UserManagementException.class, "Invalid user name"); } /**
/** * @throws Exception If failed. */ @Test public void testCreateUpdateDropUser() throws Exception { AuthorizationContext.context(actxDflt); for (int i = 0; i < NODES_COUNT; ++i) { userSql(i, "CREATE USER test WITH PASSWORD 'test'"); AuthorizationContext actx = grid(i).context().authentication() .authenticate("TEST", "test"); assertNotNull(actx); assertEquals("TEST", actx.userName()); userSql(i, "ALTER USER test WITH PASSWORD 'newpasswd'"); actx = grid(i).context().authentication() .authenticate("TEST", "newpasswd"); assertNotNull(actx); assertEquals("TEST", actx.userName()); userSql(i, "DROP USER test"); } }
/** * Compose connection description string. * @param ses client NIO session. * @param ctx client connection context. * @return connection description */ @SuppressWarnings("StringConcatenationInsideStringBufferAppend") private String clientConnectionDescription(GridNioSession ses, ClientListenerConnectionContext ctx) { AuthorizationContext authCtx = ctx.authorizationContext(); StringBuilder sb = new StringBuilder(); if(ctx instanceof JdbcConnectionContext) sb.append("JdbcClient ["); else if (ctx instanceof OdbcConnectionContext) sb.append("OdbcClient ["); else sb.append("ThinClient ["); InetSocketAddress rmtAddr = ses.remoteAddress(); InetSocketAddress locAddr = ses.localAddress(); assert rmtAddr != null; assert locAddr != null; String rmtAddrStr = rmtAddr.getHostString() + ":" + rmtAddr.getPort(); String locAddrStr = locAddr.getHostString() + ":" + locAddr.getPort(); sb.append("id=" + ctx.connectionId()); sb.append(", user=").append(authCtx == null ? "<anonymous>" : authCtx.userName()); sb.append(", rmtAddr=" + rmtAddrStr); sb.append(", locAddr=" + locAddrStr); return sb.append(']').toString(); } }
/** {@inheritDoc} */ @Override protected void afterTest() throws Exception { AuthorizationContext.clear(); stopAllGrids(); super.afterTest(); }
/** * @throws Exception If failed. */ @Test public void testAddUpdateRemoveUser() throws Exception { AuthorizationContext.context(actxDflt); try { for (int i = 0; i < NODES_COUNT; ++i) { for (int j = 0; j < NODES_COUNT; ++j) checkAddUpdateRemoveUser(grid(i), grid(j)); } } finally { AuthorizationContext.context(null); } }
/** * @throws Exception If failed. */ @Test public void testProceedUsersOnJoinNode() throws Exception { AuthorizationContext.context(actxDflt); try { grid(0).context().authentication().addUser("test0", "test"); grid(0).context().authentication().addUser("test1", "test"); int nodeIdx = NODES_COUNT; startGrid(nodeIdx); AuthorizationContext actx0 = grid(nodeIdx).context().authentication().authenticate("test0", "test"); AuthorizationContext actx1 = grid(nodeIdx).context().authentication().authenticate("test1", "test"); assertNotNull(actx0); assertEquals("test0", actx0.userName()); assertNotNull(actx1); assertEquals("test1", actx1.userName()); } finally { AuthorizationContext.context(null); } }
/** * @throws Exception If failed. */ @Test public void testDefaultUser() throws Exception { for (int i = 0; i < NODES_COUNT; ++i) { AuthorizationContext actx = grid(i).context().authentication().authenticate("ignite", "ignite"); assertNotNull(actx); assertEquals("ignite", actx.userName()); } }
/** * @param op User operation. * @return Operation future. * @throws IgniteCheckedException On error. */ private UserOperationFinishFuture execUserOperation(UserManagementOperation op) throws IgniteCheckedException { checkActivate(); checkEnabled(); synchronized (mux) { if (disconnected) { throw new UserManagementException("Failed to initiate user management operation because " + "client node is disconnected."); } AuthorizationContext actx = AuthorizationContext.context(); if (actx == null) throw new IgniteAccessControlException("Operation not allowed: authorized context is empty."); actx.checkUserOperation(op); UserOperationFinishFuture fut = new UserOperationFinishFuture(op.id()); opFinishFuts.put(op.id(), fut); UserProposedMessage msg = new UserProposedMessage(op); ctx.discovery().sendCustomEvent(msg); return fut; } }
/** * @throws Exception If failed. */ @Test public void testAuthenticationInvalidUser() throws Exception { AuthorizationContext.context(actxDflt); try { for (int i = 0; i < NODES_COUNT; ++i) { final int nodeIdx = i; GridTestUtils.assertThrows(log, new Callable<Object>() { @Override public Object call() throws Exception { grid(nodeIdx).context().authentication().authenticate("invalid_name", "test"); return null; } }, IgniteAccessControlException.class, "The user name or password is incorrect"); GridTestUtils.assertThrows(log, new Callable<Object>() { @Override public Object call() throws Exception { grid(nodeIdx).context().authentication().authenticate("test", "invalid_password"); return null; } }, IgniteAccessControlException.class, "The user name or password is incorrect"); } } finally { AuthorizationContext.context(null); } }
/** * @throws Exception If failed. */ @Test public void testDefaultUserPersistence() throws Exception { AuthorizationContext.context(actxDflt); try { grid(CLI_NODE).context().authentication().addUser("test", "passwd"); stopAllGrids(); U.sleep(500); startGrids(NODES_COUNT); for (int i = 0; i < NODES_COUNT; ++i) { AuthorizationContext actx = grid(i).context().authentication() .authenticate("ignite", "ignite"); assertNotNull(actx); assertEquals("ignite", actx.userName()); actx = grid(i).context().authentication() .authenticate("test", "passwd"); assertNotNull(actx); assertEquals("test", actx.userName()); } } finally { AuthorizationContext.clear(); } }
/** * @throws Exception If failed. */ @Test public void testDefaultUser() throws Exception { startGrids(NODES_COUNT); for (int i = 0; i < NODES_COUNT; ++i) { AuthorizationContext actx = grid(i).context().authentication().authenticate("ignite", "ignite"); assertNotNull(actx); assertEquals("ignite", actx.userName()); } }
continue; return new AuthorizationContext(User.create(login)); return new AuthorizationContext(authenticateOnServer(login, passwd));
/** {@inheritDoc} */ @Override protected void beforeTest() throws Exception { super.beforeTest(); U.resolveWorkDirectory(U.defaultWorkDirectory(), "db", true); startGrids(2); grid(0).cluster().active(true); AuthorizationContext.context(grid(0).context().authentication().authenticate("ignite", "ignite")); grid(0).context().authentication().addUser("another_user", "passwd"); AuthorizationContext.clear(); }
/** * @throws Exception If failed. */ @Test public void testUpdateRemoveDoesNotExistsUser() throws Exception { AuthorizationContext.context(actxDflt); try { for (int i = 0; i < NODES_COUNT; ++i) { final int nodeIdx = i; GridTestUtils.assertThrows(log, new Callable<Object>() { @Override public Object call() throws Exception { grid(nodeIdx).context().authentication().updateUser("invalid_name", "test"); return null; } }, UserManagementException.class, "User doesn't exist"); GridTestUtils.assertThrows(log, new Callable<Object>() { @Override public Object call() throws Exception { grid(nodeIdx).context().authentication().removeUser("invalid_name"); return null; } }, UserManagementException.class, "User doesn't exist"); } } finally { AuthorizationContext.context(null); } }