@Before public void setUp() throws Exception { CConfiguration conf = CConfiguration.create(); conf.set(Constants.Security.Store.FILE_PATH, TEMP_FOLDER.newFolder().getAbsolutePath()); SConfiguration sConf = SConfiguration.create(); sConf.set(Constants.Security.Store.FILE_PASSWORD, "secret"); InMemoryNamespaceAdmin namespaceClient = new InMemoryNamespaceAdmin(); NamespaceMeta namespaceMeta = new NamespaceMeta.Builder() .setName(NAMESPACE1) .build(); namespaceClient.create(namespaceMeta); namespaceMeta = new NamespaceMeta.Builder() .setName(NAMESPACE2) .build(); namespaceClient.create(namespaceMeta); FileSecureStoreService fileSecureStoreService = new FileSecureStoreService(conf, sConf, namespaceClient); secureStoreManager = fileSecureStoreService; secureStore = fileSecureStoreService; }
@Test public void testGetAppAuthorizingUse() throws Exception { OwnerAdmin ownerAdmin = getOwnerAdmin(); // test with complete principal (alice/somehost.net@somerealm.net) String principal = username + "/" + InetAddress.getLocalHost().getHostName() + "@REALM.net"; NamespaceMeta nsMeta = new NamespaceMeta.Builder().setName(namespaceId).setPrincipal(principal) .setKeytabURI("doesnotmatter").build(); namespaceClient.create(nsMeta); Assert.assertEquals(username, AuthorizationUtil.getAppAuthorizingUser(ownerAdmin, authenticationContext, applicationId, null)); // test with principal which is just username (alice) namespaceClient.delete(namespaceId); principal = username; nsMeta = new NamespaceMeta.Builder().setName(namespaceId).setPrincipal(principal) .setKeytabURI("doesnotmatter").build(); namespaceClient.create(nsMeta); Assert.assertEquals(username, AuthorizationUtil.getAppAuthorizingUser(ownerAdmin, authenticationContext, applicationId, null)); // test with principal and realm (alice@somerealm.net) namespaceClient.delete(namespaceId); principal = username + "@REALM.net"; nsMeta = new NamespaceMeta.Builder().setName(namespaceId).setPrincipal(principal) .setKeytabURI("doesnotmatter").build(); namespaceClient.create(nsMeta); Assert.assertEquals(username, AuthorizationUtil.getAppAuthorizingUser(ownerAdmin, authenticationContext, applicationId, null)); // clean up namespaceClient.delete(namespaceId); }
@BeforeClass public static void setUp() throws Exception { InMemoryNamespaceAdmin namespaceClient = new InMemoryNamespaceAdmin(); NamespaceMeta namespaceMeta = new NamespaceMeta.Builder() .setName(NAMESPACE1) .build(); namespaceClient.create(namespaceMeta); secureStoreService = new SecretManagerSecureStoreService(namespaceClient, new MockSecretManagerContext(), "mock", new MockSecretManager()); secureStoreService.startAndWait(); }
namespaceClient.create(new NamespaceMeta.Builder().setName(namespaceId).setPrincipal( eveKerberosPrincipalId.getPrincipal()).setKeytabURI(eveKeytabFile.getAbsolutePath()).build());
@BeforeClass public static void setUp() throws Exception { CConfiguration conf = CConfiguration.create(); conf.set(Constants.Security.Store.FILE_PATH, TEMP_FOLDER.newFolder().getAbsolutePath()); SConfiguration sConf = SConfiguration.create(); sConf.set(Constants.Security.Store.FILE_PASSWORD, "secret"); InMemoryNamespaceAdmin namespaceClient = new InMemoryNamespaceAdmin(); NamespaceMeta namespaceMeta = new NamespaceMeta.Builder() .setName(NAMESPACE1) .build(); namespaceClient.create(namespaceMeta); FileSecureStoreService fileSecureStoreService = new FileSecureStoreService(conf, sConf, namespaceClient); // Starts a mock server to handle remote secure store requests httpService = NettyHttpService.builder("remoteSecureStoreTest") .setHttpHandlers(new SecureStoreHandler(fileSecureStoreService, fileSecureStoreService)) .setExceptionHandler(new HttpExceptionHandler()) .build(); httpService.start(); InMemoryDiscoveryService discoveryService = new InMemoryDiscoveryService(); discoveryService.register(new Discoverable(Constants.Service.SECURE_STORE_SERVICE, httpService.getBindAddress())); remoteSecureStore = new RemoteSecureStore(discoveryService); }