You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by jo...@apache.org on 2017/05/03 16:47:15 UTC
[32/53] [abbrv] ambari git commit: AMBARI-20760. After pam setup-
Hive View user home test fails (Anita Jebaraj via rlevas)
AMBARI-20760. After pam setup- Hive View user home test fails (Anita Jebaraj via rlevas)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/f167236c
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/f167236c
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/f167236c
Branch: refs/heads/branch-feature-AMBARI-12556
Commit: f167236c24501a0d14afccfbc53a2c648cb21731
Parents: 8549682
Author: Anita Jebaraj <aj...@us.ibm.com>
Authored: Mon May 1 16:33:59 2017 -0400
Committer: Robert Levas <rl...@hortonworks.com>
Committed: Mon May 1 16:33:59 2017 -0400
----------------------------------------------------------------------
.../AmbariPamAuthenticationProvider.java | 18 ++------
.../AmbariPamAuthenticationProviderTest.java | 45 +++++++++++++++++---
2 files changed, 43 insertions(+), 20 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/f167236c/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
index ca7cd31..b3fb861 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
@@ -17,7 +17,6 @@
*/
package org.apache.ambari.server.security.authorization;
-import java.security.Principal;
import java.util.Collection;
import java.util.HashSet;
import java.util.Set;
@@ -40,7 +39,6 @@ import org.springframework.security.authentication.AuthenticationServiceExceptio
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.context.SecurityContextHolder;
import com.google.inject.Inject;
@@ -124,18 +122,10 @@ public class AmbariPamAuthenticationProvider implements AuthenticationProvider {
users.getUserAuthorities(userName, UserType.PAM);
final User user = users.getUser(userName, UserType.PAM);
-
- Principal principal = new Principal() {
- @Override
- public String getName() {
- return user.getUserName();
- }
- };
-
- UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(principal, null, userAuthorities);
- SecurityContextHolder.getContext().setAuthentication(token);
- return token;
-
+
+ Authentication authToken = new AmbariUserAuthentication(passwd, user, userAuthorities);
+ authToken.setAuthenticated(true);
+ return authToken;
} catch (PAMException ex) {
LOG.error("Unable to sign in. Invalid username/password combination - " + ex.getMessage());
Throwable t = ex.getCause();
http://git-wip-us.apache.org/repos/asf/ambari/blob/f167236c/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProviderTest.java
index 5b3acd0..b7272c5 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProviderTest.java
@@ -17,27 +17,31 @@
*/
package org.apache.ambari.server.security.authorization;
-import static junit.framework.Assert.assertEquals;
import static org.easymock.EasyMock.createNiceMock;
import static org.easymock.EasyMock.expect;
import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
import java.util.HashSet;
import org.apache.ambari.server.H2DatabaseCleaner;
import org.apache.ambari.server.audit.AuditLoggerModule;
import org.apache.ambari.server.configuration.Configuration;
import org.apache.ambari.server.orm.GuiceJpaInitializer;
+import org.apache.ambari.server.orm.entities.PrincipalEntity;
+import org.apache.ambari.server.orm.entities.UserEntity;
import org.apache.ambari.server.security.ClientSecurityType;
+
import org.easymock.EasyMock;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.jvnet.libpam.PAM;
import org.jvnet.libpam.UnixUser;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.crypto.password.PasswordEncoder;
import com.google.inject.Guice;
import com.google.inject.Inject;
@@ -50,10 +54,16 @@ public class AmbariPamAuthenticationProviderTest {
private static Injector injector;
@Inject
+ PasswordEncoder passwordEncoder;
+ @Inject
private AmbariPamAuthenticationProvider authenticationProvider;
@Inject
Configuration configuration;
+ private static final String TEST_USER_NAME = "userName";
+ private static final String TEST_USER_PASS = "userPass";
+ private static final String TEST_USER_INCORRECT_PASS = "userIncorrectPass";
+
@Before
public void setUp() {
injector = Guice.createInjector(new AuditLoggerModule(), new AuthorizationTestModule());
@@ -70,7 +80,10 @@ public class AmbariPamAuthenticationProviderTest {
@Test(expected = AuthenticationException.class)
public void testBadCredential() throws Exception {
- Authentication authentication = new UsernamePasswordAuthenticationToken("notFound", "wrong");
+ UserEntity userEntity = combineUserEntity();
+ User user = new User(userEntity);
+ Collection<AmbariGrantedAuthority> userAuthorities = Collections.singletonList(createNiceMock(AmbariGrantedAuthority.class));
+ Authentication authentication = new AmbariUserAuthentication("wrong", user, userAuthorities);
authenticationProvider.authenticate(authentication);
}
@@ -78,20 +91,40 @@ public class AmbariPamAuthenticationProviderTest {
public void testAuthenticate() throws Exception {
PAM pam = createNiceMock(PAM.class);
UnixUser unixUser = createNiceMock(UnixUser.class);
+ UserEntity userEntity = combineUserEntity();
+ User user = new User(userEntity);
+ Collection<AmbariGrantedAuthority> userAuthorities = Collections.singletonList(createNiceMock(AmbariGrantedAuthority.class));
expect(pam.authenticate(EasyMock.anyObject(String.class), EasyMock.anyObject(String.class))).andReturn(unixUser).atLeastOnce();
expect(unixUser.getGroups()).andReturn(new HashSet<>(Arrays.asList("group"))).atLeastOnce();
EasyMock.replay(unixUser);
EasyMock.replay(pam);
- Authentication authentication = new UsernamePasswordAuthenticationToken("allowedUser", "password");
+ Authentication authentication = new AmbariUserAuthentication("userPass", user, userAuthorities);
Authentication result = authenticationProvider.authenticateViaPam(pam,authentication);
- assertEquals("allowedUser", result.getName());
+ Assert.assertNotNull(result);
+ Assert.assertEquals(true, result.isAuthenticated());
+ Assert.assertTrue(result instanceof AmbariUserAuthentication);
}
@Test
public void testDisabled() throws Exception {
+ UserEntity userEntity = combineUserEntity();
+ User user = new User(userEntity);
+ Collection<AmbariGrantedAuthority> userAuthorities = Collections.singletonList(createNiceMock(AmbariGrantedAuthority.class));
configuration.setClientSecurityType(ClientSecurityType.LOCAL);
- Authentication authentication = new UsernamePasswordAuthenticationToken("allowedUser", "password");
+ Authentication authentication = new AmbariUserAuthentication("userPass", user, userAuthorities);
Authentication auth = authenticationProvider.authenticate(authentication);
Assert.assertTrue(auth == null);
}
+
+ private UserEntity combineUserEntity() {
+ PrincipalEntity principalEntity = new PrincipalEntity();
+ UserEntity userEntity = new UserEntity();
+ userEntity.setUserId(1);
+ userEntity.setUserName(UserName.fromString(TEST_USER_NAME));
+ userEntity.setUserPassword(passwordEncoder.encode(TEST_USER_PASS));
+ userEntity.setUserType(UserType.PAM);
+ userEntity.setPrincipal(principalEntity);
+ return userEntity;
+ }
+
}