ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jonathanhur...@apache.org
Subject [32/53] [abbrv] ambari git commit: AMBARI-20760. After pam setup- Hive View user home test fails (Anita Jebaraj via rlevas)
Date Wed, 03 May 2017 16:47:15 GMT
AMBARI-20760. After pam setup- Hive View user home test fails (Anita Jebaraj via rlevas)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/f167236c
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/f167236c
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/f167236c

Branch: refs/heads/branch-feature-AMBARI-12556
Commit: f167236c24501a0d14afccfbc53a2c648cb21731
Parents: 8549682
Author: Anita Jebaraj <ajebara@us.ibm.com>
Authored: Mon May 1 16:33:59 2017 -0400
Committer: Robert Levas <rlevas@hortonworks.com>
Committed: Mon May 1 16:33:59 2017 -0400

----------------------------------------------------------------------
 .../AmbariPamAuthenticationProvider.java        | 18 ++------
 .../AmbariPamAuthenticationProviderTest.java    | 45 +++++++++++++++++---
 2 files changed, 43 insertions(+), 20 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/f167236c/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
index ca7cd31..b3fb861 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
@@ -17,7 +17,6 @@
  */
 package org.apache.ambari.server.security.authorization;
 
-import java.security.Principal;
 import java.util.Collection;
 import java.util.HashSet;
 import java.util.Set;
@@ -40,7 +39,6 @@ import org.springframework.security.authentication.AuthenticationServiceExceptio
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.context.SecurityContextHolder;
 
 import com.google.inject.Inject;
 
@@ -124,18 +122,10 @@ public class AmbariPamAuthenticationProvider implements AuthenticationProvider
{
               users.getUserAuthorities(userName, UserType.PAM);
 
           final User user = users.getUser(userName, UserType.PAM);
-
-          Principal principal = new Principal() {
-            @Override
-            public String getName() {
-              return user.getUserName();
-            }
-          };
-
-          UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(principal,
null, userAuthorities);
-          SecurityContextHolder.getContext().setAuthentication(token);
-          return token;
-
+ 
+          Authentication authToken = new AmbariUserAuthentication(passwd, user, userAuthorities);
+          authToken.setAuthenticated(true);
+          return authToken;   
         } catch (PAMException ex) {
           LOG.error("Unable to sign in. Invalid username/password combination - " + ex.getMessage());
           Throwable t = ex.getCause();

http://git-wip-us.apache.org/repos/asf/ambari/blob/f167236c/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProviderTest.java
b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProviderTest.java
index 5b3acd0..b7272c5 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProviderTest.java
@@ -17,27 +17,31 @@
  */
 package org.apache.ambari.server.security.authorization;
 
-import static junit.framework.Assert.assertEquals;
 import static org.easymock.EasyMock.createNiceMock;
 import static org.easymock.EasyMock.expect;
 
 import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
 import java.util.HashSet;
 
 import org.apache.ambari.server.H2DatabaseCleaner;
 import org.apache.ambari.server.audit.AuditLoggerModule;
 import org.apache.ambari.server.configuration.Configuration;
 import org.apache.ambari.server.orm.GuiceJpaInitializer;
+import org.apache.ambari.server.orm.entities.PrincipalEntity;
+import org.apache.ambari.server.orm.entities.UserEntity;
 import org.apache.ambari.server.security.ClientSecurityType;
+
 import org.easymock.EasyMock;
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
 import org.jvnet.libpam.PAM;
 import org.jvnet.libpam.UnixUser;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.crypto.password.PasswordEncoder;
 
 import com.google.inject.Guice;
 import com.google.inject.Inject;
@@ -50,10 +54,16 @@ public class AmbariPamAuthenticationProviderTest {
   private static Injector injector;
 
   @Inject
+  PasswordEncoder passwordEncoder;
+  @Inject
   private AmbariPamAuthenticationProvider authenticationProvider;
   @Inject
   Configuration configuration;
 
+  private static final String TEST_USER_NAME = "userName";
+  private static final String TEST_USER_PASS = "userPass";
+  private static final String TEST_USER_INCORRECT_PASS = "userIncorrectPass";
+
   @Before
   public void setUp() {
     injector = Guice.createInjector(new AuditLoggerModule(), new AuthorizationTestModule());
@@ -70,7 +80,10 @@ public class AmbariPamAuthenticationProviderTest {
 
   @Test(expected = AuthenticationException.class)
   public void testBadCredential() throws Exception {
-    Authentication authentication = new UsernamePasswordAuthenticationToken("notFound", "wrong");
+    UserEntity userEntity = combineUserEntity();
+    User user = new User(userEntity);
+    Collection<AmbariGrantedAuthority> userAuthorities = Collections.singletonList(createNiceMock(AmbariGrantedAuthority.class));
+    Authentication authentication = new AmbariUserAuthentication("wrong", user, userAuthorities);
     authenticationProvider.authenticate(authentication);
   }
 
@@ -78,20 +91,40 @@ public class AmbariPamAuthenticationProviderTest {
   public void testAuthenticate() throws Exception {
     PAM pam = createNiceMock(PAM.class);
     UnixUser unixUser = createNiceMock(UnixUser.class);
+    UserEntity userEntity = combineUserEntity();
+    User user = new User(userEntity);
+    Collection<AmbariGrantedAuthority> userAuthorities = Collections.singletonList(createNiceMock(AmbariGrantedAuthority.class));
     expect(pam.authenticate(EasyMock.anyObject(String.class), EasyMock.anyObject(String.class))).andReturn(unixUser).atLeastOnce();
     expect(unixUser.getGroups()).andReturn(new HashSet<>(Arrays.asList("group"))).atLeastOnce();
     EasyMock.replay(unixUser);
     EasyMock.replay(pam);
-    Authentication authentication = new UsernamePasswordAuthenticationToken("allowedUser",
"password");
+    Authentication authentication = new AmbariUserAuthentication("userPass", user, userAuthorities);
     Authentication result = authenticationProvider.authenticateViaPam(pam,authentication);
-    assertEquals("allowedUser", result.getName());
+    Assert.assertNotNull(result);
+    Assert.assertEquals(true, result.isAuthenticated());
+    Assert.assertTrue(result instanceof AmbariUserAuthentication);
   }
 
   @Test
   public void testDisabled() throws Exception {
+    UserEntity userEntity = combineUserEntity();
+    User user = new User(userEntity);
+    Collection<AmbariGrantedAuthority> userAuthorities = Collections.singletonList(createNiceMock(AmbariGrantedAuthority.class));
     configuration.setClientSecurityType(ClientSecurityType.LOCAL);
-    Authentication authentication = new UsernamePasswordAuthenticationToken("allowedUser",
"password");
+    Authentication authentication = new AmbariUserAuthentication("userPass", user, userAuthorities);
     Authentication auth = authenticationProvider.authenticate(authentication);
     Assert.assertTrue(auth == null);
   }
+
+  private UserEntity combineUserEntity() {
+    PrincipalEntity principalEntity = new PrincipalEntity();
+    UserEntity userEntity = new UserEntity();
+    userEntity.setUserId(1);
+    userEntity.setUserName(UserName.fromString(TEST_USER_NAME));
+    userEntity.setUserPassword(passwordEncoder.encode(TEST_USER_PASS));
+    userEntity.setUserType(UserType.PAM);
+    userEntity.setPrincipal(principalEntity);
+    return userEntity;
+  }
+
 }


Mime
View raw message