Repository: knox Updated Branches: refs/heads/master 5145c2d3d -> 17ec36714
KNOX-418 remove the Pseudo federation provider Project: http://git-wip-us.apache.org/repos/asf/knox/repo Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/17ec3671 Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/17ec3671 Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/17ec3671 Branch: refs/heads/master Commit: 17ec36714be6d75f3a8368e41a8e94e2b596980c Parents: 5145c2d Author: Larry McCay <lmc...@hortonworks.com> Authored: Wed Oct 1 20:22:17 2014 -0400 Committer: Larry McCay <lmc...@hortonworks.com> Committed: Wed Oct 1 20:22:17 2014 -0400 ---------------------------------------------------------------------- .../preauth/deploy/PseudoAuthContributor.java | 66 -------------- .../filter/PseudoAuthFederationFilter.java | 53 ----------- ...gateway.deploy.ProviderDeploymentContributor | 1 - .../PseudoAuthFederationProviderTest.java | 96 -------------------- 4 files changed, 216 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/knox/blob/17ec3671/gateway-provider-security-preauth/src/main/java/org/apache/hadoop/gateway/preauth/deploy/PseudoAuthContributor.java ---------------------------------------------------------------------- diff --git a/gateway-provider-security-preauth/src/main/java/org/apache/hadoop/gateway/preauth/deploy/PseudoAuthContributor.java b/gateway-provider-security-preauth/src/main/java/org/apache/hadoop/gateway/preauth/deploy/PseudoAuthContributor.java deleted file mode 100644 index eab428e..0000000 --- a/gateway-provider-security-preauth/src/main/java/org/apache/hadoop/gateway/preauth/deploy/PseudoAuthContributor.java +++ /dev/null @@ -1,66 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.hadoop.gateway.preauth.deploy; - -import java.util.ArrayList; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; - -import org.apache.hadoop.gateway.deploy.DeploymentContext; -import org.apache.hadoop.gateway.deploy.ProviderDeploymentContributorBase; -import org.apache.hadoop.gateway.descriptor.FilterParamDescriptor; -import org.apache.hadoop.gateway.descriptor.ResourceDescriptor; -import org.apache.hadoop.gateway.topology.Provider; -import org.apache.hadoop.gateway.topology.Service; - -public class PseudoAuthContributor extends - ProviderDeploymentContributorBase { - private static final String ROLE = "federation"; - private static final String NAME = "Pseudo"; - private static final String PREAUTH_FILTER_CLASSNAME = "org.apache.hadoop.gateway.preauth.filter.PseudoAuthFederationFilter"; - - @Override - public String getRole() { - return ROLE; - } - - @Override - public String getName() { - return NAME; - } - - @Override - public void initializeContribution(DeploymentContext context) { - super.initializeContribution(context); - } - - @Override - public void contributeFilter(DeploymentContext context, Provider provider, Service service, - ResourceDescriptor resource, List<FilterParamDescriptor> params) { - // blindly add all the provider params as filter init params - if (params == null) { - params = new ArrayList<FilterParamDescriptor>(); - } - Map<String, String> providerParams = provider.getParams(); - for(Entry<String, String> entry : providerParams.entrySet()) { - params.add( resource.createFilterParam().name( entry.getKey().toLowerCase() ).value( entry.getValue() ) ); - } - resource.addFilter().name( getName() ).role( getRole() ).impl( PREAUTH_FILTER_CLASSNAME ).params( params ); - } -} http://git-wip-us.apache.org/repos/asf/knox/blob/17ec3671/gateway-provider-security-preauth/src/main/java/org/apache/hadoop/gateway/preauth/filter/PseudoAuthFederationFilter.java ---------------------------------------------------------------------- diff --git a/gateway-provider-security-preauth/src/main/java/org/apache/hadoop/gateway/preauth/filter/PseudoAuthFederationFilter.java b/gateway-provider-security-preauth/src/main/java/org/apache/hadoop/gateway/preauth/filter/PseudoAuthFederationFilter.java deleted file mode 100644 index 4dc1b89..0000000 --- a/gateway-provider-security-preauth/src/main/java/org/apache/hadoop/gateway/preauth/filter/PseudoAuthFederationFilter.java +++ /dev/null @@ -1,53 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.hadoop.gateway.preauth.filter; - -import java.security.Principal; -import java.util.Set; - -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; - -public class PseudoAuthFederationFilter - extends AbstractPreAuthFederationFilter { - - @Override - public void init(FilterConfig filterConfig) throws ServletException { - super.init(filterConfig); - } - - /** - * @param httpRequest - */ - @Override - protected String getPrimaryPrincipal(HttpServletRequest httpRequest) { - return httpRequest.getParameter("user.name"); - } - - /** - * @param principals - */ - @Override - protected void addGroupPrincipals(HttpServletRequest request, - Set<Principal> principals) { - // pseudo auth currently has no assertion of group membership - // we may want to consider adding group lookup here when available unless - // it is an independent provider - } -} http://git-wip-us.apache.org/repos/asf/knox/blob/17ec3671/gateway-provider-security-preauth/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor ---------------------------------------------------------------------- diff --git a/gateway-provider-security-preauth/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor b/gateway-provider-security-preauth/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor index f170e09..1e89ee8 100644 --- a/gateway-provider-security-preauth/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor +++ b/gateway-provider-security-preauth/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ProviderDeploymentContributor @@ -17,4 +17,3 @@ ########################################################################## org.apache.hadoop.gateway.preauth.deploy.HeaderPreAuthContributor -org.apache.hadoop.gateway.preauth.deploy.PseudoAuthContributor http://git-wip-us.apache.org/repos/asf/knox/blob/17ec3671/gateway-provider-security-preauth/src/test/java/org/apache/hadoop/gateway/provider/federation/PseudoAuthFederationProviderTest.java ---------------------------------------------------------------------- diff --git a/gateway-provider-security-preauth/src/test/java/org/apache/hadoop/gateway/provider/federation/PseudoAuthFederationProviderTest.java b/gateway-provider-security-preauth/src/test/java/org/apache/hadoop/gateway/provider/federation/PseudoAuthFederationProviderTest.java deleted file mode 100644 index 7c1d165..0000000 --- a/gateway-provider-security-preauth/src/test/java/org/apache/hadoop/gateway/provider/federation/PseudoAuthFederationProviderTest.java +++ /dev/null @@ -1,96 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.hadoop.gateway.provider.federation; - -import org.apache.hadoop.gateway.preauth.filter.PseudoAuthFederationFilter; -import org.easymock.EasyMock; -import org.easymock.IMocksControl; -import org.junit.Before; -import org.junit.Test; - -import java.io.IOException; -import java.security.AccessController; -import java.security.Principal; -import javax.security.auth.Subject; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import junit.framework.TestCase; - -/** - * Tests for PseudoAuth Federation Provider. - */ -public class PseudoAuthFederationProviderTest extends TestCase { - - private IMocksControl control; - private HttpServletRequest request; - private HttpServletResponse response; - private FilterChain chain; - private FilterConfig config; - private PseudoAuthFederationFilter filter; - - @Before - public void setUp() throws Exception { - control = EasyMock.createControl(); - request = control.createMock(HttpServletRequest.class); - response = control.createMock(HttpServletResponse.class); - chain = new MockFilterChain(); - config = control.createMock(FilterConfig.class); - filter = new PseudoAuthFederationFilter(); - - EasyMock.expect(request.getParameter("user.name")).andReturn("guest"); - EasyMock.expect(config.getInitParameter("preauth.validation.method")).andReturn(null); - chain.doFilter(request, response); - } - - @Test - public void testFederatedIdentity() throws Exception { - - - control.replay(); - - filter.init(config); - filter.doFilter(request, response, chain); - control.verify(); - } - - private class MockFilterChain implements FilterChain { - /* (non-Javadoc) - * @see javax.servlet.FilterChain#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse) - */ - @Override - public void doFilter(ServletRequest request, ServletResponse response) - throws IOException, ServletException { - Subject subject = Subject.getSubject(AccessController.getContext()); - if (subject != null) { - System.out.println("non-null subject"); - assertTrue(subject.getPrincipals().size() == 1); - assertTrue("Expected subject not found.", ((Principal) subject.getPrincipals().toArray()[0]).getName().equals("guest")); - } - else { - System.out.println("null subject"); - } - } - } - -}