org.apache.flink.runtime.security.modules.SecurityModuleFactory Java Examples

The following examples show how to use org.apache.flink.runtime.security.modules.SecurityModuleFactory. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: TestingSecurityContext.java    From Flink-CEPplus with Apache License 2.0 6 votes vote down vote up 
public static void install(SecurityConfiguration config,
					Map<String, ClientSecurityConfiguration> clientSecurityConfigurationMap)
		throws Exception {

	SecurityUtils.install(config);

	// install dynamic JAAS entries
	for (SecurityModuleFactory factory : config.getSecurityModuleFactories()) {
		if (factory instanceof JaasModuleFactory) {
			DynamicConfiguration jaasConf = (DynamicConfiguration) javax.security.auth.login.Configuration.getConfiguration();
			for (Map.Entry<String, ClientSecurityConfiguration> e : clientSecurityConfigurationMap.entrySet()) {
				AppConfigurationEntry entry = KerberosUtils.keytabEntry(
					e.getValue().getKeytab(),
					e.getValue().getPrincipal());
				jaasConf.addAppConfigurationEntry(e.getKey(), entry);
			}
			break;
		}
	}
}
Example #2
Source File: TestingSecurityContext.java    From flink with Apache License 2.0 6 votes vote down vote up 
public static void install(SecurityConfiguration config,
					Map<String, ClientSecurityConfiguration> clientSecurityConfigurationMap)
		throws Exception {

	SecurityUtils.install(config);

	// install dynamic JAAS entries
	for (SecurityModuleFactory factory : config.getSecurityModuleFactories()) {
		if (factory instanceof JaasModuleFactory) {
			DynamicConfiguration jaasConf = (DynamicConfiguration) javax.security.auth.login.Configuration.getConfiguration();
			for (Map.Entry<String, ClientSecurityConfiguration> e : clientSecurityConfigurationMap.entrySet()) {
				AppConfigurationEntry entry = KerberosUtils.keytabEntry(
					e.getValue().getKeytab(),
					e.getValue().getPrincipal());
				jaasConf.addAppConfigurationEntry(e.getKey(), entry);
			}
			break;
		}
	}
}
Example #3
Source File: TestingSecurityContext.java    From flink with Apache License 2.0 6 votes vote down vote up 
public static void install(SecurityConfiguration config,
					Map<String, ClientSecurityConfiguration> clientSecurityConfigurationMap)
		throws Exception {

	SecurityUtils.install(config);

	// install dynamic JAAS entries
	for (String factoryClassName : config.getSecurityModuleFactories()) {
		SecurityModuleFactory factory = SecurityFactoryServiceLoader.findModuleFactory(factoryClassName);
		if (factory instanceof JaasModuleFactory) {
			DynamicConfiguration jaasConf = (DynamicConfiguration) javax.security.auth.login.Configuration.getConfiguration();
			for (Map.Entry<String, ClientSecurityConfiguration> e : clientSecurityConfigurationMap.entrySet()) {
				AppConfigurationEntry entry = KerberosUtils.keytabEntry(
					e.getValue().getKeytab(),
					e.getValue().getPrincipal());
				jaasConf.addAppConfigurationEntry(e.getKey(), entry);
			}
			break;
		}
	}
}
Example #4
Source File: SecurityUtils.java    From flink with Apache License 2.0 6 votes vote down vote up 
static void installModules(SecurityConfiguration config) throws Exception {

		// install the security module factories
		List<SecurityModule> modules = new ArrayList<>();
		for (String moduleFactoryClass : config.getSecurityModuleFactories()) {
			SecurityModuleFactory moduleFactory = null;
			try {
				moduleFactory = SecurityFactoryServiceLoader.findModuleFactory(moduleFactoryClass);
			} catch (NoMatchSecurityFactoryException ne) {
				LOG.error("Unable to instantiate security module factory {}", moduleFactoryClass);
				throw new IllegalArgumentException("Unable to find module factory class", ne);
			}
			SecurityModule module = moduleFactory.createModule(config);
			// can be null if a SecurityModule is not supported in the current environment
			if (module != null) {
				module.install();
				modules.add(module);
			}
		}
		installedModules = modules;
	}
Example #5
Source File: SecurityConfiguration.java    From Flink-CEPplus with Apache License 2.0 5 votes vote down vote up 
/**
 * Create a security configuration from the global configuration.
 * @param flinkConf the Flink global configuration.
 * @param securityModuleFactories the security modules to apply.
 */
public SecurityConfiguration(Configuration flinkConf,
		List<SecurityModuleFactory> securityModuleFactories) {
	this.isZkSaslDisable = flinkConf.getBoolean(SecurityOptions.ZOOKEEPER_SASL_DISABLE);
	this.keytab = flinkConf.getString(SecurityOptions.KERBEROS_LOGIN_KEYTAB);
	this.principal = flinkConf.getString(SecurityOptions.KERBEROS_LOGIN_PRINCIPAL);
	this.useTicketCache = flinkConf.getBoolean(SecurityOptions.KERBEROS_LOGIN_USETICKETCACHE);
	this.loginContextNames = parseList(flinkConf.getString(SecurityOptions.KERBEROS_LOGIN_CONTEXTS));
	this.zkServiceName = flinkConf.getString(SecurityOptions.ZOOKEEPER_SASL_SERVICE_NAME);
	this.zkLoginContextName = flinkConf.getString(SecurityOptions.ZOOKEEPER_SASL_LOGIN_CONTEXT_NAME);
	this.securityModuleFactories = Collections.unmodifiableList(securityModuleFactories);
	this.flinkConfig = checkNotNull(flinkConf);
	validate();
}
Example #6
Source File: SecurityConfiguration.java    From flink with Apache License 2.0 5 votes vote down vote up 
/**
 * Create a security configuration from the global configuration.
 * @param flinkConf the Flink global configuration.
 * @param securityModuleFactories the security modules to apply.
 */
public SecurityConfiguration(Configuration flinkConf,
		List<SecurityModuleFactory> securityModuleFactories) {
	this.isZkSaslDisable = flinkConf.getBoolean(SecurityOptions.ZOOKEEPER_SASL_DISABLE);
	this.keytab = flinkConf.getString(SecurityOptions.KERBEROS_LOGIN_KEYTAB);
	this.principal = flinkConf.getString(SecurityOptions.KERBEROS_LOGIN_PRINCIPAL);
	this.useTicketCache = flinkConf.getBoolean(SecurityOptions.KERBEROS_LOGIN_USETICKETCACHE);
	this.loginContextNames = parseList(flinkConf.getString(SecurityOptions.KERBEROS_LOGIN_CONTEXTS));
	this.zkServiceName = flinkConf.getString(SecurityOptions.ZOOKEEPER_SASL_SERVICE_NAME);
	this.zkLoginContextName = flinkConf.getString(SecurityOptions.ZOOKEEPER_SASL_LOGIN_CONTEXT_NAME);
	this.securityModuleFactories = Collections.unmodifiableList(securityModuleFactories);
	this.flinkConfig = checkNotNull(flinkConf);
	validate();
}
Example #7
Source File: SecurityFactoryServiceLoader.java    From flink with Apache License 2.0 5 votes vote down vote up 
/**
 * Find a suitable {@link SecurityModuleFactory} based on canonical name.
 */
public static SecurityModuleFactory findModuleFactory(String securityModuleFactoryClass) throws NoMatchSecurityFactoryException {
	return findFactoryInternal(
		securityModuleFactoryClass,
		SecurityModuleFactory.class,
		SecurityModuleFactory.class.getClassLoader());
}
Example #8
Source File: SecurityConfiguration.java    From Flink-CEPplus with Apache License 2.0 4 votes vote down vote up 
public List<SecurityModuleFactory> getSecurityModuleFactories() {
	return securityModuleFactories;
}
Example #9
Source File: SecurityConfiguration.java    From flink with Apache License 2.0 4 votes vote down vote up 
public List<SecurityModuleFactory> getSecurityModuleFactories() {
	return securityModuleFactories;
}