org.apache.pulsar.client.admin.PulsarAdmin Java Examples

The following examples show how to use org.apache.pulsar.client.admin.PulsarAdmin. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AdminMultiHostTest.java    From pulsar with Apache License 2.0 6 votes vote down vote up
@Test
public void testAdminMultiHost() throws Exception {
    String hosts = pulsarCluster.getAllBrokersHttpServiceUrl();
    PulsarAdmin admin = PulsarAdmin.builder().serviceHttpUrl(hosts).build();
    // all brokers alive
    Assert.assertEquals(admin.brokers().getActiveBrokers(clusterName).size(), 3);

    // kill one broker admin should be usable
    BrokerContainer one = pulsarCluster.getBroker(0);
    // admin.brokers().
    one.stop();
    waitBrokerDown(admin, 2, 60);
    Assert.assertEquals(admin.brokers().getActiveBrokers(clusterName).size(), 2);

    // kill another broker
    BrokerContainer two = pulsarCluster.getBroker(1);
    two.stop();
    waitBrokerDown(admin, 1, 60);
    Assert.assertEquals(admin.brokers().getActiveBrokers(clusterName).size(), 1);
}
 
Example #2
Source File: AdminApiTlsAuthTest.java    From pulsar with Apache License 2.0 6 votes vote down vote up
@Test
public void testAuthorizedUserAsOriginalPrincipalButProxyNotAuthorized() throws Exception {
    try (PulsarAdmin admin = buildAdminClient("admin")) {
        admin.tenants().createTenant("tenant1",
                                     new TenantInfo(ImmutableSet.of("user1"),
                                                    ImmutableSet.of("test")));
        admin.namespaces().createNamespace("tenant1/ns1");
    }
    WebTarget root = buildWebClient("proxy");
    try {
        root.path("/admin/v2/namespaces").path("tenant1")
            .request(MediaType.APPLICATION_JSON)
            .header("X-Original-Principal", "user1")
            .get(new GenericType<List<String>>() {});
        Assert.fail("Shouldn't be able to list namespaces");
    } catch (NotAuthorizedException e) {
        // expected
    }
}
 
Example #3
Source File: AdminApiTlsAuthTest.java    From pulsar with Apache License 2.0 6 votes vote down vote up
@Test
public void testUnauthorizedUserAsOriginalPrincipal() throws Exception {
    try (PulsarAdmin admin = buildAdminClient("admin")) {
        admin.tenants().createTenant("tenant1",
                                     new TenantInfo(ImmutableSet.of("proxy", "user1"),
                                                    ImmutableSet.of("test")));
        admin.namespaces().createNamespace("tenant1/ns1");
    }
    WebTarget root = buildWebClient("proxy");
    try {
        root.path("/admin/v2/namespaces").path("tenant1")
            .request(MediaType.APPLICATION_JSON)
            .header("X-Original-Principal", "user2")
            .get(new GenericType<List<String>>() {});
        Assert.fail("user2 should not be authorized");
    } catch (NotAuthorizedException e) {
        // expected
    }
}
 
Example #4
Source File: PulsarAdminToolTest.java    From pulsar with Apache License 2.0 6 votes vote down vote up
@Test
public void nonPersistentTopics() throws Exception {
    PulsarAdmin admin = Mockito.mock(PulsarAdmin.class);
    NonPersistentTopics mockTopics = mock(NonPersistentTopics.class);
    when(admin.nonPersistentTopics()).thenReturn(mockTopics);

    CmdNonPersistentTopics topics = new CmdNonPersistentTopics(admin);

    topics.run(split("stats non-persistent://myprop/clust/ns1/ds1"));
    verify(mockTopics).getStats("non-persistent://myprop/clust/ns1/ds1");

    topics.run(split("stats-internal non-persistent://myprop/clust/ns1/ds1"));
    verify(mockTopics).getInternalStats("non-persistent://myprop/clust/ns1/ds1");

    topics.run(split("create-partitioned-topic non-persistent://myprop/clust/ns1/ds1 --partitions 32"));
    verify(mockTopics).createPartitionedTopic("non-persistent://myprop/clust/ns1/ds1", 32);

    topics.run(split("list myprop/clust/ns1"));
    verify(mockTopics).getList("myprop/clust/ns1");

    topics.run(split("list-in-bundle myprop/clust/ns1 --bundle 0x23d70a30_0x26666658"));
    verify(mockTopics).getListInBundle("myprop/clust/ns1", "0x23d70a30_0x26666658");

}
 
Example #5
Source File: PulsarConnectorConfig.java    From pulsar with Apache License 2.0 6 votes vote down vote up
@NotNull
public PulsarAdmin getPulsarAdmin() throws PulsarClientException {
    if (this.pulsarAdmin == null) {
        PulsarAdminBuilder builder = PulsarAdmin.builder();

        if (getAuthPlugin() != null) {
            builder.authentication(getAuthPlugin(), getAuthParams());
        }

        if (isTlsAllowInsecureConnection() != null) {
            builder.allowTlsInsecureConnection(isTlsAllowInsecureConnection());
        }

        if (isTlsHostnameVerificationEnable() != null) {
            builder.enableTlsHostnameVerification(isTlsHostnameVerificationEnable());
        }

        if (getTlsTrustCertsFilePath() != null) {
            builder.tlsTrustCertsFilePath(getTlsTrustCertsFilePath());
        }

        this.pulsarAdmin = builder.serviceHttpUrl(getBrokerServiceUrl()).build();
    }
    return this.pulsarAdmin;
}
 
Example #6
Source File: WorkerUtils.java    From pulsar with Apache License 2.0 6 votes vote down vote up
public static PulsarAdmin getPulsarAdminClient(String pulsarWebServiceUrl, String authPlugin, String authParams,
                                               String tlsTrustCertsFilePath, Boolean allowTlsInsecureConnection,
                                               Boolean enableTlsHostnameVerificationEnable) {
    try {
        PulsarAdminBuilder adminBuilder = PulsarAdmin.builder().serviceHttpUrl(pulsarWebServiceUrl);
        if (isNotBlank(authPlugin) && isNotBlank(authParams)) {
            adminBuilder.authentication(authPlugin, authParams);
        }
        if (isNotBlank(tlsTrustCertsFilePath)) {
            adminBuilder.tlsTrustCertsFilePath(tlsTrustCertsFilePath);
        }
        if (allowTlsInsecureConnection != null) {
            adminBuilder.allowTlsInsecureConnection(allowTlsInsecureConnection);
        }
        if (enableTlsHostnameVerificationEnable != null) {
            adminBuilder.enableTlsHostnameVerification(enableTlsHostnameVerificationEnable);
        }
        return adminBuilder.build();
    } catch (PulsarClientException e) {
        log.error("Error creating pulsar admin client", e);
        throw new RuntimeException(e);
    }
}
 
Example #7
Source File: KopProtocolHandlerTestBase.java    From kop with Apache License 2.0 6 votes vote down vote up
protected final void init() throws Exception {
    sameThreadOrderedSafeExecutor = new SameThreadOrderedSafeExecutor();
    bkExecutor = Executors.newSingleThreadExecutor(
        new ThreadFactoryBuilder().setNameFormat("mock-pulsar-bk")
            .setUncaughtExceptionHandler((thread, ex) -> log.info("Uncaught exception", ex))
            .build());

    mockZooKeeper = createMockZooKeeper();
    mockBookKeeper = createMockBookKeeper(mockZooKeeper, bkExecutor);

    startBroker();

    brokerUrl = new URL("http://" + pulsar.getAdvertisedAddress() + ":" + brokerWebservicePort);
    brokerUrlTls = new URL("https://" + pulsar.getAdvertisedAddress() + ":" + brokerWebservicePortTls);

    admin = spy(PulsarAdmin.builder().serviceHttpUrl(brokerUrl.toString()).build());
}
 
Example #8
Source File: AdminApiTlsAuthTest.java    From pulsar with Apache License 2.0 6 votes vote down vote up
@Test
public void testUnauthorizedUserAsOriginalPrincipalProxyIsSuperUser() throws Exception {
    try (PulsarAdmin admin = buildAdminClient("admin")) {
        admin.tenants().createTenant("tenant1",
                                     new TenantInfo(ImmutableSet.of("user1"),
                                                    ImmutableSet.of("test")));
        admin.namespaces().createNamespace("tenant1/ns1");
    }
    WebTarget root = buildWebClient("superproxy");
    try {
        root.path("/admin/v2/namespaces").path("tenant1")
            .request(MediaType.APPLICATION_JSON)
            .header("X-Original-Principal", "user2")
            .get(new GenericType<List<String>>() {});
        Assert.fail("user2 should not be authorized");
    } catch (NotAuthorizedException e) {
        // expected
    }
}
 
Example #9
Source File: AdminApiTlsAuthTest.java    From pulsar with Apache License 2.0 6 votes vote down vote up
@Test
public void testProxyUserViaProxy() throws Exception {
    try (PulsarAdmin admin = buildAdminClient("admin")) {
        admin.tenants().createTenant("tenant1",
                                     new TenantInfo(ImmutableSet.of("proxy"),
                                                    ImmutableSet.of("test")));
        admin.namespaces().createNamespace("tenant1/ns1");
    }
    WebTarget root = buildWebClient("superproxy");
    try {
        root.path("/admin/v2/namespaces").path("tenant1")
            .request(MediaType.APPLICATION_JSON)
            .header("X-Original-Principal", "proxy")
            .get(new GenericType<List<String>>() {});
        Assert.fail("proxy should not be authorized");
    } catch (NotAuthorizedException e) {
        // expected
    }
}
 
Example #10
Source File: AdminApiKeyStoreTlsAuthTest.java    From pulsar with Apache License 2.0 6 votes vote down vote up
@Test
public void testPersistentList() throws Exception {
    log.info("-- Starting {} test --", methodName);

    try (PulsarAdmin admin = buildAdminClient()) {
        admin.clusters().createCluster("test", new ClusterData(brokerUrl.toString()));
        admin.tenants().createTenant("tenant1",
                new TenantInfo(ImmutableSet.of("foobar"),
                        ImmutableSet.of("test")));
        Assert.assertEquals(ImmutableSet.of("tenant1"), admin.tenants().getTenants());

        admin.namespaces().createNamespace("tenant1/ns1");

        // this will calls internal admin to list nonpersist topics.
        admin.topics().getList("tenant1/ns1");
    } catch (PulsarAdminException ex) {
        ex.printStackTrace();
        fail("Should not have thrown an exception");
    }
}
 
Example #11
Source File: AdminApiTest2.java    From pulsar with Apache License 2.0 6 votes vote down vote up
/**
 * It verifies that pulsar with different load-manager generates different load-report and returned by admin-api
 *
 * @throws Exception
 */
@Test
public void testLoadReportApi() throws Exception {

    this.conf.setLoadManagerClassName(SimpleLoadManagerImpl.class.getName());
    MockedPulsarService mockPulsarSetup1 = new MockedPulsarService(this.conf);
    mockPulsarSetup1.setup();
    PulsarService simpleLoadManager = mockPulsarSetup1.getPulsar();
    PulsarAdmin simpleLoadManagerAdmin = mockPulsarSetup1.getAdmin();
    assertNotNull(simpleLoadManagerAdmin.brokerStats().getLoadReport());

    this.conf.setLoadManagerClassName(ModularLoadManagerImpl.class.getName());
    MockedPulsarService mockPulsarSetup2 = new MockedPulsarService(this.conf);
    mockPulsarSetup2.setup();
    PulsarService modularLoadManager = mockPulsarSetup2.getPulsar();
    PulsarAdmin modularLoadManagerAdmin = mockPulsarSetup2.getAdmin();
    assertNotNull(modularLoadManagerAdmin.brokerStats().getLoadReport());

    simpleLoadManagerAdmin.close();
    simpleLoadManager.close();
    modularLoadManagerAdmin.close();
    modularLoadManager.close();
    mockPulsarSetup1.cleanup();
    mockPulsarSetup2.cleanup();
}
 
Example #12
Source File: PulsarAdminServiceImpl.java    From pulsar-manager with Apache License 2.0 6 votes vote down vote up
private PulsarAdmin createPulsarAdmin(String url) {
    try {
        log.info("Create Pulsar Admin instance. url={}, authPlugin={}, authParams={}, tlsAllowInsecureConnection={}, tlsTrustCertsFilePath={}, tlsEnableHostnameVerification={}",
                url, authPlugin, authParams, tlsAllowInsecureConnection, tlsTrustCertsFilePath, tlsEnableHostnameVerification);
        PulsarAdminBuilder pulsarAdminBuilder = PulsarAdmin.builder();
        pulsarAdminBuilder.serviceHttpUrl(url);
        if (StringUtils.isNotBlank(pulsarJwtToken)) {
            pulsarAdminBuilder.authentication(AuthenticationFactory.token(pulsarJwtToken));
        } else {
            pulsarAdminBuilder.authentication(authPlugin, authParams);
        }
        pulsarAdminBuilder.allowTlsInsecureConnection(tlsAllowInsecureConnection);
        pulsarAdminBuilder.tlsTrustCertsFilePath(tlsTrustCertsFilePath);
        pulsarAdminBuilder.enableTlsHostnameVerification(tlsEnableHostnameVerification);
        return pulsarAdminBuilder.build();
    } catch (PulsarClientException e) {
        PulsarAdminOperationException pulsarAdminOperationException = new PulsarAdminOperationException("Failed to create Pulsar Admin instance.");
        log.error(pulsarAdminOperationException.getMessage(), e);
        throw pulsarAdminOperationException;
    }
}
 
Example #13
Source File: TlsProducerConsumerBase.java    From pulsar with Apache License 2.0 6 votes vote down vote up
protected void internalSetUpForNamespace() throws Exception {
    Map<String, String> authParams = new HashMap<>();
    authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
    authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);

    if (admin != null) {
        admin.close();
    }

    admin = spy(PulsarAdmin.builder().serviceHttpUrl(brokerUrlTls.toString())
            .tlsTrustCertsFilePath(TLS_TRUST_CERT_FILE_PATH).allowTlsInsecureConnection(false)
            .authentication(AuthenticationTls.class.getName(), authParams).build());
    admin.clusters().createCluster(clusterName, new ClusterData(brokerUrl.toString(), brokerUrlTls.toString(),
            pulsar.getBrokerServiceUrl(), pulsar.getBrokerServiceUrlTls()));
    admin.tenants().createTenant("my-property",
            new TenantInfo(Sets.newHashSet("appid1", "appid2"), Sets.newHashSet("use")));
    admin.namespaces().createNamespace("my-property/my-ns");
}
 
Example #14
Source File: KeyStoreTlsProducerConsumerTestWithAuth.java    From pulsar with Apache License 2.0 6 votes vote down vote up
protected void internalSetUpForNamespace() throws Exception {
    Map<String, String> authParams = new HashMap<>();
    authParams.put(AuthenticationKeyStoreTls.KEYSTORE_PATH, CLIENT_KEYSTORE_FILE_PATH);
    authParams.put(AuthenticationKeyStoreTls.KEYSTORE_PW, CLIENT_KEYSTORE_PW);

    if (admin != null) {
        admin.close();
    }

    admin = spy(PulsarAdmin.builder().serviceHttpUrl(brokerUrlTls.toString())
            .useKeyStoreTls(true)
            .tlsTrustStorePath(BROKER_TRUSTSTORE_FILE_PATH)
            .tlsTrustStorePassword(BROKER_TRUSTSTORE_PW)
            .allowTlsInsecureConnection(false)
            .authentication(AuthenticationKeyStoreTls.class.getName(), authParams).build());
    admin.clusters().createCluster(clusterName, new ClusterData(brokerUrl.toString(), brokerUrlTls.toString(),
            pulsar.getBrokerServiceUrl(), pulsar.getBrokerServiceUrlTls()));
    admin.tenants().createTenant("my-property",
            new TenantInfo(Sets.newHashSet("appid1", "appid2"), Sets.newHashSet("use")));
    admin.namespaces().createNamespace("my-property/my-ns");
}
 
Example #15
Source File: TlsHostVerification.java    From pulsar with Apache License 2.0 6 votes vote down vote up
@Test
public void testTlsHostVerificationAdminClient() throws Exception {
    Map<String, String> authParams = new HashMap<>();
    authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
    authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);
    String websocketTlsAddress = pulsar.getWebServiceAddressTls();
    PulsarAdmin adminClientTls = PulsarAdmin.builder()
            .serviceHttpUrl(websocketTlsAddress.replace("localhost", "127.0.0.1"))
            .tlsTrustCertsFilePath(TLS_TRUST_CERT_FILE_PATH).allowTlsInsecureConnection(false)
            .authentication(AuthenticationTls.class.getName(), authParams).enableTlsHostnameVerification(true)
            .build();

    try {
        adminClientTls.tenants().getTenants();
        Assert.fail("Admin call should be failed due to hostnameVerification enabled");
    } catch (PulsarAdminException e) {
        // Ok
    }
}
 
Example #16
Source File: AdminApiTlsAuthTest.java    From pulsar with Apache License 2.0 6 votes vote down vote up
@Test
public void testDeleteNamespace() throws Exception {
    try (PulsarAdmin admin = buildAdminClient("admin")) {
        log.info("Creating tenant");
        admin.tenants().createTenant("tenant1",
                                     new TenantInfo(ImmutableSet.of("admin"), ImmutableSet.of("test")));
        log.info("Creating namespace, and granting perms to user1");
        admin.namespaces().createNamespace("tenant1/ns1", ImmutableSet.of("test"));
        admin.namespaces().grantPermissionOnNamespace("tenant1/ns1", "user1", ImmutableSet.of(AuthAction.produce));

        log.info("user1 produces some messages");
        try (PulsarClient client = buildClient("user1");
             Producer<String> producer = client.newProducer(Schema.STRING).topic("tenant1/ns1/foobar").create()) {
            producer.send("foobar");
        }

        log.info("Deleting the topic");
        admin.topics().delete("tenant1/ns1/foobar", true);

        log.info("Deleting namespace");
        admin.namespaces().deleteNamespace("tenant1/ns1");
    }
}
 
Example #17
Source File: AuthenticationTlsHostnameVerificationTest.java    From pulsar with Apache License 2.0 6 votes vote down vote up
protected void setupClient() throws Exception {

        Map<String, String> authParams = new HashMap<>();
        authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
        authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);
        Authentication authTls = new AuthenticationTls();
        authTls.configure(authParams);

        admin = spy(PulsarAdmin.builder().serviceHttpUrl(brokerUrlTls.toString())
                .tlsTrustCertsFilePath(TLS_MIM_TRUST_CERT_FILE_PATH).allowTlsInsecureConnection(true)
                .authentication(authTls).build());
        pulsarClient = PulsarClient.builder()
                .serviceUrl(pulsar.getBrokerServiceUrlTls())
                .statsInterval(0, TimeUnit.SECONDS)
                .tlsTrustCertsFilePath(TLS_MIM_TRUST_CERT_FILE_PATH).allowTlsInsecureConnection(true)
                .authentication(authTls).enableTls(true).enableTlsHostnameVerification(hostnameVerificationEnabled)
                .build();

        admin.clusters().createCluster("test", new ClusterData(brokerUrl.toString()));

        admin.tenants().createTenant("my-property",
                new TenantInfo(Sets.newHashSet("appid1", "appid2"), Sets.newHashSet("test")));
        admin.namespaces().createNamespace("my-property/my-ns", Sets.newHashSet("test"));
    }
 
Example #18
Source File: TlsProducerConsumerBase.java    From pulsar with Apache License 2.0 6 votes vote down vote up
protected void internalSetUpForNamespace() throws Exception {
    Map<String, String> authParams = new HashMap<>();
    authParams.put("tlsCertFile", TLS_CLIENT_CERT_FILE_PATH);
    authParams.put("tlsKeyFile", TLS_CLIENT_KEY_FILE_PATH);

    if (admin != null) {
        admin.close();
    }

    admin = spy(PulsarAdmin.builder().serviceHttpUrl(brokerUrlTls.toString())
            .tlsTrustCertsFilePath(TLS_TRUST_CERT_FILE_PATH).allowTlsInsecureConnection(false)
            .authentication(AuthenticationTls.class.getName(), authParams).build());
    admin.clusters().createCluster(clusterName, new ClusterData(brokerUrl.toString(), brokerUrlTls.toString(),
            pulsar.getBrokerServiceUrl(), pulsar.getBrokerServiceUrlTls()));
    admin.tenants().createTenant("my-property",
            new TenantInfo(Sets.newHashSet("appid1", "appid2"), Sets.newHashSet("use")));
    admin.namespaces().createNamespace("my-property/my-ns");
}
 
Example #19
Source File: PulsarAdminTool.java    From pulsar with Apache License 2.0 6 votes vote down vote up
private void setupCommands(Function<PulsarAdminBuilder, ? extends PulsarAdmin> adminFactory) {
    try {
        adminBuilder.serviceHttpUrl(serviceUrl);
        adminBuilder.authentication(authPluginClassName, authParams);
        PulsarAdmin admin = adminFactory.apply(adminBuilder);
        for (Map.Entry<String, Class<?>> c : commandMap.entrySet()) {
            addCommand(c, admin);
        }
    } catch (Exception e) {
        Throwable cause;
        if (e instanceof InvocationTargetException && null != e.getCause()) {
            cause = e.getCause();
        } else {
            cause = e;
        }
        System.err.println(cause.getClass() + ": " + cause.getMessage());
        System.exit(1);
    }
}
 
Example #20
Source File: SaslAuthenticateTest.java    From pulsar with Apache License 2.0 5 votes vote down vote up
@BeforeMethod
@Override
protected void setup() throws Exception {
    log.info("-- {} --, start at host: {}", methodName, localHostname);
    // use http lookup to verify HttpClient works well.
    isTcpLookup = false;

    conf.setAdvertisedAddress(localHostname);
    conf.setAuthenticationEnabled(true);
    conf.setSaslJaasClientAllowedIds(".*" + "client" + ".*");
    conf.setSaslJaasServerSectionName("PulsarBroker");
    Set<String> providers = new HashSet<>();
    providers.add(AuthenticationProviderSasl.class.getName());
    conf.setAuthenticationProviders(providers);
    conf.setClusterName("test");
    conf.setSuperUserRoles(ImmutableSet.of("client" + "@" + kdc.getRealm()));

    super.init();

    lookupUrl = new URI(pulsar.getWebServiceAddress());

    pulsarClient = PulsarClient.builder()
        .serviceUrl(lookupUrl.toString())
        .statsInterval(0, TimeUnit.SECONDS)
        .authentication(authSasl).build();

    // set admin auth, to verify admin web resources
    Map<String, String> clientSaslConfig = Maps.newHashMap();
    clientSaslConfig.put("saslJaasClientSectionName", "PulsarClient");
    clientSaslConfig.put("serverType", "broker");
    log.info("set client jaas section name: PulsarClient");
    admin = PulsarAdmin.builder()
        .serviceHttpUrl(brokerUrl.toString())
        .authentication(AuthenticationFactory.create(AuthenticationSasl.class.getName(), clientSaslConfig))
        .build();
    log.info("-- {} --, end.", methodName);

    super.producerBaseSetup();
}
 
Example #21
Source File: AdminApiKeyStoreTlsAuthTest.java    From pulsar with Apache License 2.0 5 votes vote down vote up
PulsarAdmin buildAdminClient() throws Exception {
    Map<String, String> authParams = new HashMap<>();
    authParams.put(AuthenticationKeyStoreTls.KEYSTORE_PATH, CLIENT_KEYSTORE_FILE_PATH);
    authParams.put(AuthenticationKeyStoreTls.KEYSTORE_PW, CLIENT_KEYSTORE_PW);

    return PulsarAdmin.builder()
            .serviceHttpUrl(brokerUrlTls.toString())
            .useKeyStoreTls(true)
            .tlsTrustStorePath(BROKER_TRUSTSTORE_FILE_PATH)
            .tlsTrustStorePassword(BROKER_TRUSTSTORE_PW)
            .allowTlsInsecureConnection(false)
            .authentication(AuthenticationKeyStoreTls.class.getName(), authParams)
            .build();
}
 
Example #22
Source File: AdminApiKeyStoreTlsAuthTest.java    From pulsar with Apache License 2.0 5 votes vote down vote up
@Test
public void testSuperUserCanListTenants() throws Exception {
    try (PulsarAdmin admin = buildAdminClient()) {
        admin.clusters().createCluster("test", new ClusterData(brokerUrl.toString()));
        admin.tenants().createTenant("tenant1",
                                     new TenantInfo(ImmutableSet.of("foobar"),
                                                    ImmutableSet.of("test")));
        Assert.assertEquals(ImmutableSet.of("tenant1"), admin.tenants().getTenants());
    }
}
 
Example #23
Source File: SuperUserAuthedAdminProxyHandlerTest.java    From pulsar with Apache License 2.0 5 votes vote down vote up
@Test
public void testAuthWithRandoCert() throws Exception {
    // test that we cannot connect or do anything with a cert not signed by CA
    try (PulsarAdmin randoAdmin = getAdminClient("randouser")) {
        try {
            randoAdmin.tenants().getTenants();
            Assert.fail("Shouldn't be able to do anything");
        } catch (PulsarAdminException.NotAuthorizedException e) {
            // expected
        }
    }
}
 
Example #24
Source File: ProxyWithoutServiceDiscoveryTest.java    From pulsar with Apache License 2.0 5 votes vote down vote up
protected final PulsarClient createPulsarClient(Authentication auth, String lookupUrl) throws Exception {
    admin = spy(PulsarAdmin.builder().serviceHttpUrl(brokerUrlTls.toString()).tlsTrustCertsFilePath(TLS_TRUST_CERT_FILE_PATH)
            .allowTlsInsecureConnection(true).authentication(auth).build());
    return PulsarClient.builder().serviceUrl(lookupUrl).statsInterval(0, TimeUnit.SECONDS)
            .tlsTrustCertsFilePath(TLS_TRUST_CERT_FILE_PATH).allowTlsInsecureConnection(true).authentication(auth)
            .enableTls(true).build();
}
 
Example #25
Source File: PulsarContainerTest.java    From testcontainers-java with MIT License 5 votes vote down vote up
@Test
public void shouldNotEnableFunctionsWorkerByDefault() throws Exception {
    try (PulsarContainer pulsar = new PulsarContainer("2.5.1")) {
        pulsar.start();

        PulsarAdmin pulsarAdmin = PulsarAdmin.builder()
            .serviceHttpUrl(pulsar.getHttpServiceUrl())
            .build();

        assertThatThrownBy(() -> pulsarAdmin.functions().getFunctions("public", "default"))
            .isInstanceOf(PulsarAdminException.class);
    }
}
 
Example #26
Source File: AdminApiTlsAuthTest.java    From pulsar with Apache License 2.0 5 votes vote down vote up
@Test
public void testSuperProxyUserAndAdminCanListTenants() throws Exception {
    try (PulsarAdmin admin = buildAdminClient("admin")) {
        admin.tenants().createTenant("tenant1",
                                     new TenantInfo(ImmutableSet.of("user1"),
                                                    ImmutableSet.of("test")));
    }
    WebTarget root = buildWebClient("superproxy");
    Assert.assertEquals(ImmutableSet.of("tenant1"),
                        root.path("/admin/v2/tenants")
                        .request(MediaType.APPLICATION_JSON)
                        .header("X-Original-Principal", "admin")
                        .get(new GenericType<List<String>>() {}));
}
 
Example #27
Source File: ProxyWithAuthorizationTest.java    From pulsar with Apache License 2.0 5 votes vote down vote up
protected final void createAdminClient() throws Exception {
    Map<String, String> authParams = Maps.newHashMap();
    authParams.put("tlsCertFile", TLS_SUPERUSER_CLIENT_CERT_FILE_PATH);
    authParams.put("tlsKeyFile", TLS_SUPERUSER_CLIENT_KEY_FILE_PATH);

    admin = spy(PulsarAdmin.builder().serviceHttpUrl(brokerUrlTls.toString())
            .tlsTrustCertsFilePath(TLS_PROXY_TRUST_CERT_FILE_PATH).allowTlsInsecureConnection(true)
            .authentication(AuthenticationTls.class.getName(), authParams).build());
}
 
Example #28
Source File: AdminApiTest.java    From pulsar with Apache License 2.0 5 votes vote down vote up
@BeforeMethod
@Override
public void setup() throws Exception {
    conf.setLoadBalancerEnabled(true);
    conf.setBrokerServicePortTls(Optional.of(0));
    conf.setWebServicePortTls(Optional.of(0));
    conf.setTlsCertificateFilePath(TLS_SERVER_CERT_FILE_PATH);
    conf.setTlsKeyFilePath(TLS_SERVER_KEY_FILE_PATH);
    conf.setMessageExpiryCheckIntervalInMinutes(1);
    conf.setSubscriptionExpiryCheckIntervalInMinutes(1);
    conf.setBrokerDeleteInactiveTopicsEnabled(false);

    super.internalSetup();

    bundleFactory = new NamespaceBundleFactory(pulsar, Hashing.crc32());

    adminTls = spy(PulsarAdmin.builder().tlsTrustCertsFilePath(TLS_SERVER_CERT_FILE_PATH)
            .serviceHttpUrl(brokerUrlTls.toString()).build());

    // create otherbroker to test redirect on calls that need
    // namespace ownership
    mockPulsarSetup = new MockedPulsarService(this.conf);
    mockPulsarSetup.setup();
    otherPulsar = mockPulsarSetup.getPulsar();
    otheradmin = mockPulsarSetup.getAdmin();

    // Setup namespaces
    admin.clusters().createCluster("test", new ClusterData(pulsar.getWebServiceAddress()));
    TenantInfo tenantInfo = new TenantInfo(Sets.newHashSet("role1", "role2"), Sets.newHashSet("test"));
    admin.tenants().createTenant("prop-xyz", tenantInfo);
    admin.namespaces().createNamespace("prop-xyz/ns1", Sets.newHashSet("test"));
}
 
Example #29
Source File: SLAMonitoringTest.java    From pulsar with Apache License 2.0 5 votes vote down vote up
@BeforeClass
void setup() throws Exception {
    log.info("---- Initializing SLAMonitoringTest -----");
    // Start local bookkeeper ensemble
    bkEnsemble = new LocalBookkeeperEnsemble(3, 0, () -> 0);
    bkEnsemble.start();

    // start brokers
    for (int i = 0; i < BROKER_COUNT; i++) {
        ServiceConfiguration config = new ServiceConfiguration();
        config.setBrokerServicePort(Optional.of(0));
        config.setClusterName("my-cluster");
        config.setAdvertisedAddress("localhost");
        config.setWebServicePort(Optional.of(0));
        config.setZookeeperServers("127.0.0.1" + ":" + bkEnsemble.getZookeeperPort());
        config.setBrokerServicePort(Optional.of(0));
        config.setDefaultNumberOfNamespaceBundles(1);
        config.setLoadBalancerEnabled(false);
        configurations[i] = config;

        pulsarServices[i] = new PulsarService(config);
        pulsarServices[i].start();

        brokerWebServicePorts[i] = pulsarServices[i].getListenPortHTTP().get();
        brokerNativeBrokerPorts[i] = pulsarServices[i].getBrokerListenPort().get();
        brokerUrls[i] = new URL(pulsarServices[i].getWebServiceAddress());
        pulsarAdmins[i] = PulsarAdmin.builder().serviceHttpUrl(brokerUrls[i].toString()).build();
    }

    Thread.sleep(100);

    createTenant(pulsarAdmins[BROKER_COUNT - 1]);
    for (int i = 0; i < BROKER_COUNT; i++) {
        String topic = String.format("%s/%s/%s:%s", NamespaceService.SLA_NAMESPACE_PROPERTY, "my-cluster",
                pulsarServices[i].getAdvertisedAddress(), brokerWebServicePorts[i]);
        pulsarAdmins[0].namespaces().createNamespace(topic);
    }
}
 
Example #30
Source File: JodaTimeTest.java    From pulsar with Apache License 2.0 5 votes vote down vote up
@BeforeMethod
public void setup() throws Exception {
    this.client = PulsarClient.builder()
            .serviceUrl(pulsarCluster.getPlainTextServiceUrl())
            .build();
    this.admin = PulsarAdmin.builder()
            .serviceHttpUrl(pulsarCluster.getHttpServiceUrl())
            .build();
}