Java Code Examples for org.apache.flink.runtime.security.DynamicConfiguration#addAppConfigurationEntry()

The following examples show how to use org.apache.flink.runtime.security.DynamicConfiguration#addAppConfigurationEntry() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: TestingSecurityContext.java    From Flink-CEPplus with Apache License 2.0 6 votes vote down vote up
public static void install(SecurityConfiguration config,
					Map<String, ClientSecurityConfiguration> clientSecurityConfigurationMap)
		throws Exception {

	SecurityUtils.install(config);

	// install dynamic JAAS entries
	for (SecurityModuleFactory factory : config.getSecurityModuleFactories()) {
		if (factory instanceof JaasModuleFactory) {
			DynamicConfiguration jaasConf = (DynamicConfiguration) javax.security.auth.login.Configuration.getConfiguration();
			for (Map.Entry<String, ClientSecurityConfiguration> e : clientSecurityConfigurationMap.entrySet()) {
				AppConfigurationEntry entry = KerberosUtils.keytabEntry(
					e.getValue().getKeytab(),
					e.getValue().getPrincipal());
				jaasConf.addAppConfigurationEntry(e.getKey(), entry);
			}
			break;
		}
	}
}
 
Example 2
Source File: TestingSecurityContext.java    From flink with Apache License 2.0 6 votes vote down vote up
public static void install(SecurityConfiguration config,
					Map<String, ClientSecurityConfiguration> clientSecurityConfigurationMap)
		throws Exception {

	SecurityUtils.install(config);

	// install dynamic JAAS entries
	for (SecurityModuleFactory factory : config.getSecurityModuleFactories()) {
		if (factory instanceof JaasModuleFactory) {
			DynamicConfiguration jaasConf = (DynamicConfiguration) javax.security.auth.login.Configuration.getConfiguration();
			for (Map.Entry<String, ClientSecurityConfiguration> e : clientSecurityConfigurationMap.entrySet()) {
				AppConfigurationEntry entry = KerberosUtils.keytabEntry(
					e.getValue().getKeytab(),
					e.getValue().getPrincipal());
				jaasConf.addAppConfigurationEntry(e.getKey(), entry);
			}
			break;
		}
	}
}
 
Example 3
Source File: TestingSecurityContext.java    From flink with Apache License 2.0 6 votes vote down vote up
public static void install(SecurityConfiguration config,
					Map<String, ClientSecurityConfiguration> clientSecurityConfigurationMap)
		throws Exception {

	SecurityUtils.install(config);

	// install dynamic JAAS entries
	for (String factoryClassName : config.getSecurityModuleFactories()) {
		SecurityModuleFactory factory = SecurityFactoryServiceLoader.findModuleFactory(factoryClassName);
		if (factory instanceof JaasModuleFactory) {
			DynamicConfiguration jaasConf = (DynamicConfiguration) javax.security.auth.login.Configuration.getConfiguration();
			for (Map.Entry<String, ClientSecurityConfiguration> e : clientSecurityConfigurationMap.entrySet()) {
				AppConfigurationEntry entry = KerberosUtils.keytabEntry(
					e.getValue().getKeytab(),
					e.getValue().getPrincipal());
				jaasConf.addAppConfigurationEntry(e.getKey(), entry);
			}
			break;
		}
	}
}
 
Example 4
Source File: JaasModule.java    From Flink-CEPplus with Apache License 2.0 5 votes vote down vote up
@Override
public void install() throws SecurityInstallException {

	// ensure that a config file is always defined, for compatibility with
	// ZK and Kafka which check for the system property and existence of the file
	priorConfigFile = System.getProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, null);
	if (priorConfigFile == null) {
		File configFile = generateDefaultConfigFile();
		System.setProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, configFile.getAbsolutePath());
	}

	// read the JAAS configuration file
	priorConfig = javax.security.auth.login.Configuration.getConfiguration();

	// construct a dynamic JAAS configuration
	currentConfig = new DynamicConfiguration(priorConfig);

	// wire up the configured JAAS login contexts to use the krb5 entries
	AppConfigurationEntry[] krb5Entries = getAppConfigurationEntries(securityConfig);
	if (krb5Entries != null) {
		for (String app : securityConfig.getLoginContextNames()) {
			currentConfig.addAppConfigurationEntry(app, krb5Entries);
		}
	}

	javax.security.auth.login.Configuration.setConfiguration(currentConfig);
}
 
Example 5
Source File: JaasModule.java    From flink with Apache License 2.0 5 votes vote down vote up
@Override
public void install() throws SecurityInstallException {

	// ensure that a config file is always defined, for compatibility with
	// ZK and Kafka which check for the system property and existence of the file
	priorConfigFile = System.getProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, null);
	if (priorConfigFile == null) {
		File configFile = generateDefaultConfigFile();
		System.setProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, configFile.getAbsolutePath());
	}

	// read the JAAS configuration file
	priorConfig = javax.security.auth.login.Configuration.getConfiguration();

	// construct a dynamic JAAS configuration
	currentConfig = new DynamicConfiguration(priorConfig);

	// wire up the configured JAAS login contexts to use the krb5 entries
	AppConfigurationEntry[] krb5Entries = getAppConfigurationEntries(securityConfig);
	if (krb5Entries != null) {
		for (String app : securityConfig.getLoginContextNames()) {
			currentConfig.addAppConfigurationEntry(app, krb5Entries);
		}
	}

	javax.security.auth.login.Configuration.setConfiguration(currentConfig);
}
 
Example 6
Source File: JaasModule.java    From flink with Apache License 2.0 5 votes vote down vote up
@Override
public void install() {

	// ensure that a config file is always defined, for compatibility with
	// ZK and Kafka which check for the system property and existence of the file
	priorConfigFile = System.getProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, null);
	if (priorConfigFile == null) {
		File configFile = generateDefaultConfigFile(workingDir);
		System.setProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, configFile.getAbsolutePath());
		LOG.info("Jaas file will be created as {}.", configFile);
	}

	// read the JAAS configuration file
	priorConfig = javax.security.auth.login.Configuration.getConfiguration();

	// construct a dynamic JAAS configuration
	currentConfig = new DynamicConfiguration(priorConfig);

	// wire up the configured JAAS login contexts to use the krb5 entries
	AppConfigurationEntry[] krb5Entries = getAppConfigurationEntries(securityConfig);
	if (krb5Entries != null) {
		for (String app : securityConfig.getLoginContextNames()) {
			currentConfig.addAppConfigurationEntry(app, krb5Entries);
		}
	}

	javax.security.auth.login.Configuration.setConfiguration(currentConfig);
}