Java Code Examples for org.apache.hadoop.security.alias.CredentialProvider#CredentialEntry
The following examples show how to use
org.apache.hadoop.security.alias.CredentialProvider#CredentialEntry .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SecurityUtil.java From atlas with Apache License 2.0 | 7 votes |
|
/**
* Retrieves a password from a configured credential provider or prompts for the password and stores it in the
* configured credential provider.
* @param config application configuration
* @param key the key/alias for the password.
* @return the password.
* @throws IOException
*/
public static String getPassword(org.apache.commons.configuration.Configuration config, String key) throws IOException {
String password;
String provider = config.getString(CERT_STORES_CREDENTIAL_PROVIDER_PATH);
if (provider != null) {
LOG.info("Attempting to retrieve password for key {} from configured credential provider path {}", key, provider);
Configuration c = new Configuration();
c.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, provider);
CredentialProvider credentialProvider = CredentialProviderFactory.getProviders(c).get(0);
CredentialProvider.CredentialEntry entry = credentialProvider.getCredentialEntry(key);
if (entry == null) {
throw new IOException(String.format("No credential entry found for %s. "
+ "Please create an entry in the configured credential provider", key));
} else {
password = String.valueOf(entry.getCredential());
}
} else {
throw new IOException("No credential provider path configured for storage of certificate store passwords");
}
return password;
}
Example 2
| Source File: SecureEmbeddedServer.java From incubator-atlas with Apache License 2.0 | 6 votes |
|
/**
* Retrieves a password from a configured credential provider or prompts for the password and stores it in the
* configured credential provider.
* @param config application configuration
* @param key the key/alias for the password.
* @return the password.
* @throws IOException
*/
private String getPassword(org.apache.commons.configuration.Configuration config, String key) throws IOException {
String password;
String provider = config.getString(CERT_STORES_CREDENTIAL_PROVIDER_PATH);
if (provider != null) {
LOG.info("Attempting to retrieve password from configured credential provider path");
Configuration c = new Configuration();
c.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, provider);
CredentialProvider credentialProvider = CredentialProviderFactory.getProviders(c).get(0);
CredentialProvider.CredentialEntry entry = credentialProvider.getCredentialEntry(key);
if (entry == null) {
throw new IOException(String.format("No credential entry found for %s. "
+ "Please create an entry in the configured credential provider", key));
} else {
password = String.valueOf(entry.getCredential());
}
} else {
throw new IOException("No credential provider path configured for storage of certificate store passwords");
}
return password;
}
Example 3
| Source File: LdapRealm.java From zeppelin with Apache License 2.0 | 6 votes |
|
static String getSystemPassword(String hadoopSecurityCredentialPath,
String keystorePass) {
String password = "";
try {
Configuration configuration = new Configuration();
configuration.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH,
hadoopSecurityCredentialPath);
CredentialProvider provider = CredentialProviderFactory.getProviders(configuration).get(0);
CredentialProvider.CredentialEntry credEntry = provider.getCredentialEntry(keystorePass);
if (credEntry != null) {
password = new String(credEntry.getCredential());
}
} catch (IOException e) {
throw new ShiroException("Error from getting credential entry from keystore", e);
}
if (org.apache.commons.lang3.StringUtils.isEmpty(password)) {
throw new ShiroException("Error getting SystemPassword from the provided keystore:"
+ keystorePass + ", in path:" + hadoopSecurityCredentialPath);
}
return password;
}
Example 4
| Source File: RangerCredentialProvider.java From ranger with Apache License 2.0 | 6 votes |
|
public String getCredentialString(String url, String alias) {
if (url != null && alias != null) {
List<CredentialProvider> providers = getCredentialProviders(url);
if (providers != null) {
for (CredentialProvider provider : providers) {
try {
CredentialProvider.CredentialEntry credEntry = provider.getCredentialEntry(alias);
if (credEntry != null && credEntry.getCredential() != null) {
return new String(credEntry.getCredential());
}
} catch (Exception ie) {
LOG.error("Unable to get the Credential Provider from the Configuration", ie);
}
}
}
}
return null;
}
Example 5
| Source File: JDBCInterpreter.java From zeppelin with Apache License 2.0 | 5 votes |
|
private String getPassword(Properties properties) throws IOException, InterpreterException {
if (isNotEmpty(properties.getProperty(PASSWORD_KEY))) {
return properties.getProperty(PASSWORD_KEY);
} else if (isNotEmpty(properties.getProperty(JDBC_JCEKS_FILE))
&& isNotEmpty(properties.getProperty(JDBC_JCEKS_CREDENTIAL_KEY))) {
try {
Configuration configuration = new Configuration();
configuration.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH,
properties.getProperty(JDBC_JCEKS_FILE));
CredentialProvider provider = CredentialProviderFactory.getProviders(configuration).get(0);
CredentialProvider.CredentialEntry credEntry =
provider.getCredentialEntry(properties.getProperty(JDBC_JCEKS_CREDENTIAL_KEY));
if (credEntry != null) {
return new String(credEntry.getCredential());
} else {
throw new InterpreterException("Failed to retrieve password from JCEKS from key: "
+ properties.getProperty(JDBC_JCEKS_CREDENTIAL_KEY));
}
} catch (Exception e) {
LOGGER.error("Failed to retrieve password from JCEKS \n" +
"For file: {} \nFor key: {}", properties.getProperty(JDBC_JCEKS_FILE),
properties.getProperty(JDBC_JCEKS_CREDENTIAL_KEY), e);
throw e;
}
}
return null;
}
Example 6
| Source File: CredentialProviderUtilityIT.java From atlas with Apache License 2.0 | 4 votes |
|
protected void assertCredentialEntryCorrect(CredentialProvider.CredentialEntry entry) {
assertCredentialEntryCorrect(entry, defaultPass);
}
Example 7
| Source File: CredentialProviderUtilityIT.java From atlas with Apache License 2.0 | 4 votes |
|
protected void assertCredentialEntryCorrect(CredentialProvider.CredentialEntry entry, char[] password) {
Assert.assertNotNull(entry);
Assert.assertEquals(entry.getCredential(), password);
}
Example 8
| Source File: CredentialProviderUtilityIT.java From incubator-atlas with Apache License 2.0 | 4 votes |
|
protected void assertCredentialEntryCorrect(CredentialProvider.CredentialEntry entry) {
assertCredentialEntryCorrect(entry, defaultPass);
}
Example 9
| Source File: CredentialProviderUtilityIT.java From incubator-atlas with Apache License 2.0 | 4 votes |
|
protected void assertCredentialEntryCorrect(CredentialProvider.CredentialEntry entry, char[] password) {
Assert.assertNotNull(entry);
Assert.assertEquals(entry.getCredential(), password);
}
Example 10
| Source File: CredentialReader.java From ranger with Apache License 2.0 | 4 votes |
|
public static String getDecryptedString(String CrendentialProviderPath,String alias) {
String credential=null;
try{
if(CrendentialProviderPath==null || alias==null){
return null;
}
char[] pass = null;
Configuration conf = new Configuration();
String crendentialProviderPrefixJceks=JavaKeyStoreProvider.SCHEME_NAME + "://file";
String crendentialProviderPrefixLocalJceks="localjceks://file";
crendentialProviderPrefixJceks=crendentialProviderPrefixJceks.toLowerCase();
CrendentialProviderPath=CrendentialProviderPath.trim();
alias=alias.trim();
if(CrendentialProviderPath.toLowerCase().startsWith(crendentialProviderPrefixJceks) || CrendentialProviderPath.toLowerCase().startsWith(crendentialProviderPrefixLocalJceks)){
conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH,
//UserProvider.SCHEME_NAME + ":///," +
CrendentialProviderPath);
}else{
if(CrendentialProviderPath.startsWith("/")){
conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH,
//UserProvider.SCHEME_NAME + ":///," +
JavaKeyStoreProvider.SCHEME_NAME + "://file" + CrendentialProviderPath);
}else{
conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH,
//UserProvider.SCHEME_NAME + ":///," +
JavaKeyStoreProvider.SCHEME_NAME + "://file/" + CrendentialProviderPath);
}
}
List<CredentialProvider> providers = CredentialProviderFactory.getProviders(conf);
List<String> aliasesList=new ArrayList<String>();
CredentialProvider.CredentialEntry credEntry=null;
for(CredentialProvider provider: providers) {
//System.out.println("Credential Provider :" + provider);
aliasesList=provider.getAliases();
if(aliasesList!=null && aliasesList.contains(alias.toLowerCase())){
credEntry=null;
credEntry= provider.getCredentialEntry(alias);
pass = credEntry.getCredential();
if(pass!=null && pass.length>0){
credential=String.valueOf(pass);
break;
}
}
}
}catch(Exception ex){
ex.printStackTrace();
credential=null;
}
return credential;
}
Example 11
| Source File: CredentialReader.java From ranger with Apache License 2.0 | 4 votes |
|
public static String getDecryptedString(String CrendentialProviderPath,String alias) {
String credential=null;
try{
if(CrendentialProviderPath==null || alias==null||CrendentialProviderPath.trim().isEmpty()||alias.trim().isEmpty()){
return null;
}
char[] pass = null;
Configuration conf = new Configuration();
String crendentialProviderPrefixJceks=JavaKeyStoreProvider.SCHEME_NAME + "://file";
String crendentialProviderPrefixLocalJceks="localjceks://file";
crendentialProviderPrefixJceks=crendentialProviderPrefixJceks.toLowerCase();
CrendentialProviderPath=CrendentialProviderPath.trim();
alias=alias.trim();
if(CrendentialProviderPath.toLowerCase().startsWith(crendentialProviderPrefixJceks) || CrendentialProviderPath.toLowerCase().startsWith(crendentialProviderPrefixLocalJceks)){
conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH,
//UserProvider.SCHEME_NAME + ":///," +
CrendentialProviderPath);
}else{
if(CrendentialProviderPath.startsWith("/")){
conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH,
//UserProvider.SCHEME_NAME + ":///," +
JavaKeyStoreProvider.SCHEME_NAME + "://file" + CrendentialProviderPath);
}else{
conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH,
//UserProvider.SCHEME_NAME + ":///," +
JavaKeyStoreProvider.SCHEME_NAME + "://file/" + CrendentialProviderPath);
}
}
List<CredentialProvider> providers = CredentialProviderFactory.getProviders(conf);
List<String> aliasesList=new ArrayList<String>();
CredentialProvider.CredentialEntry credEntry=null;
for(CredentialProvider provider: providers) {
//System.out.println("Credential Provider :" + provider);
aliasesList=provider.getAliases();
if(aliasesList!=null && aliasesList.contains(alias.toLowerCase())){
credEntry=null;
credEntry= provider.getCredentialEntry(alias);
pass = credEntry.getCredential();
if(pass!=null && pass.length>0){
credential=String.valueOf(pass);
break;
}
}
}
}catch(Exception ex){
ex.printStackTrace();
credential=null;
}
return credential;
}
