本文整理汇总了Java中org.apache.kafka.common.protocol.SecurityProtocol类的典型用法代码示例。如果您正苦于以下问题:Java SecurityProtocol类的具体用法?Java SecurityProtocol怎么用?Java SecurityProtocol使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
SecurityProtocol类属于org.apache.kafka.common.protocol包,在下文中一共展示了SecurityProtocol类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getDefaultParameters
import org.apache.kafka.common.protocol.SecurityProtocol; //导入依赖的package包/类
/**
* Set default parameters and their values
*
* @return
*/
@Override
public Arguments getDefaultParameters() {
Arguments defaultParameters = new Arguments();
defaultParameters.addArgument(ProducerConfig.BOOTSTRAP_SERVERS_CONFIG, ProducerKeys.BOOTSTRAP_SERVERS_CONFIG_DEFAULT);
defaultParameters.addArgument(ProducerKeys.ZOOKEEPER_SERVERS, ProducerKeys.ZOOKEEPER_SERVERS_DEFAULT);
defaultParameters.addArgument(ProducerKeys.KAFKA_TOPIC_CONFIG, ProducerKeys.KAFKA_TOPIC_CONFIG_DEFAULT);
defaultParameters.addArgument(ProducerConfig.KEY_SERIALIZER_CLASS_CONFIG, ProducerKeys.KEY_SERIALIZER_CLASS_CONFIG_DEFAULT);
defaultParameters.addArgument(ProducerConfig.VALUE_SERIALIZER_CLASS_CONFIG, ProducerKeys.VALUE_SERIALIZER_CLASS_CONFIG_DEFAULT);
defaultParameters.addArgument(ProducerConfig.COMPRESSION_TYPE_CONFIG, ProducerKeys.COMPRESSION_TYPE_CONFIG_DEFAULT);
defaultParameters.addArgument(ProducerConfig.BATCH_SIZE_CONFIG, ProducerKeys.BATCH_SIZE_CONFIG_DEFAULT);
defaultParameters.addArgument(ProducerConfig.LINGER_MS_CONFIG, ProducerKeys.LINGER_MS_CONFIG_DEFAULT);
defaultParameters.addArgument(ProducerConfig.BUFFER_MEMORY_CONFIG, ProducerKeys.BUFFER_MEMORY_CONFIG_DEFAULT);
defaultParameters.addArgument(ProducerConfig.ACKS_CONFIG, ProducerKeys.ACKS_CONFIG_DEFAULT);
defaultParameters.addArgument(ProducerConfig.SEND_BUFFER_CONFIG, ProducerKeys.SEND_BUFFER_CONFIG_DEFAULT);
defaultParameters.addArgument(ProducerConfig.RECEIVE_BUFFER_CONFIG, ProducerKeys.RECEIVE_BUFFER_CONFIG_DEFAULT);
defaultParameters.addArgument(CommonClientConfigs.SECURITY_PROTOCOL_CONFIG, SecurityProtocol.PLAINTEXT.name);
defaultParameters.addArgument(PropsKeys.MESSAGE_PLACEHOLDER_KEY, PropsKeys.MSG_PLACEHOLDER);
defaultParameters.addArgument(ProducerKeys.KERBEROS_ENABLED, ProducerKeys.KERBEROS_ENABLED_DEFULAT);
defaultParameters.addArgument(ProducerKeys.JAVA_SEC_AUTH_LOGIN_CONFIG, ProducerKeys.JAVA_SEC_AUTH_LOGIN_CONFIG_DEFAULT);
defaultParameters.addArgument(ProducerKeys.JAVA_SEC_KRB5_CONFIG, ProducerKeys.JAVA_SEC_KRB5_CONFIG_DEFAULT);
defaultParameters.addArgument(ProducerKeys.SASL_KERBEROS_SERVICE_NAME, ProducerKeys.SASL_KERBEROS_SERVICE_NAME_DEFAULT);
defaultParameters.addArgument(ProducerKeys.SASL_MECHANISM, ProducerKeys.SASL_MECHANISM_DEFAULT);
return defaultParameters;
}
示例2: initProducer
import org.apache.kafka.common.protocol.SecurityProtocol; //导入依赖的package包/类
private void initProducer(String bootstrapServer) {
producer = TestUtils.createNewProducer(
bootstrapServer,
1,
60 * 1000L,
1024L * 1024L,
0,
0L,
5 * 1000L,
SecurityProtocol.PLAINTEXT,
null,
Option$.MODULE$.apply(new Properties()),
new StringSerializer(),
new ByteArraySerializer(),
Option$.MODULE$.apply(new Properties()));
}
示例3: lookupBootstrap
import org.apache.kafka.common.protocol.SecurityProtocol; //导入依赖的package包/类
/**
* Generates the Kafka bootstrap connection string from the metadata stored in Zookeeper.
* Allows for backwards compatibility of the zookeeperConnect configuration.
*/
private String lookupBootstrap(String zookeeperConnect, SecurityProtocol securityProtocol) {
ZkUtils zkUtils = ZkUtils.apply(zookeeperConnect, ZK_SESSION_TIMEOUT, ZK_CONNECTION_TIMEOUT,
JaasUtils.isZkSecurityEnabled());
try {
List<BrokerEndPoint> endPoints =
asJavaListConverter(zkUtils.getAllBrokerEndPointsForChannel(securityProtocol)).asJava();
List<String> connections = new ArrayList<>();
for (BrokerEndPoint endPoint : endPoints) {
connections.add(endPoint.connectionString());
}
return StringUtils.join(connections, ',');
} finally {
zkUtils.close();
}
}
示例4: clientChannelBuilder
import org.apache.kafka.common.protocol.SecurityProtocol; //导入依赖的package包/类
/**
* @param securityProtocol the securityProtocol
* @param contextType the contextType, it must be non-null if `securityProtocol` is SASL_*; it is ignored otherwise
* @param config client config
* @param listenerName the listenerName if contextType is SERVER or null otherwise
* @param clientSaslMechanism SASL mechanism if mode is CLIENT, ignored otherwise
* @param saslHandshakeRequestEnable flag to enable Sasl handshake requests; disabled only for SASL
* inter-broker connections with inter-broker protocol version < 0.10
* @return the configured `ChannelBuilder`
* @throws IllegalArgumentException if `mode` invariants described above is not maintained
*/
public static ChannelBuilder clientChannelBuilder(SecurityProtocol securityProtocol,
JaasContext.Type contextType,
AbstractConfig config,
ListenerName listenerName,
String clientSaslMechanism,
boolean saslHandshakeRequestEnable) {
if (securityProtocol == SecurityProtocol.SASL_PLAINTEXT || securityProtocol == SecurityProtocol.SASL_SSL) {
if (contextType == null)
throw new IllegalArgumentException("`contextType` must be non-null if `securityProtocol` is `" + securityProtocol + "`");
if (clientSaslMechanism == null)
throw new IllegalArgumentException("`clientSaslMechanism` must be non-null in client mode if `securityProtocol` is `" + securityProtocol + "`");
}
return create(securityProtocol, Mode.CLIENT, contextType, config, listenerName, clientSaslMechanism,
saslHandshakeRequestEnable, null);
}
示例5: testMissingUsernameSaslPlain
import org.apache.kafka.common.protocol.SecurityProtocol; //导入依赖的package包/类
/**
* Tests that SASL/PLAIN clients without valid username fail authentication.
*/
@Test
public void testMissingUsernameSaslPlain() throws Exception {
String node = "0";
TestJaasConfig jaasConfig = configureMechanisms("PLAIN", Arrays.asList("PLAIN"));
jaasConfig.setPlainClientOptions(null, "mypassword");
SecurityProtocol securityProtocol = SecurityProtocol.SASL_SSL;
server = createEchoServer(securityProtocol);
createSelector(securityProtocol, saslClientConfigs);
InetSocketAddress addr = new InetSocketAddress("127.0.0.1", server.port());
try {
selector.connect(node, addr, BUFFER_SIZE, BUFFER_SIZE);
fail("SASL/PLAIN channel created without username");
} catch (IOException e) {
// Expected exception
assertTrue("Channels not closed", selector.channels().isEmpty());
for (SelectionKey key : selector.keys())
assertFalse("Key not cancelled", key.isValid());
}
}
示例6: testMissingPasswordSaslPlain
import org.apache.kafka.common.protocol.SecurityProtocol; //导入依赖的package包/类
/**
* Tests that SASL/PLAIN clients with missing password in JAAS configuration fail authentication.
*/
@Test
public void testMissingPasswordSaslPlain() throws Exception {
String node = "0";
TestJaasConfig jaasConfig = configureMechanisms("PLAIN", Arrays.asList("PLAIN"));
jaasConfig.setPlainClientOptions("myuser", null);
SecurityProtocol securityProtocol = SecurityProtocol.SASL_SSL;
server = createEchoServer(securityProtocol);
createSelector(securityProtocol, saslClientConfigs);
InetSocketAddress addr = new InetSocketAddress("127.0.0.1", server.port());
try {
selector.connect(node, addr, BUFFER_SIZE, BUFFER_SIZE);
fail("SASL/PLAIN channel created without password");
} catch (IOException e) {
// Expected exception
}
}
示例7: testMultipleServerMechanisms
import org.apache.kafka.common.protocol.SecurityProtocol; //导入依赖的package包/类
/**
* Tests that servers supporting multiple SASL mechanisms work with clients using
* any of the enabled mechanisms.
*/
@Test
public void testMultipleServerMechanisms() throws Exception {
SecurityProtocol securityProtocol = SecurityProtocol.SASL_SSL;
configureMechanisms("DIGEST-MD5", Arrays.asList("DIGEST-MD5", "PLAIN", "SCRAM-SHA-256"));
server = createEchoServer(securityProtocol);
updateScramCredentialCache(TestJaasConfig.USERNAME, TestJaasConfig.PASSWORD);
String node1 = "1";
saslClientConfigs.put(SaslConfigs.SASL_MECHANISM, "PLAIN");
createAndCheckClientConnection(securityProtocol, node1);
String node2 = "2";
saslClientConfigs.put(SaslConfigs.SASL_MECHANISM, "DIGEST-MD5");
createSelector(securityProtocol, saslClientConfigs);
InetSocketAddress addr = new InetSocketAddress("127.0.0.1", server.port());
selector.connect(node2, addr, BUFFER_SIZE, BUFFER_SIZE);
NetworkTestUtils.checkClientConnection(selector, node2, 100, 10);
String node3 = "3";
saslClientConfigs.put(SaslConfigs.SASL_MECHANISM, "SCRAM-SHA-256");
createSelector(securityProtocol, saslClientConfigs);
selector.connect(node3, new InetSocketAddress("127.0.0.1", server.port()), BUFFER_SIZE, BUFFER_SIZE);
NetworkTestUtils.checkClientConnection(selector, node3, 100, 10);
}
示例8: testUserCredentialsUnavailableForScramMechanism
import org.apache.kafka.common.protocol.SecurityProtocol; //导入依赖的package包/类
/**
* Tests that SASL/SCRAM clients fail authentication if credentials are not available for
* the specific SCRAM mechanism.
*/
@Test
public void testUserCredentialsUnavailableForScramMechanism() throws Exception {
SecurityProtocol securityProtocol = SecurityProtocol.SASL_SSL;
configureMechanisms("SCRAM-SHA-256", new ArrayList<>(ScramMechanism.mechanismNames()));
server = createEchoServer(securityProtocol);
updateScramCredentialCache(TestJaasConfig.USERNAME, TestJaasConfig.PASSWORD);
server.credentialCache().cache(ScramMechanism.SCRAM_SHA_256.mechanismName(), ScramCredential.class).remove(TestJaasConfig.USERNAME);
String node = "1";
saslClientConfigs.put(SaslConfigs.SASL_MECHANISM, "SCRAM-SHA-256");
createAndCheckClientConnectionFailure(securityProtocol, node);
saslClientConfigs.put(SaslConfigs.SASL_MECHANISM, "SCRAM-SHA-512");
createAndCheckClientConnection(securityProtocol, "2");
}
示例9: testScramUsernameWithSpecialCharacters
import org.apache.kafka.common.protocol.SecurityProtocol; //导入依赖的package包/类
/**
* Tests SASL/SCRAM with username containing characters that need
* to be encoded.
*/
@Test
public void testScramUsernameWithSpecialCharacters() throws Exception {
SecurityProtocol securityProtocol = SecurityProtocol.SASL_SSL;
String username = "special user= test,scram";
String password = username + "-password";
TestJaasConfig jaasConfig = configureMechanisms("SCRAM-SHA-256", Arrays.asList("SCRAM-SHA-256"));
Map<String, Object> options = new HashMap<>();
options.put("username", username);
options.put("password", password);
jaasConfig.createOrUpdateEntry(TestJaasConfig.LOGIN_CONTEXT_CLIENT, ScramLoginModule.class.getName(), options);
server = createEchoServer(securityProtocol);
updateScramCredentialCache(username, password);
createAndCheckClientConnection(securityProtocol, "0");
}
示例10: testApiVersionsRequestWithUnsupportedVersion
import org.apache.kafka.common.protocol.SecurityProtocol; //导入依赖的package包/类
/**
* Tests that unsupported version of ApiVersionsRequest before SASL handshake request
* returns error response and does not result in authentication failure. This test
* is similar to {@link #testUnauthenticatedApiVersionsRequest(SecurityProtocol)}
* where a non-SASL client is used to send requests that are processed by
* {@link SaslServerAuthenticator} of the server prior to client authentication.
*/
@Test
public void testApiVersionsRequestWithUnsupportedVersion() throws Exception {
SecurityProtocol securityProtocol = SecurityProtocol.SASL_PLAINTEXT;
configureMechanisms("PLAIN", Arrays.asList("PLAIN"));
server = createEchoServer(securityProtocol);
// Send ApiVersionsRequest with unsupported version and validate error response.
String node = "1";
createClientConnection(SecurityProtocol.PLAINTEXT, node);
RequestHeader header = new RequestHeader(ApiKeys.API_VERSIONS.id, Short.MAX_VALUE, "someclient", 1);
ApiVersionsRequest request = new ApiVersionsRequest.Builder().build();
selector.send(request.toSend(node, header));
ByteBuffer responseBuffer = waitForResponse();
ResponseHeader.parse(responseBuffer);
ApiVersionsResponse response = ApiVersionsResponse.parse(responseBuffer, (short) 0);
assertEquals(Errors.UNSUPPORTED_VERSION, response.error());
// Send ApiVersionsRequest with a supported version. This should succeed.
sendVersionRequestReceiveResponse(node);
// Test that client can authenticate successfully
sendHandshakeRequestReceiveResponse(node);
authenticateUsingSaslPlainAndCheckConnection(node);
}
示例11: testSaslHandshakeRequestWithUnsupportedVersion
import org.apache.kafka.common.protocol.SecurityProtocol; //导入依赖的package包/类
/**
* Tests that unsupported version of SASL handshake request returns error
* response and fails authentication. This test is similar to
* {@link #testUnauthenticatedApiVersionsRequest(SecurityProtocol)}
* where a non-SASL client is used to send requests that are processed by
* {@link SaslServerAuthenticator} of the server prior to client authentication.
*/
@Test
public void testSaslHandshakeRequestWithUnsupportedVersion() throws Exception {
SecurityProtocol securityProtocol = SecurityProtocol.SASL_PLAINTEXT;
configureMechanisms("PLAIN", Arrays.asList("PLAIN"));
server = createEchoServer(securityProtocol);
// Send ApiVersionsRequest and validate error response.
String node1 = "invalid1";
createClientConnection(SecurityProtocol.PLAINTEXT, node1);
SaslHandshakeRequest request = new SaslHandshakeRequest("PLAIN");
RequestHeader header = new RequestHeader(ApiKeys.SASL_HANDSHAKE.id, Short.MAX_VALUE, "someclient", 2);
selector.send(request.toSend(node1, header));
NetworkTestUtils.waitForChannelClose(selector, node1, ChannelState.READY);
selector.close();
// Test good connection still works
createAndCheckClientConnection(securityProtocol, "good1");
}
示例12: testInvalidApiVersionsRequestSequence
import org.apache.kafka.common.protocol.SecurityProtocol; //导入依赖的package包/类
/**
* Tests that ApiVersionsRequest after Kafka SASL handshake request flow,
* but prior to actual SASL authentication, results in authentication failure.
* This is similar to {@link #testUnauthenticatedApiVersionsRequest(SecurityProtocol)}
* where a non-SASL client is used to send requests that are processed by
* {@link SaslServerAuthenticator} of the server prior to client authentication.
*/
@Test
public void testInvalidApiVersionsRequestSequence() throws Exception {
SecurityProtocol securityProtocol = SecurityProtocol.SASL_PLAINTEXT;
configureMechanisms("PLAIN", Arrays.asList("PLAIN"));
server = createEchoServer(securityProtocol);
// Send handshake request followed by ApiVersionsRequest
String node1 = "invalid1";
createClientConnection(SecurityProtocol.PLAINTEXT, node1);
sendHandshakeRequestReceiveResponse(node1);
ApiVersionsRequest request = new ApiVersionsRequest.Builder().build();
RequestHeader versionsHeader = new RequestHeader(ApiKeys.API_VERSIONS.id,
request.version(), "someclient", 2);
selector.send(request.toSend(node1, versionsHeader));
NetworkTestUtils.waitForChannelClose(selector, node1, ChannelState.READY);
selector.close();
// Test good connection still works
createAndCheckClientConnection(securityProtocol, "good1");
}
示例13: EchoServer
import org.apache.kafka.common.protocol.SecurityProtocol; //导入依赖的package包/类
public EchoServer(SecurityProtocol securityProtocol, Map<String, ?> configs) throws Exception {
switch (securityProtocol) {
case SSL:
this.sslFactory = new SslFactory(Mode.SERVER);
this.sslFactory.configure(configs);
SSLContext sslContext = this.sslFactory.sslContext();
this.serverSocket = sslContext.getServerSocketFactory().createServerSocket(0);
break;
case PLAINTEXT:
this.serverSocket = new ServerSocket(0);
this.sslFactory = null;
break;
default:
throw new IllegalArgumentException("Unsupported securityProtocol " + securityProtocol);
}
this.port = this.serverSocket.getLocalPort();
this.threads = Collections.synchronizedList(new ArrayList<Thread>());
this.sockets = Collections.synchronizedList(new ArrayList<Socket>());
}
示例14: testValidEndpointIdentificationSanIp
import org.apache.kafka.common.protocol.SecurityProtocol; //导入依赖的package包/类
/**
* Tests that server certificate with SubjectAltName containing valid IP address
* is accepted by a client that connects using IP address and validates server endpoint.
*/
@Test
public void testValidEndpointIdentificationSanIp() throws Exception {
String node = "0";
serverCertStores = new CertStores(true, "server", InetAddress.getByName("127.0.0.1"));
clientCertStores = new CertStores(false, "client", InetAddress.getByName("127.0.0.1"));
sslServerConfigs = serverCertStores.getTrustingConfig(clientCertStores);
sslClientConfigs = clientCertStores.getTrustingConfig(serverCertStores);
server = createEchoServer(SecurityProtocol.SSL);
sslClientConfigs.put(SslConfigs.SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG, "HTTPS");
createSelector(sslClientConfigs);
InetSocketAddress addr = new InetSocketAddress("127.0.0.1", server.port());
selector.connect(node, addr, BUFFER_SIZE, BUFFER_SIZE);
NetworkTestUtils.checkClientConnection(selector, node, 100, 10);
}
示例15: testValidEndpointIdentificationCN
import org.apache.kafka.common.protocol.SecurityProtocol; //导入依赖的package包/类
/**
* Tests that server certificate with CN containing valid hostname
* is accepted by a client that connects using hostname and validates server endpoint.
*/
@Test
public void testValidEndpointIdentificationCN() throws Exception {
String node = "0";
serverCertStores = new CertStores(true, "localhost");
clientCertStores = new CertStores(false, "localhost");
sslServerConfigs = serverCertStores.getTrustingConfig(clientCertStores);
sslClientConfigs = clientCertStores.getTrustingConfig(serverCertStores);
server = createEchoServer(SecurityProtocol.SSL);
sslClientConfigs.put(SslConfigs.SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG, "HTTPS");
createSelector(sslClientConfigs);
InetSocketAddress addr = new InetSocketAddress("localhost", server.port());
selector.connect(node, addr, BUFFER_SIZE, BUFFER_SIZE);
NetworkTestUtils.checkClientConnection(selector, node, 100, 10);
}