/** * Delete a Role form User. * * @param username * @param role */ public void deleteRole(String username, String role) { String[] infos = null; StringBuffer userInfoBuffer = new StringBuffer(); String userInfos = (String) users.get(username); // If user already exists, remove the role if (userInfos != null && userInfos.length() > 0) { infos = userInfos.split(","); String password = infos[0]; userInfoBuffer.append(password); for (int i = 1; i < infos.length; i++) { if (infos[i] != null && !infos[i].equals(role)) { userInfoBuffer.append(","); userInfoBuffer.append(infos[i]); } } String newUserInfo = userInfoBuffer.toString(); users.put(username, newUserInfo); } try { users.save(); } catch (Exception ex) { LOGGER.error("Cannot update users file,", ex); } }
private void updateProperty( String key, Map<String, String> updatedProperties, Properties systemDotProperties) { if (updatedProperties.containsKey(key)) { String value = updatedProperties.get(key); systemDotProperties.put(key, value); System.setProperty(key, value); } }
private void markCreated(BundleContext bundleContext) throws IOException { File marker = new File(dataDir, ENSEMBLE_MARKER); if (!marker.exists() && !marker.getParentFile().exists() && !marker.getParentFile().mkdirs()) { throw new IOException("Cannot create marker file"); } org.apache.felix.utils.properties.Properties props = new org.apache.felix.utils.properties.Properties(marker); props.put("created", "true"); props.save(); }
/** * Add a role to a User. * * @param username * @param role */ public void addRole(String username, String role) { String userInfos = (String) users.get(username); if (userInfos != null) { String newUserInfos = userInfos + "," + role; users.put(username, newUserInfos); } try { users.save(); } catch (Exception ex) { LOGGER.error("Cannot update users file,", ex); } }
/** * Add a user. * * @param username * @param password */ public void addUser(String username, String password) { String[] infos = null; StringBuffer userInfoBuffer = new StringBuffer(); String newPassword = password; // If encryption support is enabled, encrypt password if (encryptionSupport != null && encryptionSupport.getEncryption() != null) { newPassword = encryptionSupport.getEncryption().encryptPassword(password); if (encryptionSupport.getEncryptionPrefix() != null) { newPassword = encryptionSupport.getEncryptionPrefix() + newPassword; } if (encryptionSupport.getEncryptionSuffix() != null) { newPassword = newPassword + encryptionSupport.getEncryptionSuffix(); } } String userInfos = (String) users.get(username); // If user already exists, update password if (userInfos != null && userInfos.length() > 0) { infos = userInfos.split(","); userInfoBuffer.append(newPassword); for (int i = 1; i < infos.length; i++) { userInfoBuffer.append(","); userInfoBuffer.append(infos[i]); } String newUserInfo = userInfoBuffer.toString(); users.put(username, newUserInfo); } else { users.put(username, newPassword); } try { users.save(); } catch (Exception ex) { LOGGER.error("Cannot update users file,", ex); } }
void configureInternal(Map<String, ?> conf) throws Exception { configuration = configurer.configure(conf, this); if (Strings.isNullOrBlank(runtimeId)) { throw new IllegalArgumentException("Runtime id must not be null or empty."); } if (Strings.isNullOrBlank(localResolver)) { localResolver = globalResolver; } String decodedZookeeperPassword = null; Properties userProps = new Properties(); try { userProps.load(new File(confDir, "users.properties")); } catch (IOException e) { LOGGER.warn("Failed to load users from etc/users.properties. No users will be imported.", e); } if (Strings.isNotBlank(zookeeperPassword)) { decodedZookeeperPassword = PasswordEncoder.decode(zookeeperPassword); } else if (userProps.containsKey(DEFAULT_ADMIN_USER)) { String passwordAndRole = userProps.getProperty(DEFAULT_ADMIN_USER).trim(); decodedZookeeperPassword = passwordAndRole.substring(0, passwordAndRole.indexOf(ROLE_DELIMITER)); } else { decodedZookeeperPassword = PasswordEncoder.encode(CreateEnsembleOptions.generatePassword()); } if (userProps.isEmpty()) { userProps.put( DEFAULT_ADMIN_USER, decodedZookeeperPassword + ROLE_DELIMITER + DEFAULT_ADMIN_ROLE); } options = CreateEnsembleOptions.builder() .bindAddress(bindAddress) .agentEnabled(agentAutoStart) .ensembleStart(ensembleAutoStart) .zookeeperPassword(decodedZookeeperPassword) .zooKeeperServerPort(zookeeperServerPort) .zooKeeperServerConnectionPort(zookeeperServerConnectionPort) .autoImportEnabled(profilesAutoImport) .importPath(profilesAutoImportPath) .resolver(localResolver) .globalResolver(globalResolver) .users(userProps) .profiles(profiles) .version(version) .build(); }
public void createLocalServer(int port, CreateEnsembleOptions options) { try { IZKClient client; Hashtable<String, Object> properties; String version = ZkDefs.DEFAULT_VERSION; String karafName = System.getProperty(SystemProperties.KARAF_NAME); String minimumPort = System.getProperty(ZkDefs.MINIMUM_PORT); String maximumPort = System.getProperty(ZkDefs.MAXIMUM_PORT); int mappedPort = mapPortToRange(port, minimumPort, maximumPort); if (options.getZookeeperPassword() != null) { // do nothing } else if (System.getProperties().containsKey(SystemProperties.ZOOKEEPER_PASSWORD)) { options.setZookeeperPassword(System.getProperty(SystemProperties.ZOOKEEPER_PASSWORD)); } else { options.setZookeeperPassword(ZooKeeperRetriableUtils.generatePassword()); } // Install or stop the fabric-configadmin bridge Bundle bundleFabricAgent = findAndStopBundle(bundleContext, "org.fusesource.fabric.fabric-agent"); Bundle bundleFabricConfigAdmin = installOrStopBundle( bundleContext, "org.fusesource.fabric.fabric-configadmin", "mvn:org.fusesource.fabric/fabric-configadmin/" + FabricConstants.FABRIC_VERSION); Bundle bundleFabricZooKeeper = installOrStopBundle( bundleContext, "org.fusesource.fabric.fabric-zookeeper", "mvn:org.fusesource.fabric/fabric-zookeeper/" + FabricConstants.FABRIC_VERSION); Bundle bundleFabricJaas = installOrStopBundle( bundleContext, "org.fusesource.fabric.fabric-jaas ", "mvn:org.fusesource.fabric/fabric-jaas/" + FabricConstants.FABRIC_VERSION); Bundle bundleFabricCommands = installOrStopBundle( bundleContext, "org.fusesource.fabric.fabric-commands ", "mvn:org.fusesource.fabric/fabric-commands/" + FabricConstants.FABRIC_VERSION); Bundle bundleFabricMavenProxy = installOrStopBundle( bundleContext, "org.fusesource.fabric.fabric-commands ", "mvn:org.fusesource.fabric/fabric-maven-proxy/" + FabricConstants.FABRIC_VERSION); // Create configuration String connectionUrl = HostUtils.getLocalHostName() + ":" + Integer.toString(mappedPort); String autoImportFrom = System.getProperty(SystemProperties.PROFILES_AUTOIMPORT_PATH); Configuration config = configurationAdmin.createFactoryConfiguration("org.fusesource.fabric.zookeeper.server"); properties = new Hashtable<String, Object>(); if (autoImportFrom != null) { loadPropertiesFrom( properties, autoImportFrom + "/fabric/configs/versions/1.0/profiles/default/org.fusesource.fabric.zookeeper.server.properties"); } properties.put("tickTime", "2000"); properties.put("initLimit", "10"); properties.put("syncLimit", "5"); properties.put("dataDir", "data/zookeeper/0000"); properties.put("clientPort", Integer.toString(mappedPort)); properties.put("fabric.zookeeper.pid", "org.fusesource.fabric.zookeeper.server-0000"); config.setBundleLocation(null); config.update(properties); // Update the client configuration config = configurationAdmin.getConfiguration("org.fusesource.fabric.zookeeper"); properties = new Hashtable<String, Object>(); if (autoImportFrom != null) { loadPropertiesFrom( properties, autoImportFrom + "/fabric/configs/versions/1.0/profiles/default/org.fusesource.fabric.zookeeper.properties"); } properties.put("zookeeper.url", connectionUrl); properties.put( "zookeeper.timeout", System.getProperties().containsKey("zookeeper.timeout") ? System.getProperties().getProperty("zookeeper.timeout") : "30000"); properties.put("fabric.zookeeper.pid", "org.fusesource.fabric.zookeeper"); properties.put("zookeeper.password", options.getZookeeperPassword()); config.setBundleLocation(null); config.update(properties); // Start fabric-zookeeper bundle bundleFabricZooKeeper.start(); // Wait for the client to be available ServiceTracker tracker = new ServiceTracker(bundleContext, IZKClient.class.getName(), null); tracker.open(); client = (IZKClient) tracker.waitForService(5000); if (client == null) { throw new IllegalStateException("Timeout waiting for ZooKeeper client to be registered"); } tracker.close(); client.waitForConnected(); // Import data into zookeeper if (autoImportFrom != null) { getDataStore().importFromFileSystem(autoImportFrom); } getDataStore().setDefaultVersion(version); // configure default profile String defaultProfile = getDataStore().getProfile(version, "default", true); ZooKeeperRetriableUtils.set( client, ZkPath.CONFIG_ENSEMBLE_URL.getPath(), "${zk:" + karafName + "/ip}:" + Integer.toString(mappedPort)); ZooKeeperRetriableUtils.set( client, ZkPath.CONFIG_ENSEMBLE_PASSWORD.getPath(), options.getZookeeperPassword()); Properties zkProps = new Properties(); zkProps.setProperty("zookeeper.url", "${zk:" + ZkPath.CONFIG_ENSEMBLE_URL.getPath() + "}"); zkProps.setProperty( "zookeeper.password", "${zk:" + ZkPath.CONFIG_ENSEMBLE_PASSWORD.getPath() + "}"); getDataStore() .setFileConfiguration( version, defaultProfile, "org.fusesource.fabric.zookeeper.properties", DataStoreHelpers.toBytes(zkProps)); // configure the ensemble String ensembleProfile = getDataStore().getProfile(version, "fabric-ensemble-0000", true); getDataStore().setProfileAttribute(version, ensembleProfile, "abstract", "true"); getDataStore().setProfileAttribute(version, ensembleProfile, "hidden", "true"); Properties ensembleProps = new Properties(); ensembleProps.put("tickTime", "2000"); ensembleProps.put("initLimit", "10"); ensembleProps.put("syncLimit", "5"); ensembleProps.put("dataDir", "data/zookeeper/0000"); loadPropertiesFrom( ensembleProps, autoImportFrom + "/fabric/configs/versions/1.0/profiles/default/org.fusesource.fabric.zookeeper.server.properties"); getDataStore() .setFileConfiguration( version, ensembleProfile, "org.fusesource.fabric.zookeeper.server-0000.properties", DataStoreHelpers.toBytes(ensembleProps)); // configure this server in the ensemble String ensembleServerProfile = getDataStore().getProfile(version, "fabric-ensemble-0000-1", true); getDataStore().setProfileAttribute(version, ensembleServerProfile, "hidden", "true"); getDataStore() .setProfileAttribute(version, ensembleServerProfile, "parents", ensembleProfile); Properties serverProps = new Properties(); serverProps.put("clientPort", String.valueOf(mappedPort)); getDataStore() .setFileConfiguration( version, ensembleServerProfile, "org.fusesource.fabric.zookeeper.server-0000.properties", DataStoreHelpers.toBytes(serverProps)); ZooKeeperRetriableUtils.set(client, ZkPath.CONFIG_ENSEMBLES.getPath(), "0000"); ZooKeeperRetriableUtils.set(client, ZkPath.CONFIG_ENSEMBLE.getPath("0000"), karafName); // configure fabric profile String fabricProfile = getDataStore().getProfile(version, "fabric", true); Properties agentProps = DataStoreHelpers.toProperties( getDataStore() .getFileConfiguration( version, fabricProfile, "org.fusesource.fabric.agent.properties")); agentProps.put("feature.fabric-commands", "fabric-commands"); getDataStore() .setFileConfiguration( version, "fabric", "org.fusesource.fabric.agent.properties", DataStoreHelpers.toBytes(agentProps)); ZooKeeperRetriableUtils.createDefault( client, ZkPath.CONFIG_CONTAINER.getPath(karafName), version); String assignedProfile = System.getProperty(SystemProperties.PROFILE); if (assignedProfile != null && !assignedProfile.isEmpty() && !"fabric".equals(assignedProfile)) { ZooKeeperRetriableUtils.createDefault( client, ZkPath.CONFIG_VERSIONS_CONTAINER.getPath(version, karafName), "fabric fabric-ensemble-0000-1 " + assignedProfile); } else { ZooKeeperRetriableUtils.createDefault( client, ZkPath.CONFIG_VERSIONS_CONTAINER.getPath(version, karafName), "fabric fabric-ensemble-0000-1"); } // add auth Map<String, String> configs = new HashMap<String, String>(); configs.put("encryption.enabled", "${zk:/fabric/authentication/encryption.enabled}"); getDataStore() .setConfiguration(version, defaultProfile, "org.fusesource.fabric.jaas", configs); // outside of the profile storage area, so we'll keep these in zk ZooKeeperRetriableUtils.createDefault( client, "/fabric/authentication/encryption.enabled", "true"); ZooKeeperRetriableUtils.createDefault(client, "/fabric/authentication/domain", "karaf"); addUsersToZookeeper(client, options.getUsers()); ZooKeeperRetriableUtils.createDefault( client, ZkPath.AUTHENTICATION_CRYPT_ALGORITHM.getPath(), "PBEWithMD5AndDES"); ZooKeeperRetriableUtils.createDefault( client, ZkPath.AUTHENTICATION_CRYPT_PASSWORD.getPath(), options.getZookeeperPassword()); // Fix acls ZookeeperCommandBuilder.fixAcls("/", true).execute(client); // Reset the autostart flag if (ensembleAutoStart) { System.setProperty(SystemProperties.ENSEMBLE_AUTOSTART, Boolean.FALSE.toString()); File file = new File(System.getProperty("karaf.base") + "/etc/system.properties"); org.apache.felix.utils.properties.Properties props = new org.apache.felix.utils.properties.Properties(file); props.put(SystemProperties.ENSEMBLE_AUTOSTART, Boolean.FALSE.toString()); props.save(); } // Restart fabric-configadmin bridge bundleFabricConfigAdmin.start(); bundleFabricJaas.start(); bundleFabricCommands.start(); bundleFabricMavenProxy.start(); // Check if the agent is configured to auto start. if (!System.getProperties().containsKey(SystemProperties.AGENT_AUTOSTART) || Boolean.parseBoolean(System.getProperty(SystemProperties.AGENT_AUTOSTART))) { bundleFabricAgent = findOrInstallBundle( bundleContext, "org.fusesource.fabric.fabric-agent ", "mvn:org.fusesource.fabric/fabric-agent/" + FabricConstants.FABRIC_VERSION); bundleFabricAgent.start(); } } catch (Exception e) { throw new FabricException("Unable to create zookeeper server configuration", e); } }
public boolean login() throws LoginException { File f = new File(usersFile); Properties users; try { users = new Properties(f); } catch (IOException ioe) { throw new LoginException("Unable to load user properties file " + f); } Callback[] callbacks = new Callback[2]; callbacks[0] = new NameCallback("Username: "******" not available to obtain information from user"); } String user = ((NameCallback) callbacks[0]).getName(); if (user == null) { throw new FailedLoginException("Unable to retrieve user name"); } PublicKey key = ((PublickeyCallback) callbacks[1]).getPublicKey(); if (key == null) { throw new FailedLoginException("Unable to retrieve public key"); } // user infos container read from the users properties file String userInfos = null; try { userInfos = (String) users.get(user); } catch (NullPointerException e) { // error handled in the next statement } if (userInfos == null) { if (!this.detailedLoginExcepion) { throw new FailedLoginException("login failed"); } else { throw new FailedLoginException("User " + user + " does not exist"); } } // the password is in the first position String[] infos = userInfos.split(","); String storedKey = infos[0]; // check if the stored password is flagged as encrypted String encryptedKey = getEncryptedPassword(storedKey); if (!storedKey.equals(encryptedKey)) { if (debug) { LOG.debug("The key isn't flagged as encrypted, encrypt it."); } if (debug) { LOG.debug("Rebuild the user informations string."); } userInfos = encryptedKey + ","; for (int i = 2; i < infos.length; i++) { if (i == (infos.length - 1)) { userInfos = userInfos + infos[i]; } else { userInfos = userInfos + infos[i] + ","; } } if (debug) { LOG.debug("Push back the user informations in the users properties."); } users.put(user, userInfos); try { if (debug) { LOG.debug("Store the users properties file."); } users.save(); } catch (IOException ioe) { LOG.warn("Unable to write user properties file " + f, ioe); } storedKey = encryptedKey; } // check the provided password if (!checkPassword(getString(key), storedKey)) { if (!this.detailedLoginExcepion) { throw new FailedLoginException("login failed"); } else { throw new FailedLoginException("Public key for " + user + " does not match"); } } principals = new HashSet<Principal>(); principals.add(new UserPrincipal(user)); for (int i = 1; i < infos.length; i++) { principals.add(new RolePrincipal(infos[i])); } users.clear(); if (debug) { LOG.debug("Successfully logged in " + user); } return true; }