Zookeeper----ACL認證(AUTH)

一.安全認證

package bhz.zookeeper.auth;

import java.util.ArrayList;
import java.util.List;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.atomic.AtomicInteger;

import org.apache.zookeeper.CreateMode;
import org.apache.zookeeper.WatchedEvent;
import org.apache.zookeeper.Watcher;
import org.apache.zookeeper.Watcher.Event.EventType;
import org.apache.zookeeper.Watcher.Event.KeeperState;
import org.apache.zookeeper.ZooDefs.Ids;
import org.apache.zookeeper.ZooKeeper;
import org.apache.zookeeper.data.ACL;
import org.apache.zookeeper.data.Stat;
/**
 * Zookeeper 節點授權
 * @author(alienware)
 * @since 2015-6-14
 */
public class ZookeeperAuth implements Watcher {

	/** 連接地址 */
	final static String CONNECT_ADDR = "192.168.80.88:2181";
	/** 測試路徑 */
	final static String PATH = "/testAuth";
	final static String PATH_DEL = "/testAuth/delNode";
	/** 認證類型 */
	final static String authentication_type = "digest";
	/** 認證正確方法 */
	final static String correctAuthentication = "123456";
	/** 認證錯誤方法 */
	final static String badAuthentication = "654321";
	
	static ZooKeeper zk = null;
	/** 計時器 */
	AtomicInteger seq = new AtomicInteger();
	/** 標識 */
	private static final String LOG_PREFIX_OF_MAIN = "【Main】";
	
	private CountDownLatch connectedSemaphore = new CountDownLatch(1);
	
	@Override
	public void process(WatchedEvent event) {
		try {
			Thread.sleep(200);
		} catch (InterruptedException e) {
			e.printStackTrace();
		}
		if (event==null) {
			return;
		}
		// 連接狀態
		KeeperState keeperState = event.getState();
		// 事件類型
		EventType eventType = event.getType();
		// 受影響的path
		String path = event.getPath();
		
		String logPrefix = "【Watcher-" + this.seq.incrementAndGet() + "】";

		System.out.println(logPrefix + "收到Watcher通知");
		System.out.println(logPrefix + "連接狀態:\t" + keeperState.toString());
		System.out.println(logPrefix + "事件類型:\t" + eventType.toString());
		if (KeeperState.SyncConnected == keeperState) {
			// 成功連接上ZK服務器
			if (EventType.None == eventType) {
				System.out.println(logPrefix + "成功連接上ZK服務器");
				connectedSemaphore.countDown();
			} 
		} else if (KeeperState.Disconnected == keeperState) {
			System.out.println(logPrefix + "與ZK服務器斷開連接");
		} else if (KeeperState.AuthFailed == keeperState) {
			System.out.println(logPrefix + "權限檢查失敗");
		} else if (KeeperState.Expired == keeperState) {
			System.out.println(logPrefix + "會話失效");
		}
		System.out.println("--------------------------------------------");
	}
	/**
	 * 創建ZK連接
	 * 
	 * @param connectString
	 *            ZK服務器地址列表
	 * @param sessionTimeout
	 *            Session超時時間
	 */
	public void createConnection(String connectString, int sessionTimeout) {
		this.releaseConnection();
		try {
			zk = new ZooKeeper(connectString, sessionTimeout, this);
			//添加節點授權
			zk.addAuthInfo(authentication_type,correctAuthentication.getBytes());
			System.out.println(LOG_PREFIX_OF_MAIN + "開始連接ZK服務器");
			//倒數等待
			connectedSemaphore.await();
		} catch (Exception e) {
			e.printStackTrace();
		}
	}
	
	/**
	 * 關閉ZK連接
	 */
	public void releaseConnection() {
		if (this.zk!=null) {
			try {
				this.zk.close();
			} catch (InterruptedException e) {
			}
		}
	}
	
	/**
	 * 
	 * <B>方法名稱:</B>測試函數<BR>
	 * <B>概要說明:</B>測試認證<BR>
	 * @param args
	 * @throws Exception
	 */
	public static void main(String[] args) throws Exception {
		
		ZookeeperAuth testAuth = new ZookeeperAuth();
		testAuth.createConnection(CONNECT_ADDR,2000);
		List<ACL> acls = new ArrayList<ACL>(1);
		for (ACL ids_acl : Ids.CREATOR_ALL_ACL) {
			acls.add(ids_acl);
		}

		try {
			zk.create(PATH, "init content".getBytes(), acls, CreateMode.PERSISTENT);
			System.out.println("使用授權key:" + correctAuthentication + "創建節點:"+ PATH + ", 初始內容是: init content");
		} catch (Exception e) {
			e.printStackTrace();
		}
		try {
			zk.create(PATH_DEL, "will be deleted! ".getBytes(), acls, CreateMode.PERSISTENT);
			System.out.println("使用授權key:" + correctAuthentication + "創建節點:"+ PATH_DEL + ", 初始內容是: init content");
		} catch (Exception e) {
			e.printStackTrace();
		}

		// 獲取數據
		getDataByNoAuthentication();
		getDataByBadAuthentication();
		getDataByCorrectAuthentication();

		// 更新數據
		updateDataByNoAuthentication();
		updateDataByBadAuthentication();
		updateDataByCorrectAuthentication();

		// 刪除數據
		deleteNodeByBadAuthentication();
		deleteNodeByNoAuthentication();
		deleteNodeByCorrectAuthentication();
		//
		Thread.sleep(1000);
		
		deleteParent();
		//釋放連接
		testAuth.releaseConnection();
	}
	/** 獲取數據:採用錯誤的密碼 */
	static void getDataByBadAuthentication() {
		String prefix = "[使用錯誤的授權信息]";
		try {
			ZooKeeper badzk = new ZooKeeper(CONNECT_ADDR, 2000, null);
			//授權
			badzk.addAuthInfo(authentication_type,badAuthentication.getBytes());
			Thread.sleep(2000);
			System.out.println(prefix + "獲取數據:" + PATH);
			System.out.println(prefix + "成功獲取數據:" + badzk.getData(PATH, false, null));
		} catch (Exception e) {
			System.err.println(prefix + "獲取數據失敗,原因:" + e.getMessage());
		}
	}

	/** 獲取數據:不採用密碼 */
	static void getDataByNoAuthentication() {
		String prefix = "[不使用任何授權信息]";
		try {
			System.out.println(prefix + "獲取數據:" + PATH);
			ZooKeeper nozk = new ZooKeeper(CONNECT_ADDR, 2000, null);
			Thread.sleep(2000);
			System.out.println(prefix + "成功獲取數據:" + nozk.getData(PATH, false, null));
		} catch (Exception e) {
			System.err.println(prefix + "獲取數據失敗,原因:" + e.getMessage());
		}
	}

	/** 採用正確的密碼 */
	static void getDataByCorrectAuthentication() {
		String prefix = "[使用正確的授權信息]";
		try {
			System.out.println(prefix + "獲取數據:" + PATH);
			
			System.out.println(prefix + "成功獲取數據:" + zk.getData(PATH, false, null));
		} catch (Exception e) {
			System.out.println(prefix + "獲取數據失敗,原因:" + e.getMessage());
		}
	}

	/**
	 * 更新數據:不採用密碼
	 */
	static void updateDataByNoAuthentication() {

		String prefix = "[不使用任何授權信息]";

		System.out.println(prefix + "更新數據: " + PATH);
		try {
			ZooKeeper nozk = new ZooKeeper(CONNECT_ADDR, 2000, null);
			Thread.sleep(2000);
			Stat stat = nozk.exists(PATH, false);
			if (stat!=null) {
				nozk.setData(PATH, prefix.getBytes(), -1);
				System.out.println(prefix + "更新成功");
			}
		} catch (Exception e) {
			System.err.println(prefix + "更新失敗,原因是:" + e.getMessage());
		}
	}

	/**
	 * 更新數據:採用錯誤的密碼
	 */
	static void updateDataByBadAuthentication() {

		String prefix = "[使用錯誤的授權信息]";

		System.out.println(prefix + "更新數據:" + PATH);
		try {
			ZooKeeper badzk = new ZooKeeper(CONNECT_ADDR, 2000, null);
			//授權
			badzk.addAuthInfo(authentication_type,badAuthentication.getBytes());
			Thread.sleep(2000);
			Stat stat = badzk.exists(PATH, false);
			if (stat!=null) {
				badzk.setData(PATH, prefix.getBytes(), -1);
				System.out.println(prefix + "更新成功");
			}
		} catch (Exception e) {
			System.err.println(prefix + "更新失敗,原因是:" + e.getMessage());
		}
	}

	/**
	 * 更新數據:採用正確的密碼
	 */
	static void updateDataByCorrectAuthentication() {

		String prefix = "[使用正確的授權信息]";

		System.out.println(prefix + "更新數據:" + PATH);
		try {
			Stat stat = zk.exists(PATH, false);
			if (stat!=null) {
				zk.setData(PATH, prefix.getBytes(), -1);
				System.out.println(prefix + "更新成功");
			}
		} catch (Exception e) {
			System.err.println(prefix + "更新失敗,原因是:" + e.getMessage());
		}
	}

	/**
	 * 不使用密碼 刪除節點
	 */
	static void deleteNodeByNoAuthentication() throws Exception {

		String prefix = "[不使用任何授權信息]";

		try {
			System.out.println(prefix + "刪除節點:" + PATH_DEL);
			ZooKeeper nozk = new ZooKeeper(CONNECT_ADDR, 2000, null);
			Thread.sleep(2000);
			Stat stat = nozk.exists(PATH_DEL, false);
			if (stat!=null) {
				nozk.delete(PATH_DEL,-1);
				System.out.println(prefix + "刪除成功");
			}
		} catch (Exception e) {
			System.err.println(prefix + "刪除失敗,原因是:" + e.getMessage());
		}
	}

	/**
	 * 採用錯誤的密碼刪除節點
	 */
	static void deleteNodeByBadAuthentication() throws Exception {

		String prefix = "[使用錯誤的授權信息]";

		try {
			System.out.println(prefix + "刪除節點:" + PATH_DEL);
			ZooKeeper badzk = new ZooKeeper(CONNECT_ADDR, 2000, null);
			//授權
			badzk.addAuthInfo(authentication_type,badAuthentication.getBytes());
			Thread.sleep(2000);
			Stat stat = badzk.exists(PATH_DEL, false);
			if (stat!=null) {
				badzk.delete(PATH_DEL, -1);
				System.out.println(prefix + "刪除成功");
			}
		} catch (Exception e) {
			System.err.println(prefix + "刪除失敗,原因是:" + e.getMessage());
		}
	}

	/**
	 * 使用正確的密碼刪除節點
	 */
	static void deleteNodeByCorrectAuthentication() throws Exception {

		String prefix = "[使用正確的授權信息]";

		try {
			System.out.println(prefix + "刪除節點:" + PATH_DEL);
			Stat stat = zk.exists(PATH_DEL, false);
			if (stat!=null) {
				zk.delete(PATH_DEL, -1);
				System.out.println(prefix + "刪除成功");
			}
		} catch (Exception e) {
			System.out.println(prefix + "刪除失敗,原因是:" + e.getMessage());
		}
	}

	/**
	 * 使用正確的密碼刪除節點
	 */
	static void deleteParent() throws Exception {
		try {
			Stat stat = zk.exists(PATH_DEL, false);
			if (stat == null) {
				zk.delete(PATH, -1);
			}
		} catch (Exception e) {
			e.printStackTrace();
		}
	}

}

 

發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章