AMBARI-5960. Add support for auth proxy (ncole)

ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java

@@ -20,12 +20,13 @@ package org.apache.ambari.server.controller;
 
 
 import java.io.File;
+import java.net.Authenticator;
 import java.net.BindException;
+import java.net.PasswordAuthentication;
 import java.util.Map;
 
 import javax.crypto.BadPaddingException;
 
-import com.google.inject.name.Named;
 import org.apache.ambari.eventdb.webservice.WorkflowJsonService;
 import org.apache.ambari.server.AmbariException;
 import org.apache.ambari.server.actionmanager.ActionManager;
@@ -97,6 +98,7 @@ import com.google.inject.Guice;
 import com.google.inject.Inject;
 import com.google.inject.Injector;
 import com.google.inject.Singleton;
+import com.google.inject.name.Named;
 import com.google.inject.persist.Transactional;
 import com.sun.jersey.spi.container.servlet.ServletContainer;
 
@@ -490,7 +492,7 @@ public class AmbariServer {
 
     LOG.info("DB store version is compatible");
   }
-
+  
   public void stop() throws Exception {
     try {
       server.stop();
@@ -523,6 +525,32 @@ public class AmbariServer {
     ClusterResourceProvider.init(injector.getInstance(BlueprintDAO.class), ambariMetaInfo);
     ViewRegistry.init(injector.getInstance(ViewDAO.class), injector.getInstance(ViewInstanceDAO.class));
   }
+  
+  /**
+   * Sets up proxy authentication.  This must be done before the server is
+   * initialized since <code>AmbariMetaInfo</code> requires potential URL
+   * lookups that may need the proxy.
+   */
+  static void setupProxyAuth() {
+    final String proxyUser = System.getProperty("http.proxyUser");
+    final String proxyPass = System.getProperty("http.proxyPassword");
+    
+    // to skip some hosts from proxy, pipe-separate names using, i.e.:
+    // -Dhttp.nonProxyHosts=*.domain.com|host.internal.net
+    
+    if (null != proxyUser && null != proxyPass) {
+      LOG.info("Proxy authentication enabled");
+      
+      Authenticator.setDefault(new Authenticator() {
+        @Override
+        protected PasswordAuthentication getPasswordAuthentication() {
+          return new PasswordAuthentication(proxyUser, proxyPass.toCharArray());
+        }
+      });
+    } else {
+      LOG.debug("Proxy authentication not specified");
+    }
+  }  
 
   public static void main(String[] args) throws Exception {
     Injector injector = Guice.createInjector(new ControllerModule());
@@ -530,6 +558,9 @@ public class AmbariServer {
     AmbariServer server = null;
     try {
       LOG.info("Getting the controller");
+
+      setupProxyAuth();
+      
       injector.getInstance(GuiceJpaInitializer.class);
       server = injector.getInstance(AmbariServer.class);
       CertificateManager certMan = injector.getInstance(CertificateManager.class);

ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariServerTest.java

@@ -18,10 +18,15 @@
 
 package org.apache.ambari.server.controller;
 
-import com.google.inject.Guice;
-import com.google.inject.Inject;
-import com.google.inject.Injector;
-import com.google.inject.persist.PersistService;
+import static org.easymock.EasyMock.createMock;
+import static org.easymock.EasyMock.expect;
+import static org.easymock.EasyMock.replay;
+import static org.junit.Assert.fail;
+
+import java.net.Authenticator;
+import java.net.InetAddress;
+import java.net.PasswordAuthentication;
+
 import org.apache.ambari.server.AmbariException;
 import org.apache.ambari.server.api.services.AmbariMetaInfo;
 import org.apache.ambari.server.configuration.Configuration;
@@ -29,15 +34,16 @@ import org.apache.ambari.server.orm.GuiceJpaInitializer;
 import org.apache.ambari.server.orm.InMemoryDefaultTestModule;
 import org.apache.ambari.server.orm.dao.MetainfoDAO;
 import org.apache.ambari.server.orm.entities.MetainfoEntity;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
 import org.junit.After;
+import org.junit.Assert;
 import org.junit.Before;
 import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
-import static org.easymock.EasyMock.*;
-import static org.junit.Assert.fail;
+import com.google.inject.Guice;
+import com.google.inject.Inject;
+import com.google.inject.Injector;
 
 public class AmbariServerTest {
 
@@ -94,6 +100,26 @@ public class AmbariServerTest {
       // Expected
     }
   }
+  
+  @Test
+  public void testProxyUser() throws Exception {
+    
+    PasswordAuthentication pa = Authenticator.requestPasswordAuthentication(
+        InetAddress.getLocalHost(), 80, null, null, null);
+    Assert.assertNull(pa);
+    
+    System.setProperty("http.proxyUser", "abc");
+    System.setProperty("http.proxyPassword", "def");
+    
+    AmbariServer.setupProxyAuth();
+
+    pa = Authenticator.requestPasswordAuthentication(
+        InetAddress.getLocalHost(), 80, null, null, null);
+    Assert.assertNotNull(pa);
+    Assert.assertEquals("abc", pa.getUserName());
+    Assert.assertArrayEquals("def".toCharArray(), pa.getPassword());
+
+  }
 
 
 }