This is an automated email from the ASF dual-hosted git repository. clebertsuconic pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/activemq-artemis.git
The following commit(s) were added to refs/heads/main by this push: new 0c8adee37a ARTEMIS-4290 Separating some integration tests into legacy-integration-tests 0c8adee37a is described below commit 0c8adee37a59ffb9276e20ca34f62a19af5da6bc Author: Clebert Suconic <clebertsuco...@apache.org> AuthorDate: Tue May 23 12:48:26 2023 -0400 ARTEMIS-4290 Separating some integration tests into legacy-integration-tests legacy-integration-tests is being created to hold LDAP Tests (or any other tests that won't play well with keeping threads clean) it will have fork-mode=always on the maven-surefire-plugin --- pom.xml | 2 + .../pom.xml | 40 +-- .../isolated}/amqp/JMSSaslExternalLDAPTest.java | 4 +- .../isolated}/amqp/SaslKrb5LDAPSecurityTest.java | 2 +- .../isolated}/security/LDAPSecurityTest.java | 2 +- ...egacyLDAPSecuritySettingPluginListenerTest.java | 2 +- ...gacyLDAPSecuritySettingPluginListenerTest2.java | 2 +- ...LegacyLDAPSecuritySettingPluginRefreshTest.java | 2 +- .../LegacyLDAPSecuritySettingPluginTest.java | 2 +- .../LegacyLDAPSecuritySettingPluginTest2.java | 2 +- .../src/test/resources/AMQauth.ldif | 0 .../src/test/resources/AMQauth2.ldif | 0 .../src/test/resources/AMQauth3.ldif | 0 .../test/resources/SaslKrb5LDAPSecurityTest.ldif | 0 .../src/test/resources/login.config | 386 +++++++++++++++++++++ .../src/test/resources/minikdc-krb5-template.conf | 30 ++ .../src/test/resources/minikdc-krb5.conf | 26 ++ tests/integration-tests/pom.xml | 31 +- tests/pom.xml | 1 + 19 files changed, 465 insertions(+), 69 deletions(-) diff --git a/pom.xml b/pom.xml index 93a30615b0..dbaf2b603e 100644 --- a/pom.xml +++ b/pom.xml @@ -190,6 +190,7 @@ <skipJmsTests>true</skipJmsTests> <skipExtraTests>true</skipExtraTests> <skipIntegrationTests>true</skipIntegrationTests> + <skipIsolatedIntegrationTests>true</skipIsolatedIntegrationTests> <skipLeakTests>true</skipLeakTests> <skipCompatibilityTests>true</skipCompatibilityTests> <skipSmokeTests>true</skipSmokeTests> @@ -1270,6 +1271,7 @@ <skipJmsTests>false</skipJmsTests> <skipJoramTests>false</skipJoramTests> <skipIntegrationTests>false</skipIntegrationTests> + <skipIsolatedIntegrationTests>false</skipIsolatedIntegrationTests> <skipCompatibilityTests>false</skipCompatibilityTests> <skipSmokeTests>false</skipSmokeTests> <skipTimingTests>true</skipTimingTests> diff --git a/tests/integration-tests/pom.xml b/tests/integration-tests-isolated/pom.xml similarity index 92% copy from tests/integration-tests/pom.xml copy to tests/integration-tests-isolated/pom.xml index d1d9ac3896..d674439e18 100644 --- a/tests/integration-tests/pom.xml +++ b/tests/integration-tests-isolated/pom.xml @@ -23,9 +23,10 @@ <version>2.29.0-SNAPSHOT</version> </parent> - <artifactId>integration-tests</artifactId> + <artifactId>integration-tests-isolated</artifactId> <packaging>jar</packaging> - <name>ActiveMQ Artemis Integration Tests</name> + <name>ActiveMQ Artemis Isolated Integration Tests</name> + <description>This project is pretty much a copy of integration-tests however the tests here will run with fork=always, isolating each test on its own VM. </description> <properties> <activemq.basedir>${project.basedir}/../..</activemq.basedir> @@ -288,9 +289,9 @@ <scope>test</scope> </dependency> <dependency> - <groupId>org.apache.commons</groupId> - <artifactId>commons-lang3</artifactId> - <scope>test</scope> + <groupId>org.apache.commons</groupId> + <artifactId>commons-lang3</artifactId> + <scope>test</scope> </dependency> <dependency> @@ -441,39 +442,18 @@ <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-surefire-plugin</artifactId> <configuration> - <skipTests>${skipIntegrationTests}</skipTests> + <forkMode>always</forkMode> + <skipTests>${skipIsolatedIntegrationTests}</skipTests> <argLine>-Djgroups.bind_addr=::1 ${activemq-surefire-argline} ${its-surefire-extra-args} -Dorg.apache.activemq.SERIALIZABLE_PACKAGES="java.lang,javax.security,java.util,org.apache.activemq,org.fusesource.hawtbuf"</argLine> </configuration> </plugin> </plugins> </build> <profiles> - <profile> - <!-- Quick subset of tests, used on PR checks --> - <id>fast-tests</id> - <build> - <pluginManagement> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-surefire-plugin</artifactId> - <configuration> - <includes combine.children="override"> - <include>**/integration/security/*Test.java</include> - <include>**/integration/ssl/*Test.java</include> - <include>**/integration/amqp/JMSSaslExternalTest.java</include> - <include>**/integration/amqp/connect/AMQPConnectSaslTest.java</include> - </includes> - </configuration> - </plugin> - </plugins> - </pluginManagement> - </build> - </profile> <profile> <id>jdk16on</id> - <activation> - <jdk>[16,)</jdk> + <activation> + <jdk>[16,)</jdk> </activation> <properties> <its-surefire-extra-args>--add-exports java.security.jgss/sun.security.krb5=ALL-UNNAMED</its-surefire-extra-args> diff --git a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/JMSSaslExternalLDAPTest.java b/tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/amqp/JMSSaslExternalLDAPTest.java similarity index 97% rename from tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/JMSSaslExternalLDAPTest.java rename to tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/amqp/JMSSaslExternalLDAPTest.java index 7e109732aa..99acf6faf5 100644 --- a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/JMSSaslExternalLDAPTest.java +++ b/tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/amqp/JMSSaslExternalLDAPTest.java @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.apache.activemq.artemis.tests.integration.amqp; +package org.apache.activemq.artemis.tests.integration.isolated.amqp; import javax.jms.Connection; import javax.jms.MessageConsumer; @@ -69,7 +69,7 @@ public class JMSSaslExternalLDAPTest extends AbstractLdapTestUnit { static { String path = System.getProperty("java.security.auth.login.config"); if (path == null) { - URL resource = JMSSaslExternalTest.class.getClassLoader().getResource("login.config"); + URL resource = JMSSaslExternalLDAPTest.class.getClassLoader().getResource("login.config"); if (resource != null) { path = resource.getFile(); System.setProperty("java.security.auth.login.config", path); diff --git a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/SaslKrb5LDAPSecurityTest.java b/tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/amqp/SaslKrb5LDAPSecurityTest.java similarity index 99% rename from tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/SaslKrb5LDAPSecurityTest.java rename to tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/amqp/SaslKrb5LDAPSecurityTest.java index 905f15d89a..d7fea9fbc7 100644 --- a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/SaslKrb5LDAPSecurityTest.java +++ b/tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/amqp/SaslKrb5LDAPSecurityTest.java @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.apache.activemq.artemis.tests.integration.amqp; +package org.apache.activemq.artemis.tests.integration.isolated.amqp; import javax.jms.Connection; import javax.jms.MessageConsumer; diff --git a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LDAPSecurityTest.java b/tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LDAPSecurityTest.java similarity index 99% rename from tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LDAPSecurityTest.java rename to tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LDAPSecurityTest.java index 77f230258c..face4455de 100644 --- a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LDAPSecurityTest.java +++ b/tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LDAPSecurityTest.java @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.apache.activemq.artemis.tests.integration.security; +package org.apache.activemq.artemis.tests.integration.isolated.security; import javax.naming.Context; import javax.naming.NameClassPair; diff --git a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LegacyLDAPSecuritySettingPluginListenerTest.java b/tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LegacyLDAPSecuritySettingPluginListenerTest.java similarity index 99% rename from tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LegacyLDAPSecuritySettingPluginListenerTest.java rename to tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LegacyLDAPSecuritySettingPluginListenerTest.java index 116608231c..7343d3e08e 100644 --- a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LegacyLDAPSecuritySettingPluginListenerTest.java +++ b/tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LegacyLDAPSecuritySettingPluginListenerTest.java @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.apache.activemq.artemis.tests.integration.security; +package org.apache.activemq.artemis.tests.integration.isolated.security; import javax.naming.Context; import javax.naming.NameClassPair; diff --git a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LegacyLDAPSecuritySettingPluginListenerTest2.java b/tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LegacyLDAPSecuritySettingPluginListenerTest2.java similarity index 99% rename from tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LegacyLDAPSecuritySettingPluginListenerTest2.java rename to tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LegacyLDAPSecuritySettingPluginListenerTest2.java index 19698b7cdc..19f47b9a73 100644 --- a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LegacyLDAPSecuritySettingPluginListenerTest2.java +++ b/tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LegacyLDAPSecuritySettingPluginListenerTest2.java @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.apache.activemq.artemis.tests.integration.security; +package org.apache.activemq.artemis.tests.integration.isolated.security; import javax.naming.Context; import javax.naming.NamingException; diff --git a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LegacyLDAPSecuritySettingPluginRefreshTest.java b/tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LegacyLDAPSecuritySettingPluginRefreshTest.java similarity index 94% rename from tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LegacyLDAPSecuritySettingPluginRefreshTest.java rename to tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LegacyLDAPSecuritySettingPluginRefreshTest.java index bf99aa32c0..49da370d8a 100644 --- a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LegacyLDAPSecuritySettingPluginRefreshTest.java +++ b/tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LegacyLDAPSecuritySettingPluginRefreshTest.java @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.apache.activemq.artemis.tests.integration.security; +package org.apache.activemq.artemis.tests.integration.isolated.security; import java.util.Map; diff --git a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LegacyLDAPSecuritySettingPluginTest.java b/tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LegacyLDAPSecuritySettingPluginTest.java similarity index 99% rename from tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LegacyLDAPSecuritySettingPluginTest.java rename to tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LegacyLDAPSecuritySettingPluginTest.java index 89ba895dd2..0b4eefda52 100644 --- a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LegacyLDAPSecuritySettingPluginTest.java +++ b/tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LegacyLDAPSecuritySettingPluginTest.java @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.apache.activemq.artemis.tests.integration.security; +package org.apache.activemq.artemis.tests.integration.isolated.security; import javax.jms.Connection; import javax.jms.ConnectionFactory; diff --git a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LegacyLDAPSecuritySettingPluginTest2.java b/tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LegacyLDAPSecuritySettingPluginTest2.java similarity index 99% rename from tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LegacyLDAPSecuritySettingPluginTest2.java rename to tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LegacyLDAPSecuritySettingPluginTest2.java index 69b4a93b6d..071b6b3369 100644 --- a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/security/LegacyLDAPSecuritySettingPluginTest2.java +++ b/tests/integration-tests-isolated/src/test/java/org/apache/activemq/artemis/tests/integration/isolated/security/LegacyLDAPSecuritySettingPluginTest2.java @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.apache.activemq.artemis.tests.integration.security; +package org.apache.activemq.artemis.tests.integration.isolated.security; import javax.naming.Context; import javax.naming.NameClassPair; diff --git a/tests/integration-tests/src/test/resources/AMQauth.ldif b/tests/integration-tests-isolated/src/test/resources/AMQauth.ldif similarity index 100% rename from tests/integration-tests/src/test/resources/AMQauth.ldif rename to tests/integration-tests-isolated/src/test/resources/AMQauth.ldif diff --git a/tests/integration-tests/src/test/resources/AMQauth2.ldif b/tests/integration-tests-isolated/src/test/resources/AMQauth2.ldif similarity index 100% rename from tests/integration-tests/src/test/resources/AMQauth2.ldif rename to tests/integration-tests-isolated/src/test/resources/AMQauth2.ldif diff --git a/tests/integration-tests/src/test/resources/AMQauth3.ldif b/tests/integration-tests-isolated/src/test/resources/AMQauth3.ldif similarity index 100% rename from tests/integration-tests/src/test/resources/AMQauth3.ldif rename to tests/integration-tests-isolated/src/test/resources/AMQauth3.ldif diff --git a/tests/integration-tests/src/test/resources/SaslKrb5LDAPSecurityTest.ldif b/tests/integration-tests-isolated/src/test/resources/SaslKrb5LDAPSecurityTest.ldif similarity index 100% rename from tests/integration-tests/src/test/resources/SaslKrb5LDAPSecurityTest.ldif rename to tests/integration-tests-isolated/src/test/resources/SaslKrb5LDAPSecurityTest.ldif diff --git a/tests/integration-tests-isolated/src/test/resources/login.config b/tests/integration-tests-isolated/src/test/resources/login.config new file mode 100644 index 0000000000..63f5978f8e --- /dev/null +++ b/tests/integration-tests-isolated/src/test/resources/login.config @@ -0,0 +1,386 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +PropertiesLogin { + org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModule required + debug=true + org.apache.activemq.jaas.properties.user="users.properties" + org.apache.activemq.jaas.properties.role="roles.properties"; +}; + +PropertiesLoginWithPasswordCodec { + org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModule required + debug=true + org.apache.activemq.jaas.properties.user="users.properties" + org.apache.activemq.jaas.properties.role="roles.properties" + org.apache.activemq.jaas.properties.password.codec="org.apache.activemq.artemis.tests.integration.security.SecurityTest$DummySensitiveDataCodec"; +}; + +LDAPLogin { + org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule required + debug=true + initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory + connectionURL="ldap://localhost:1024" + connectionUsername="uid=admin,ou=system" + connectionPassword=secret + connectionProtocol=s + authentication=simple + userBase="ou=system" + userSearchMatching="(uid={0})" + userSearchSubtree=false + roleBase="ou=system" + roleName=cn + roleSearchMatching="(member=uid={1},ou=system)" + roleSearchSubtree=false + ; +}; + +LDAPLogin2 { + org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule required + debug=true + initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory + connectionURL="ldap://localhost:1024" + connectionUsername="uid=admin,ou=system" + connectionPassword=secret + connectionProtocol=s + authentication=simple + userBase="ou=User,ou=ActiveMQ,o=example,ou=system" + userSearchMatching="(uid={0})" + userSearchSubtree=true + roleBase="ou=Group,ou=ActiveMQ,o=example,ou=system" + roleName=cn + roleSearchMatching="(member=uid={1})" + roleSearchSubtree=true + ; +}; + +UnAuthenticatedLDAPLogin { + org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule required + debug=true + initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory + connectionURL="ldap://localhost:1024" + connectionUsername="uid=admin,ou=system" + connectionPassword="" + connectionProtocol=s + authentication=simple + userBase="ou=system" + userSearchMatching="(uid={0})" + userSearchSubtree=false + roleBase="ou=system" + roleName=dummyRoleName + roleSearchMatching="(uid={1})" + roleSearchSubtree=false + ; +}; + +BrokenLDAPLoginNamingException { + org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule required + debug=true + initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory + connectionURL="ldap://localhost:1024" + connectionUsername="uid=admin,ou=system" + connectionPassword="" + connectionProtocol=s + authentication=simple + userBase="ou=system" + userSearchMatching="(uid={0})" + userSearchSubtree=false + roleBase="ou=system" + roleName=dummyRoleName + roleSearchMatching="(uid={1})" + roleSearchSubtree=false + noCacheExceptions="javax.naming.NamingException" + ; +}; + +BrokenLDAPLoginConnectException { + org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule required + debug=true + initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory + connectionURL="ldap://localhost:1024" + connectionUsername="uid=admin,ou=system" + connectionPassword="123" + connectionProtocol=s + authentication=simple + userBase="ou=system" + userSearchMatching="(uid={0})" + userSearchSubtree=false + roleBase="ou=system" + roleName=dummyRoleName + roleSearchMatching="(uid={1})" + roleSearchSubtree=false + noCacheExceptions="javax.naming.NamingException, java.net.ConnectException" + ; +}; + +ExpandedLDAPLogin { + org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule required + debug=true + initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory + connectionURL="ldap://localhost:1024" + connectionUsername="uid=admin,ou=system" + connectionPassword=secret + connectionProtocol=s + authentication=simple + userBase="ou=system" + userSearchMatching="(uid={0})" + userSearchSubtree=false + roleBase="ou=system" + roleName=cn + roleSearchMatching="(uid={1})" + roleSearchSubtree=false + expandRoles=true + expandRolesMatching="(member={0})" + ; +}; + +LDAPLogin3 { + org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule required + debug=true + initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory + connectionURL="ldap://localhost:1024" + connectionUsername="uid=admin,ou=system" + connectionPassword=secret + connectionProtocol=s + authentication=simple + userBase="ou=users,dc=example,dc=com" + userSearchMatching="(uid={0})" + userSearchSubtree=true + roleBase="ou=roles,dc=example,dc=com" + roleName=cn + roleSearchMatching="(uniqueMember={0})" + roleSearchSubtree=true + connectionPool=true + connectionTimeout="5000" + ; +}; + +GuestLogin { + org.apache.activemq.artemis.spi.core.security.jaas.GuestLoginModule required + debug=true + org.apache.activemq.jaas.guest.user="foo" + org.apache.activemq.jaas.guest.role="bar"; + +}; + +GuestLoginWithDefaults { + org.apache.activemq.artemis.spi.core.security.jaas.GuestLoginModule required + debug=true; +}; + +OpenLdapConfiguration { + org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule required + debug=true + initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory + connectionURL="ldap://localhost:389" + connectionUsername="cn=mqbroker,ou=Services,ou=system,dc=fusesource,dc=com" + connectionPassword="sunflower" + connectionProtocol="s" + topicSearchMatchingFormat="cn={0},ou=Topic,ou=Destination,ou=ActiveMQ,ou=system,dc=fusesource,dc=com" + topicSearchSubtreeBool=true + authentication=simple + userBase="ou=User,ou=ActiveMQ,ou=system,dc=fusesource,dc=com" + userSearchMatching="(uid={0})" + userSearchSubtree=false + roleSearchMatching="(uid={1})" + queueSearchMatchingFormat="cn={0},ou=Queue,ou=Destination,ou=ActiveMQ,ou=system,dc=fusesource,dc=com" + queueSearchSubtreeBool=true + roleBase="ou=Group,ou=ActiveMQ,ou=system,dc=fusesource,dc=com" + roleName=cn + roleSearchMatching="(member:=uid={1})" + roleSearchSubtree=true + ; +}; + +CertLogin { + org.apache.activemq.artemis.spi.core.security.jaas.TextFileCertificateLoginModule required + debug=true + org.apache.activemq.jaas.textfiledn.user="cert-users.properties" + org.apache.activemq.jaas.textfiledn.role="cert-roles.properties"; +}; + +CertLoginWithRegexp { + org.apache.activemq.artemis.spi.core.security.jaas.TextFileCertificateLoginModule required + debug=true + org.apache.activemq.jaas.textfiledn.user="cert-regexps.properties" + org.apache.activemq.jaas.textfiledn.role="cert-roles.properties"; +}; + +DualAuthenticationCertLogin { + org.apache.activemq.artemis.spi.core.security.jaas.TextFileCertificateLoginModule required + debug=true + org.apache.activemq.jaas.textfiledn.user="dual-authentication-cert-users.properties" + org.apache.activemq.jaas.textfiledn.role="dual-authentication-cert-roles.properties"; +}; + +DualAuthenticationPropertiesLogin { + org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModule required + debug=true + org.apache.activemq.jaas.properties.user="dual-authentication-users.properties" + org.apache.activemq.jaas.properties.role="dual-authentication-roles.properties"; +}; + +Krb5Plus { + + org.apache.activemq.artemis.spi.core.security.jaas.Krb5LoginModule optional + debug=true; + + org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModule optional + debug=true + org.apache.activemq.jaas.properties.user="dual-authentication-users.properties" + org.apache.activemq.jaas.properties.role="dual-authentication-roles.properties"; +}; + +SaslExternalPlusLdap { + + org.apache.activemq.artemis.spi.core.security.jaas.ExternalCertificateLoginModule required + debug=true; + + org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule optional + debug=true + initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory + connectionURL="ldap://localhost:1024" + connectionUsername="uid=admin,ou=system" + connectionPassword=secret + connectionProtocol=s + authentication=simple + authenticateUser=false + roleBase="ou=system" + roleName=cn + roleSearchMatching="(member=uid={1})" + ; +}; + +Krb5PlusLdap { + + org.apache.activemq.artemis.spi.core.security.jaas.Krb5LoginModule required + debug=true; + + org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule optional + debug=true + initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory + connectionURL="ldap://localhost:1024" + authentication=GSSAPI + saslLoginConfigScope=broker-sasl-gssapi + connectionProtocol=s + userBase="ou=users,dc=example,dc=com" + userSearchMatching="(krb5PrincipalName={0})" + userSearchSubtree=true + authenticateUser=false + roleBase="ou=system" + roleName=cn + roleSearchMatching="(member={0})" + roleSearchSubtree=false + ; +}; + +Krb5PlusLdapNoRoleName { + + org.apache.activemq.artemis.spi.core.security.jaas.Krb5LoginModule required + debug=true; + + org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule optional + debug=true + initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory + connectionURL="ldap://localhost:1024" + authentication=GSSAPI + saslLoginConfigScope=broker-sasl-gssapi + connectionProtocol=s + userBase="ou=users,dc=example,dc=com" + userSearchMatching="(krb5PrincipalName={0})" + userSearchSubtree=true + authenticateUser=false + roleBase="ou=system" + roleSearchMatching="(member={0})" + roleSearchSubtree=false + ; +}; + +Krb5PlusLdapMemberOf { + + org.apache.activemq.artemis.spi.core.security.jaas.Krb5LoginModule required + debug=true; + + org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule optional + debug=true + initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory + connectionURL="ldap://localhost:1024" + authentication=GSSAPI + saslLoginConfigScope=broker-sasl-gssapi + connectionProtocol=s + userBase="ou=users,dc=example,dc=com" + userSearchMatching="(krb5PrincipalName={0})" + userSearchSubtree=true + authenticateUser=false + userRoleName=businessCategory + roleName=cn + ; +}; + +Krb5PlusLdapMemberOfNoRoleName { + + org.apache.activemq.artemis.spi.core.security.jaas.Krb5LoginModule required + debug=true; + + org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule optional + debug=true + initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory + connectionURL="ldap://localhost:1024" + authentication=GSSAPI + saslLoginConfigScope=broker-sasl-gssapi + connectionProtocol=s + userBase="ou=users,dc=example,dc=com" + userSearchMatching="(krb5PrincipalName={0})" + userSearchSubtree=true + authenticateUser=false + userRoleName=businessCategory + ; +}; + +amqp-sasl-gssapi { + com.sun.security.auth.module.Krb5LoginModule required + isInitiator=false + storeKey=true + useKeyTab=true + principal="amqp/localhost" + debug=true; +}; + +broker-sasl-gssapi { + com.sun.security.auth.module.Krb5LoginModule required + isInitiator=true + storeKey=true + useKeyTab=true + principal="amqp/localhost" + debug=true; +}; + +amqp-jms-client { + com.sun.security.auth.module.Krb5LoginModule required + useKeyTab=true; +}; + +amqp-sasl-scram { + org.apache.activemq.artemis.spi.core.security.jaas.SCRAMPropertiesLoginModule required + debug=false + org.apache.activemq.jaas.properties.user="artemis-scram-users.properties" + org.apache.activemq.jaas.properties.role="artemis-scram-roles.properties"; +}; + +artemis-sasl-scram { + org.apache.activemq.artemis.spi.core.security.jaas.SCRAMLoginModule required + ; +}; diff --git a/tests/integration-tests-isolated/src/test/resources/minikdc-krb5-template.conf b/tests/integration-tests-isolated/src/test/resources/minikdc-krb5-template.conf new file mode 100644 index 0000000000..1d08811ce8 --- /dev/null +++ b/tests/integration-tests-isolated/src/test/resources/minikdc-krb5-template.conf @@ -0,0 +1,30 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +[libdefaults] + kdc_realm = EXAMPLE.COM + default_realm = EXAMPLE.COM + udp_preference_limit = 1 + kdc_tcp_port = MINI_KDC_PORT + default_keytab_name = FILE:target/test.krb5.keytab + +[realms] + EXAMPLE.COM = { + kdc = localhost:MINI_KDC_PORT + } + diff --git a/tests/integration-tests-isolated/src/test/resources/minikdc-krb5.conf b/tests/integration-tests-isolated/src/test/resources/minikdc-krb5.conf new file mode 100644 index 0000000000..0f068ca44c --- /dev/null +++ b/tests/integration-tests-isolated/src/test/resources/minikdc-krb5.conf @@ -0,0 +1,26 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +[libdefaults] + default_realm = {0} + udp_preference_limit = 1 + default_keytab_name = FILE:target/test.krb5.keytab + +[realms] + {0} = '{' + kdc = {1}:{2} + '}' \ No newline at end of file diff --git a/tests/integration-tests/pom.xml b/tests/integration-tests/pom.xml index d1d9ac3896..cfa4bd877d 100644 --- a/tests/integration-tests/pom.xml +++ b/tests/integration-tests/pom.xml @@ -269,24 +269,7 @@ <artifactId>postgresql</artifactId> <scope>test</scope> </dependency> - <dependency> - <groupId>org.apache.directory.server</groupId> - <artifactId>apacheds-test-framework</artifactId> - <version>${directory-version}</version> - <scope>test</scope> - <exclusions> - <exclusion> - <groupId>org.apache.directory.api</groupId> - <artifactId>api-ldap-schema-data</artifactId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>org.apache.directory.server</groupId> - <artifactId>apacheds-server-annotations</artifactId> - <version>${directory-version}</version> - <scope>test</scope> - </dependency> + <dependency> <groupId>org.apache.commons</groupId> <artifactId>commons-lang3</artifactId> @@ -310,18 +293,6 @@ <artifactId>hadoop-minikdc</artifactId> <scope>test</scope> </dependency> - <dependency> - <groupId>org.apache.directory.server</groupId> - <artifactId>apacheds-interceptor-kerberos</artifactId> - <version>${directory-version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.directory.jdbm</groupId> - <artifactId>apacheds-jdbm2</artifactId> - <version>${directory-jdbm2-version}</version> - <scope>test</scope> - </dependency> <dependency> <groupId>org.springframework</groupId> <artifactId>spring-context</artifactId> diff --git a/tests/pom.xml b/tests/pom.xml index d29feed0f8..0071117cb6 100644 --- a/tests/pom.xml +++ b/tests/pom.xml @@ -130,6 +130,7 @@ <module>timing-tests</module> <module>jms-tests</module> <module>integration-tests</module> + <module>integration-tests-isolated</module> <module>karaf-client-integration-tests</module> <module>karaf-server-integration-tests</module> <module>compatibility-tests</module>