Repository: incubator-geode Updated Branches: refs/heads/feature/GEODE-17-2 c979b3aaf -> d4ef0a247
GEODE-17: Adding ManagerMBean security test Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/35e63b82 Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/35e63b82 Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/35e63b82 Branch: refs/heads/feature/GEODE-17-2 Commit: 35e63b82f9690fe8a59cfbef981d14ec624114e7 Parents: c979b3a Author: Jens Deppe <[email protected]> Authored: Wed Mar 16 12:47:03 2016 -0700 Committer: Jens Deppe <[email protected]> Committed: Wed Mar 16 14:16:22 2016 -0700 ---------------------------------------------------------------------- .../ManagerMBeanAuthorizationJUnitTest.java | 83 ++++++++++++++++++++ .../internal/security/cacheServer.json | 5 +- 2 files changed, 87 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/35e63b82/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ManagerMBeanAuthorizationJUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ManagerMBeanAuthorizationJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ManagerMBeanAuthorizationJUnitTest.java new file mode 100644 index 0000000..d3add7a --- /dev/null +++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ManagerMBeanAuthorizationJUnitTest.java @@ -0,0 +1,83 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package com.gemstone.gemfire.management.internal.security; + +import com.gemstone.gemfire.cache.Cache; +import com.gemstone.gemfire.cache.CacheFactory; +import com.gemstone.gemfire.distributed.internal.locks.DLockService; +import com.gemstone.gemfire.internal.AvailablePort; +import com.gemstone.gemfire.management.ManagerMXBean; +import com.gemstone.gemfire.test.junit.categories.IntegrationTest; +import org.junit.AfterClass; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.ClassRule; +import org.junit.Rule; +import org.junit.Test; +import org.junit.experimental.categories.Category; + +import static org.assertj.core.api.Assertions.assertThatThrownBy; + +@Category(IntegrationTest.class) +public class ManagerMBeanAuthorizationJUnitTest { + private static int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET); + + private ManagerMXBean managerMXBean; + + @ClassRule + public static JsonAuthorizationCacheStartRule serverRule = new JsonAuthorizationCacheStartRule( + jmxManagerPort, "cacheServer.json"); + + @Rule + public MBeanServerConnectionRule connectionRule = new MBeanServerConnectionRule(jmxManagerPort); + + @BeforeClass + public static void beforeClassSetUp() { + Cache cache = CacheFactory.getAnyInstance(); + } + + @Before + public void setUp() throws Exception { + managerMXBean = connectionRule.getProxyMBean(ManagerMXBean.class); + } + + @AfterClass + public static void afterClassTeardown() { + DLockService.destroyAll(); + } + + @Test + @JMXConnectionConfiguration(user = "superuser", password = "1234567") + public void testAllAccess() throws Exception { + managerMXBean.setPulseURL("foo"); // MANAGER:SET_PULSE_URL + managerMXBean.start(); // MANAGER.START + managerMXBean.stop(); // MANAGER.STOP + } + + @Test + @JMXConnectionConfiguration(user = "user", password = "1234567") + public void testSomeAccess() throws Exception { +// assertThatThrownBy(() -> managerMXBean.becomeLockGrantor()).isInstanceOf(SecurityException.class); +// managerMXBean.getMemberCount(); + } + + @Test + @JMXConnectionConfiguration(user = "stranger", password = "1234567") + public void testNoAccess() throws Exception { +// assertThatThrownBy(() -> managerMXBean.becomeLockGrantor()).isInstanceOf(SecurityException.class); + } +} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/35e63b82/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json ---------------------------------------------------------------------- diff --git a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json index 2aead40..95037e5 100644 --- a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json +++ b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json @@ -30,7 +30,10 @@ "GATEWAY_SENDER:START", "GATEWAY_SENDER:STOP", "GATEWAY_RECEIVER:START", - "GATEWAY_RECEIVER:STOP" + "GATEWAY_RECEIVER:STOP", + "MANAGER:SET_PULSE_URL", + "MANAGER:START", + "MANAGER:STOP" ] }, {
