http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4f6a5311/geode-core/src/test/java/com/gemstone/gemfire/security/DeltaClientAuthorizationDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/DeltaClientAuthorizationDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/DeltaClientAuthorizationDUnitTest.java index 4ffac74..708140c 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/DeltaClientAuthorizationDUnitTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/security/DeltaClientAuthorizationDUnitTest.java @@ -18,20 +18,18 @@ */ package com.gemstone.gemfire.security; +import static com.gemstone.gemfire.security.SecurityTestUtil.*; import static com.gemstone.gemfire.test.dunit.Assert.*; +import static com.gemstone.gemfire.test.dunit.LogWriterUtils.*; import java.util.Properties; import com.gemstone.gemfire.DeltaTestImpl; import com.gemstone.gemfire.cache.Region; -import com.gemstone.gemfire.cache.client.NoAvailableServersException; -import com.gemstone.gemfire.cache.client.ServerConnectivityException; import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode; import com.gemstone.gemfire.internal.cache.PartitionedRegionLocalMaxMemoryDUnitTest.TestObject1; import com.gemstone.gemfire.security.generator.AuthzCredentialGenerator; import com.gemstone.gemfire.security.generator.CredentialGenerator; -import com.gemstone.gemfire.test.dunit.Assert; -import com.gemstone.gemfire.test.dunit.LogWriterUtils; import com.gemstone.gemfire.test.junit.categories.DistributedTest; import org.junit.Test; import org.junit.experimental.categories.Category; @@ -40,8 +38,7 @@ import org.junit.experimental.categories.Category; * @since 6.1 */ @Category(DistributedTest.class) -public class DeltaClientAuthorizationDUnitTest extends - ClientAuthorizationTestBase { +public final class DeltaClientAuthorizationDUnitTest extends ClientAuthorizationTestBase { private DeltaTestImpl[] deltas = new DeltaTestImpl[8]; @@ -52,236 +49,98 @@ public class DeltaClientAuthorizationDUnitTest extends @Override public final void preTearDownClientAuthorizationTestBase() throws Exception { - // close the clients first - client1.invoke(() -> SecurityTestUtil.closeCache()); - client2.invoke(() -> SecurityTestUtil.closeCache()); - SecurityTestUtil.closeCache(); - // then close the servers - server1.invoke(() -> SecurityTestUtil.closeCache()); - server2.invoke(() -> SecurityTestUtil.closeCache()); + closeCache(); } @Test public void testAllowPutsGets() throws Exception { - AuthzCredentialGenerator gen = this.getXmlAuthzGenerator(); - CredentialGenerator cGen = gen.getCredentialGenerator(); - Properties extraAuthProps = cGen.getSystemProperties(); - Properties javaProps = cGen.getJavaProperties(); - Properties extraAuthzProps = gen.getSystemProperties(); - String authenticator = cGen.getAuthenticator(); - String authInit = cGen.getAuthInit(); - String accessor = gen.getAuthorizationCallback(); - - LogWriterUtils.getLogWriter().info("testAllowPutsGets: Using authinit: " + authInit); - LogWriterUtils.getLogWriter().info( - "testAllowPutsGets: Using authenticator: " + authenticator); - LogWriterUtils.getLogWriter().info("testAllowPutsGets: Using accessor: " + accessor); - - // Start servers with all required properties - Properties serverProps = buildProperties(authenticator, accessor, false, - extraAuthProps, extraAuthzProps); - Integer port1 = createServer1(javaProps, serverProps); - Integer port2 = createServer2(javaProps, serverProps); - - // Start client1 with valid CREATE credentials - Properties createCredentials = gen.getAllowedCredentials( - new OperationCode[] { OperationCode.PUT }, - new String[] { regionName }, 1); - javaProps = cGen.getJavaProperties(); - LogWriterUtils.getLogWriter().info( - "testAllowPutsGets: For first client credentials: " - + createCredentials); - createClient1(javaProps, authInit, port1, port2, createCredentials); - - // Start client2 with valid GET credentials - Properties getCredentials = gen.getAllowedCredentials( - new OperationCode[] { OperationCode.GET }, - new String[] { regionName }, 2); - javaProps = cGen.getJavaProperties(); - LogWriterUtils.getLogWriter() - .info( - "testAllowPutsGets: For second client credentials: " - + getCredentials); - createClient2(javaProps, authInit, port1, port2, getCredentials); - - // Perform some put operations from client1 - client1.invoke(() -> doPuts( - new Integer(2), new Integer(SecurityTestUtil.NO_EXCEPTION), Boolean.FALSE )); - Thread.sleep(5000); - assertTrue("Delta feature NOT used", (Boolean)client1.invoke(() -> DeltaTestImpl.toDeltaFeatureUsed())); - - // Verify that the gets succeed - client2.invoke(() -> doGets( - new Integer(2), new Integer(SecurityTestUtil.NO_EXCEPTION), Boolean.FALSE )); - } + AuthzCredentialGenerator gen = this.getXmlAuthzGenerator(); + CredentialGenerator cGen = gen.getCredentialGenerator(); + + Properties extraAuthProps = cGen.getSystemProperties(); + Properties javaProps = cGen.getJavaProperties(); + Properties extraAuthzProps = gen.getSystemProperties(); + + String authenticator = cGen.getAuthenticator(); + String authInit = cGen.getAuthInit(); + String accessor = gen.getAuthorizationCallback(); + + getLogWriter().info("testAllowPutsGets: Using authinit: " + authInit); + getLogWriter().info("testAllowPutsGets: Using authenticator: " + authenticator); + getLogWriter().info("testAllowPutsGets: Using accessor: " + accessor); + + // Start servers with all required properties + Properties serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps); + + Integer port1 = createServer1(javaProps, serverProps); + Integer port2 = createServer2(javaProps, serverProps); + + // Start client1 with valid CREATE credentials + Properties createCredentials = gen.getAllowedCredentials(new OperationCode[] { OperationCode.PUT }, new String[] { REGION_NAME }, 1); + javaProps = cGen.getJavaProperties(); + + getLogWriter().info("testAllowPutsGets: For first client credentials: " + createCredentials); + createClient1(javaProps, authInit, port1, port2, createCredentials); - private void createClient2(Properties javaProps, String authInit, - Integer port1, Integer port2, Properties getCredentials) { - client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, getCredentials, javaProps, port1, port2, - null, new Integer(SecurityTestUtil.NO_EXCEPTION) )); + // Start client2 with valid GET credentials + Properties getCredentials = gen.getAllowedCredentials(new OperationCode[] { OperationCode.GET }, new String[] { REGION_NAME }, 2); + javaProps = cGen.getJavaProperties(); + getLogWriter().info("testAllowPutsGets: For second client credentials: " + getCredentials); + + createClient2(javaProps, authInit, port1, port2, getCredentials); + + // Perform some put operations from client1 + client1.invoke(() -> doPuts(2, NO_EXCEPTION)); + + Thread.sleep(5000); + assertTrue("Delta feature NOT used", client1.invoke(() -> DeltaTestImpl.toDeltaFeatureUsed())); + + // Verify that the gets succeed + client2.invoke(() -> doGets(2, NO_EXCEPTION)); } - private void createClient1(Properties javaProps, String authInit, - Integer port1, Integer port2, Properties createCredentials) { - client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, createCredentials, javaProps, port1, port2, - null, new Integer(SecurityTestUtil.NO_EXCEPTION) )); + private void createClient2(Properties javaProps, String authInit, int port1, int port2, Properties getCredentials) { + client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, getCredentials, javaProps, port1, port2, 0, NO_EXCEPTION)); } - private Integer createServer2(Properties javaProps, - Properties serverProps) { - Integer port2 = ((Integer)server2.invoke(() -> ClientAuthorizationTestBase.createCacheServer( - SecurityTestUtil.getLocatorPort(), serverProps, javaProps ))); - return port2; + private void createClient1(Properties javaProps, String authInit, int port1, int port2, Properties createCredentials) { + client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, createCredentials, javaProps, port1, port2, 0, NO_EXCEPTION)); } - private Integer createServer1(Properties javaProps, - Properties serverProps) { - Integer port1 = ((Integer)server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer( - SecurityTestUtil.getLocatorPort(), serverProps, javaProps ))); - return port1; + private Integer createServer2(Properties javaProps, Properties serverProps) { + return server2.invoke(() -> ClientAuthorizationTestBase.createCacheServer(getLocatorPort(), serverProps, javaProps)); } - private void doPuts(Integer num, Integer expectedResult, - boolean newVals) { + private Integer createServer1(Properties javaProps, Properties serverProps) { + return server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer(getLocatorPort(), serverProps, javaProps)); + } - assertTrue(num.intValue() <= SecurityTestUtil.KEYS.length); - Region region = null; - try { - region = SecurityTestUtil.getCache().getRegion(regionName); - assertNotNull(region); + private void doPuts(int num, int expectedResult) { + assertTrue(num <= KEYS.length); + Region region = getCache().getRegion(REGION_NAME); + assertNotNull(region); + for (int index = 0; index < num; ++index) { + region.put(KEYS[index], deltas[0]); } - catch (Exception ex) { - if (expectedResult.intValue() == SecurityTestUtil.OTHER_EXCEPTION) { - LogWriterUtils.getLogWriter().info("Got expected exception when doing puts: " + ex); - } - else { - Assert.fail("Got unexpected exception when doing puts", ex); - } - } - for (int index = 0; index < num.intValue(); ++index) { - region.put(SecurityTestUtil.KEYS[index], deltas[0]); - } - for (int index = 0; index < num.intValue(); ++index) { - try { - region.put(SecurityTestUtil.KEYS[index], deltas[index]); - if (expectedResult.intValue() != SecurityTestUtil.NO_EXCEPTION) { - fail("Expected a NotAuthorizedException while doing puts"); - } - } - catch (NoAvailableServersException ex) { - if (expectedResult.intValue() == SecurityTestUtil.NO_AVAILABLE_SERVERS) { - LogWriterUtils.getLogWriter().info( - "Got expected NoAvailableServers when doing puts: " - + ex.getCause()); - continue; - } - else { - Assert.fail("Got unexpected exception when doing puts", ex); - } - } - catch (ServerConnectivityException ex) { - if ((expectedResult.intValue() == SecurityTestUtil.NOTAUTHZ_EXCEPTION) - && (ex.getCause() instanceof NotAuthorizedException)) { - LogWriterUtils.getLogWriter().info( - "Got expected NotAuthorizedException when doing puts: " - + ex.getCause()); - continue; - } - if ((expectedResult.intValue() == SecurityTestUtil.AUTHREQ_EXCEPTION) - && (ex.getCause() instanceof AuthenticationRequiredException)) { - LogWriterUtils.getLogWriter().info( - "Got expected AuthenticationRequiredException when doing puts: " - + ex.getCause()); - continue; - } - if ((expectedResult.intValue() == SecurityTestUtil.AUTHFAIL_EXCEPTION) - && (ex.getCause() instanceof AuthenticationFailedException)) { - LogWriterUtils.getLogWriter().info( - "Got expected AuthenticationFailedException when doing puts: " - + ex.getCause()); - continue; - } - else if (expectedResult.intValue() == SecurityTestUtil.OTHER_EXCEPTION) { - LogWriterUtils.getLogWriter().info("Got expected exception when doing puts: " + ex); - } - else { - Assert.fail("Got unexpected exception when doing puts", ex); - } - } - catch (Exception ex) { - if (expectedResult.intValue() == SecurityTestUtil.OTHER_EXCEPTION) { - LogWriterUtils.getLogWriter().info("Got expected exception when doing puts: " + ex); - } - else { - Assert.fail("Got unexpected exception when doing puts", ex); - } + for (int index = 0; index < num; ++index) { + region.put(KEYS[index], deltas[index]); + if (expectedResult != NO_EXCEPTION) { + fail("Expected a NotAuthorizedException while doing puts"); } } } - private void doGets(Integer num, Integer expectedResult, - boolean newVals) { + private void doGets(int num, int expectedResult) { + assertTrue(num <= KEYS.length); - assertTrue(num.intValue() <= SecurityTestUtil.KEYS.length); - Region region = null; - try { - region = SecurityTestUtil.getCache().getRegion(regionName); - assertNotNull(region); - } - catch (Exception ex) { - if (expectedResult.intValue() == SecurityTestUtil.OTHER_EXCEPTION) { - LogWriterUtils.getLogWriter().info("Got expected exception when doing gets: " + ex); - } - else { - Assert.fail("Got unexpected exception when doing gets", ex); - } - } - for (int index = 0; index < num.intValue(); ++index) { - Object value = null; - try { - try { - region.localInvalidate(SecurityTestUtil.KEYS[index]); - } - catch (Exception ex) { - } - value = region.get(SecurityTestUtil.KEYS[index]); - if (expectedResult.intValue() != SecurityTestUtil.NO_EXCEPTION) { - fail("Expected a NotAuthorizedException while doing gets"); - } - } - catch(NoAvailableServersException ex) { - if(expectedResult.intValue() == SecurityTestUtil.NO_AVAILABLE_SERVERS) { - LogWriterUtils.getLogWriter().info( - "Got expected NoAvailableServers when doing puts: " - + ex.getCause()); - continue; - } - else { - Assert.fail("Got unexpected exception when doing puts", ex); - } - } - catch (ServerConnectivityException ex) { - if ((expectedResult.intValue() == SecurityTestUtil.NOTAUTHZ_EXCEPTION) - && (ex.getCause() instanceof NotAuthorizedException)) { - LogWriterUtils.getLogWriter().info( - "Got expected NotAuthorizedException when doing gets: " - + ex.getCause()); - continue; - } - else if (expectedResult.intValue() == SecurityTestUtil.OTHER_EXCEPTION) { - LogWriterUtils.getLogWriter().info("Got expected exception when doing gets: " + ex); - } - else { - Assert.fail("Got unexpected exception when doing gets", ex); - } - } - catch (Exception ex) { - if (expectedResult.intValue() == SecurityTestUtil.OTHER_EXCEPTION) { - LogWriterUtils.getLogWriter().info("Got expected exception when doing gets: " + ex); - } - else { - Assert.fail("Got unexpected exception when doing gets", ex); - } + Region region = SecurityTestUtil.getCache().getRegion(REGION_NAME); + assertNotNull(region); + + for (int index = 0; index < num; ++index) { + region.localInvalidate(KEYS[index]); + Object value = region.get(KEYS[index]); + if (expectedResult != NO_EXCEPTION) { + fail("Expected a NotAuthorizedException while doing gets"); } assertNotNull(value); assertEquals(deltas[index], value); @@ -290,8 +149,7 @@ public class DeltaClientAuthorizationDUnitTest extends private final void setUpDeltas() { for (int i = 0; i < 8; i++) { - deltas[i] = new DeltaTestImpl(0, "0", new Double(0), new byte[0], - new TestObject1("0", 0)); + deltas[i] = new DeltaTestImpl(0, "0", new Double(0), new byte[0], new TestObject1("0", 0)); } deltas[1].setIntVar(5); deltas[2].setIntVar(5); @@ -334,6 +192,5 @@ public class DeltaClientAuthorizationDUnitTest extends deltas[7].resetDeltaStatus(); deltas[7].setStr("delta string"); - } }
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4f6a5311/geode-core/src/test/java/com/gemstone/gemfire/security/DeltaClientPostAuthorizationDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/DeltaClientPostAuthorizationDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/DeltaClientPostAuthorizationDUnitTest.java index 56e5e2d..b838957 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/DeltaClientPostAuthorizationDUnitTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/security/DeltaClientPostAuthorizationDUnitTest.java @@ -18,7 +18,11 @@ */ package com.gemstone.gemfire.security; +import static com.gemstone.gemfire.internal.AvailablePort.*; +import static com.gemstone.gemfire.security.SecurityTestUtil.*; import static com.gemstone.gemfire.test.dunit.Assert.*; +import static com.gemstone.gemfire.test.dunit.IgnoredException.*; +import static com.gemstone.gemfire.test.dunit.LogWriterUtils.*; import java.util.ArrayList; import java.util.Iterator; @@ -34,15 +38,10 @@ import com.gemstone.gemfire.cache.client.ServerConnectivityException; import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode; import com.gemstone.gemfire.cache.query.CqException; import com.gemstone.gemfire.cache.query.QueryInvocationTargetException; -import com.gemstone.gemfire.internal.AvailablePort; import com.gemstone.gemfire.internal.cache.PartitionedRegionLocalMaxMemoryDUnitTest; import com.gemstone.gemfire.internal.util.Callable; import com.gemstone.gemfire.security.generator.AuthzCredentialGenerator; import com.gemstone.gemfire.security.generator.CredentialGenerator; -import com.gemstone.gemfire.test.dunit.Assert; -import com.gemstone.gemfire.test.dunit.Host; -import com.gemstone.gemfire.test.dunit.IgnoredException; -import com.gemstone.gemfire.test.dunit.LogWriterUtils; import com.gemstone.gemfire.test.dunit.VM; import com.gemstone.gemfire.test.junit.categories.DistributedTest; import org.junit.Test; @@ -52,207 +51,95 @@ import org.junit.experimental.categories.Category; * @since 6.1 */ @Category(DistributedTest.class) -public class DeltaClientPostAuthorizationDUnitTest extends - ClientAuthorizationTestBase { +public class DeltaClientPostAuthorizationDUnitTest extends ClientAuthorizationTestBase { private static final int PAUSE = 5 * 1000; // TODO: replace with Awaitility private DeltaTestImpl[] deltas = new DeltaTestImpl[8]; - private final void setUpDeltas() { - for (int i = 0; i < 8; i++) { - deltas[i] = new DeltaTestImpl(0, "0", new Double(0), new byte[0], - new PartitionedRegionLocalMaxMemoryDUnitTest.TestObject1("0", 0)); - } - deltas[1].setIntVar(5); - deltas[2].setIntVar(5); - deltas[3].setIntVar(5); - deltas[4].setIntVar(5); - deltas[5].setIntVar(5); - deltas[6].setIntVar(5); - deltas[7].setIntVar(5); - - deltas[2].resetDeltaStatus(); - deltas[2].setByteArr(new byte[] { 1, 2, 3, 4, 5 }); - deltas[3].setByteArr(new byte[] { 1, 2, 3, 4, 5 }); - deltas[4].setByteArr(new byte[] { 1, 2, 3, 4, 5 }); - deltas[5].setByteArr(new byte[] { 1, 2, 3, 4, 5 }); - //deltas[6].setByteArr(new byte[] { 1, 2, 3, 4, 5 }); - //deltas[7].setByteArr(new byte[] { 1, 2, 3, 4, 5 }); - - deltas[3].resetDeltaStatus(); - deltas[3].setDoubleVar(new Double(5)); - deltas[4].setDoubleVar(new Double(5)); - deltas[5].setDoubleVar(new Double(5)); - deltas[6].setDoubleVar(new Double(5)); - deltas[7].setDoubleVar(new Double(5)); - - deltas[4].resetDeltaStatus(); - deltas[4].setStr("str changed"); - deltas[5].setStr("str changed"); - deltas[6].setStr("str changed"); - //deltas[7].setStr("str changed"); - - deltas[5].resetDeltaStatus(); - deltas[5].setIntVar(100); - deltas[5].setTestObj(new PartitionedRegionLocalMaxMemoryDUnitTest.TestObject1("CHANGED", 100)); - deltas[6].setTestObj(new PartitionedRegionLocalMaxMemoryDUnitTest.TestObject1("CHANGED", 100)); - deltas[7].setTestObj(new PartitionedRegionLocalMaxMemoryDUnitTest.TestObject1("CHANGED", 100)); - - deltas[6].resetDeltaStatus(); - deltas[6].setByteArr(new byte[] { 1, 2, 3 }); - deltas[7].setByteArr(new byte[] { 1, 2, 3 }); - - deltas[7].resetDeltaStatus(); - deltas[7].setStr("delta string"); - } - @Override - public final void preSetUp() throws Exception { + public final void preSetUpClientAuthorizationTestBase() throws Exception { setUpDeltas(); + addIgnoredException("Unexpected IOException"); + addIgnoredException("SocketException"); } @Override - public final void postSetUp() throws Exception { - final Host host = Host.getHost(0); - server1 = host.getVM(0); - server2 = host.getVM(1); - client1 = host.getVM(2); - client2 = host.getVM(3); - - server1.invoke(() -> SecurityTestUtil.registerExpectedExceptions( serverExpectedExceptions )); - server2.invoke(() -> SecurityTestUtil.registerExpectedExceptions( serverExpectedExceptions )); - client2.invoke(() -> SecurityTestUtil.registerExpectedExceptions( clientExpectedExceptions )); - SecurityTestUtil.registerExpectedExceptions(clientExpectedExceptions); - } - - @Override - public final void preTearDown() throws Exception { - // close the clients first - client1.invoke(() -> SecurityTestUtil.closeCache()); - client2.invoke(() -> SecurityTestUtil.closeCache()); + public final void preTearDownClientAuthorizationTestBase() throws Exception { SecurityTestUtil.closeCache(); - // then close the servers - server1.invoke(() -> SecurityTestUtil.closeCache()); - server2.invoke(() -> SecurityTestUtil.closeCache()); } @Test public void testPutPostOpNotifications() throws Exception { - IgnoredException.addIgnoredException("Unexpected IOException"); - IgnoredException.addIgnoredException("SocketException"); - - OperationWithAction[] allOps = { - // Test CREATE and verify with a GET - new OperationWithAction(OperationCode.REGISTER_INTEREST, - OperationCode.GET, 2, OpFlags.USE_REGEX - | OpFlags.REGISTER_POLICY_NONE, 8), - new OperationWithAction(OperationCode.REGISTER_INTEREST, - OperationCode.GET, 3, OpFlags.USE_REGEX - | OpFlags.REGISTER_POLICY_NONE | OpFlags.USE_NOTAUTHZ, 8), - new OperationWithAction(OperationCode.PUT), - new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP, 4), - new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP | OpFlags.CHECK_FAIL, 4), - - // OPBLOCK_END indicates end of an operation block that needs to - // be executed on each server when doing failover - OperationWithAction.OPBLOCK_END, - - // Test UPDATE and verify with a GET - new OperationWithAction(OperationCode.REGISTER_INTEREST, - OperationCode.GET, 2, OpFlags.USE_REGEX - | OpFlags.REGISTER_POLICY_NONE, 8), - new OperationWithAction(OperationCode.REGISTER_INTEREST, - OperationCode.GET, 3, OpFlags.USE_REGEX - | OpFlags.REGISTER_POLICY_NONE | OpFlags.USE_NOTAUTHZ, 8), - new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN - | OpFlags.USE_NEWVAL, 4), - new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP | OpFlags.USE_NEWVAL, 4), - new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP | OpFlags.USE_NEWVAL | OpFlags.CHECK_FAIL, 4), - - OperationWithAction.OPBLOCK_END }; - - AuthzCredentialGenerator gen = this.getXmlAuthzGenerator(); - CredentialGenerator cGen = gen.getCredentialGenerator(); - Properties extraAuthProps = cGen.getSystemProperties(); - Properties javaProps = cGen.getJavaProperties(); - Properties extraAuthzProps = gen.getSystemProperties(); - String authenticator = cGen.getAuthenticator(); - String authInit = cGen.getAuthInit(); - String accessor = gen.getAuthorizationCallback(); - TestAuthzCredentialGenerator tgen = new TestAuthzCredentialGenerator(gen); - - LogWriterUtils.getLogWriter().info( - "testAllOpsNotifications: Using authinit: " + authInit); - LogWriterUtils.getLogWriter().info( - "testAllOpsNotifications: Using authenticator: " + authenticator); - LogWriterUtils.getLogWriter().info( - "testAllOpsNotifications: Using accessor: " + accessor); - - // Start servers with all required properties - Properties serverProps = buildProperties(authenticator, accessor, true, - extraAuthProps, extraAuthzProps); - // Get ports for the servers - Integer port1 = new Integer(AvailablePort - .getRandomAvailablePort(AvailablePort.SOCKET)); - Integer port2 = new Integer(AvailablePort - .getRandomAvailablePort(AvailablePort.SOCKET)); - - // Perform all the ops on the clients - List opBlock = new ArrayList(); - Random rnd = new Random(); - for (int opNum = 0; opNum < allOps.length; ++opNum) { - // Start client with valid credentials as specified in - // OperationWithAction - OperationWithAction currentOp = allOps[opNum]; - if (currentOp.equals(OperationWithAction.OPBLOCK_END) - || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) { - // End of current operation block; execute all the operations - // on the servers with failover - if (opBlock.size() > 0) { - // Start the first server and execute the operation block - server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer( - SecurityTestUtil.getLocatorPort(), port1, serverProps, - javaProps )); - server2.invoke(() -> SecurityTestUtil.closeCache()); - executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, - extraAuthzProps, tgen, rnd); - if (!currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) { - // Failover to the second server and run the block again - server2.invoke(() -> ClientAuthorizationTestBase.createCacheServer( - SecurityTestUtil.getLocatorPort(), port2, serverProps, - javaProps )); - server1.invoke(() -> SecurityTestUtil.closeCache()); - executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, - extraAuthzProps, tgen, rnd); - } - opBlock.clear(); + OperationWithAction[] allOps = allOps(); + + AuthzCredentialGenerator gen = this.getXmlAuthzGenerator(); + CredentialGenerator cGen = gen.getCredentialGenerator(); + Properties extraAuthProps = cGen.getSystemProperties(); + Properties javaProps = cGen.getJavaProperties(); + Properties extraAuthzProps = gen.getSystemProperties(); + String authenticator = cGen.getAuthenticator(); + String authInit = cGen.getAuthInit(); + String accessor = gen.getAuthorizationCallback(); + TestAuthzCredentialGenerator tgen = new TestAuthzCredentialGenerator(gen); + + getLogWriter().info("testAllOpsNotifications: Using authinit: " + authInit); + getLogWriter().info("testAllOpsNotifications: Using authenticator: " + authenticator); + getLogWriter().info("testAllOpsNotifications: Using accessor: " + accessor); + + // Start servers with all required properties + Properties serverProps = buildProperties(authenticator, accessor, true, extraAuthProps, extraAuthzProps); + + // Get ports for the servers + int port1 = getRandomAvailablePort(SOCKET); + int port2 = getRandomAvailablePort(SOCKET); + + // Perform all the ops on the clients + List opBlock = new ArrayList(); + Random rnd = new Random(); + + for (int opNum = 0; opNum < allOps.length; ++opNum) { + // Start client with valid credentials as specified in OperationWithAction + OperationWithAction currentOp = allOps[opNum]; + if (currentOp.equals(OperationWithAction.OPBLOCK_END) || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) { + + // End of current operation block; execute all the operations on the servers with failover + if (opBlock.size() > 0) { + // Start the first server and execute the operation block + server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer(SecurityTestUtil.getLocatorPort(), port1, serverProps, javaProps )); + server2.invoke(() -> SecurityTestUtil.closeCache()); + + executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, tgen, rnd); + + if (!currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) { + // Failover to the second server and run the block again + server2.invoke(() -> ClientAuthorizationTestBase.createCacheServer(SecurityTestUtil.getLocatorPort(), port2, serverProps, javaProps )); + server1.invoke(() -> SecurityTestUtil.closeCache()); + + executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, tgen, rnd); } + + opBlock.clear(); } - else { - currentOp.setOpNum(opNum); - opBlock.add(currentOp); - } + + } else { + currentOp.setOpNum(opNum); + opBlock.add(currentOp); } + } } - protected void executeOpBlock(List opBlock, Integer port1, Integer port2, - String authInit, Properties extraAuthProps, Properties extraAuthzProps, - TestCredentialGenerator gen, Random rnd) { - Iterator opIter = opBlock.iterator(); - while (opIter.hasNext()) { - // Start client with valid credentials as specified in - // OperationWithAction + @Override + protected final void executeOpBlock(List opBlock, Integer port1, Integer port2, String authInit, Properties extraAuthProps, Properties extraAuthzProps, TestCredentialGenerator gen, Random rnd) throws InterruptedException { + for (Iterator opIter = opBlock.iterator(); opIter.hasNext();) { + // Start client with valid credentials as specified in OperationWithAction OperationWithAction currentOp = (OperationWithAction)opIter.next(); OperationCode opCode = currentOp.getOperationCode(); int opFlags = currentOp.getFlags(); int clientNum = currentOp.getClientNum(); VM clientVM = null; boolean useThisVM = false; + switch (clientNum) { case 1: clientVM = client1; @@ -267,9 +154,9 @@ public class DeltaClientPostAuthorizationDUnitTest extends fail("executeOpBlock: Unknown client number " + clientNum); break; } - LogWriterUtils.getLogWriter().info( - "executeOpBlock: performing operation number [" - + currentOp.getOpNum() + "]: " + currentOp); + + getLogWriter().info("executeOpBlock: performing operation number [" + currentOp.getOpNum() + "]: " + currentOp); + if ((opFlags & OpFlags.USE_OLDCONN) == 0) { Properties opCredentials; int newRnd = rnd.nextInt(100) + 1; @@ -277,315 +164,123 @@ public class DeltaClientPostAuthorizationDUnitTest extends if ((opFlags & OpFlags.USE_SUBREGION) > 0) { currentRegionName += ('/' + subregionName); } + String credentialsTypeStr; OperationCode authOpCode = currentOp.getAuthzOperationCode(); int[] indices = currentOp.getIndices(); CredentialGenerator cGen = gen.getCredentialGenerator(); - Properties javaProps = null; - if ((opFlags & OpFlags.CHECK_NOTAUTHZ) > 0 - || (opFlags & OpFlags.USE_NOTAUTHZ) > 0) { - opCredentials = gen.getDisallowedCredentials( - new OperationCode[] { authOpCode }, - new String[] { currentRegionName }, indices, newRnd); + final Properties javaProps = cGen == null ? null : cGen.getJavaProperties(); + + if ((opFlags & OpFlags.CHECK_NOTAUTHZ) > 0 || (opFlags & OpFlags.USE_NOTAUTHZ) > 0) { + opCredentials = gen.getDisallowedCredentials(new OperationCode[] { authOpCode }, new String[] { currentRegionName }, indices, newRnd); credentialsTypeStr = " unauthorized " + authOpCode; - } - else { - opCredentials = gen.getAllowedCredentials(new OperationCode[] { - opCode, authOpCode }, new String[] { currentRegionName }, - indices, newRnd); + + } else { + opCredentials = gen.getAllowedCredentials(new OperationCode[] {opCode, authOpCode }, new String[] { currentRegionName }, indices, newRnd); credentialsTypeStr = " authorized " + authOpCode; } - if (cGen != null) { - javaProps = cGen.getJavaProperties(); - } - Properties clientProps = SecurityTestUtil - .concatProperties(new Properties[] { opCredentials, extraAuthProps, - extraAuthzProps }); - // Start the client with valid credentials but allowed or disallowed to - // perform an operation - LogWriterUtils.getLogWriter().info( - "executeOpBlock: For client" + clientNum + credentialsTypeStr - + " credentials: " + opCredentials); + + Properties clientProps = SecurityTestUtil.concatProperties(new Properties[] { opCredentials, extraAuthProps, extraAuthzProps }); + + // Start the client with valid credentials but allowed or disallowed to perform an operation + getLogWriter().info("executeOpBlock: For client" + clientNum + credentialsTypeStr + " credentials: " + opCredentials); boolean setupDynamicRegionFactory = (opFlags & OpFlags.ENABLE_DRF) > 0; if (useThisVM) { - createCacheClient(authInit, clientProps, javaProps, new Integer[] { - port1, port2 }, null, Boolean.valueOf(setupDynamicRegionFactory), - new Integer(SecurityTestUtil.NO_EXCEPTION)); - } - else { - clientVM.invoke(ClientAuthorizationTestBase.class, - "createCacheClient", new Object[] { authInit, clientProps, - javaProps, new Integer[] { port1, port2 }, null, - Boolean.valueOf(setupDynamicRegionFactory), - new Integer(SecurityTestUtil.NO_EXCEPTION) }); + createCacheClient(authInit, clientProps, javaProps, new int[] { port1, port2 }, 0, setupDynamicRegionFactory, SecurityTestUtil.NO_EXCEPTION); + + } else { + clientVM.invoke(() -> createCacheClient(authInit, clientProps, javaProps, new int[] { port1, port2 }, 0, setupDynamicRegionFactory, SecurityTestUtil.NO_EXCEPTION)); } } + int expectedResult; if ((opFlags & OpFlags.CHECK_NOTAUTHZ) > 0) { expectedResult = SecurityTestUtil.NOTAUTHZ_EXCEPTION; - } - else if ((opFlags & OpFlags.CHECK_EXCEPTION) > 0) { + } else if ((opFlags & OpFlags.CHECK_EXCEPTION) > 0) { expectedResult = SecurityTestUtil.OTHER_EXCEPTION; - } - else { + } else { expectedResult = SecurityTestUtil.NO_EXCEPTION; } // Perform the operation from selected client if (useThisVM) { - doOp(new Byte(opCode.toOrdinal()), currentOp.getIndices(), new Integer( - opFlags), new Integer(expectedResult)); - } - else { + doOp(new Byte(opCode.toOrdinal()), currentOp.getIndices(), new Integer(opFlags), new Integer(expectedResult)); + } else { byte ordinal = opCode.toOrdinal(); int[] indices = currentOp.getIndices(); - clientVM.invoke(() -> DeltaClientPostAuthorizationDUnitTest.doOp( new Byte(ordinal), - indices, new Integer(opFlags), - new Integer(expectedResult) )); + clientVM.invoke(() -> DeltaClientPostAuthorizationDUnitTest.doOp(new Byte(ordinal), indices, new Integer(opFlags), new Integer(expectedResult) )); } } } - private Region createSubregion(Region region) { - - Region subregion = getSubregion(); - if (subregion == null) { - subregion = region.createSubregion(subregionName, region.getAttributes()); + private final void setUpDeltas() { + for (int i = 0; i < 8; i++) { + deltas[i] = new DeltaTestImpl(0, "0", new Double(0), new byte[0], + new PartitionedRegionLocalMaxMemoryDUnitTest.TestObject1("0", 0)); } - return subregion; - } + deltas[1].setIntVar(5); + deltas[2].setIntVar(5); + deltas[3].setIntVar(5); + deltas[4].setIntVar(5); + deltas[5].setIntVar(5); + deltas[6].setIntVar(5); + deltas[7].setIntVar(5); - public void doOp(Byte opCode, int[] indices, int flagsI, - int expectedResult) { - - OperationCode op = OperationCode.fromOrdinal(opCode.byteValue()); - boolean operationOmitted = false; - final int flags = flagsI; - Region region = getRegion(); -// for (int i = 0; i < indices.length; i++) { -// region.put(SecurityTestUtil.keys[i], -// DeltaClientAuthorizationDUnitTest.deltas[i]); -// } - if ((flags & OpFlags.USE_SUBREGION) > 0) { - assertNotNull(region); - Region subregion = null; - if ((flags & OpFlags.NO_CREATE_SUBREGION) > 0) { - if ((flags & OpFlags.CHECK_NOREGION) > 0) { - // Wait for some time for DRF update to come - SecurityTestUtil.waitForCondition(new Callable() { - public Object call() throws Exception { - return Boolean.valueOf(getSubregion() == null); - } - }); - subregion = getSubregion(); - assertNull(subregion); - return; - } - else { - // Wait for some time for DRF update to come - SecurityTestUtil.waitForCondition(new Callable() { - public Object call() throws Exception { - return Boolean.valueOf(getSubregion() != null); - } - }); - subregion = getSubregion(); - assertNotNull(subregion); - } - } - else { - subregion = createSubregion(region); - } - assertNotNull(subregion); - region = subregion; - } - else if ((flags & OpFlags.CHECK_NOREGION) > 0) { - // Wait for some time for region destroy update to come - SecurityTestUtil.waitForCondition(new Callable() { - public Object call() throws Exception { - return Boolean.valueOf(getRegion() == null); - } - }); - region = getRegion(); - assertNull(region); - return; - } - else { - assertNotNull(region); - } - final String[] keys = SecurityTestUtil.keys; - final DeltaTestImpl[] vals; - if ((flags & OpFlags.USE_NEWVAL) > 0) { - vals = deltas; - } - else { - vals = deltas; - } - InterestResultPolicy policy = InterestResultPolicy.KEYS_VALUES; - if ((flags & OpFlags.REGISTER_POLICY_NONE) > 0) { - policy = InterestResultPolicy.NONE; - } - final int numOps = indices.length; - LogWriterUtils.getLogWriter().info( - "Got doOp for op: " + op.toString() + ", numOps: " + numOps - + ", indices: " + indicesToString(indices) + ", expect: " + expectedResult); - boolean exceptionOccured = false; - boolean breakLoop = false; - if (op.isGet()) { - try { - Thread.sleep(PAUSE); - } - catch (InterruptedException e) { - fail("interrupted"); - } - } - for (int indexIndex = 0; indexIndex < numOps; ++indexIndex) { - if (breakLoop) { - break; - } - int index = indices[indexIndex]; - try { - final Object key = keys[index]; - final Object expectedVal = vals[index]; - if (op.isGet()) { - Object value = null; - // this is the case for testing GET_ALL - if ((flags & OpFlags.USE_ALL_KEYS) > 0) { - breakLoop = true; - List keyList = new ArrayList(numOps); - Object searchKey; - for (int keyNumIndex = 0; keyNumIndex < numOps; ++keyNumIndex) { - int keyNum = indices[keyNumIndex]; - searchKey = keys[keyNum]; - keyList.add(searchKey); - // local invalidate some keys to force fetch of those keys from - // server - if ((flags & OpFlags.CHECK_NOKEY) > 0) { - assertFalse(region.containsKey(searchKey)); - } - else { - if (keyNumIndex % 2 == 1) { - assertTrue(region.containsKey(searchKey)); - region.localInvalidate(searchKey); - } - } - } - Map entries = region.getAll(keyList); - for (int keyNumIndex = 0; keyNumIndex < numOps; ++keyNumIndex) { - int keyNum = indices[keyNumIndex]; - searchKey = keys[keyNum]; - if ((flags & OpFlags.CHECK_FAIL) > 0) { - assertFalse(entries.containsKey(searchKey)); - } - else { - assertTrue(entries.containsKey(searchKey)); - value = entries.get(searchKey); - assertEquals(vals[keyNum], value); - } - } - break; - } - if ((flags & OpFlags.LOCAL_OP) > 0) { - Callable cond = new Callable() { - private Region region; - - public Object call() throws Exception { - Object value = SecurityTestUtil.getLocalValue(region, key); - return Boolean - .valueOf((flags & OpFlags.CHECK_FAIL) > 0 ? !expectedVal - .equals(value) : expectedVal.equals(value)); - } - - public Callable init(Region region) { - this.region = region; - return this; - } - }.init(region); - SecurityTestUtil.waitForCondition(cond); - value = SecurityTestUtil.getLocalValue(region, key); - } - else { - if ((flags & OpFlags.CHECK_NOKEY) > 0) { - assertFalse(region.containsKey(key)); - } - else { - assertTrue(region.containsKey(key)); - region.localInvalidate(key); - } - value = region.get(key); - } - if ((flags & OpFlags.CHECK_FAIL) > 0) { - assertFalse(expectedVal.equals(value)); - } - else { - assertNotNull(value); - assertEquals(expectedVal, value); - } - } - else if (op.isPut()) { - region.put(key, expectedVal); - } - else if (op.isRegisterInterest()) { - if ((flags & OpFlags.USE_LIST) > 0) { - breakLoop = true; - // Register interest list in this case - List keyList = new ArrayList(numOps); - for (int keyNumIndex = 0; keyNumIndex < numOps; ++keyNumIndex) { - int keyNum = indices[keyNumIndex]; - keyList.add(keys[keyNum]); - } - region.registerInterest(keyList, policy); - } - else if ((flags & OpFlags.USE_REGEX) > 0) { - breakLoop = true; - region.registerInterestRegex("key[1-" + numOps + ']', policy); - } - else if ((flags & OpFlags.USE_ALL_KEYS) > 0) { - breakLoop = true; - region.registerInterest("ALL_KEYS", policy); - } - else { - region.registerInterest(key, policy); - } - } - else { - fail("doOp: Unhandled operation " + op); - } - if (expectedResult != SecurityTestUtil.NO_EXCEPTION) { - if (!operationOmitted && !op.isUnregisterInterest()) { - fail("Expected an exception while performing operation op =" + op + - "flags = " + OpFlags.description(flags)); - } - } - } - catch (Exception ex) { - exceptionOccured = true; - if ((ex instanceof ServerConnectivityException - || ex instanceof QueryInvocationTargetException || ex instanceof CqException) - && (expectedResult == SecurityTestUtil.NOTAUTHZ_EXCEPTION) - && (ex.getCause() instanceof NotAuthorizedException)) { - LogWriterUtils.getLogWriter().info( - "doOp: Got expected NotAuthorizedException when doing operation [" - + op + "] with flags " + OpFlags.description(flags) - + ": " + ex.getCause()); - continue; - } - else if (expectedResult == SecurityTestUtil.OTHER_EXCEPTION) { - LogWriterUtils.getLogWriter().info( - "doOp: Got expected exception when doing operation: " - + ex.toString()); - continue; - } - else { - Assert.fail("doOp: Got unexpected exception when doing operation. Policy = " - + policy + " flags = " + OpFlags.description(flags), ex); - } - } - } - if (!exceptionOccured && !operationOmitted - && expectedResult != SecurityTestUtil.NO_EXCEPTION) { - fail("Expected an exception while performing operation: " + op + - " flags = " + OpFlags.description(flags)); - } - } + deltas[2].resetDeltaStatus(); + deltas[2].setByteArr(new byte[] { 1, 2, 3, 4, 5 }); + deltas[3].setByteArr(new byte[] { 1, 2, 3, 4, 5 }); + deltas[4].setByteArr(new byte[] { 1, 2, 3, 4, 5 }); + deltas[5].setByteArr(new byte[] { 1, 2, 3, 4, 5 }); + //deltas[6].setByteArr(new byte[] { 1, 2, 3, 4, 5 }); + //deltas[7].setByteArr(new byte[] { 1, 2, 3, 4, 5 }); + + deltas[3].resetDeltaStatus(); + deltas[3].setDoubleVar(new Double(5)); + deltas[4].setDoubleVar(new Double(5)); + deltas[5].setDoubleVar(new Double(5)); + deltas[6].setDoubleVar(new Double(5)); + deltas[7].setDoubleVar(new Double(5)); + + deltas[4].resetDeltaStatus(); + deltas[4].setStr("str changed"); + deltas[5].setStr("str changed"); + deltas[6].setStr("str changed"); + //deltas[7].setStr("str changed"); + deltas[5].resetDeltaStatus(); + deltas[5].setIntVar(100); + deltas[5].setTestObj(new PartitionedRegionLocalMaxMemoryDUnitTest.TestObject1("CHANGED", 100)); + deltas[6].setTestObj(new PartitionedRegionLocalMaxMemoryDUnitTest.TestObject1("CHANGED", 100)); + deltas[7].setTestObj(new PartitionedRegionLocalMaxMemoryDUnitTest.TestObject1("CHANGED", 100)); + + deltas[6].resetDeltaStatus(); + deltas[6].setByteArr(new byte[] { 1, 2, 3 }); + deltas[7].setByteArr(new byte[] { 1, 2, 3 }); + + deltas[7].resetDeltaStatus(); + deltas[7].setStr("delta string"); + } + + private OperationWithAction[] allOps() { + return new OperationWithAction[] { + // Test CREATE and verify with a GET + new OperationWithAction(OperationCode.REGISTER_INTEREST, OperationCode.GET, 2, OpFlags.USE_REGEX | OpFlags.REGISTER_POLICY_NONE, 8), + new OperationWithAction(OperationCode.REGISTER_INTEREST, OperationCode.GET, 3, OpFlags.USE_REGEX | OpFlags.REGISTER_POLICY_NONE | OpFlags.USE_NOTAUTHZ, 8), + new OperationWithAction(OperationCode.PUT), + new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP, 4), + new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP | OpFlags.CHECK_FAIL, 4), + + // OPBLOCK_END indicates end of an operation block that needs to be executed on each server when doing failover + OperationWithAction.OPBLOCK_END, + + // Test UPDATE and verify with a GET + new OperationWithAction(OperationCode.REGISTER_INTEREST, OperationCode.GET, 2, OpFlags.USE_REGEX | OpFlags.REGISTER_POLICY_NONE, 8), + new OperationWithAction(OperationCode.REGISTER_INTEREST, OperationCode.GET, 3, OpFlags.USE_REGEX | OpFlags.REGISTER_POLICY_NONE | OpFlags.USE_NOTAUTHZ, 8), + new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 4), + new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP | OpFlags.USE_NEWVAL, 4), + new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP | OpFlags.USE_NEWVAL | OpFlags.CHECK_FAIL, 4), + + OperationWithAction.OPBLOCK_END + }; + } } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4f6a5311/geode-core/src/test/java/com/gemstone/gemfire/security/P2PAuthenticationDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/P2PAuthenticationDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/P2PAuthenticationDUnitTest.java index b31f15c..ba6b26f 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/P2PAuthenticationDUnitTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/security/P2PAuthenticationDUnitTest.java @@ -18,70 +18,65 @@ */ package com.gemstone.gemfire.security; -import java.io.File; -import java.util.Properties; +import static com.gemstone.gemfire.distributed.internal.DistributionConfig.*; +import static com.gemstone.gemfire.internal.AvailablePort.*; +import static com.gemstone.gemfire.security.SecurityTestUtil.*; +import static com.gemstone.gemfire.test.dunit.Assert.*; +import static com.gemstone.gemfire.test.dunit.IgnoredException.*; +import static com.gemstone.gemfire.test.dunit.NetworkUtils.*; +import static com.gemstone.gemfire.test.dunit.Wait.*; +import java.util.Properties; import javax.net.ssl.SSLHandshakeException; -import com.gemstone.gemfire.LogWriter; import com.gemstone.gemfire.distributed.DistributedSystem; import com.gemstone.gemfire.distributed.Locator; -import com.gemstone.gemfire.distributed.internal.DistributionConfig; import com.gemstone.gemfire.distributed.internal.InternalDistributedSystem; import com.gemstone.gemfire.distributed.internal.membership.MembershipManager; import com.gemstone.gemfire.distributed.internal.membership.gms.MembershipManagerHelper; -import com.gemstone.gemfire.internal.AvailablePort; import com.gemstone.gemfire.security.generator.CredentialGenerator; import com.gemstone.gemfire.security.generator.DummyCredentialGenerator; import com.gemstone.gemfire.security.generator.LdapUserCredentialGenerator; import com.gemstone.gemfire.security.generator.UserPasswordWithExtraPropsAuthInit; import com.gemstone.gemfire.security.templates.LdapUserAuthenticator; import com.gemstone.gemfire.security.templates.UserPasswordAuthInit; -import com.gemstone.gemfire.test.dunit.DistributedTestCase; import com.gemstone.gemfire.test.dunit.Host; -import com.gemstone.gemfire.test.dunit.IgnoredException; -import com.gemstone.gemfire.test.dunit.LogWriterUtils; -import com.gemstone.gemfire.test.dunit.NetworkUtils; import com.gemstone.gemfire.test.dunit.VM; -import com.gemstone.gemfire.test.dunit.Wait; +import com.gemstone.gemfire.test.dunit.internal.JUnit4DistributedTestCase; +import com.gemstone.gemfire.test.junit.categories.DistributedTest; +import org.junit.Ignore; +import org.junit.Test; +import org.junit.experimental.categories.Category; /** * Tests peer to peer authentication in Gemfire * - * @author Yogesh Mahajan * @since 5.5 */ -public class P2PAuthenticationDUnitTest extends DistributedTestCase { +@Category(DistributedTest.class) +public class P2PAuthenticationDUnitTest extends JUnit4DistributedTestCase { private static VM locatorVM = null; - public static final String USER_NAME = "security-username"; - - public static final String PASSWORD = "security-password"; + private static final String USER_NAME = "security-username"; + private static final String PASSWORD = "security-password"; - private static final String[] expectedExceptions = { + private static final String[] ignoredExceptions = { AuthenticationRequiredException.class.getName(), AuthenticationFailedException.class.getName(), GemFireSecurityException.class.getName(), SSLHandshakeException.class.getName(), ClassNotFoundException.class.getName(), "Authentication failed for", - "Failed to obtain credentials"}; - - public P2PAuthenticationDUnitTest(String name) { - super(name); - } + "Failed to obtain credentials" + }; @Override public final void postSetUp() throws Exception { - final Host host = Host.getHost(0); - locatorVM = host.getVM(0); - } - - private void setProperty(Properties props, String key, String value) { - - if (key != null && value != null) { - props.setProperty(key, value); + disconnectAllFromDS(); + locatorVM = Host.getHost(0).getVM(0); + for (String exceptionString : ignoredExceptions) { + addIgnoredException(exceptionString); } } @@ -89,271 +84,231 @@ public class P2PAuthenticationDUnitTest extends DistributedTestCase { * Check that mcast-port setting for discovery or with locator are * incompatible with security */ + @Test public void testIllegalPropertyCombos() throws Exception { + int port = getRandomAvailablePort(SOCKET); - int port = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET); - File logFile = new File(getUniqueName() + "-locator" + port + ".log"); Properties props = new Properties(); - props.setProperty(DistributionConfig.MCAST_PORT_NAME, "26753"); - props.setProperty(DistributionConfig.LOCATORS_NAME, - NetworkUtils.getIPLiteral() + "[" + port + "]"); - props.setProperty(DistributionConfig.SECURITY_PEER_AUTH_INIT_NAME, UserPasswordAuthInit.class.getName() + ".create"); - props.setProperty(DistributionConfig.ENABLE_CLUSTER_CONFIGURATION_NAME, "false"); + props.setProperty(MCAST_PORT_NAME, "26753"); + props.setProperty(LOCATORS_NAME, getIPLiteral() + "[" + port + "]"); + props.setProperty(SECURITY_PEER_AUTH_INIT_NAME, UserPasswordAuthInit.class.getName() + ".create"); + props.setProperty(ENABLE_CLUSTER_CONFIGURATION_NAME, "false"); try { - Locator.startLocatorAndDS(port, logFile, null, props); + Locator.startLocatorAndDS(port, null, null, props); fail("Expected an IllegalArgumentException while starting locator"); - } - catch (IllegalArgumentException ex) { + + } catch (IllegalArgumentException ex) { // success } // Also try setting the authenticator props = new Properties(); - props.setProperty(DistributionConfig.MCAST_PORT_NAME, "26753"); - props.setProperty(DistributionConfig.LOCATORS_NAME, - NetworkUtils.getIPLiteral() +"[" + port + "]"); - props.setProperty(DistributionConfig.SECURITY_PEER_AUTHENTICATOR_NAME, LdapUserAuthenticator.class.getName() + ".create"); - props.setProperty(DistributionConfig.ENABLE_CLUSTER_CONFIGURATION_NAME, "false"); + props.setProperty(MCAST_PORT_NAME, "26753"); + props.setProperty(LOCATORS_NAME, getIPLiteral() +"[" + port + "]"); + props.setProperty(SECURITY_PEER_AUTHENTICATOR_NAME, LdapUserAuthenticator.class.getName() + ".create"); + props.setProperty(ENABLE_CLUSTER_CONFIGURATION_NAME, "false"); + try { - Locator.startLocatorAndDS(port, logFile, null, props); + Locator.startLocatorAndDS(port, null, null, props); fail("Expected an IllegalArgumentException while starting locator"); - } - catch (IllegalArgumentException ex) { + + } catch (IllegalArgumentException expected) { // success } props = new Properties(); - props.setProperty(DistributionConfig.MCAST_PORT_NAME, "26753"); - props.setProperty(DistributionConfig.SECURITY_PEER_AUTH_INIT_NAME, UserPasswordAuthInit.class.getName() + ".create"); + props.setProperty(MCAST_PORT_NAME, "26753"); + props.setProperty(SECURITY_PEER_AUTH_INIT_NAME, UserPasswordAuthInit.class.getName() + ".create"); + try { getSystem(props); fail("Expected an IllegalArgumentException while connection to DS"); - } - catch (IllegalArgumentException ex) { + + } catch (IllegalArgumentException expected) { // success } // Also try setting the authenticator props = new Properties(); - props.setProperty(DistributionConfig.MCAST_PORT_NAME, "26753"); - props.setProperty(DistributionConfig.SECURITY_PEER_AUTHENTICATOR_NAME, LdapUserAuthenticator.class.getName() + ".create"); + props.setProperty(MCAST_PORT_NAME, "26753"); + props.setProperty(SECURITY_PEER_AUTHENTICATOR_NAME, LdapUserAuthenticator.class.getName() + ".create"); + try { getSystem(props); fail("Expected an IllegalArgumentException while connection to DS"); - } - catch (IllegalArgumentException ex) { + + } catch (IllegalArgumentException expected) { // success } } - // AuthInitialize is incorrect + /** + * AuthInitialize is incorrect + */ + @Test public void testP2PAuthenticationWithInvalidAuthInitialize() throws Exception { + int locatorPort = getRandomAvailablePort(SOCKET); - disconnectAllFromDS(); CredentialGenerator gen = new DummyCredentialGenerator(); - Properties props = gen.getSystemProperties(); - Properties javaProps = gen.getJavaProperties(); - String authenticator = gen.getAuthenticator(); - if (props == null) { - props = new Properties(); - } - String authInit = " Incorrect_AuthInitialize"; - int port = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET); - final String locators = NetworkUtils.getIPLiteral() + "[" + port + "]"; - props.setProperty(DistributionConfig.MCAST_PORT_NAME, "0"); - props.setProperty(DistributionConfig.LOCATORS_NAME, locators); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTH_INIT_NAME, - authInit); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTHENTICATOR_NAME, - authenticator); - startLocator(props, javaProps, port); + assertNotNull(gen.getAuthenticator()); + assertNull(gen.getJavaProperties()); + + Properties props = new Properties(); + props.setProperty(MCAST_PORT_NAME, "0"); + props.setProperty(LOCATORS_NAME, getIPLiteral() + "[" + locatorPort + "]"); + props.setProperty(SECURITY_PEER_AUTH_INIT_NAME, "Incorrect_AuthInitialize"); + props.setProperty(SECURITY_PEER_AUTHENTICATOR_NAME, gen.getAuthenticator()); + + startLocator(props, gen.getJavaProperties(), locatorPort); - LogWriter dsLogger = LogWriterUtils.createLogWriter(props); - SecurityTestUtil.addExpectedExceptions(expectedExceptions, dsLogger); try { new SecurityTestUtil("tmp").createSystem(props, null); fail("AuthenticationFailedException was expected as the AuthInitialize object passed is incorrect"); + } catch (AuthenticationFailedException expected) { // success + } finally { - SecurityTestUtil.removeExpectedExceptions(expectedExceptions, dsLogger); - locatorVM.invoke(() -> SecurityTestUtil.stopLocator( - new Integer(port), expectedExceptions)); + locatorVM.invoke(() -> stopLocator(locatorPort, ignoredExceptions)); } - - } - - protected void startLocator(Properties props, Properties javaProps, - int port) { - locatorVM.invoke(() -> SecurityTestUtil.startLocator( - getUniqueName(), new Integer(port), props, javaProps, - expectedExceptions)); } - // Authenticator is incorrect + /** + * Authenticator is incorrect + */ + @Test public void testP2PAuthenticationWithInvalidAuthenticator() throws Exception { - disconnectAllFromDS(); + int locatorPort = getRandomAvailablePort(SOCKET); + CredentialGenerator gen = new DummyCredentialGenerator(); - Properties props = gen.getSystemProperties(); - Properties javaProps = gen.getJavaProperties(); - String authenticator = "xyz"; - String authInit = gen.getAuthInit(); - if (props == null) { - props = new Properties(); - } - int port = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET); - final String locators = NetworkUtils.getIPLiteral() +"["+port+"]"; - props.setProperty(DistributionConfig.MCAST_PORT_NAME, "0"); - props.setProperty(DistributionConfig.LOCATORS_NAME, locators); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTH_INIT_NAME, - authInit); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTHENTICATOR_NAME, - authenticator); - startLocator(props, javaProps, port); + assertNotNull(gen.getAuthInit()); + assertNull(gen.getJavaProperties()); + + Properties props = new Properties(); + props.setProperty(MCAST_PORT_NAME, "0"); + props.setProperty(LOCATORS_NAME, getIPLiteral() +"["+locatorPort+"]"); + props.setProperty(SECURITY_PEER_AUTH_INIT_NAME, gen.getAuthInit()); + props.setProperty(SECURITY_PEER_AUTHENTICATOR_NAME, "xyz"); + + startLocator(props, null, locatorPort); - LogWriter dsLogger = LogWriterUtils.createLogWriter(props); - SecurityTestUtil.addExpectedExceptions(expectedExceptions, dsLogger); try { - new SecurityTestUtil("tmp").createSystem(props, javaProps); + new SecurityTestUtil("tmp").createSystem(props, null); fail("AuthenticationFailedException was expected as the Authenticator object passed is incorrect"); - } - catch (AuthenticationFailedException expected) { + + } catch (AuthenticationFailedException expected) { // success - } - finally { - SecurityTestUtil.removeExpectedExceptions(expectedExceptions, dsLogger); - locatorVM.invoke(() -> SecurityTestUtil.stopLocator( - new Integer(port), expectedExceptions )); + + } finally { + locatorVM.invoke(() -> SecurityTestUtil.stopLocator(locatorPort, ignoredExceptions)); } } + @Test public void testP2PAuthenticationWithNoCredentials() throws Exception { - - disconnectAllFromDS(); + int locatorPort = getRandomAvailablePort(SOCKET); CredentialGenerator gen = new DummyCredentialGenerator(); - Properties props = gen.getSystemProperties(); - Properties javaProps = gen.getJavaProperties(); - String authenticator = gen.getAuthenticator(); - String authInit = gen.getAuthInit(); - if (props == null) { - props = new Properties(); - } - int port = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET); - final String locators = NetworkUtils.getIPLiteral() +"["+port+"]"; - props.setProperty(DistributionConfig.MCAST_PORT_NAME, "0"); - props.setProperty(DistributionConfig.LOCATORS_NAME, locators); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTH_INIT_NAME, - authInit); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTHENTICATOR_NAME, - authenticator); - startLocator(props, javaProps, port); + assertNotNull(gen.getAuthenticator()); + assertNotNull(gen.getAuthInit()); + assertNull(gen.getJavaProperties()); + assertNull(gen.getSystemProperties()); + + Properties props = new Properties(); + props.setProperty(MCAST_PORT_NAME, "0"); + props.setProperty(LOCATORS_NAME, getIPLiteral() +"["+locatorPort+"]"); + props.setProperty(SECURITY_PEER_AUTH_INIT_NAME, gen.getAuthInit()); + props.setProperty(SECURITY_PEER_AUTHENTICATOR_NAME, gen.getAuthenticator()); + + startLocator(props, null, locatorPort); - LogWriter dsLogger = LogWriterUtils.createLogWriter(props); - SecurityTestUtil.addExpectedExceptions(expectedExceptions, dsLogger); try { new SecurityTestUtil("tmp").createSystem(props, null); fail("AuthenticationFailedException was expected as no credentials are set"); - } - catch (AuthenticationFailedException expected) { + + } catch (AuthenticationFailedException expected) { // success - } - finally { - SecurityTestUtil.removeExpectedExceptions(expectedExceptions, dsLogger); - locatorVM.invoke(() -> SecurityTestUtil.stopLocator( - new Integer(port), expectedExceptions )); + + } finally { + locatorVM.invoke(() -> SecurityTestUtil.stopLocator(locatorPort, ignoredExceptions)); } } + @Test public void testP2PAuthenticationWithValidCredentials() throws Exception { + int locatorPort = getRandomAvailablePort(SOCKET); - disconnectAllFromDS(); CredentialGenerator gen = new DummyCredentialGenerator(); - Properties props = gen.getSystemProperties(); - String authenticator = gen.getAuthenticator(); - String authInit = gen.getAuthInit(); - if (props == null) { - props = new Properties(); - } - int port = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET); - final String locators = NetworkUtils.getIPLiteral() +"["+port+"]"; - props.setProperty(DistributionConfig.MCAST_PORT_NAME, "0"); - props.setProperty(DistributionConfig.LOCATORS_NAME, locators); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTH_INIT_NAME, - authInit); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTHENTICATOR_NAME, - authenticator); - Properties credentials = gen.getValidCredentials(1); - Properties javaProps = gen.getJavaProperties(); - props.putAll(credentials); - startLocator(props, javaProps, port); + assertNotNull(gen.getAuthenticator()); + assertNotNull(gen.getAuthInit()); + assertNull(gen.getJavaProperties()); + assertNull(gen.getSystemProperties()); + assertNotNull(gen.getValidCredentials(1)); + + Properties props = new Properties(); + props.setProperty(MCAST_PORT_NAME, "0"); + props.setProperty(LOCATORS_NAME, getIPLiteral() +"["+locatorPort+"]"); + props.setProperty(SECURITY_PEER_AUTH_INIT_NAME, gen.getAuthInit()); + props.setProperty(SECURITY_PEER_AUTHENTICATOR_NAME, gen.getAuthenticator()); + props.putAll(gen.getValidCredentials(1)); + + startLocator(props, gen.getJavaProperties(), locatorPort); + try { - createDS(props, javaProps); - verifyMembers(new Integer(2)); + createDS(props, gen.getJavaProperties()); + verifyMembers(2); disconnectFromDS(); } finally { - locatorVM.invoke(() -> SecurityTestUtil.stopLocator( - new Integer(port), expectedExceptions )); + locatorVM.invoke(() -> SecurityTestUtil.stopLocator(locatorPort, ignoredExceptions)); } } - public void testP2PAuthenticationWithBothValidAndInValidCredentials() - throws Exception { + @Test + public void testP2PAuthenticationWithBothValidAndInValidCredentials() throws Exception { + addIgnoredException("Authentication failed"); - disconnectAllFromDS(); - IgnoredException.addIgnoredException("Authentication failed"); + int locatorPort = getRandomAvailablePort(SOCKET); CredentialGenerator gen = new DummyCredentialGenerator(); - Properties props = gen.getSystemProperties(); - String authenticator = gen.getAuthenticator(); - String authInit = gen.getAuthInit(); - if (props == null) { - props = new Properties(); - } - int port = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET); - final String locators = NetworkUtils.getIPLiteral() +"["+port+"]"; - props.setProperty(DistributionConfig.MCAST_PORT_NAME, "0"); - props.setProperty(DistributionConfig.LOCATORS_NAME, locators); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTH_INIT_NAME, - authInit); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTHENTICATOR_NAME, - authenticator); - // valid credentials for locator - Properties credentials = gen.getValidCredentials(1); - Properties javaProps = gen.getJavaProperties(); - props.putAll(credentials); - startLocator(props, javaProps, port); + assertNotNull(gen.getAuthenticator()); + assertNotNull(gen.getAuthInit()); + assertNotNull(gen.getInvalidCredentials(1)); + assertNull(gen.getJavaProperties()); + assertNull(gen.getSystemProperties()); + assertNotNull(gen.getValidCredentials(1)); + assertNotNull(gen.getValidCredentials(3)); + + Properties props = new Properties(); + props.setProperty(MCAST_PORT_NAME, "0"); + props.setProperty(LOCATORS_NAME, getIPLiteral() +"["+locatorPort+"]"); + props.setProperty(SECURITY_PEER_AUTH_INIT_NAME, gen.getAuthInit()); + props.setProperty(SECURITY_PEER_AUTHENTICATOR_NAME, gen.getAuthenticator()); + props.putAll(gen.getValidCredentials(1)); + + startLocator(props, null, locatorPort); + try { // invalid credentials for the peer - credentials = gen.getInvalidCredentials(1); - javaProps = gen.getJavaProperties(); - props.putAll(credentials); + props.putAll(gen.getInvalidCredentials(1)); - LogWriter dsLogger = LogWriterUtils.createLogWriter(props); - SecurityTestUtil.addExpectedExceptions(expectedExceptions, dsLogger); try { - new SecurityTestUtil("tmp").createSystem(props, javaProps); + new SecurityTestUtil("tmp").createSystem(props, null); fail("AuthenticationFailedException was expected as wrong credentials were passed"); - } - catch (AuthenticationFailedException expected) { + + } catch (AuthenticationFailedException expected) { // success } - finally { - SecurityTestUtil.removeExpectedExceptions(expectedExceptions, dsLogger); - } - credentials = gen.getValidCredentials(3); - javaProps = gen.getJavaProperties(); - props.putAll(credentials); - createDS(props, javaProps); - verifyMembers(new Integer(2)); + props.putAll(gen.getValidCredentials(3)); + + createDS(props, null); + verifyMembers(2); disconnectFromDS(); } finally { - locatorVM.invoke(() -> SecurityTestUtil.stopLocator( - new Integer(port), expectedExceptions )); + locatorVM.invoke(() -> SecurityTestUtil.stopLocator(locatorPort, ignoredExceptions)); } } @@ -366,9 +321,11 @@ public class P2PAuthenticationDUnitTest extends DistributedTestCase { * reported by the first peer should be only two while others will report as * three. */ - public void disabled_testP2PViewChangeReject() throws Exception { + @Ignore("disabled for some reason?") + @Test + public void testP2PViewChangeReject() throws Exception { + int locatorPort = getRandomAvailablePort(SOCKET); - disconnectAllFromDS(); final Host host = Host.getHost(0); final VM peer2 = host.getVM(1); final VM peer3 = host.getVM(2); @@ -378,6 +335,7 @@ public class P2PAuthenticationDUnitTest extends DistributedTestCase { Properties extraProps = gen.getSystemProperties(); String authenticator = gen.getAuthenticator(); String authInit = gen.getAuthInit(); + if (extraProps == null) { extraProps = new Properties(); } @@ -386,93 +344,92 @@ public class P2PAuthenticationDUnitTest extends DistributedTestCase { gen2.init(); Properties extraProps2 = gen2.getSystemProperties(); String authenticator2 = gen2.getAuthenticator(); + if (extraProps2 == null) { extraProps2 = new Properties(); } // Start the locator with the LDAP authenticator Properties props = new Properties(); - int port = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET); - final String locators = NetworkUtils.getIPLiteral() +"["+port+"]"; - setProperty(props, DistributionConfig.SECURITY_PEER_AUTH_INIT_NAME, - authInit); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTHENTICATOR_NAME, - authenticator); + int port = getRandomAvailablePort(SOCKET); + final String locators = getIPLiteral() +"["+port+"]"; + + props.setProperty(SECURITY_PEER_AUTH_INIT_NAME, authInit); + props.setProperty(SECURITY_PEER_AUTHENTICATOR_NAME, authenticator); Properties credentials = gen.getValidCredentials(1); Properties javaProps = gen.getJavaProperties(); props.putAll(credentials); props.putAll(extraProps); + startLocator(props, javaProps, port); + try { - // Start the first peer with different authenticator - props = new Properties(); - props.setProperty(DistributionConfig.MCAST_PORT_NAME, "0"); - props.setProperty(DistributionConfig.LOCATORS_NAME, locators); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTH_INIT_NAME, - authInit); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTHENTICATOR_NAME, - authenticator2); - credentials = gen.getValidCredentials(3); - Properties javaProps2 = gen2.getJavaProperties(); - props.putAll(credentials); - props.putAll(extraProps2); - createDS(props, javaProps2); + // Start the first peer with different authenticator + props = new Properties(); + props.setProperty(MCAST_PORT_NAME, "0"); + props.setProperty(LOCATORS_NAME, locators); + props.setProperty(SECURITY_PEER_AUTH_INIT_NAME, authInit); + props.setProperty(SECURITY_PEER_AUTHENTICATOR_NAME, authenticator2); - // Start the second peer with the same authenticator as locator - props = new Properties(); - props.setProperty(DistributionConfig.MCAST_PORT_NAME, "0"); - props.setProperty(DistributionConfig.LOCATORS_NAME, locators); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTH_INIT_NAME, - authInit); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTHENTICATOR_NAME, - authenticator); - credentials = gen.getValidCredentials(7); - javaProps = gen.getJavaProperties(); - props.putAll(credentials); - props.putAll(extraProps); - createDS(peer2, props, javaProps); - - createDS(peer3, props, javaProps); - - // wait for view propagation - Wait.pause(2000); - // Verify the number of members on all peers and locator - locatorVM.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers( new Integer(4) )); - verifyMembers(new Integer(2)); - peer2.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers( new Integer(4) )); - peer3.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers( new Integer(4) )); - - // Disconnect the first peer and check again - disconnectFromDS(); - Wait.pause(2000); - locatorVM.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers( new Integer(3) )); - peer2.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers( new Integer(3) )); - peer3.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers( new Integer(3) )); - - // Disconnect the second peer and check again - peer2.invoke(() -> DistributedTestCase.disconnectFromDS()); - Wait.pause(2000); - locatorVM.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers( new Integer(2) )); - peer3.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers( new Integer(2) )); - - // Same for last peer - peer3.invoke(() -> DistributedTestCase.disconnectFromDS()); - Wait.pause(2000); - locatorVM.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers( new Integer(1) )); + credentials = gen.getValidCredentials(3); + Properties javaProps2 = gen2.getJavaProperties(); + props.putAll(credentials); + props.putAll(extraProps2); + + createDS(props, javaProps2); + + // Start the second peer with the same authenticator as locator + props = new Properties(); + props.setProperty(MCAST_PORT_NAME, "0"); + props.setProperty(LOCATORS_NAME, locators); + props.setProperty(SECURITY_PEER_AUTH_INIT_NAME, authInit); + props.setProperty(SECURITY_PEER_AUTHENTICATOR_NAME, authenticator); + + credentials = gen.getValidCredentials(7); + javaProps = gen.getJavaProperties(); + props.putAll(credentials); + props.putAll(extraProps); + + createDS(peer2, props, javaProps); + + createDS(peer3, props, javaProps); + + // wait for view propagation + pause(2000); + + // Verify the number of members on all peers and locator + locatorVM.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers(4)); + verifyMembers(2); + peer2.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers(4)); + peer3.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers(4)); + + // Disconnect the first peer and check again + disconnectFromDS(); + pause(2000); + + locatorVM.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers(3)); + peer2.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers(3)); + peer3.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers(3)); + + // Disconnect the second peer and check again + peer2.invoke(() -> disconnectFromDS()); + pause(2000); + + locatorVM.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers(2)); + peer3.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers(2)); + + // Same for last peer + peer3.invoke(() -> disconnectFromDS()); + pause(2000); + + locatorVM.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers(1)); } finally { - locatorVM.invoke(() -> SecurityTestUtil.stopLocator( - new Integer(port), expectedExceptions )); + locatorVM.invoke(() -> SecurityTestUtil.stopLocator(port, ignoredExceptions)); } } - protected void createDS(final VM peer2, Properties props, - Properties javaProps) { - peer2.invoke(() -> P2PAuthenticationDUnitTest.createDS( - props, javaProps )); - } - /** * The strategy is to test credential size greater than UDP datagram size. * @@ -480,119 +437,103 @@ public class P2PAuthenticationDUnitTest extends DistributedTestCase { * from the first peer. Number of members in the DS * should be four */ + @Test public void testP2PLargeCredentialSucceeds() throws Exception { + int locatorPort = getRandomAvailablePort(SOCKET); - disconnectAllFromDS(); final Host host = Host.getHost(0); final VM peer2 = host.getVM(1); final VM peer3 = host.getVM(2); CredentialGenerator gen = new DummyCredentialGenerator(); gen.init(); - Properties extraProps = gen.getSystemProperties(); - String authenticator = gen.getAuthenticator(); + + assertNotNull(gen.getAuthenticator()); + assertNull(gen.getJavaProperties()); + assertNull(gen.getSystemProperties()); + assertNotNull(gen.getValidCredentials(1)); + String authInit = UserPasswordWithExtraPropsAuthInit.class.getName() + ".create"; - if (extraProps == null) { - extraProps = new Properties(); - } + Properties credentials = gen.getValidCredentials(1); - // Start the locator with the Dummy authenticator Properties props = new Properties(); - int port = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET); - final String locators = NetworkUtils.getIPLiteral() +"["+port+"]"; - setProperty(props, DistributionConfig.SECURITY_PEER_AUTH_INIT_NAME, - authInit); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTHENTICATOR_NAME, - authenticator); - Properties credentials = gen.getValidCredentials(1); - Properties javaProps = gen.getJavaProperties(); + props.setProperty(SECURITY_PEER_AUTH_INIT_NAME, authInit); + props.setProperty(SECURITY_PEER_AUTHENTICATOR_NAME, gen.getAuthenticator()); props.putAll(credentials); - props.putAll(extraProps); - startLocator(props, javaProps, port); + + startLocator(props, null, locatorPort); + try { + // Start the first peer with huge credentials + props = new Properties(); + props.setProperty(MCAST_PORT_NAME, "0"); + props.setProperty(LOCATORS_NAME, getIPLiteral() +"["+locatorPort+"]"); + props.setProperty(SECURITY_PEER_AUTH_INIT_NAME, authInit); + props.setProperty(SECURITY_PEER_AUTHENTICATOR_NAME, gen.getAuthenticator()); + + String hugeStr = "20KString"; + for (int i = 0; i <= 20000; i++) { + hugeStr += "A"; + } - // Start the first peer with huge credentials - props = new Properties(); - props.setProperty(DistributionConfig.MCAST_PORT_NAME, "0"); - props.setProperty(DistributionConfig.LOCATORS_NAME, locators); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTH_INIT_NAME, - authInit); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTHENTICATOR_NAME, - authenticator); - credentials = gen.getValidCredentials(3); - javaProps = gen.getJavaProperties(); - String hugeStr = "20KString"; - for (int i = 0; i <= 20000; i++) { - hugeStr += "A"; - } - credentials.setProperty("security-keep-extra-props", "-"); - credentials.setProperty("security-hugeentryone", hugeStr); - credentials.setProperty("security-hugeentrytwo", hugeStr); - credentials.setProperty("security-hugeentrythree", hugeStr); + credentials = gen.getValidCredentials(3); + credentials.setProperty("security-keep-extra-props", "-"); + credentials.setProperty("security-hugeentryone", hugeStr); + credentials.setProperty("security-hugeentrytwo", hugeStr); + credentials.setProperty("security-hugeentrythree", hugeStr); - props.putAll(credentials); - props.putAll(extraProps); + props.putAll(credentials); - LogWriter dsLogger = LogWriterUtils.createLogWriter(props); - SecurityTestUtil.addExpectedExceptions( - new String[] { IllegalArgumentException.class.getName() }, dsLogger); - try { - createDS(props, javaProps); -// fail("AuthenticationFailedException was expected as credentials were passed beyond 50k"); - } - finally { - SecurityTestUtil.removeExpectedExceptions( - new String[] { IllegalArgumentException.class.getName() }, dsLogger); - } + createDS(props, null); + // fail("AuthenticationFailedException was expected as credentials were passed beyond 50k"); --? - // Start the second peer with the same authenticator as locator - props = new Properties(); - props.setProperty(DistributionConfig.MCAST_PORT_NAME, "0"); - props.setProperty(DistributionConfig.LOCATORS_NAME, locators); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTH_INIT_NAME, - authInit); - setProperty(props, DistributionConfig.SECURITY_PEER_AUTHENTICATOR_NAME, - authenticator); - credentials = gen.getValidCredentials(7); - javaProps = gen.getJavaProperties(); - props.putAll(credentials); - props.putAll(extraProps); - createDS(peer2, props, javaProps); + // Start the second peer with the same authenticator as locator + props = new Properties(); + props.setProperty(MCAST_PORT_NAME, "0"); + props.setProperty(LOCATORS_NAME, getIPLiteral() +"["+locatorPort+"]"); + props.setProperty(SECURITY_PEER_AUTH_INIT_NAME, authInit); + props.setProperty(SECURITY_PEER_AUTHENTICATOR_NAME, gen.getAuthenticator()); - createDS(peer3, props, javaProps); + credentials = gen.getValidCredentials(7); + props.putAll(credentials); + + createDS(peer2, props, null); + createDS(peer3, props, null); - // wait for view propagation - Wait.pause(2000); - // Verify the number of members on all peers and locator - locatorVM.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers( new Integer(4) )); - peer2.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers( new Integer(4) )); - peer3.invoke(() -> P2PAuthenticationDUnitTest.verifyMembers( new Integer(4) )); + // wait for view propagation + pause(2000); + // Verify the number of members on all peers and locator + locatorVM.invoke(() -> verifyMembers(4)); + peer2.invoke(() -> verifyMembers(4)); + peer3.invoke(() -> verifyMembers(4)); - // Disconnect the peers - disconnectFromDS(); - peer2.invoke(() -> DistributedTestCase.disconnectFromDS()); - peer3.invoke(() -> DistributedTestCase.disconnectFromDS()); + // Disconnect the peers + disconnectFromDS(); + peer2.invoke(() -> disconnectFromDS()); + peer3.invoke(() -> disconnectFromDS()); } finally { - // Stopping the locator - locatorVM.invoke(() -> SecurityTestUtil.stopLocator( - new Integer(port), expectedExceptions )); + locatorVM.invoke(() -> SecurityTestUtil.stopLocator(locatorPort, ignoredExceptions)); } } - public static void createDS(Properties props, Object javaProps) { + private void createDS(VM peer2, Properties props, Properties javaProps) { + peer2.invoke(() -> createDS(props, javaProps)); + } - SecurityTestUtil tmpUtil = new SecurityTestUtil("tmp"); - tmpUtil.createSystem(props, (Properties)javaProps); + private void startLocator(Properties props, Properties javaProps, int port) { + locatorVM.invoke(() -> SecurityTestUtil.startLocator(getUniqueName(), port, props, javaProps, ignoredExceptions)); } - public static void verifyMembers(Integer numExpectedMembers) { + private static void createDS(Properties props, Properties javaProps) { + SecurityTestUtil tmpUtil = new SecurityTestUtil("tmp"); + tmpUtil.createSystem(props, javaProps); + } + private static void verifyMembers(int numExpectedMembers) { DistributedSystem ds = InternalDistributedSystem.getAnyInstance(); - MembershipManager mgr = MembershipManagerHelper - .getMembershipManager(ds); - assertEquals(numExpectedMembers.intValue(), mgr.getView().size()); + MembershipManager mgr = MembershipManagerHelper.getMembershipManager(ds); + assertEquals(numExpectedMembers, mgr.getView().size()); } - }
