http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/5a321ffd/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientAuthzObjectModDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientAuthzObjectModDUnitTest.java b/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientAuthzObjectModDUnitTest.java index 8b47cdf..8ef10c1 100644 --- a/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientAuthzObjectModDUnitTest.java +++ b/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientAuthzObjectModDUnitTest.java @@ -60,64 +60,10 @@ import org.junit.experimental.categories.Category; public class ClientAuthzObjectModDUnitTest extends ClientAuthorizationTestBase { private static final String preAccessor = FilterPreAuthorization.class.getName() + ".create"; - private static final String postAccessor = FilterPostAuthorization.class.getName() + ".create"; - private static class TestPostCredentialGenerator implements - TestCredentialGenerator { - - public TestPostCredentialGenerator() { - } - - public Properties getAllowedCredentials(OperationCode[] opCodes, - String[] regionNames, int[] keyIndices, int num) { - - int userIndex = 1; - byte role = DummyAuthzCredentialGenerator.getRequiredRole(opCodes); - if (role == DummyAuthzCredentialGenerator.READER_ROLE) { - userIndex = keyIndices[0] + 1; - } - Properties props = new Properties(); - props.setProperty(UserPasswordAuthInit.USER_NAME, "user" + userIndex); - props.setProperty(UserPasswordAuthInit.PASSWORD, "user" + userIndex); - return props; - } - - public Properties getDisallowedCredentials(OperationCode[] opCodes, - String[] regionNames, int[] keyIndices, int num) { - - int userIndex = 0; - for (int index = 0; index < keyIndices.length; ++index) { - if (keyIndices[index] != index) { - userIndex = index + 1; - break; - } - } - Properties props = new Properties(); - props.setProperty(UserPasswordAuthInit.USER_NAME, "gemfire" + userIndex); - props.setProperty(UserPasswordAuthInit.PASSWORD, "gemfire" + userIndex); - return props; - } - - public CredentialGenerator getCredentialGenerator() { - - return null; - } - } - @Override - public final void postSetUp() throws Exception { - final Host host = Host.getHost(0); - server1 = host.getVM(0); - server2 = host.getVM(1); - client1 = host.getVM(2); - client2 = host.getVM(3); - - server1.invoke(() -> SecurityTestUtil.registerExpectedExceptions( serverExpectedExceptions )); - server2.invoke(() -> SecurityTestUtil.registerExpectedExceptions( serverExpectedExceptions )); - client2.invoke(() -> SecurityTestUtil.registerExpectedExceptions( clientExpectedExceptions )); - SecurityTestUtil.registerExpectedExceptions(clientExpectedExceptions); - + protected final void postSetUpClientAuthorizationTestBase() throws Exception { //required by FilterPreAuthorization and FilterPostAuthorization. Normally, //this would be automatically registered in the static initializer, but with dunit //a previous test may have already loaded these classes. We clear the instantiators @@ -131,268 +77,207 @@ public class ClientAuthzObjectModDUnitTest extends ClientAuthorizationTestBase { server2.invoke(registerInstantiator); } - // Region: Utility and static functions invoked by the tests + @Test + public void testAllOpsObjectModWithFailover() { + OperationWithAction[] allOps = allOps(); - private static Properties buildProperties(String authenticator, - Properties extraProps, String preAccessor, String postAccessor) { + TestPostCredentialGenerator tgen = new TestPostCredentialGenerator(); - Properties authProps = new Properties(); - if (authenticator != null) { - authProps.setProperty( - DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME, authenticator); - } - if (preAccessor != null) { - authProps.setProperty(DistributionConfig.SECURITY_CLIENT_ACCESSOR_NAME, - preAccessor); - } - if (postAccessor != null) { - authProps.setProperty( - DistributionConfig.SECURITY_CLIENT_ACCESSOR_PP_NAME, postAccessor); - } - if (extraProps != null) { - authProps.putAll(extraProps); - } - return authProps; - } + CredentialGenerator credentialGenerator = new DummyCredentialGenerator(); + credentialGenerator.init(); + Properties extraProps = credentialGenerator.getSystemProperties(); + Properties javaProps = credentialGenerator.getJavaProperties(); + String authInit = credentialGenerator.getAuthInit(); + String authenticator = credentialGenerator.getAuthenticator(); - public static Integer createCacheServer(Integer mcastPort, - Properties authProps) { + LogWriterUtils.getLogWriter().info("testPutsGetsObjectModWithFailover: Using authinit: " + authInit); + LogWriterUtils.getLogWriter().info("testPutsGetsObjectModWithFailover: Using authenticator: " + authenticator); + LogWriterUtils.getLogWriter().info("testPutsGetsObjectModWithFailover: Using pre-operation accessor: " + preAccessor); + LogWriterUtils.getLogWriter().info("testPutsGetsObjectModWithFailover: Using post-operation accessor: " + postAccessor); - if (mcastPort == null) { - mcastPort = new Integer(AvailablePort - .getRandomAvailablePort(AvailablePort.SOCKET)); - } - return SecurityTestUtil.createCacheServer(authProps, null, mcastPort, null, - null, Boolean.FALSE, new Integer(SecurityTestUtil.NO_EXCEPTION)); - } + // Start servers with all required properties + Properties serverProps = buildProperties(authenticator, extraProps, preAccessor, postAccessor); + // Get ports for the servers + Integer port1 = new Integer(AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET)); + Integer port2 = new Integer(AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET)); + + // Perform all the ops on the clients + List opBlock = new ArrayList(); + Random rnd = new Random(); - public static void createCacheServer(Integer loctorPort, Integer serverPort, - Properties authProps) { + for (int opNum = 0; opNum < allOps.length; ++opNum) { + // Start client with valid credentials as specified in OperationWithAction + OperationWithAction currentOp = allOps[opNum]; + if (currentOp.equals(OperationWithAction.OPBLOCK_END) || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) { + // End of current operation block; execute all the operations on the servers with failover + if (opBlock.size() > 0) { + // Start the first server and execute the operation block + server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer(SecurityTestUtil.getLocatorPort(), port1, serverProps, javaProps )); + server2.invoke(() -> SecurityTestUtil.closeCache()); + executeOpBlock(opBlock, port1, port2, authInit, extraProps, null, tgen, rnd); + if (!currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) { + // Failover to the second server and run the block again + server2.invoke(() -> ClientAuthorizationTestBase.createCacheServer(SecurityTestUtil.getLocatorPort(), port2, serverProps, javaProps )); + server1.invoke(() -> SecurityTestUtil.closeCache()); + executeOpBlock(opBlock, port1, port2, authInit, extraProps, null, tgen, rnd); + } + opBlock.clear(); + } - if (loctorPort == null) { - loctorPort = new Integer(AvailablePort - .getRandomAvailablePort(AvailablePort.SOCKET)); + } else { + currentOp.setOpNum(opNum); + opBlock.add(currentOp); + } } - SecurityTestUtil.createCacheServer(authProps, null, loctorPort, null, - serverPort, Boolean.FALSE, new Integer(SecurityTestUtil.NO_EXCEPTION)); } - @Test - public void testAllOpsObjectModWithFailover() { - - OperationWithAction[] allOps = { + private OperationWithAction[] allOps() { + return new OperationWithAction[] { // Perform CREATE and verify with GET new OperationWithAction(OperationCode.PUT, 1, OpFlags.NONE, 8), - // For second client connect with valid credentials for key2, key4, - // key6, key8 and check that other keys are not accessible - new OperationWithAction(OperationCode.GET, 2, OpFlags.CHECK_NOKEY, - new int[] { 1, 3, 5, 7 }), - new OperationWithAction(OperationCode.GET, 2, OpFlags.CHECK_NOKEY - | OpFlags.USE_OLDCONN | OpFlags.CHECK_NOTAUTHZ, new int[] { 0, 2, - 4, 6 }), - // For third client check that key3, key6 are accessible but others are - // not - new OperationWithAction(OperationCode.GET, 3, OpFlags.CHECK_NOKEY, - new int[] { 2, 5 }), - new OperationWithAction(OperationCode.GET, 3, OpFlags.CHECK_NOKEY - | OpFlags.USE_OLDCONN | OpFlags.CHECK_NOTAUTHZ, new int[] { 0, 1, - 3, 4, 6, 7 }), - - // OPBLOCK_END indicates end of an operation block that needs to - // be executed on each server when doing failover + // For second client connect with valid credentials for key2, key4, key6, key8 and check that other KEYS are not accessible + new OperationWithAction(OperationCode.GET, 2, OpFlags.CHECK_NOKEY, new int[]{1, 3, 5, 7}), + new OperationWithAction(OperationCode.GET, 2, OpFlags.CHECK_NOKEY | OpFlags.USE_OLDCONN | OpFlags.CHECK_NOTAUTHZ, new int[]{0, 2, 4, 6}), + // For third client check that key3, key6 are accessible but others are not + new OperationWithAction(OperationCode.GET, 3, OpFlags.CHECK_NOKEY, new int[]{2, 5}), + new OperationWithAction(OperationCode.GET, 3, OpFlags.CHECK_NOKEY | OpFlags.USE_OLDCONN | OpFlags.CHECK_NOTAUTHZ, new int[]{0, 1, 3, 4, 6, 7}), + + // OPBLOCK_END indicates end of an operation block that needs to be executed on each server when doing failover OperationWithAction.OPBLOCK_END, // Perform UPDATE and verify with GET - new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN - | OpFlags.USE_NEWVAL, 8), - // For second client check that key2, key4, key6, key8 are accessible - // but others are not - new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN - | OpFlags.USE_NEWVAL, new int[] { 1, 3, 5, 7 }), - new OperationWithAction(OperationCode.GET, 2, - OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL | OpFlags.CHECK_NOKEY - | OpFlags.CHECK_NOTAUTHZ, new int[] { 0, 2, 4, 6 }), - // For third client check that key3, key6 are accessible but others are - // not - new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN - | OpFlags.USE_NEWVAL, new int[] { 2, 5 }), - new OperationWithAction(OperationCode.GET, 3, - OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL | OpFlags.CHECK_NOKEY - | OpFlags.CHECK_NOTAUTHZ, new int[] { 0, 1, 3, 4, 6, 7 }), + new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 8), + // For second client check that key2, key4, key6, key8 are accessible but others are not + new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, new int[]{1, 3, 5, 7}), + new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL | OpFlags.CHECK_NOKEY | OpFlags.CHECK_NOTAUTHZ, new int[]{0, 2, 4, 6}), + // For third client check that key3, key6 are accessible but others are not + new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, new int[]{2, 5}), + new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL | OpFlags.CHECK_NOKEY | OpFlags.CHECK_NOTAUTHZ, new int[]{0, 1, 3, 4, 6, 7}), OperationWithAction.OPBLOCK_END, // Perform UPDATE and verify with GET_ALL - new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN - | OpFlags.USE_NEWVAL, 8), - // For second client check that key2, key4, key6, key8 are accessible - // but others are not; getAll test in doOp uses a combination of local - // entries and remote fetches - new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN - | OpFlags.USE_NEWVAL | OpFlags.USE_ALL_KEYS, - new int[] { 1, 3, 5, 7 }), - new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN - | OpFlags.USE_NEWVAL | OpFlags.USE_ALL_KEYS | OpFlags.CHECK_NOKEY - | OpFlags.CHECK_FAIL, new int[] { 0, 2, 4, 6 }), - // For third client check that key3, key6 are accessible but others are - // not - new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN - | OpFlags.USE_NEWVAL | OpFlags.USE_ALL_KEYS, new int[] { 2, 5 }), - new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN - | OpFlags.USE_NEWVAL | OpFlags.USE_ALL_KEYS | OpFlags.CHECK_NOKEY - | OpFlags.CHECK_FAIL, new int[] { 0, 1, 3, 4, 6, 7 }), - - // locally destroy the keys to also test create after failover - new OperationWithAction(OperationCode.DESTROY, 1, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP, 8), + new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 8), + // For second client check that key2, key4, key6, key8 are accessible but others are not; getAll test in doOp uses a combination of local entries and remote fetches + new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL | OpFlags.USE_ALL_KEYS, new int[]{1, 3, 5, 7}), + new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL | OpFlags.USE_ALL_KEYS | OpFlags.CHECK_NOKEY | OpFlags.CHECK_FAIL, new int[]{0, 2, 4, 6}), + // For third client check that key3, key6 are accessible but others are not + new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL | OpFlags.USE_ALL_KEYS, new int[]{2, 5}), + new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL | OpFlags.USE_ALL_KEYS | OpFlags.CHECK_NOKEY | OpFlags.CHECK_FAIL, new int[]{0, 1, 3, 4, 6, 7}), + + // locally destroy the KEYS to also test create after failover + new OperationWithAction(OperationCode.DESTROY, 1, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP, 8), OperationWithAction.OPBLOCK_END, // Perform PUTALL and verify with GET - new OperationWithAction(OperationCode.PUTALL, 1, OpFlags.USE_OLDCONN - | OpFlags.USE_NEWVAL, 8), - // For second client check that key2, key4, key6, key8 are accessible - // but others are not - new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN - | OpFlags.USE_NEWVAL, new int[] { 1, 3, 5, 7 }), - new OperationWithAction(OperationCode.GET, 2, - OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL | OpFlags.CHECK_NOKEY - | OpFlags.CHECK_NOTAUTHZ, new int[] { 0, 2, 4, 6 }), - // For third client check that key3, key6 are accessible but others are - // not - new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN - | OpFlags.USE_NEWVAL, new int[] { 2, 5 }), - new OperationWithAction(OperationCode.GET, 3, - OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL | OpFlags.CHECK_NOKEY - | OpFlags.CHECK_NOTAUTHZ, new int[] { 0, 1, 3, 4, 6, 7 }), + new OperationWithAction(OperationCode.PUTALL, 1, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 8), + // For second client check that key2, key4, key6, key8 are accessible but others are not + new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, new int[]{1, 3, 5, 7}), + new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL | OpFlags.CHECK_NOKEY | OpFlags.CHECK_NOTAUTHZ, new int[]{0, 2, 4, 6}), + // For third client check that key3, key6 are accessible but others are not + new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, new int[]{2, 5}), + new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL | OpFlags.CHECK_NOKEY | OpFlags.CHECK_NOTAUTHZ, new int[]{0, 1, 3, 4, 6, 7}), OperationWithAction.OPBLOCK_END, - + // Test UPDATE and verify with a QUERY new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN, 8), - // For second client check that key2, key4, key6, key8 are accessible - // but others are not - new OperationWithAction(OperationCode.QUERY, 2, OpFlags.USE_OLDCONN, - new int[] { 1, 3, 5, 7 }), - new OperationWithAction(OperationCode.QUERY, 2, OpFlags.USE_OLDCONN - | OpFlags.CHECK_FAIL, new int[] { 0, 2, 4, 6 }), - // For third client check that key3, key6 are accessible but others are - // not - new OperationWithAction(OperationCode.QUERY, 3, OpFlags.USE_OLDCONN, - new int[] { 2, 5 }), - new OperationWithAction(OperationCode.QUERY, 3, OpFlags.USE_OLDCONN - | OpFlags.CHECK_FAIL, new int[] { 0, 1, 3, 4, 6, 7 }), + // For second client check that key2, key4, key6, key8 are accessible but others are not + new OperationWithAction(OperationCode.QUERY, 2, OpFlags.USE_OLDCONN, new int[]{1, 3, 5, 7}), + new OperationWithAction(OperationCode.QUERY, 2, OpFlags.USE_OLDCONN | OpFlags.CHECK_FAIL, new int[]{0, 2, 4, 6}), + // For third client check that key3, key6 are accessible but others are not + new OperationWithAction(OperationCode.QUERY, 3, OpFlags.USE_OLDCONN, new int[]{2, 5}), + new OperationWithAction(OperationCode.QUERY, 3, OpFlags.USE_OLDCONN | OpFlags.CHECK_FAIL, new int[]{0, 1, 3, 4, 6, 7}), OperationWithAction.OPBLOCK_END, // Test UPDATE and verify with a EXECUTE_CQ initial results - new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN - | OpFlags.USE_NEWVAL, 8), - // For second client check that key2, key4, key6, key8 are accessible - // but others are not - new OperationWithAction(OperationCode.EXECUTE_CQ, 2, - OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, new int[] { 1, 3, 5, 7 }), - new OperationWithAction(OperationCode.CLOSE_CQ, 2, OpFlags.USE_OLDCONN, - 1), - new OperationWithAction(OperationCode.EXECUTE_CQ, 2, - OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL | OpFlags.CHECK_FAIL, - new int[] { 0, 2, 4, 6 }), - new OperationWithAction(OperationCode.CLOSE_CQ, 2, OpFlags.USE_OLDCONN, - 1), - // For third client check that key3, key6 are accessible but others are - // not - new OperationWithAction(OperationCode.EXECUTE_CQ, 3, - OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, new int[] { 2, 5 }), - new OperationWithAction(OperationCode.CLOSE_CQ, 3, OpFlags.USE_OLDCONN, - 1), - new OperationWithAction(OperationCode.EXECUTE_CQ, 3, - OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL | OpFlags.CHECK_FAIL, - new int[] { 0, 1, 3, 4, 6, 7 }), - new OperationWithAction(OperationCode.CLOSE_CQ, 3, OpFlags.USE_OLDCONN, - 1), - - OperationWithAction.OPBLOCK_END }; - - TestPostCredentialGenerator tgen = new TestPostCredentialGenerator(); + new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 8), + // For second client check that key2, key4, key6, key8 are accessible but others are not + new OperationWithAction(OperationCode.EXECUTE_CQ, 2, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, new int[]{1, 3, 5, 7}), + new OperationWithAction(OperationCode.CLOSE_CQ, 2, OpFlags.USE_OLDCONN, 1), + new OperationWithAction(OperationCode.EXECUTE_CQ, 2, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL | OpFlags.CHECK_FAIL, new int[]{0, 2, 4, 6}), + new OperationWithAction(OperationCode.CLOSE_CQ, 2, OpFlags.USE_OLDCONN, 1), + // For third client check that key3, key6 are accessible but others are not + new OperationWithAction(OperationCode.EXECUTE_CQ, 3, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, new int[]{2, 5}), + new OperationWithAction(OperationCode.CLOSE_CQ, 3, OpFlags.USE_OLDCONN, 1), + new OperationWithAction(OperationCode.EXECUTE_CQ, 3, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL | OpFlags.CHECK_FAIL, new int[]{0, 1, 3, 4, 6, 7}), + new OperationWithAction(OperationCode.CLOSE_CQ, 3, OpFlags.USE_OLDCONN, 1), + + OperationWithAction.OPBLOCK_END}; + } - CredentialGenerator gen = new DummyCredentialGenerator(); - gen.init(); - Properties extraProps = gen.getSystemProperties(); - Properties javaProps = gen.getJavaProperties(); - String authInit = gen.getAuthInit(); - String authenticator = gen.getAuthenticator(); - - LogWriterUtils.getLogWriter().info( - "testPutsGetsObjectModWithFailover: Using authinit: " + authInit); - LogWriterUtils.getLogWriter().info( - "testPutsGetsObjectModWithFailover: Using authenticator: " - + authenticator); - LogWriterUtils.getLogWriter().info( - "testPutsGetsObjectModWithFailover: Using pre-operation accessor: " - + preAccessor); - LogWriterUtils.getLogWriter().info( - "testPutsGetsObjectModWithFailover: Using post-operation accessor: " - + postAccessor); - // Start servers with all required properties - Properties serverProps = buildProperties(authenticator, extraProps, - preAccessor, postAccessor); - // Get ports for the servers - Integer port1 = new Integer(AvailablePort - .getRandomAvailablePort(AvailablePort.SOCKET)); - Integer port2 = new Integer(AvailablePort - .getRandomAvailablePort(AvailablePort.SOCKET)); - - // Perform all the ops on the clients - List opBlock = new ArrayList(); - Random rnd = new Random(); - for (int opNum = 0; opNum < allOps.length; ++opNum) { - // Start client with valid credentials as specified in - // OperationWithAction - OperationWithAction currentOp = allOps[opNum]; - if (currentOp.equals(OperationWithAction.OPBLOCK_END) - || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) { - // End of current operation block; execute all the operations - // on the servers with failover - if (opBlock.size() > 0) { - // Start the first server and execute the operation block - server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer( - SecurityTestUtil.getLocatorPort(), port1, serverProps, - javaProps )); - server2.invoke(() -> SecurityTestUtil.closeCache()); - executeOpBlock(opBlock, port1, port2, authInit, extraProps, null, - tgen, rnd); - if (!currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) { - // Failover to the second server and run the block again - server2.invoke(() -> ClientAuthorizationTestBase.createCacheServer( - SecurityTestUtil.getLocatorPort(), port2, serverProps, - javaProps )); - server1.invoke(() -> SecurityTestUtil.closeCache()); - executeOpBlock(opBlock, port1, port2, authInit, extraProps, null, - tgen, rnd); - } - opBlock.clear(); - } - } - else { - currentOp.setOpNum(opNum); - opBlock.add(currentOp); - } + private Properties buildProperties(String authenticator, Properties extraProps, String preAccessor, String postAccessor) { + Properties authProps = new Properties(); + if (authenticator != null) { + authProps.setProperty(DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME, authenticator); } + if (preAccessor != null) { + authProps.setProperty(DistributionConfig.SECURITY_CLIENT_ACCESSOR_NAME, preAccessor); + } + if (postAccessor != null) { + authProps.setProperty(DistributionConfig.SECURITY_CLIENT_ACCESSOR_PP_NAME, postAccessor); + } + if (extraProps != null) { + authProps.putAll(extraProps); + } + return authProps; } private static class MyInstantiator extends Instantiator { - public MyInstantiator(Class clazz, int classId) { - super(clazz, classId); - } public MyInstantiator() { this(ObjectWithAuthz.class, ObjectWithAuthz.CLASSID); } + public MyInstantiator(Class clazz, int classId) { + super(clazz, classId); + } + + @Override public DataSerializable newInstance() { return new ObjectWithAuthz(); } } + private static class TestPostCredentialGenerator implements TestCredentialGenerator { + + public TestPostCredentialGenerator() { + } + + @Override + public Properties getAllowedCredentials(OperationCode[] opCodes, String[] regionNames, int[] keyIndices, int num) { + int userIndex = 1; + byte role = DummyAuthzCredentialGenerator.getRequiredRole(opCodes); + if (role == DummyAuthzCredentialGenerator.READER_ROLE) { + userIndex = keyIndices[0] + 1; + } + Properties props = new Properties(); + props.setProperty(UserPasswordAuthInit.USER_NAME, "user" + userIndex); + props.setProperty(UserPasswordAuthInit.PASSWORD, "user" + userIndex); + return props; + } + + @Override + public Properties getDisallowedCredentials(OperationCode[] opCodes, String[] regionNames, int[] keyIndices, int num) { + int userIndex = 0; + for (int index = 0; index < keyIndices.length; ++index) { + if (keyIndices[index] != index) { + userIndex = index + 1; + break; + } + } + Properties props = new Properties(); + props.setProperty(UserPasswordAuthInit.USER_NAME, "gemfire" + userIndex); + props.setProperty(UserPasswordAuthInit.PASSWORD, "gemfire" + userIndex); + return props; + } + + @Override + public CredentialGenerator getCredentialGenerator() { + return null; + } + } }
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/5a321ffd/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientCQPostAuthorizationDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientCQPostAuthorizationDUnitTest.java b/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientCQPostAuthorizationDUnitTest.java index fa032ed..6bca85f 100644 --- a/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientCQPostAuthorizationDUnitTest.java +++ b/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientCQPostAuthorizationDUnitTest.java @@ -29,9 +29,11 @@ import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode; import com.gemstone.gemfire.cache.query.CqAttributes; import com.gemstone.gemfire.cache.query.CqAttributesFactory; import com.gemstone.gemfire.cache.query.CqException; +import com.gemstone.gemfire.cache.query.CqExistsException; import com.gemstone.gemfire.cache.query.CqListener; import com.gemstone.gemfire.cache.query.CqQuery; import com.gemstone.gemfire.cache.query.QueryService; +import com.gemstone.gemfire.cache.query.RegionNotFoundException; import com.gemstone.gemfire.cache.query.SelectResults; import com.gemstone.gemfire.cache.query.cq.dunit.CqQueryTestListener; import com.gemstone.gemfire.cache.query.internal.cq.ClientCQImpl; @@ -57,37 +59,28 @@ import org.junit.experimental.categories.Category; * This is for multiuser-authentication */ @Category(DistributedTest.class) -public class ClientCQPostAuthorizationDUnitTest extends - ClientAuthorizationTestBase { +public class ClientCQPostAuthorizationDUnitTest extends ClientAuthorizationTestBase { private Map<String, String> cqNameToQueryStrings = new HashMap<String, String>(); @Override - public final void postSetUp() throws Exception { + protected final void preSetUpClientAuthorizationTestBase() throws Exception { getSystem(); Invoke.invokeInEveryVM(new SerializableRunnable("getSystem") { public void run() { getSystem(); } }); + } - final Host host = Host.getHost(0); - server1 = host.getVM(0); - server2 = host.getVM(1); - client1 = host.getVM(2); - client2 = host.getVM(3); - - server1.invoke(() -> SecurityTestUtil.registerExpectedExceptions( serverExpectedExceptions )); - server2.invoke(() -> SecurityTestUtil.registerExpectedExceptions( serverExpectedExceptions )); - client2.invoke(() -> SecurityTestUtil.registerExpectedExceptions( clientExpectedExceptions )); - SecurityTestUtil.registerExpectedExceptions(clientExpectedExceptions); - + @Override + protected final void postSetUpClientAuthorizationTestBase() throws Exception { this.cqNameToQueryStrings.put("CQ_0", "SELECT * FROM "); this.cqNameToQueryStrings.put("CQ_1", "SELECT * FROM "); } @Override - public final void preTearDown() throws Exception { + public final void preTearDownClientAuthorizationTestBase() throws Exception { client1.invoke(() -> SecurityTestUtil.closeCache()); client2.invoke(() -> SecurityTestUtil.closeCache()); server1.invoke(() -> SecurityTestUtil.closeCache()); @@ -104,8 +97,7 @@ public class ClientCQPostAuthorizationDUnitTest extends * Client2 does some operations on the region which satisfies both the CQs * Validate that listeners for both the CQs are invoked. */ - doStartUp(Integer.valueOf(2), Integer.valueOf(5), new Boolean[] {true, - true}); + doStartUp(Integer.valueOf(2), Integer.valueOf(5), new Boolean[] {true, true}); } @Test @@ -117,8 +109,7 @@ public class ClientCQPostAuthorizationDUnitTest extends * Client2 does some operations on the region which satisfies both the CQs * Validate that listeners for none of the CQs are invoked. */ - doStartUp(Integer.valueOf(2), Integer.valueOf(5), new Boolean[] {false, - false}); + doStartUp(Integer.valueOf(2), Integer.valueOf(5), new Boolean[] {false, false}); } @Test @@ -131,8 +122,7 @@ public class ClientCQPostAuthorizationDUnitTest extends * Client2 does some operations on the region which satisfies both the CQs * Validate that listener for User1's CQ is invoked but that for User2's CQ is not invoked. */ - doStartUp(Integer.valueOf(2), Integer.valueOf(5), new Boolean[] {true, - false}); + doStartUp(Integer.valueOf(2), Integer.valueOf(5), new Boolean[] {true, false}); } @Test @@ -147,145 +137,108 @@ public class ClientCQPostAuthorizationDUnitTest extends * Client2 does some operations on the region which satisfies both the CQs * Validate that listeners for both the CQs are get updates. */ - doStartUp(Integer.valueOf(2), Integer.valueOf(5), new Boolean[] {true, - true}, Boolean.TRUE); + doStartUp(Integer.valueOf(2), Integer.valueOf(5), new Boolean[] {true, true}, Boolean.TRUE); } - private void doStartUp(Integer numOfUsers, Integer numOfPuts, - Boolean[] postAuthzAllowed) throws Exception { + private void doStartUp(Integer numOfUsers, Integer numOfPuts, Boolean[] postAuthzAllowed) throws Exception { doStartUp(numOfUsers, numOfPuts, postAuthzAllowed, Boolean.FALSE /* failover */); } - private void doStartUp(Integer numOfUsers, Integer numOfPuts, - Boolean[] postAuthzAllowed, Boolean failover) throws Exception { - AuthzCredentialGenerator gen = this.getXmlAuthzGenerator(); - CredentialGenerator cGen = gen.getCredentialGenerator(); - Properties extraAuthProps = cGen.getSystemProperties(); - Properties javaProps = cGen.getJavaProperties(); - Properties extraAuthzProps = gen.getSystemProperties(); - String authenticator = cGen.getAuthenticator(); - String accessor = gen.getAuthorizationCallback(); - String authInit = cGen.getAuthInit(); - TestAuthzCredentialGenerator tgen = new TestAuthzCredentialGenerator(gen); - - Properties serverProps = buildProperties(authenticator, accessor, true, - extraAuthProps, extraAuthzProps); - - Properties opCredentials; - cGen = tgen.getCredentialGenerator(); - final Properties javaProps2; - if (cGen != null) { - javaProps2 = cGen.getJavaProperties(); + private void doStartUp(Integer numOfUsers, Integer numOfPuts, Boolean[] postAuthzAllowed, Boolean failover) throws Exception { + AuthzCredentialGenerator authzGenerator = getXmlAuthzGenerator(); + CredentialGenerator credentialGenerator = authzGenerator.getCredentialGenerator(); + Properties extraAuthProps = credentialGenerator.getSystemProperties(); + Properties javaProps = credentialGenerator.getJavaProperties(); + Properties extraAuthzProps = authzGenerator.getSystemProperties(); + String authenticator = credentialGenerator.getAuthenticator(); + String accessor = authzGenerator.getAuthorizationCallback(); + String authInit = credentialGenerator.getAuthInit(); + TestAuthzCredentialGenerator tgen = new TestAuthzCredentialGenerator(authzGenerator); + + Properties serverProps = buildProperties(authenticator, accessor, true, extraAuthProps, extraAuthzProps); + + Properties opCredentials; + credentialGenerator = tgen.getCredentialGenerator(); + final Properties javaProps2 = credentialGenerator == null ? null : credentialGenerator.getJavaProperties(); + + int[] indices = new int[numOfPuts]; + for (int index = 0; index < numOfPuts; ++index) { + indices[index] = index; + } + + Random rnd = new Random(); + Properties[] authProps = new Properties[numOfUsers]; + for (int i = 0; i < numOfUsers; i++) { + int rand = rnd.nextInt(100) + 1; + if (postAuthzAllowed[i]) { + opCredentials = tgen.getAllowedCredentials(new OperationCode[] {OperationCode.EXECUTE_CQ, OperationCode.GET}, /* For callback, GET should be allowed */ new String[] {regionName}, indices, rand); } else { - javaProps2 = null; + opCredentials = tgen.getDisallowedCredentials(new OperationCode[] { OperationCode.GET}, /* For callback, GET should be disallowed */ new String[] {regionName}, indices, rand); } + authProps[i] = SecurityTestUtil.concatProperties(new Properties[] {opCredentials, extraAuthProps, extraAuthzProps}); + } - int[] indices = new int[numOfPuts]; - for (int index = 0; index < numOfPuts; ++index) { - indices[index] = index; - } + // Get ports for the servers + Integer port1 = Integer.valueOf(AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET)); + Integer port2 = Integer.valueOf(AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET)); + Integer locatorPort = Integer.valueOf(AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET)); - Random rnd = new Random(); - Properties[] authProps = new Properties[numOfUsers]; - for (int i = 0; i < numOfUsers; i++) { - int rand = rnd.nextInt(100) + 1; - if (postAuthzAllowed[i]) { - opCredentials = tgen.getAllowedCredentials(new OperationCode[] { - OperationCode.EXECUTE_CQ, OperationCode.GET}, // For callback, GET should be allowed - new String[] {regionName}, indices, rand); -// authProps[i] = gen.getAllowedCredentials( -// new OperationCode[] {OperationCode.EXECUTE_CQ}, -// new String[] {regionName}, rnd.nextInt(100) + 1); - } else { - opCredentials = tgen.getDisallowedCredentials(new OperationCode[] { - OperationCode.GET}, // For callback, GET should be disallowed - new String[] {regionName}, indices, rand); -// authProps[i] = gen.getDisallowedCredentials( -// new OperationCode[] {OperationCode.EXECUTE_CQ}, -// new String[] {regionName}, rnd.nextInt(100) + 1); - } - authProps[i] = SecurityTestUtil.concatProperties(new Properties[] { - opCredentials, extraAuthProps, extraAuthzProps}); + // Close down any running servers + server1.invoke(() -> SecurityTestUtil.closeCache()); + server2.invoke(() -> SecurityTestUtil.closeCache()); + + server1.invoke(() -> createServerCache(serverProps, javaProps, locatorPort, port1)); + client1.invoke(() -> createClientCache(javaProps2, authInit, authProps, new Integer[] {port1, port2}, numOfUsers, postAuthzAllowed)); + client2.invoke(() -> createClientCache(javaProps2, authInit, authProps, new Integer[] {port1, port2}, numOfUsers, postAuthzAllowed)); + + client1.invoke(() -> createCQ(numOfUsers)); + client1.invoke(() -> executeCQ(numOfUsers, new Boolean[] {false, false}, numOfPuts, new String[numOfUsers], postAuthzAllowed)); + + client2.invoke(() -> doPuts(numOfPuts, Boolean.TRUE/* put last key */)); + + if (!postAuthzAllowed[0]) { + // There is no point waiting as no user is authorized to receive cq events. + try {Thread.sleep(1000);} catch (InterruptedException ie) {} // TODO: replace with Awaitility + } else { + client1.invoke(() -> waitForLastKey(Integer.valueOf(0))); + if (postAuthzAllowed[1]) { + client1.invoke(() -> waitForLastKey(Integer.valueOf(1))); } + } - // Get ports for the servers - Integer port1 = Integer.valueOf(AvailablePort - .getRandomAvailablePort(AvailablePort.SOCKET)); - Integer port2 = Integer.valueOf(AvailablePort - .getRandomAvailablePort(AvailablePort.SOCKET)); - Integer locatorPort = Integer.valueOf(AvailablePort - .getRandomAvailablePort(AvailablePort.SOCKET)); - // Close down any running servers + client1.invoke(() -> checkCQListeners(numOfUsers, postAuthzAllowed, numOfPuts + 1/* last key */, 0, !failover)); + if (failover) { + server2.invoke(() -> createServerCache(serverProps, javaProps, locatorPort, port2)); server1.invoke(() -> SecurityTestUtil.closeCache()); - server2.invoke(() -> SecurityTestUtil.closeCache()); - server1.invoke(() -> createServerCache(serverProps, javaProps, locatorPort, port1)); - client1.invoke(() -> createClientCache(javaProps2, authInit, authProps, - new Integer[] {port1, port2}, numOfUsers, postAuthzAllowed)); - client2.invoke(() -> createClientCache(javaProps2, authInit, authProps, - new Integer[] {port1, port2}, numOfUsers, postAuthzAllowed)); - - client1.invoke(() -> createCQ(numOfUsers)); - client1.invoke(() -> executeCQ(numOfUsers, new Boolean[] {false, false}, numOfPuts, - new String[numOfUsers], postAuthzAllowed)); + // Allow time for client1 to register its CQs on server2 + server2.invoke(() -> allowCQsToRegister(Integer.valueOf(2))); client2.invoke(() -> doPuts(numOfPuts, Boolean.TRUE/* put last key */)); - if (!postAuthzAllowed[0]) { - // There is no point waiting as no user is authorized to receive cq events. - try {Thread.sleep(1000);} catch (InterruptedException ie) {} - } else { - client1.invoke(() -> waitForLastKey(Integer.valueOf(0))); - if (postAuthzAllowed[1]) { - client1.invoke(() -> waitForLastKey(Integer.valueOf(1))); - } - } - client1.invoke(() -> checkCQListeners(numOfUsers, postAuthzAllowed, - numOfPuts + 1/* last key */, 0, !failover)); - if (failover) { - server2.invoke(() -> createServerCache(serverProps, javaProps, locatorPort, port2)); - server1.invoke(() -> SecurityTestUtil.closeCache()); - - // Allow time for client1 to register its CQs on server2 - server2.invoke(() -> allowCQsToRegister(Integer.valueOf(2))); - - client2.invoke(() -> doPuts(numOfPuts, Boolean.TRUE/* put last key */)); - client1.invoke(() -> waitForLastKeyUpdate(Integer.valueOf(0))); - client1.invoke(() -> checkCQListeners(numOfUsers, postAuthzAllowed, - numOfPuts + 1/* last key */, numOfPuts + 1/* last key */, - Boolean.TRUE)); - } + client1.invoke(() -> waitForLastKeyUpdate(Integer.valueOf(0))); + client1.invoke(() -> checkCQListeners(numOfUsers, postAuthzAllowed, numOfPuts + 1/* last key */, numOfPuts + 1/* last key */, Boolean.TRUE)); + } } - private void createServerCache(Properties serverProps, - Properties javaProps, Integer serverPort) { - Integer locatorPort = Integer.valueOf(AvailablePort - .getRandomAvailablePort(AvailablePort.SOCKET)); - SecurityTestUtil.createCacheServer((Properties)serverProps, javaProps, - locatorPort, null, serverPort, Boolean.TRUE, Integer.valueOf( - SecurityTestUtil.NO_EXCEPTION)); + private void createServerCache(Properties serverProps, Properties javaProps, Integer serverPort) { + Integer locatorPort = Integer.valueOf(AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET)); + SecurityTestUtil.createCacheServer((Properties)serverProps, javaProps, locatorPort, null, serverPort, Boolean.TRUE, Integer.valueOf(SecurityTestUtil.NO_EXCEPTION)); } - private void createServerCache(Properties serverProps, - Properties javaProps, Integer locatorPort, Integer serverPort) { - SecurityTestUtil.createCacheServer((Properties)serverProps, javaProps, - locatorPort, null, serverPort, Boolean.TRUE, Integer.valueOf( - SecurityTestUtil.NO_EXCEPTION)); + private void createServerCache(Properties serverProps, Properties javaProps, Integer locatorPort, Integer serverPort) { + SecurityTestUtil.createCacheServer((Properties)serverProps, javaProps, locatorPort, null, serverPort, Boolean.TRUE, Integer.valueOf(SecurityTestUtil.NO_EXCEPTION)); } - private void createClientCache(Properties javaProps, String authInit, - Properties[] authProps, Integer ports[], Integer numOfUsers, - Boolean[] postAuthzAllowed) { - SecurityTestUtil.createCacheClientForMultiUserMode(numOfUsers, authInit, - authProps, javaProps, ports, null, Boolean.FALSE, - SecurityTestUtil.NO_EXCEPTION); + private void createClientCache(Properties javaProps, String authInit, Properties[] authProps, Integer ports[], Integer numOfUsers, Boolean[] postAuthzAllowed) { + SecurityTestUtil.createCacheClientForMultiUserMode(numOfUsers, authInit, authProps, javaProps, ports, null, Boolean.FALSE, SecurityTestUtil.NO_EXCEPTION); } - private void createCQ(Integer num) { + private void createCQ(Integer num) throws CqException, CqExistsException { for (int i = 0; i < num; i++) { QueryService cqService = SecurityTestUtil.proxyCaches[i].getQueryService(); String cqName = "CQ_" + i; - String queryStr = cqNameToQueryStrings.get(cqName) - + SecurityTestUtil.proxyCaches[i].getRegion(regionName).getFullPath(); + String queryStr = cqNameToQueryStrings.get(cqName) + SecurityTestUtil.proxyCaches[i].getRegion(regionName).getFullPath(); + // Create CQ Attributes. CqAttributesFactory cqf = new CqAttributesFactory(); CqListener[] cqListeners = {new CqQueryTestListener(LogWriterUtils.getLogWriter())}; @@ -295,55 +248,33 @@ public class ClientCQPostAuthorizationDUnitTest extends CqAttributes cqa = cqf.create(); // Create CQ. - try { - CqQuery cq1 = cqService.newCq(cqName, queryStr, cqa); - assertTrue("newCq() state mismatch", cq1.getState().isStopped()); - } catch (Exception ex) { - AssertionError err = new AssertionError("Failed to create CQ " + cqName - + " . "); - err.initCause(ex); - LogWriterUtils.getLogWriter().info("CqService is :" + cqService, err); - throw err; - } + CqQuery cq1 = cqService.newCq(cqName, queryStr, cqa); + assertTrue("newCq() state mismatch", cq1.getState().isStopped()); } } - private void executeCQ(Integer num, Boolean[] initialResults, - Integer expectedResultsSize, String[] expectedErr, Boolean[] postAuthzAllowed) { + private void executeCQ(Integer num, Boolean[] initialResults, Integer expectedResultsSize, String[] expectedErr, Boolean[] postAuthzAllowed) throws RegionNotFoundException { InternalLogWriter logWriter = InternalDistributedSystem.getStaticInternalLogWriter(); + for (int i = 0; i < num; i++) { try { if (expectedErr[i] != null) { - logWriter.info( - "<ExpectedException action=add>" + expectedErr[i] - + "</ExpectedException>"); + logWriter.info("<ExpectedException action=add>" + expectedErr[i] + "</ExpectedException>"); } CqQuery cq1 = null; String cqName = "CQ_" + i; - String queryStr = cqNameToQueryStrings.get(cqName) - + SecurityTestUtil.proxyCaches[i].getRegion(regionName) - .getFullPath(); - QueryService cqService = SecurityTestUtil.proxyCaches[i] - .getQueryService(); + String queryStr = cqNameToQueryStrings.get(cqName) + SecurityTestUtil.proxyCaches[i].getRegion(regionName).getFullPath(); + QueryService cqService = SecurityTestUtil.proxyCaches[i].getQueryService(); // Get CqQuery object. - try { - cq1 = cqService.getCq(cqName); - if (cq1 == null) { - LogWriterUtils.getLogWriter().info( - "Failed to get CqQuery object for CQ name: " + cqName); - fail("Failed to get CQ " + cqName); - } else { - LogWriterUtils.getLogWriter().info("Obtained CQ, CQ name: " + cq1.getName()); - assertTrue("newCq() state mismatch", cq1.getState().isStopped()); - } - } catch (Exception ex) { - LogWriterUtils.getLogWriter().info("CqService is :" + cqService); - LogWriterUtils.getLogWriter().error(ex); - AssertionError err = new AssertionError("Failed to execute CQ " - + cqName); - err.initCause(ex); - throw err; + cq1 = cqService.getCq(cqName); + if (cq1 == null) { + LogWriterUtils.getLogWriter().info( + "Failed to get CqQuery object for CQ name: " + cqName); + fail("Failed to get CQ " + cqName); + } else { + LogWriterUtils.getLogWriter().info("Obtained CQ, CQ name: " + cq1.getName()); + assertTrue("newCq() state mismatch", cq1.getState().isStopped()); } if (initialResults[i]) { @@ -356,28 +287,17 @@ public class ClientCQPostAuthorizationDUnitTest extends LogWriterUtils.getLogWriter().info("Got expected exception for CQ " + cqName); } else { LogWriterUtils.getLogWriter().info("CqService is: " + cqService); - ce.printStackTrace(); - AssertionError err = new AssertionError("Failed to execute CQ " - + cqName); - err.initCause(ce); - throw err; + throw new AssertionError("Failed to execute CQ " + cqName, ce); } - } catch (Exception ex) { - LogWriterUtils.getLogWriter().info("CqService is: " + cqService); - ex.printStackTrace(); - AssertionError err = new AssertionError("Failed to execute CQ " - + cqName); - err.initCause(ex); - throw err; } LogWriterUtils.getLogWriter().info("initial result size = " + cqResults.size()); - assertTrue("executeWithInitialResults() state mismatch", cq1 - .getState().isRunning()); + assertTrue("executeWithInitialResults() state mismatch", cq1.getState().isRunning()); if (expectedResultsSize >= 0) { - assertEquals("unexpected results size", expectedResultsSize - .intValue(), cqResults.size()); + assertEquals("unexpected results size", expectedResultsSize.intValue(), cqResults.size()); } + } else { + try { cq1.execute(); } catch (CqException ce) { @@ -386,11 +306,9 @@ public class ClientCQPostAuthorizationDUnitTest extends } else { LogWriterUtils.getLogWriter().info("CqService is: " + cqService); ce.printStackTrace(); - AssertionError err = new AssertionError("Failed to execute CQ " - + cqName); - err.initCause(ce); - throw err; + throw new AssertionError("Failed to execute CQ " + cqName, ce); } + } catch (Exception ex) { AssertionError err = new AssertionError("Failed to execute CQ " + cqName); @@ -404,16 +322,13 @@ public class ClientCQPostAuthorizationDUnitTest extends } } finally { if (expectedErr[i] != null) { - logWriter.info( - "<ExpectedException action=remove>" + expectedErr[i] - + "</ExpectedException>"); + logWriter.info("<ExpectedException action=remove>" + expectedErr[i] + "</ExpectedException>"); } } } } private void doPuts(Integer num, Boolean putLastKey) { -// Region region = GemFireCache.getInstance().getRegion(regionName); Region region = SecurityTestUtil.proxyCaches[0].getRegion(regionName); for (int i = 0; i < num; i++) { region.put("CQ_key"+i, "CQ_value"+i); @@ -432,32 +347,14 @@ public class ClientCQPostAuthorizationDUnitTest extends String cqName = "CQ_" + cqIndex; QueryService qService = SecurityTestUtil.proxyCaches[cqIndex].getQueryService(); ClientCQImpl cqQuery = (ClientCQImpl)qService.getCq(cqName); - ((CqQueryTestListener)cqQuery.getCqListeners()[0]) - .waitForCreated("LAST_KEY"); -// WaitCriterion wc = new WaitCriterion() { -// public boolean done() { -// Region region = GemFireCache.getInstance().getRegion(regionName); -// Region.Entry entry = region.getEntry("LAST_KEY"); -// if (entry != null && entry.getValue() != null) { -// return false; -// } else if (entry.getValue() != null) { -// return true; -// } -// return false; -// } -// public String description() { -// return "Last key not received."; -// } -// }; -// DistributedTestCase.waitForCriterion(wc, 60 * 1000, 100, false); + ((CqQueryTestListener)cqQuery.getCqListeners()[0]).waitForCreated("LAST_KEY"); } private void waitForLastKeyUpdate(Integer cqIndex) { String cqName = "CQ_" + cqIndex; QueryService qService = SecurityTestUtil.proxyCaches[cqIndex].getQueryService(); ClientCQImpl cqQuery = (ClientCQImpl)qService.getCq(cqName); - ((CqQueryTestListener)cqQuery.getCqListeners()[0]) - .waitForUpdated("LAST_KEY"); + ((CqQueryTestListener)cqQuery.getCqListeners()[0]).waitForUpdated("LAST_KEY"); } private void allowCQsToRegister(Integer number) { @@ -475,26 +372,22 @@ public class ClientCQPostAuthorizationDUnitTest extends } public String description() { - return num + "Waited for " + num - + " CQs to be registered on this server."; + return num + "Waited for " + num + " CQs to be registered on this server."; } }; Wait.waitForCriterion(wc, 60 * 1000, 100, false); } - private void checkCQListeners(Integer numOfUsers, - Boolean[] expectedListenerInvocation, Integer createEventsSize, - Integer updateEventsSize, Boolean closeCache) { + private void checkCQListeners(Integer numOfUsers, Boolean[] expectedListenerInvocation, Integer createEventsSize, Integer updateEventsSize, Boolean closeCache) { for (int i = 0; i < numOfUsers; i++) { String cqName = "CQ_" + i; QueryService qService = SecurityTestUtil.proxyCaches[i].getQueryService(); ClientCQImpl cqQuery = (ClientCQImpl)qService.getCq(cqName); + if (expectedListenerInvocation[i]) { for (CqListener listener : cqQuery.getCqListeners()) { - assertEquals(createEventsSize.intValue(), - ((CqQueryTestListener)listener).getCreateEventCount()); - assertEquals(updateEventsSize.intValue(), - ((CqQueryTestListener)listener).getUpdateEventCount()); + assertEquals(createEventsSize.intValue(), ((CqQueryTestListener)listener).getCreateEventCount()); + assertEquals(updateEventsSize.intValue(), ((CqQueryTestListener)listener).getUpdateEventCount()); } } else { for (CqListener listener : cqQuery.getCqListeners()) { http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/5a321ffd/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientPostAuthorizationDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientPostAuthorizationDUnitTest.java b/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientPostAuthorizationDUnitTest.java index 519b76f..931a53e 100644 --- a/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientPostAuthorizationDUnitTest.java +++ b/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientPostAuthorizationDUnitTest.java @@ -50,72 +50,23 @@ public class ClientPostAuthorizationDUnitTest extends public RetryRule retryRule = new RetryRule(); @Override - public final void postSetUp() throws Exception { - final Host host = Host.getHost(0); - server1 = host.getVM(0); - server2 = host.getVM(1); - client1 = host.getVM(2); - client2 = host.getVM(3); - - server1.invoke(() -> SecurityTestUtil.registerExpectedExceptions( serverExpectedExceptions )); - server2.invoke(() -> SecurityTestUtil.registerExpectedExceptions( serverExpectedExceptions )); - client2.invoke(() -> SecurityTestUtil.registerExpectedExceptions( clientExpectedExceptions )); - SecurityTestUtil.registerExpectedExceptions(clientExpectedExceptions); + public final void preTearDownClientAuthorizationTestBase() throws Exception { + // close the clients first + client1.invoke(() -> SecurityTestUtil.closeCache()); + client2.invoke(() -> SecurityTestUtil.closeCache()); + SecurityTestUtil.closeCache(); + // then close the servers + server1.invoke(() -> SecurityTestUtil.closeCache()); + server2.invoke(() -> SecurityTestUtil.closeCache()); } @Test @Retry(2) public void testAllPostOps() { + OperationWithAction[] allOps = allOpsForTestAllPostOps(); - OperationWithAction[] allOps = { - // Test CREATE and verify with a GET - new OperationWithAction(OperationCode.PUT), - new OperationWithAction(OperationCode.GET, 2, OpFlags.CHECK_NOKEY, 4), - new OperationWithAction(OperationCode.GET, 3, OpFlags.CHECK_NOKEY - | OpFlags.CHECK_NOTAUTHZ, 4), - - // OPBLOCK_END indicates end of an operation block that needs to - // be executed on each server when doing failover - OperationWithAction.OPBLOCK_END, - - // Test UPDATE and verify with a GET - new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN - | OpFlags.USE_NEWVAL, 4), - new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN - | OpFlags.USE_NEWVAL, 4), - new OperationWithAction(OperationCode.GET, 3, - OpFlags.USE_OLDCONN | OpFlags.CHECK_NOKEY | OpFlags.USE_NEWVAL - | OpFlags.CHECK_NOTAUTHZ, 4), - - OperationWithAction.OPBLOCK_END, - - // Test UPDATE and verify with a KEY_SET - new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN, 6), - new OperationWithAction(OperationCode.KEY_SET, 2, OpFlags.NONE, 6), - new OperationWithAction(OperationCode.KEY_SET, 3, - OpFlags.CHECK_NOTAUTHZ, 6), - - OperationWithAction.OPBLOCK_END, - - // Test UPDATE and verify with a QUERY - new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN - | OpFlags.USE_NEWVAL, 7), - new OperationWithAction(OperationCode.QUERY, 2, OpFlags.USE_NEWVAL, 7), - new OperationWithAction(OperationCode.QUERY, 3, OpFlags.USE_NEWVAL - | OpFlags.CHECK_NOTAUTHZ, 7), - - OperationWithAction.OPBLOCK_END, + for (Iterator iter = getDummyGeneratorCombos().iterator(); iter.hasNext();) { - // Test UPDATE and verify with a EXECUTE_CQ initial results - new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN, 8), - new OperationWithAction(OperationCode.EXECUTE_CQ, 2, OpFlags.NONE, 8), - new OperationWithAction(OperationCode.EXECUTE_CQ, 3, - OpFlags.CHECK_NOTAUTHZ, 8), - - OperationWithAction.OPBLOCK_END }; - - Iterator iter = getDummyGeneratorCombos().iterator(); - while (iter.hasNext()) { AuthzCredentialGenerator gen = (AuthzCredentialGenerator)iter.next(); CredentialGenerator cGen = gen.getCredentialGenerator(); Properties extraAuthProps = cGen.getSystemProperties(); @@ -127,18 +78,15 @@ public class ClientPostAuthorizationDUnitTest extends TestAuthzCredentialGenerator tgen = new TestAuthzCredentialGenerator(gen); LogWriterUtils.getLogWriter().info("testAllPostOps: Using authinit: " + authInit); - LogWriterUtils.getLogWriter().info( - "testAllPostOps: Using authenticator: " + authenticator); + LogWriterUtils.getLogWriter().info("testAllPostOps: Using authenticator: " + authenticator); LogWriterUtils.getLogWriter().info("testAllPostOps: Using accessor: " + accessor); // Start servers with all required properties - Properties serverProps = buildProperties(authenticator, accessor, true, - extraAuthProps, extraAuthzProps); + Properties serverProps = buildProperties(authenticator, accessor, true, extraAuthProps, extraAuthzProps); + // Get ports for the servers - Integer port1 = new Integer(AvailablePort - .getRandomAvailablePort(AvailablePort.SOCKET)); - Integer port2 = new Integer(AvailablePort - .getRandomAvailablePort(AvailablePort.SOCKET)); + Integer port1 = new Integer(AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET)); + Integer port2 = new Integer(AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET)); // Close down any running servers server1.invoke(() -> SecurityTestUtil.closeCache()); @@ -147,35 +95,29 @@ public class ClientPostAuthorizationDUnitTest extends // Perform all the ops on the clients List opBlock = new ArrayList(); Random rnd = new Random(); + for (int opNum = 0; opNum < allOps.length; ++opNum) { // Start client with valid credentials as specified in // OperationWithAction OperationWithAction currentOp = allOps[opNum]; - if (currentOp.equals(OperationWithAction.OPBLOCK_END) - || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) { + if (currentOp.equals(OperationWithAction.OPBLOCK_END) || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) { // End of current operation block; execute all the operations // on the servers with failover if (opBlock.size() > 0) { // Start the first server and execute the operation block - server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer( - SecurityTestUtil.getLocatorPort(), port1, serverProps, - javaProps )); + server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer(SecurityTestUtil.getLocatorPort(), port1, serverProps, javaProps )); server2.invoke(() -> SecurityTestUtil.closeCache()); - executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, - extraAuthzProps, tgen, rnd); + executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, tgen, rnd); if (!currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) { // Failover to the second server and run the block again - server2.invoke(() -> ClientAuthorizationTestBase.createCacheServer( - SecurityTestUtil.getLocatorPort(), port2, serverProps, - javaProps )); + server2.invoke(() -> ClientAuthorizationTestBase.createCacheServer(SecurityTestUtil.getLocatorPort(), port2, serverProps, javaProps )); server1.invoke(() -> SecurityTestUtil.closeCache()); - executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, - extraAuthzProps, tgen, rnd); + executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, tgen, rnd); } opBlock.clear(); } - } - else { + + } else { currentOp.setOpNum(opNum); opBlock.add(currentOp); } @@ -185,20 +127,115 @@ public class ClientPostAuthorizationDUnitTest extends @Test public void testAllOpsNotifications() { + OperationWithAction[] allOps = allOpsForTestAllOpsNotifications(); + + AuthzCredentialGenerator authzGenerator = getXmlAuthzGenerator(); + LogWriterUtils.getLogWriter().info("Executing opblocks with credential generator " + authzGenerator); + CredentialGenerator credentialGenerator = authzGenerator.getCredentialGenerator(); + Properties extraAuthProps = credentialGenerator.getSystemProperties(); + Properties javaProps = credentialGenerator.getJavaProperties(); + Properties extraAuthzProps = authzGenerator.getSystemProperties(); + String authenticator = credentialGenerator.getAuthenticator(); + String authInit = credentialGenerator.getAuthInit(); + String accessor = authzGenerator.getAuthorizationCallback(); + TestAuthzCredentialGenerator tgen = new TestAuthzCredentialGenerator(authzGenerator); + + LogWriterUtils.getLogWriter().info("testAllOpsNotifications: Using authinit: " + authInit); + LogWriterUtils.getLogWriter().info("testAllOpsNotifications: Using authenticator: " + authenticator); + LogWriterUtils.getLogWriter().info("testAllOpsNotifications: Using accessor: " + accessor); + + // Start servers with all required properties + Properties serverProps = buildProperties(authenticator, accessor, true, extraAuthProps, extraAuthzProps); + // Get ports for the servers + Integer port1 = new Integer(AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET)); + Integer port2 = new Integer(AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET)); + + // Perform all the ops on the clients + List opBlock = new ArrayList(); + Random rnd = new Random(); + + for (int opNum = 0; opNum < allOps.length; ++opNum) { + // Start client with valid credentials as specified in + // OperationWithAction + OperationWithAction currentOp = allOps[opNum]; + if (currentOp.equals(OperationWithAction.OPBLOCK_END) || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) { + // End of current operation block; execute all the operations + // on the servers with failover + if (opBlock.size() > 0) { + // Start the first server and execute the operation block + server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer(SecurityTestUtil.getLocatorPort(), port1, serverProps, javaProps )); + server2.invoke(() -> SecurityTestUtil.closeCache()); + executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, tgen, rnd); + if (!currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) { + // Failover to the second server and run the block again + server2.invoke(() -> ClientAuthorizationTestBase.createCacheServer(SecurityTestUtil.getLocatorPort(), port2, serverProps, javaProps )); + server1.invoke(() -> SecurityTestUtil.closeCache()); + executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, tgen, rnd); + } + opBlock.clear(); + } + + } else { + currentOp.setOpNum(opNum); + opBlock.add(currentOp); + } + } + } + + private OperationWithAction[] allOpsForTestAllPostOps() { + return new OperationWithAction[] { + // Test CREATE and verify with a GET + new OperationWithAction(OperationCode.PUT), + new OperationWithAction(OperationCode.GET, 2, OpFlags.CHECK_NOKEY, 4), + new OperationWithAction(OperationCode.GET, 3, OpFlags.CHECK_NOKEY | OpFlags.CHECK_NOTAUTHZ, 4), + + // OPBLOCK_END indicates end of an operation block that needs to + // be executed on each server when doing failover + OperationWithAction.OPBLOCK_END, + + // Test UPDATE and verify with a GET + new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 4), + new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 4), + new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.CHECK_NOKEY | OpFlags.USE_NEWVAL | OpFlags.CHECK_NOTAUTHZ, 4), + + OperationWithAction.OPBLOCK_END, + + // Test UPDATE and verify with a KEY_SET + new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN, 6), + new OperationWithAction(OperationCode.KEY_SET, 2, OpFlags.NONE, 6), + new OperationWithAction(OperationCode.KEY_SET, 3, OpFlags.CHECK_NOTAUTHZ, 6), + + OperationWithAction.OPBLOCK_END, + + // Test UPDATE and verify with a QUERY + new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 7), + new OperationWithAction(OperationCode.QUERY, 2, OpFlags.USE_NEWVAL, 7), + new OperationWithAction(OperationCode.QUERY, 3, OpFlags.USE_NEWVAL | OpFlags.CHECK_NOTAUTHZ, 7), + + OperationWithAction.OPBLOCK_END, - OperationWithAction[] allOps = { + // Test UPDATE and verify with a EXECUTE_CQ initial results + new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN, 8), + new OperationWithAction(OperationCode.EXECUTE_CQ, 2, OpFlags.NONE, 8), + new OperationWithAction(OperationCode.EXECUTE_CQ, 3, OpFlags.CHECK_NOTAUTHZ, 8), + + OperationWithAction.OPBLOCK_END }; + } + + private OperationWithAction[] allOpsForTestAllOpsNotifications() { + return new OperationWithAction[]{ // Test CREATE and verify with a GET new OperationWithAction(OperationCode.REGISTER_INTEREST, - OperationCode.GET, 2, OpFlags.USE_REGEX + OperationCode.GET, 2, OpFlags.USE_REGEX | OpFlags.REGISTER_POLICY_NONE, 8), new OperationWithAction(OperationCode.REGISTER_INTEREST, - OperationCode.GET, 3, OpFlags.USE_REGEX + OperationCode.GET, 3, OpFlags.USE_REGEX | OpFlags.REGISTER_POLICY_NONE | OpFlags.USE_NOTAUTHZ, 8), new OperationWithAction(OperationCode.PUT), new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP, 4), + | OpFlags.LOCAL_OP, 4), new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP | OpFlags.CHECK_FAIL, 4), + | OpFlags.LOCAL_OP | OpFlags.CHECK_FAIL, 4), // OPBLOCK_END indicates end of an operation block that needs to // be executed on each server when doing failover @@ -206,35 +243,35 @@ public class ClientPostAuthorizationDUnitTest extends // Test UPDATE and verify with a GET new OperationWithAction(OperationCode.REGISTER_INTEREST, - OperationCode.GET, 2, OpFlags.USE_REGEX + OperationCode.GET, 2, OpFlags.USE_REGEX | OpFlags.REGISTER_POLICY_NONE, 8), new OperationWithAction(OperationCode.REGISTER_INTEREST, - OperationCode.GET, 3, OpFlags.USE_REGEX + OperationCode.GET, 3, OpFlags.USE_REGEX | OpFlags.REGISTER_POLICY_NONE | OpFlags.USE_NOTAUTHZ, 8), new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN - | OpFlags.USE_NEWVAL, 4), + | OpFlags.USE_NEWVAL, 4), new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP | OpFlags.USE_NEWVAL, 4), + | OpFlags.LOCAL_OP | OpFlags.USE_NEWVAL, 4), new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP | OpFlags.USE_NEWVAL | OpFlags.CHECK_FAIL, 4), + | OpFlags.LOCAL_OP | OpFlags.USE_NEWVAL | OpFlags.CHECK_FAIL, 4), OperationWithAction.OPBLOCK_END, - // Test DESTROY and verify with GET that keys should not exist + // Test DESTROY and verify with GET that KEYS should not exist new OperationWithAction(OperationCode.PUT, 3, OpFlags.NONE, 8), new OperationWithAction(OperationCode.REGISTER_INTEREST, - OperationCode.GET, 2, OpFlags.USE_REGEX, 8), + OperationCode.GET, 2, OpFlags.USE_REGEX, 8), new OperationWithAction(OperationCode.REGISTER_INTEREST, 3, - OpFlags.USE_REGEX | OpFlags.USE_OLDCONN | OpFlags.REGISTER_POLICY_NONE, 8), - // registerInterest now clears the keys, so a dummy put to add - // those keys back for the case when updates should not come + OpFlags.USE_REGEX | OpFlags.USE_OLDCONN | OpFlags.REGISTER_POLICY_NONE, 8), + // registerInterest now clears the KEYS, so a dummy put to add + // those KEYS back for the case when updates should not come new OperationWithAction(OperationCode.PUT, 3, OpFlags.USE_OLDCONN, 8), new OperationWithAction(OperationCode.DESTROY, 1, OpFlags.USE_OLDCONN, - 4), + 4), new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP | OpFlags.CHECK_FAIL, 4), + | OpFlags.LOCAL_OP | OpFlags.CHECK_FAIL, 4), new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP, 4), + | OpFlags.LOCAL_OP, 4), // Repopulate the region new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN, 8), @@ -243,18 +280,18 @@ public class ClientPostAuthorizationDUnitTest extends // Do REGION_CLEAR and check with GET new OperationWithAction(OperationCode.PUT, 3, OpFlags.NONE, 8), new OperationWithAction(OperationCode.REGISTER_INTEREST, - OperationCode.GET, 2, OpFlags.USE_ALL_KEYS, 1), + OperationCode.GET, 2, OpFlags.USE_ALL_KEYS, 1), new OperationWithAction(OperationCode.REGISTER_INTEREST, 3, - OpFlags.USE_ALL_KEYS | OpFlags.USE_OLDCONN | OpFlags.REGISTER_POLICY_NONE, 1), - // registerInterest now clears the keys, so a dummy put to add - // those keys back for the case when updates should not come + OpFlags.USE_ALL_KEYS | OpFlags.USE_OLDCONN | OpFlags.REGISTER_POLICY_NONE, 1), + // registerInterest now clears the KEYS, so a dummy put to add + // those KEYS back for the case when updates should not come new OperationWithAction(OperationCode.PUT, 3, OpFlags.USE_OLDCONN, 8), new OperationWithAction(OperationCode.REGION_CLEAR, 1, - OpFlags.USE_OLDCONN, 1), + OpFlags.USE_OLDCONN, 1), new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP | OpFlags.CHECK_FAIL, 8), + | OpFlags.LOCAL_OP | OpFlags.CHECK_FAIL, 8), new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP, 8), + | OpFlags.LOCAL_OP, 8), // Repopulate the region new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN, 8), @@ -262,132 +299,55 @@ public class ClientPostAuthorizationDUnitTest extends // Do REGION_CREATE and check with CREATE/GET new OperationWithAction(OperationCode.REGISTER_INTEREST, - OperationCode.GET, 2, OpFlags.USE_ALL_KEYS | OpFlags.ENABLE_DRF, 1), + OperationCode.GET, 2, OpFlags.USE_ALL_KEYS | OpFlags.ENABLE_DRF, 1), new OperationWithAction(OperationCode.REGISTER_INTEREST, - OperationCode.GET, 3, OpFlags.USE_ALL_KEYS | OpFlags.ENABLE_DRF + OperationCode.GET, 3, OpFlags.USE_ALL_KEYS | OpFlags.ENABLE_DRF | OpFlags.USE_NOTAUTHZ | OpFlags.REGISTER_POLICY_NONE, 1), new OperationWithAction(OperationCode.REGION_CREATE, 1, - OpFlags.ENABLE_DRF, 1), + OpFlags.ENABLE_DRF, 1), new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN - | OpFlags.USE_SUBREGION, 4), + | OpFlags.USE_SUBREGION, 4), new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP | OpFlags.USE_SUBREGION - | OpFlags.NO_CREATE_SUBREGION, 4), + | OpFlags.LOCAL_OP | OpFlags.USE_SUBREGION + | OpFlags.NO_CREATE_SUBREGION, 4), new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP | OpFlags.USE_SUBREGION - | OpFlags.NO_CREATE_SUBREGION | OpFlags.CHECK_NOREGION, 4), + | OpFlags.LOCAL_OP | OpFlags.USE_SUBREGION + | OpFlags.NO_CREATE_SUBREGION | OpFlags.CHECK_NOREGION, 4), // Do REGION_DESTROY of the sub-region and check with GET new OperationWithAction(OperationCode.REGION_DESTROY, 1, - OpFlags.USE_OLDCONN | OpFlags.USE_SUBREGION, 1), + OpFlags.USE_OLDCONN | OpFlags.USE_SUBREGION, 1), new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP | OpFlags.USE_SUBREGION - | OpFlags.NO_CREATE_SUBREGION | OpFlags.CHECK_NOREGION, 4), + | OpFlags.LOCAL_OP | OpFlags.USE_SUBREGION + | OpFlags.NO_CREATE_SUBREGION | OpFlags.CHECK_NOREGION, 4), new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN - | OpFlags.USE_SUBREGION | OpFlags.CHECK_NOKEY - | OpFlags.CHECK_EXCEPTION, 4), + | OpFlags.USE_SUBREGION | OpFlags.CHECK_NOKEY + | OpFlags.CHECK_EXCEPTION, 4), new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP | OpFlags.USE_SUBREGION - | OpFlags.NO_CREATE_SUBREGION | OpFlags.CHECK_NOREGION, 4), + | OpFlags.LOCAL_OP | OpFlags.USE_SUBREGION + | OpFlags.NO_CREATE_SUBREGION | OpFlags.CHECK_NOREGION, 4), new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN - | OpFlags.USE_SUBREGION | OpFlags.CHECK_NOKEY - | OpFlags.CHECK_EXCEPTION, 4), + | OpFlags.USE_SUBREGION | OpFlags.CHECK_NOKEY + | OpFlags.CHECK_EXCEPTION, 4), OperationWithAction.OPBLOCK_END, // Do REGION_DESTROY of the region and check with GET new OperationWithAction(OperationCode.PUT, 3, OpFlags.NONE, 8), new OperationWithAction(OperationCode.REGISTER_INTEREST, - OperationCode.GET, 2, OpFlags.USE_ALL_KEYS, 1), + OperationCode.GET, 2, OpFlags.USE_ALL_KEYS, 1), new OperationWithAction(OperationCode.REGISTER_INTEREST, 3, - OpFlags.USE_ALL_KEYS | OpFlags.USE_OLDCONN | OpFlags.REGISTER_POLICY_NONE, 1), - // registerInterest now clears the keys, so a dummy put to add - // those keys back for the case when updates should not come + OpFlags.USE_ALL_KEYS | OpFlags.USE_OLDCONN | OpFlags.REGISTER_POLICY_NONE, 1), + // registerInterest now clears the KEYS, so a dummy put to add + // those KEYS back for the case when updates should not come new OperationWithAction(OperationCode.PUT, 3, OpFlags.USE_OLDCONN, 8), new OperationWithAction(OperationCode.REGION_DESTROY, 1, OpFlags.NONE, - 1), + 1), new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP | OpFlags.CHECK_NOREGION, 4), + | OpFlags.LOCAL_OP | OpFlags.CHECK_NOREGION, 4), new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN - | OpFlags.LOCAL_OP, 4), - - OperationWithAction.OPBLOCK_NO_FAILOVER }; + | OpFlags.LOCAL_OP, 4), - AuthzCredentialGenerator gen = getXmlAuthzGenerator(); - LogWriterUtils.getLogWriter().info("Executing opblocks with credential generator " + gen); - CredentialGenerator cGen = gen.getCredentialGenerator(); - Properties extraAuthProps = cGen.getSystemProperties(); - Properties javaProps = cGen.getJavaProperties(); - Properties extraAuthzProps = gen.getSystemProperties(); - String authenticator = cGen.getAuthenticator(); - String authInit = cGen.getAuthInit(); - String accessor = gen.getAuthorizationCallback(); - TestAuthzCredentialGenerator tgen = new TestAuthzCredentialGenerator(gen); - - LogWriterUtils.getLogWriter().info( - "testAllOpsNotifications: Using authinit: " + authInit); - LogWriterUtils.getLogWriter().info( - "testAllOpsNotifications: Using authenticator: " + authenticator); - LogWriterUtils.getLogWriter().info( - "testAllOpsNotifications: Using accessor: " + accessor); - - // Start servers with all required properties - Properties serverProps = buildProperties(authenticator, accessor, true, - extraAuthProps, extraAuthzProps); - // Get ports for the servers - Integer port1 = new Integer(AvailablePort - .getRandomAvailablePort(AvailablePort.SOCKET)); - Integer port2 = new Integer(AvailablePort - .getRandomAvailablePort(AvailablePort.SOCKET)); - - // Perform all the ops on the clients - List opBlock = new ArrayList(); - Random rnd = new Random(); - for (int opNum = 0; opNum < allOps.length; ++opNum) { - // Start client with valid credentials as specified in - // OperationWithAction - OperationWithAction currentOp = allOps[opNum]; - if (currentOp.equals(OperationWithAction.OPBLOCK_END) - || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) { - // End of current operation block; execute all the operations - // on the servers with failover - if (opBlock.size() > 0) { - // Start the first server and execute the operation block - server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer( - SecurityTestUtil.getLocatorPort(), port1, serverProps, - javaProps )); - server2.invoke(() -> SecurityTestUtil.closeCache()); - executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, - extraAuthzProps, tgen, rnd); - if (!currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) { - // Failover to the second server and run the block again - server2.invoke(() -> ClientAuthorizationTestBase.createCacheServer( - SecurityTestUtil.getLocatorPort(), port2, serverProps, - javaProps )); - server1.invoke(() -> SecurityTestUtil.closeCache()); - executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, - extraAuthzProps, tgen, rnd); - } - opBlock.clear(); - } - } - else { - currentOp.setOpNum(opNum); - opBlock.add(currentOp); - } - } - } - - // End Region: Tests - - @Override - public final void preTearDown() throws Exception { - // close the clients first - client1.invoke(() -> SecurityTestUtil.closeCache()); - client2.invoke(() -> SecurityTestUtil.closeCache()); - SecurityTestUtil.closeCache(); - // then close the servers - server1.invoke(() -> SecurityTestUtil.closeCache()); - server2.invoke(() -> SecurityTestUtil.closeCache()); + OperationWithAction.OPBLOCK_NO_FAILOVER}; } }
