http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MemberMBeanSecurityJUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MemberMBeanSecurityJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MemberMBeanSecurityJUnitTest.java index 4ee5b13..6c8a638 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MemberMBeanSecurityJUnitTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MemberMBeanSecurityJUnitTest.java @@ -16,27 +16,29 @@ */ package com.gemstone.gemfire.management.internal.security; -import static com.gemstone.gemfire.security.JSONAuthorization.*; import static org.assertj.core.api.Assertions.*; -import com.gemstone.gemfire.internal.AvailablePort; -import com.gemstone.gemfire.management.MemberMXBean; -import com.gemstone.gemfire.test.junit.categories.IntegrationTest; import org.junit.Before; import org.junit.ClassRule; import org.junit.Rule; import org.junit.Test; import org.junit.experimental.categories.Category; -@Category(IntegrationTest.class) +import com.gemstone.gemfire.internal.AvailablePort; +import com.gemstone.gemfire.management.MemberMXBean; +import com.gemstone.gemfire.test.junit.categories.IntegrationTest; +import com.gemstone.gemfire.test.junit.categories.SecurityTest; + +@Category({ IntegrationTest.class, SecurityTest.class }) public class MemberMBeanSecurityJUnitTest { + private static int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET); private MemberMXBean bean; @ClassRule public static JsonAuthorizationCacheStartRule serverRule = new JsonAuthorizationCacheStartRule( - jmxManagerPort, CACHE_SERVER_JSON); + jmxManagerPort, "com/gemstone/gemfire/management/internal/security/cacheServer.json"); @Rule public MBeanServerConnectionRule connectionRule = new MBeanServerConnectionRule(jmxManagerPort);
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MultiUserDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MultiUserDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MultiUserDUnitTest.java index e86cf61..3324e7a 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MultiUserDUnitTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MultiUserDUnitTest.java @@ -14,20 +14,18 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package com.gemstone.gemfire.management.internal.security; import static com.gemstone.gemfire.distributed.ConfigurationProperties.*; import static org.junit.Assert.*; -import static com.gemstone.gemfire.security.JSONAuthorization.*; import java.io.IOException; import java.util.List; import java.util.Properties; import java.util.concurrent.TimeUnit; -import com.gemstone.gemfire.security.JSONAuthorization; import com.jayway.awaitility.Awaitility; +import org.apache.geode.security.templates.SampleSecurityManager; import org.json.JSONException; import org.junit.Test; import org.junit.experimental.categories.Category; @@ -53,10 +51,10 @@ public class MultiUserDUnitTest extends CliCommandTestBase { public void testMultiUser() throws IOException, JSONException, InterruptedException { Properties properties = new Properties(); properties.put(NAME, MultiUserDUnitTest.class.getSimpleName()); - properties.put(SECURITY_MANAGER, JSONAuthorization.class.getName()); + properties.put(SECURITY_MANAGER, SampleSecurityManager.class.getName()); // set up vm_0 the secure jmx manager - Object[] results = setUpJMXManagerOnVM(0, properties, CACHE_SERVER_JSON); + Object[] results = setUpJMXManagerOnVM(0, properties, "com/gemstone/gemfire/management/internal/security/cacheServer.json"); String gfshDir = this.gfshDir; // set up vm_1 as a gfsh vm, data-reader will login and log out constantly in this vm until the test is done. http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ShiroCacheStartRule.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ShiroCacheStartRule.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ShiroCacheStartRule.java index 49cbbaa..3c11e53 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ShiroCacheStartRule.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ShiroCacheStartRule.java @@ -16,13 +16,14 @@ */ package com.gemstone.gemfire.management.internal.security; -import com.gemstone.gemfire.cache.Cache; -import com.gemstone.gemfire.cache.CacheFactory; -import org.junit.rules.ExternalResource; +import static com.gemstone.gemfire.distributed.ConfigurationProperties.*; import java.util.Properties; -import static com.gemstone.gemfire.distributed.ConfigurationProperties.*; +import org.junit.rules.ExternalResource; + +import com.gemstone.gemfire.cache.Cache; +import com.gemstone.gemfire.cache.CacheFactory; public class ShiroCacheStartRule extends ExternalResource { private Cache cache; @@ -34,7 +35,6 @@ public class ShiroCacheStartRule extends ExternalResource { this.shiroFile = shiroFile; } - protected void before() throws Throwable { Properties properties = new Properties(); properties.put(NAME, ShiroCacheStartRule.class.getSimpleName()); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java index 8c8ed40..875aeef 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java @@ -14,17 +14,16 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package com.gemstone.gemfire.management.internal.security; import java.util.ArrayList; import java.util.List; import org.apache.geode.security.GeodePermission; - import org.apache.shiro.authz.Permission; public class TestCommand { + public static GeodePermission none = null; public static GeodePermission everyOneAllowed = new GeodePermission(); public static GeodePermission dataRead = new GeodePermission("DATA", "READ"); @@ -206,7 +205,6 @@ public class TestCommand { createTestCommand("sleep", null); createTestCommand("sh ls", null); - // WAN Commands createTestCommand("create gateway-sender --id=sender1 --remote-distributed-system-id=2", dataManage); createTestCommand("start gateway-sender --id=sender1", dataManage); @@ -223,6 +221,7 @@ public class TestCommand { //ShellCommand createTestCommand("disconnect", null); + //Misc commands //createTestCommand("shutdown", clusterManage); }; http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-core/src/test/java/com/gemstone/gemfire/security/AbstractIntegratedClientAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/AbstractIntegratedClientAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/AbstractIntegratedClientAuthDistributedTest.java index feee478..feda4b4 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/AbstractIntegratedClientAuthDistributedTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/security/AbstractIntegratedClientAuthDistributedTest.java @@ -17,12 +17,12 @@ package com.gemstone.gemfire.security; import static com.gemstone.gemfire.distributed.ConfigurationProperties.*; -import static com.gemstone.gemfire.security.JSONAuthorization.*; import static org.assertj.core.api.Assertions.*; import static org.junit.Assert.*; import java.util.Properties; +import org.apache.geode.security.templates.SampleSecurityManager; import org.assertj.core.api.ThrowableAssert.ThrowingCallable; import org.junit.Before; @@ -56,16 +56,15 @@ public class AbstractIntegratedClientAuthDistributedTest extends JUnit4CacheTest this.client2 = host.getVM(2); this.client3 = host.getVM(3); - JSONAuthorization.setUpWithJsonFile(CLIENT_SERVER_JSON); - Properties props = new Properties(); - props.setProperty(SECURITY_MANAGER, JSONAuthorization.class.getName()); - if(postProcessor!=null){ + props.setProperty(SampleSecurityManager.SECURITY_JSON, "com/gemstone/gemfire/management/internal/security/clientServer.json"); + props.setProperty(LOCATORS, ""); + props.setProperty(MCAST_PORT, "0"); + if (postProcessor!=null) { props.setProperty(SECURITY_POST_PROCESSOR, postProcessor.getName()); } - props.setProperty(MCAST_PORT, "0"); - props.setProperty(LOCATORS, ""); props.setProperty(SECURITY_LOG_LEVEL, "finest"); + props.setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName()); getSystem(props); @@ -101,9 +100,9 @@ public class AbstractIntegratedClientAuthDistributedTest extends JUnit4CacheTest Properties props = new Properties(); props.setProperty(UserPasswordAuthInit.USER_NAME, userName); props.setProperty(UserPasswordAuthInit.PASSWORD, password); - props.setProperty(SECURITY_CLIENT_AUTH_INIT, UserPasswordAuthInit.class.getName() + ".create"); - props.setProperty(MCAST_PORT, "0"); props.setProperty(LOCATORS, ""); + props.setProperty(MCAST_PORT, "0"); + props.setProperty(SECURITY_CLIENT_AUTH_INIT, UserPasswordAuthInit.class.getName() + ".create"); props.setProperty(SECURITY_LOG_LEVEL, "finest"); return props; } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetEntryAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetEntryAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetEntryAuthDistributedTest.java index 8472af9..746dbb1 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetEntryAuthDistributedTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetEntryAuthDistributedTest.java @@ -16,7 +16,6 @@ */ package com.gemstone.gemfire.security; - import org.junit.Test; import org.junit.experimental.categories.Category; http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientSizeAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientSizeAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientSizeAuthDistributedTest.java index b0a1fa2..6aa3d68 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientSizeAuthDistributedTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientSizeAuthDistributedTest.java @@ -16,7 +16,6 @@ */ package com.gemstone.gemfire.security; - import org.junit.Ignore; import org.junit.Test; import org.junit.experimental.categories.Category; http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleDistributedTest.java index dc63f2f..902ebf0 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleDistributedTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleDistributedTest.java @@ -17,11 +17,11 @@ package com.gemstone.gemfire.security; import static com.gemstone.gemfire.distributed.ConfigurationProperties.*; -import static com.gemstone.gemfire.security.JSONAuthorization.*; import static org.assertj.core.api.Assertions.*; import java.util.Properties; +import org.apache.geode.security.templates.SampleSecurityManager; import org.junit.Test; import org.junit.experimental.categories.Category; @@ -45,7 +45,7 @@ public class IntegratedSecurityCacheLifecycleDistributedTest extends JUnit4Cache public final void postSetUp() throws Exception { Host host = Host.getHost(0); locator = host.getVM(0); - JSONAuthorization.setUpWithJsonFile(CLIENT_SERVER_JSON); + int locatorPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET); String locators = NetworkUtils.getServerHostName(host) + "[" + locatorPort + "]"; @@ -53,6 +53,7 @@ public class IntegratedSecurityCacheLifecycleDistributedTest extends JUnit4Cache DistributedTestUtils.deleteLocatorStateFile(locatorPort); final Properties properties = new Properties(); + properties.setProperty(SampleSecurityManager.SECURITY_JSON, "com/gemstone/gemfire/management/internal/security/clientServer.json"); // properties.setProperty(LOCATORS, locators); properties.setProperty(MCAST_PORT, "0"); properties.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName()); @@ -63,6 +64,7 @@ public class IntegratedSecurityCacheLifecycleDistributedTest extends JUnit4Cache }); final Properties properties = new Properties(); + properties.setProperty(SampleSecurityManager.SECURITY_JSON, "com/gemstone/gemfire/management/internal/security/clientServer.json"); properties.setProperty(LOCATORS, locators); properties.setProperty(MCAST_PORT, "0"); properties.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName()); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java index 228a8d6..5eabe7a 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java @@ -18,7 +18,6 @@ package com.gemstone.gemfire.security; import static com.gemstone.gemfire.distributed.ConfigurationProperties.*; import static org.assertj.core.api.Assertions.*; -import static org.mockito.Mockito.*; import java.util.Properties; http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityNoShowValue1PostProcessorDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityNoShowValue1PostProcessorDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityNoShowValue1PostProcessorDUnitTest.java index d6ac3aa..ce090f1 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityNoShowValue1PostProcessorDUnitTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityNoShowValue1PostProcessorDUnitTest.java @@ -14,7 +14,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package com.gemstone.gemfire.security; import static org.junit.Assert.*; @@ -81,7 +80,6 @@ public class IntegratedSecurityNoShowValue1PostProcessorDUnitTest extends Abstra assertTrue(result.contains("value2")); assertTrue(result.contains("value3")); assertTrue(result.contains("value4")); - }); } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPeerAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPeerAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPeerAuthDistributedTest.java index a5e0aa0..7a4830d 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPeerAuthDistributedTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPeerAuthDistributedTest.java @@ -17,7 +17,6 @@ package com.gemstone.gemfire.security; import static com.gemstone.gemfire.distributed.ConfigurationProperties.*; -import static com.gemstone.gemfire.security.JSONAuthorization.*; import static com.gemstone.gemfire.test.dunit.Invoke.*; import static org.assertj.core.api.Assertions.*; @@ -33,13 +32,14 @@ import com.gemstone.gemfire.test.dunit.cache.internal.JUnit4CacheTestCase; import com.gemstone.gemfire.test.junit.categories.DistributedTest; import com.gemstone.gemfire.test.junit.categories.SecurityTest; +import org.apache.geode.security.templates.SampleSecurityManager; import org.junit.Test; import org.junit.experimental.categories.Category; @Category({ DistributedTest.class, SecurityTest.class }) public class IntegratedSecurityPeerAuthDistributedTest extends JUnit4CacheTestCase{ - private static SpyJSONAuthorization spyJSONAuthorization; + private static SpySecurityManager spySecurityManager; private VM locator; private VM server1; @@ -58,12 +58,12 @@ public class IntegratedSecurityPeerAuthDistributedTest extends JUnit4CacheTestCa locators = NetworkUtils.getServerHostName(host) + "[" + locatorPort + "]"; locator.invoke(() -> { - JSONAuthorization.setUpWithJsonFile(PEER_AUTH_JSON); - spyJSONAuthorization = new SpyJSONAuthorization(); + spySecurityManager = new SpySecurityManager(); DistributedTestUtils.deleteLocatorStateFile(locatorPort); final Properties properties = createProperties(locators); + properties.setProperty(SampleSecurityManager.SECURITY_JSON, "com/gemstone/gemfire/security/peerAuth.json"); properties.setProperty(UserPasswordAuthInit.USER_NAME, "locator1"); properties.setProperty(UserPasswordAuthInit.PASSWORD, "1234567"); properties.setProperty(START_LOCATOR, locators); @@ -73,10 +73,10 @@ public class IntegratedSecurityPeerAuthDistributedTest extends JUnit4CacheTestCa }); server1.invoke(()-> { - JSONAuthorization.setUpWithJsonFile(PEER_AUTH_JSON); - spyJSONAuthorization = new SpyJSONAuthorization(); + spySecurityManager = new SpySecurityManager(); final Properties properties = createProperties(locators); + properties.setProperty(SampleSecurityManager.SECURITY_JSON, "com/gemstone/gemfire/security/peerAuth.json"); properties.setProperty(UserPasswordAuthInit.USER_NAME, "server1"); properties.setProperty(UserPasswordAuthInit.PASSWORD, "1234567"); @@ -85,10 +85,10 @@ public class IntegratedSecurityPeerAuthDistributedTest extends JUnit4CacheTestCa }); server2.invoke(()-> { - JSONAuthorization.setUpWithJsonFile(PEER_AUTH_JSON); - spyJSONAuthorization = new SpyJSONAuthorization(); + spySecurityManager = new SpySecurityManager(); final Properties properties = createProperties(locators); + properties.setProperty(SampleSecurityManager.SECURITY_JSON, "com/gemstone/gemfire/security/peerAuth.json"); properties.setProperty(UserPasswordAuthInit.USER_NAME, "server2"); properties.setProperty(UserPasswordAuthInit.PASSWORD, "1234567"); @@ -99,10 +99,10 @@ public class IntegratedSecurityPeerAuthDistributedTest extends JUnit4CacheTestCa @Test public void initAndCloseTest() throws Exception { - JSONAuthorization.setUpWithJsonFile(PEER_AUTH_JSON); - spyJSONAuthorization = new SpyJSONAuthorization(); + spySecurityManager = new SpySecurityManager(); final Properties properties = createProperties(locators); + properties.setProperty(SampleSecurityManager.SECURITY_JSON, "com/gemstone/gemfire/security/peerAuth.json"); properties.setProperty(UserPasswordAuthInit.USER_NAME, "stranger"); properties.setProperty(UserPasswordAuthInit.PASSWORD, "1234567"); @@ -112,21 +112,21 @@ public class IntegratedSecurityPeerAuthDistributedTest extends JUnit4CacheTestCa @Override public void postTearDownCacheTestCase() throws Exception { closeAllCache(); - spyJSONAuthorization = null; - invokeInEveryVM(() -> { spyJSONAuthorization = null; }); + spySecurityManager = null; + invokeInEveryVM(() -> { spySecurityManager = null; }); } private static Properties createProperties(String locators) { Properties allProperties = new Properties(); allProperties.setProperty(LOCATORS, locators); allProperties.setProperty(MCAST_PORT, "0"); - allProperties.setProperty(SECURITY_MANAGER, SpyJSONAuthorization.class.getName()); + allProperties.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName()); allProperties.setProperty(SECURITY_PEER_AUTH_INIT, UserPasswordAuthInit.class.getName() + ".create"); allProperties.setProperty(USE_CLUSTER_CONFIGURATION, "false"); return allProperties; } - public static class SpyJSONAuthorization extends JSONAuthorization { + public static class SpySecurityManager extends SampleSecurityManager { static int initInvoked = 0; static int closeInvoked = 0; http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPostProcessorDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPostProcessorDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPostProcessorDUnitTest.java index f573073..0568659 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPostProcessorDUnitTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPostProcessorDUnitTest.java @@ -14,7 +14,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package com.gemstone.gemfire.security; import static org.junit.Assert.*; @@ -85,7 +84,6 @@ public class IntegratedSecurityPostProcessorDUnitTest extends AbstractIntegrated assertTrue(result.contains("super-user/null/null/value2")); assertTrue(result.contains("super-user/null/null/value3")); assertTrue(result.contains("super-user/null/null/value4")); - }); } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-core/src/test/java/com/gemstone/gemfire/security/JSONAuthorization.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/JSONAuthorization.java b/geode-core/src/test/java/com/gemstone/gemfire/security/JSONAuthorization.java deleted file mode 100644 index bf7990a..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/JSONAuthorization.java +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import java.io.File; -import java.io.FileReader; -import java.io.IOException; - -import org.apache.geode.security.templates.SampleSecurityManager; -import com.gemstone.gemfire.util.test.TestUtil; - -/** - * Used by test code. when using this class for security-manager, you will need explicitly call setUpWithJsonFile - * to initialize the acl (access control list). - */ -public class JSONAuthorization extends SampleSecurityManager { - - public static String AUTH1_JSON = "/com/gemstone/gemfire/management/internal/security/auth1.json"; - public static String AUTH2_JSON = "/com/gemstone/gemfire/management/internal/security/auth2.json"; - public static String AUTH3_JSON = "/com/gemstone/gemfire/management/internal/security/auth3.json"; - public static String CACHE_SERVER_JSON = "/com/gemstone/gemfire/management/internal/security/cacheServer.json"; - public static String CLIENT_SERVER_JSON = "/com/gemstone/gemfire/management/internal/security/clientServer.json"; - public static String SHIRO_INI_JSON = "/com/gemstone/gemfire/management/internal/security/shiro-ini.json"; - public static String PEER_AUTH_JSON = "/com/gemstone/gemfire/security/peerAuth.json"; - - /** - * Override the child class's implemention to look for jsonFile in the same package as this class instead of - * in the classpath - */ - public static void setUpWithJsonFile(String jsonFileName) throws IOException { - String filePath = TestUtil.getResourcePath(JSONAuthorization.class, jsonFileName); - File file = new File(filePath); - FileReader reader = new FileReader(file); - char[] buffer = new char[(int) file.length()]; - reader.read(buffer); - String json = new String(buffer); - reader.close(); - readSecurityDescriptor(json); - } -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java b/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java index b6fd2f7..b428144 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java @@ -14,7 +14,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package com.gemstone.gemfire.security; import java.security.Principal; @@ -28,9 +27,10 @@ public class NoShowValue1PostProcessor implements PostProcessor { final String regionName, final Object key, final Object value) { - if(value.equals("value1")) + if (value.equals("value1")) { return null; - else + } else { return value; + } } } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-core/src/test/java/com/gemstone/gemfire/security/SecurityTestUtils.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/SecurityTestUtils.java b/geode-core/src/test/java/com/gemstone/gemfire/security/SecurityTestUtils.java index b74b054..598242d 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/SecurityTestUtils.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/security/SecurityTestUtils.java @@ -16,7 +16,6 @@ * specific language governing permissions and limitations * under the License. */ - package com.gemstone.gemfire.security; import static com.gemstone.gemfire.cache30.ClientServerTestCase.*; @@ -90,6 +89,7 @@ import com.gemstone.gemfire.test.dunit.internal.JUnit4DistributedTestCase; /** * Contains utility methods for setting up servers/clients for authentication * and authorization tests. + * * @since GemFire 5.5 */ public final class SecurityTestUtils { http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-core/src/test/java/org/apache/geode/security/templates/SampleSecurityManagerTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/security/templates/SampleSecurityManagerTest.java b/geode-core/src/test/java/org/apache/geode/security/templates/SampleSecurityManagerTest.java new file mode 100644 index 0000000..c810cb0 --- /dev/null +++ b/geode-core/src/test/java/org/apache/geode/security/templates/SampleSecurityManagerTest.java @@ -0,0 +1,123 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.geode.security.templates; + +import static org.assertj.core.api.Assertions.*; + +import java.io.File; +import java.io.FileOutputStream; +import java.io.InputStream; +import java.util.Properties; + +import org.apache.commons.io.FileUtils; +import org.apache.commons.io.IOUtils; +import org.junit.Before; +import org.junit.Rule; +import org.junit.Test; +import org.junit.experimental.categories.Category; +import org.junit.rules.TemporaryFolder; + +import com.gemstone.gemfire.test.junit.categories.SecurityTest; +import com.gemstone.gemfire.test.junit.categories.IntegrationTest; +import org.apache.geode.security.templates.SampleSecurityManager.Role; +import org.apache.geode.security.templates.SampleSecurityManager.User; + +@Category({ IntegrationTest.class, SecurityTest.class }) +public class SampleSecurityManagerTest { + + private SampleSecurityManager sampleSecurityManager; + private String jsonResource; + private File jsonFile; + private String json; + + @Rule + public TemporaryFolder temporaryFolder = new TemporaryFolder(); + + @Before + public void setUp() throws Exception { + // resource file + this.jsonResource = "org/apache/geode/security/templates/security.json"; + InputStream inputStream = ClassLoader.getSystemResourceAsStream(this.jsonResource); + + assertThat(inputStream).isNotNull(); + + // non-resource file + this.jsonFile = new File(temporaryFolder.getRoot(), "security.json"); + IOUtils.copy(inputStream, new FileOutputStream(this.jsonFile)); + + // string + this.json = FileUtils.readFileToString(this.jsonFile, "UTF-8"); + this.sampleSecurityManager = new SampleSecurityManager(); + } + + @Test + public void shouldInitializeFromJsonString() throws Exception { + this.sampleSecurityManager.initializeFromJson(this.json); + verifySecurityManagerState(); + } + + @Test + public void shouldInitializeFromJsonResource() throws Exception { + this.sampleSecurityManager.initializeFromJsonResource(this.jsonResource); + verifySecurityManagerState(); + } + + @Test + public void shouldInitializeFromJsonFile() throws Exception { + this.sampleSecurityManager.initializeFromJsonFile(this.jsonFile); + verifySecurityManagerState(); + } + + @Test + public void initShouldUsePropertyAsJsonString() throws Exception { + Properties securityProperties = new Properties(); + securityProperties.setProperty(SampleSecurityManager.SECURITY_JSON, this.json); + this.sampleSecurityManager.init(securityProperties); + verifySecurityManagerState(); + } + + @Test + public void initShouldUsePropertyAsJsonFile() throws Exception { + Properties securityProperties = new Properties(); + securityProperties.setProperty(SampleSecurityManager.SECURITY_JSON, this.jsonFile.getAbsolutePath()); + this.sampleSecurityManager.init(securityProperties); + verifySecurityManagerState(); + } + + @Test + public void initShouldUsePropertyAsJsonResource() throws Exception { + Properties securityProperties = new Properties(); + securityProperties.setProperty(SampleSecurityManager.SECURITY_JSON, this.jsonResource); + this.sampleSecurityManager.init(securityProperties); + verifySecurityManagerState(); + } + + private void verifySecurityManagerState() { + User adminUser = this.sampleSecurityManager.getUser("admin"); + assertThat(adminUser).isNotNull(); + assertThat(adminUser.name).isEqualTo("admin"); + assertThat(adminUser.password).isEqualTo("secret"); + assertThat(adminUser.roles).hasSize(1); + + User guestUser = this.sampleSecurityManager.getUser("guest"); + assertThat(guestUser).isNotNull(); + assertThat(guestUser.name).isEqualTo("guest"); + assertThat(guestUser.password).isEqualTo("guest"); + assertThat(guestUser.roles).hasSize(1); + // TODO: need to do more verification + } +} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-core/src/test/resources/org/apache/geode/security/templates/security.json ---------------------------------------------------------------------- diff --git a/geode-core/src/test/resources/org/apache/geode/security/templates/security.json b/geode-core/src/test/resources/org/apache/geode/security/templates/security.json new file mode 100644 index 0000000..c1ee9fc --- /dev/null +++ b/geode-core/src/test/resources/org/apache/geode/security/templates/security.json @@ -0,0 +1,30 @@ +{ + "roles": [ + { + "name": "admin", + "operationsAllowed": [ + "CLUSTER:MANAGE", + "DATA:MANAGE" + ] + }, + { + "name": "readRegionA", + "operationsAllowed": [ + "DATA:READ" + ], + "regions": ["RegionA", "RegionB"] + } + ], + "users": [ + { + "name": "admin", + "password": "secret", + "roles": ["admin"] + }, + { + "name": "guest", + "password": "guest", + "roles": ["readRegionA"] + } + ] +} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/17ede315/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java ---------------------------------------------------------------------- diff --git a/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java b/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java index 8f47145..d59b562 100644 --- a/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java +++ b/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java @@ -26,6 +26,7 @@ import java.net.InetAddress; import java.net.UnknownHostException; import java.util.HashMap; import java.util.Map; +import java.util.Properties; import javax.management.InstanceAlreadyExistsException; import javax.management.MBeanRegistrationException; @@ -38,6 +39,7 @@ import javax.management.remote.JMXConnectorServerFactory; import javax.management.remote.JMXServiceURL; import com.vmware.gemfire.tools.pulse.internal.data.PulseConstants; +import org.apache.geode.security.templates.SampleSecurityManager; import org.apache.shiro.SecurityUtils; import org.apache.shiro.mgt.DefaultSecurityManager; import org.apache.shiro.mgt.SecurityManager; @@ -46,11 +48,11 @@ import org.apache.shiro.realm.Realm; import com.gemstone.gemfire.internal.security.shiro.CustomAuthRealm; import com.gemstone.gemfire.internal.security.shiro.JMXShiroAuthenticator; import com.gemstone.gemfire.management.internal.security.AccessControlMBean; -import com.gemstone.gemfire.security.JSONAuthorization; import com.gemstone.gemfire.management.internal.security.MBeanServerWrapper; import com.gemstone.gemfire.management.internal.security.ResourceConstants; public class Server { + private static final String DEFAULT_HOST = "127.0.0.1"; //"localhost" private static final int DEFAULT_PORT = 9999; private final JMXServiceURL url; @@ -68,11 +70,13 @@ public class Server { if (jsonAuthFile != null) { System.setProperty("spring.profiles.active", "pulse.authentication.gemfire"); - JSONAuthorization.setUpWithJsonFile(jsonAuthFile); + Map<String, Object> env = new HashMap<String, Object>(); // set up Shiro Security Manager - Realm realm = new CustomAuthRealm(JSONAuthorization.class.getName()); + Properties securityProperties = new Properties(); + securityProperties.setProperty(SampleSecurityManager.SECURITY_JSON, jsonAuthFile); + Realm realm = new CustomAuthRealm(SampleSecurityManager.class.getName(), securityProperties); SecurityManager securityManager = new DefaultSecurityManager(realm); SecurityUtils.setSecurityManager(securityManager);
