http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/GemFireSecurityExceptionTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/GemFireSecurityExceptionTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/GemFireSecurityExceptionTest.java deleted file mode 100644 index 5aa01ff..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/GemFireSecurityExceptionTest.java +++ /dev/null @@ -1,169 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import static com.googlecode.catchexception.CatchException.*; -import static org.assertj.core.api.Assertions.*; - -import java.io.NotSerializableException; -import java.io.Serializable; -import javax.naming.NamingException; - -import org.apache.commons.lang.SerializationUtils; -import org.junit.Before; -import org.junit.Rule; -import org.junit.Test; -import org.junit.experimental.categories.Category; -import org.junit.rules.TestName; - -import com.gemstone.gemfire.test.junit.categories.SecurityTest; -import com.gemstone.gemfire.test.junit.categories.UnitTest; - -/** - * Unit tests for {@link GemFireSecurityException}. - */ -@Category({ UnitTest.class, SecurityTest.class }) -public class GemFireSecurityExceptionTest { - - private String message; - private String causeMessage; - private Object nonSerializableResolvedObj; - private NamingException nonSerializableNamingException; - private SerializableObject serializableResolvedObj; - private NamingException serializableNamingException; - - @Rule - public TestName testName = new TestName(); - - @Before - public void setUp() throws Exception { - this.message = testName.getMethodName() + " message"; - this.causeMessage = testName.getMethodName() + " cause message"; - - this.nonSerializableResolvedObj = new Object(); - this.nonSerializableNamingException = new NamingException(this.causeMessage); - this.nonSerializableNamingException.setResolvedObj(this.nonSerializableResolvedObj); - - this.serializableResolvedObj = new SerializableObject(this.testName.getMethodName()); - this.serializableNamingException = new NamingException(this.causeMessage); - this.serializableNamingException.setResolvedObj(this.serializableResolvedObj); - - assertPreConditions(); - } - - private void assertPreConditions() { - catchException(this).clone(this.nonSerializableNamingException); - assertThat((Throwable)caughtException()).isNotNull(); - assertThat((Throwable)caughtException().getCause()).isInstanceOf(NotSerializableException.class); - - catchException(this).clone(this.serializableNamingException); - assertThat((Throwable)caughtException()).isNull(); - - assertThat(this.nonSerializableResolvedObj).isNotInstanceOf(Serializable.class); - - catchException(this).clone(this.serializableResolvedObj); - assertThat((Throwable)caughtException()).isNull(); - } - - @Test - public void isSerializable() throws Exception { - assertThat(GemFireSecurityException.class).isInstanceOf(Serializable.class); - } - - @Test - public void serializes() throws Exception { - GemFireSecurityException instance = new GemFireSecurityException(this.message); - - GemFireSecurityException cloned = (GemFireSecurityException) SerializationUtils.clone(instance); - - assertThat(cloned).hasMessage(this.message); - } - - @Test - public void serializesWithThrowable() throws Exception { - Throwable cause = new Exception(this.causeMessage); - GemFireSecurityException instance = new GemFireSecurityException(this.message, cause); - - GemFireSecurityException cloned = (GemFireSecurityException) SerializationUtils.clone(instance); - - assertThat(cloned).hasMessage(this.message).hasCause(cause); - assertThat(cloned.getCause()).hasMessage(this.causeMessage); - } - - @Test - public void serializesWithNonSerializableNamingException() throws Exception { - GemFireSecurityException instance = new GemFireSecurityException(this.message, this.nonSerializableNamingException); - - GemFireSecurityException cloned = (GemFireSecurityException) SerializationUtils.clone(instance); - - assertThat(cloned).hasMessage(this.message).hasCause(this.nonSerializableNamingException); - NamingException cause = (NamingException) cloned.getCause(); - assertThat(cause).hasMessage(this.causeMessage); - assertThat(cause.getResolvedObj()).isNull(); - } - - @Test - public void serializesWithSerializableNamingException() throws Exception { - GemFireSecurityException instance = new GemFireSecurityException(this.message, this.serializableNamingException); - - GemFireSecurityException cloned = (GemFireSecurityException) SerializationUtils.clone(instance); - - assertThat(cloned).hasMessage(this.message).hasCause(this.serializableNamingException); - NamingException cause = (NamingException) cloned.getCause(); - assertThat(cause).hasMessage(this.causeMessage); - assertThat(cause.getResolvedObj()).isNotNull().isEqualTo(this.serializableResolvedObj); - } - - @Test - public void isSerializableReturnsTrueForSerializableClass() throws Exception { - assertThat(new GemFireSecurityException("").isSerializable(this.serializableResolvedObj)).isTrue(); - } - - @Test - public void isSerializableReturnsFalseForNonSerializableClass() throws Exception { - assertThat(new GemFireSecurityException("").isSerializable(this.nonSerializableResolvedObj)).isFalse(); - } - - public Object clone(final Serializable object) { - return SerializationUtils.clone(object); - } - - public static class SerializableObject implements Serializable { - - private String name; - - SerializableObject(String name) { - this.name = name; - } - - @Override - public boolean equals(Object o) { - if (this == o) return true; - if (o == null || getClass() != o.getClass()) return false; - - SerializableObject that = (SerializableObject) o; - - return name != null ? name.equals(that.name) : that.name == null; - - } - - @Override - public int hashCode() { - return name != null ? name.hashCode() : 0; - } - } -}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientAuthDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientAuthDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientAuthDUnitTest.java deleted file mode 100644 index 73bfcb4..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientAuthDUnitTest.java +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import static com.googlecode.catchexception.CatchException.*; -import static org.assertj.core.api.Assertions.*; - -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import com.gemstone.gemfire.cache.client.ClientCache; -import com.gemstone.gemfire.cache.client.ClientCacheFactory; -import com.gemstone.gemfire.cache.client.ClientRegionFactory; -import com.gemstone.gemfire.cache.client.ClientRegionShortcut; -import com.gemstone.gemfire.test.dunit.IgnoredException; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -@Category({ DistributedTest.class, SecurityTest.class }) -public class IntegratedClientAuthDUnitTest extends AbstractSecureServerDUnitTest { - - @Test - public void authWithCorrectPasswordShouldPass() { - client1.invoke("logging in super-user with correct password", () -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("super-user", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - ClientRegionFactory<String, String> crf = cache.createClientRegionFactory(ClientRegionShortcut.PROXY); - - crf.create(REGION_NAME); - }); - } - - @Test - public void authWithIncorrectPasswordShouldFail() { - IgnoredException.addIgnoredException(AuthenticationFailedException.class.getName()); - - client2.invoke("logging in super-user with wrong password", () -> { - AuthenticationFailedException expected = new AuthenticationFailedException("Authentication error. Please check your credentials."); - - catchException(new ClientCacheFactory(createClientProperties("super-user", "wrong")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort)) - .create(); - assertThat((Throwable) caughtException()).hasCause(expected); - }); - } -} - - http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientContainsKeyAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientContainsKeyAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientContainsKeyAuthDistributedTest.java deleted file mode 100644 index 336cf87..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientContainsKeyAuthDistributedTest.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import static org.junit.Assert.*; - -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import com.gemstone.gemfire.cache.Region; -import com.gemstone.gemfire.cache.client.ClientCache; -import com.gemstone.gemfire.test.dunit.AsyncInvocation; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -@Category({ DistributedTest.class, SecurityTest.class }) -public class IntegratedClientContainsKeyAuthDistributedTest extends AbstractSecureServerDUnitTest { - - @Test - public void testContainsKey() throws InterruptedException { - AsyncInvocation ai1 = client1.invokeAsync(() -> { - ClientCache cache = createClientCache("key1User", "1234567", serverPort); - final Region region = cache.getRegion(REGION_NAME); - assertTrue(region.containsKeyOnServer("key1")); - assertNotAuthorized(() -> region.containsKeyOnServer("key3"), "DATA:READ:AuthRegion:key3"); - }); - - AsyncInvocation ai2 = client2.invokeAsync(() -> { - ClientCache cache = createClientCache("authRegionReader", "1234567", serverPort); - final Region region = cache.getRegion(REGION_NAME); - region.containsKeyOnServer("key3"); - assertTrue(region.containsKeyOnServer("key1")); - }); - - ai1.join(); - ai2.join(); - ai1.checkException(); - ai2.checkException(); - } - -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientDestroyInvalidateAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientDestroyInvalidateAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientDestroyInvalidateAuthDistributedTest.java deleted file mode 100644 index e811d86..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientDestroyInvalidateAuthDistributedTest.java +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import static org.junit.Assert.*; - -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import com.gemstone.gemfire.cache.Region; -import com.gemstone.gemfire.cache.client.ClientCache; -import com.gemstone.gemfire.cache.client.ClientCacheFactory; -import com.gemstone.gemfire.cache.client.ClientRegionShortcut; -import com.gemstone.gemfire.test.dunit.AsyncInvocation; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -@Category({ DistributedTest.class, SecurityTest.class }) -public class IntegratedClientDestroyInvalidateAuthDistributedTest extends AbstractSecureServerDUnitTest { - - @Test - public void testDestroyInvalidate() throws InterruptedException { - - // Delete one key and invalidate another key with an authorized user. - AsyncInvocation ai1 = client1.invokeAsync(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("dataUser", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - assertTrue(region.containsKeyOnServer("key1")); - - // Destroy key1 - region.destroy("key1"); - assertFalse(region.containsKeyOnServer("key1")); - - // Invalidate key2 - assertNotNull("Value of key2 should not be null", region.get("key2")); - region.invalidate("key2"); - assertNull("Value of key2 should have been null", region.get("key2")); - - }); - - // Delete one key and invalidate another key with an unauthorized user. - AsyncInvocation ai2 = client2.invokeAsync(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("authRegionReader", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - - assertTrue(region.containsKeyOnServer("key3")); - - // Destroy key1 - assertNotAuthorized(() -> region.destroy("key3"), "DATA:WRITE:AuthRegion"); - assertTrue(region.containsKeyOnServer("key3")); - - // Invalidate key2 - assertNotNull("Value of key4 should not be null", region.get("key4")); - assertNotAuthorized(() -> region.invalidate("key4"), "DATA:WRITE:AuthRegion"); - assertNotNull("Value of key4 should not be null", region.get("key4")); - }); - - ai1.join(); - ai2.join(); - ai1.checkException(); - ai2.checkException(); - } - -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientDestroyRegionAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientDestroyRegionAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientDestroyRegionAuthDistributedTest.java deleted file mode 100644 index adb7c0b..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientDestroyRegionAuthDistributedTest.java +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import static org.assertj.core.api.Assertions.*; - -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import com.gemstone.gemfire.cache.Region; -import com.gemstone.gemfire.cache.client.ClientCache; -import com.gemstone.gemfire.cache.client.ClientCacheFactory; -import com.gemstone.gemfire.cache.client.ClientRegionShortcut; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -@Category({ DistributedTest.class, SecurityTest.class }) -public class IntegratedClientDestroyRegionAuthDistributedTest extends AbstractSecureServerDUnitTest { - - @Test - public void testDestroyRegion() throws InterruptedException { - client1.invoke(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("dataWriter", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - assertNotAuthorized(() -> region.destroyRegion(), "DATA:MANAGE"); - }); - - client2.invoke(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("authRegionManager", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - assertNotAuthorized(() -> region.destroyRegion(), "DATA:MANAGE"); - }); - - client3.invoke(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("super-user", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - region.destroyRegion(); - assertThat(region.isDestroyed()).isTrue(); - }); - } - -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientExecuteFunctionAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientExecuteFunctionAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientExecuteFunctionAuthDistributedTest.java deleted file mode 100644 index bf4b027..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientExecuteFunctionAuthDistributedTest.java +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import com.gemstone.gemfire.cache.client.ClientCache; -import com.gemstone.gemfire.cache.execute.Function; -import com.gemstone.gemfire.cache.execute.FunctionService; -import com.gemstone.gemfire.cache.execute.ResultCollector; -import com.gemstone.gemfire.internal.cache.functions.TestFunction; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -@Category({ DistributedTest.class, SecurityTest.class }) -public class IntegratedClientExecuteFunctionAuthDistributedTest extends AbstractSecureServerDUnitTest { - - private final static Function function = new TestFunction(true, TestFunction.TEST_FUNCTION1); - - @Test - public void testExecuteRegionFunction() { - - FunctionService.registerFunction(function); - - client1.invoke("logging in with dataReader", () -> { - ClientCache cache = createClientCache("dataReader", "1234567", serverPort); - - FunctionService.registerFunction(function); - assertNotAuthorized(() -> FunctionService.onServer(cache.getDefaultPool()) - .withArgs(Boolean.TRUE) - .execute(function.getId()), "DATA:WRITE"); - }); - - client2.invoke("logging in with super-user", () -> { - ClientCache cache = createClientCache("super-user", "1234567", serverPort); - - FunctionService.registerFunction(function); - ResultCollector rc = FunctionService.onServer(cache.getDefaultPool()) - .withArgs(Boolean.TRUE) - .execute(function.getId()); - rc.getResult(); - }); - } -} - - http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientExecuteRegionFunctionAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientExecuteRegionFunctionAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientExecuteRegionFunctionAuthDistributedTest.java deleted file mode 100644 index 08425a0..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientExecuteRegionFunctionAuthDistributedTest.java +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import com.gemstone.gemfire.cache.client.ClientCache; -import com.gemstone.gemfire.cache.execute.Function; -import com.gemstone.gemfire.cache.execute.FunctionService; -import com.gemstone.gemfire.cache.execute.ResultCollector; -import com.gemstone.gemfire.internal.cache.functions.TestFunction; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -@Category({ DistributedTest.class, SecurityTest.class }) -public class IntegratedClientExecuteRegionFunctionAuthDistributedTest - extends AbstractSecureServerDUnitTest { - - private final static Function function = new TestFunction(true, TestFunction.TEST_FUNCTION1); - - @Test - public void testExecuteRegionFunction() { - - FunctionService.registerFunction(function); - - client1.invoke("logging in with dataReader", () -> { - ClientCache cache = createClientCache("dataReader", "1234567", serverPort); - - FunctionService.registerFunction(function); - assertNotAuthorized(() -> FunctionService.onRegion(cache.getRegion(REGION_NAME)) - .withArgs(Boolean.TRUE) - .execute(function.getId()), "DATA:WRITE"); - }); - - client2.invoke("logging in with super-user", () -> { - ClientCache cache = createClientCache("super-user", "1234567", serverPort); - - FunctionService.registerFunction(function); - ResultCollector rc = FunctionService.onRegion(cache.getRegion(REGION_NAME)) - .withArgs(Boolean.TRUE) - .execute(function.getId()); - rc.getResult(); - }); - } -} - - http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetAllAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetAllAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetAllAuthDistributedTest.java deleted file mode 100644 index 1931633..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetAllAuthDistributedTest.java +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import static com.gemstone.gemfire.internal.Assert.assertTrue; -import static org.jgroups.util.Util.*; - -import java.util.Arrays; -import java.util.Map; - -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import com.gemstone.gemfire.cache.Region; -import com.gemstone.gemfire.cache.client.ClientCache; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -@Category({ DistributedTest.class, SecurityTest.class }) -public class IntegratedClientGetAllAuthDistributedTest extends AbstractSecureServerDUnitTest { - - @Test - public void testGetAll() { - client1.invoke("logging in Stranger", () -> { - ClientCache cache = createClientCache("stranger", "1234567", serverPort); - - Region region = cache.getRegion(REGION_NAME); - Map emptyMap = region.getAll(Arrays.asList("key1", "key2", "key3", "key4")); - assertTrue(emptyMap.isEmpty()); - }); - - client2.invoke("logging in authRegionReader", () -> { - ClientCache cache = createClientCache("authRegionReader", "1234567", serverPort); - - Region region = cache.getRegion(REGION_NAME); - Map filledMap = region.getAll(Arrays.asList("key1", "key2", "key3", "key4")); - assertEquals("Map should contain 4 entries", 4, filledMap.size()); - assertTrue(filledMap.containsKey("key1")); - }); - } -} - - http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetClientPRMetaDataAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetClientPRMetaDataAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetClientPRMetaDataAuthDistributedTest.java deleted file mode 100644 index 2f2a013..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetClientPRMetaDataAuthDistributedTest.java +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import org.junit.Ignore; -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import com.gemstone.gemfire.cache.Region; -import com.gemstone.gemfire.cache.client.ClientCache; -import com.gemstone.gemfire.cache.client.ClientCacheFactory; -import com.gemstone.gemfire.cache.client.ClientRegionShortcut; -import com.gemstone.gemfire.cache.client.internal.ClientMetadataService; -import com.gemstone.gemfire.internal.cache.GemFireCacheImpl; -import com.gemstone.gemfire.internal.cache.LocalRegion; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -@Category({ DistributedTest.class, SecurityTest.class }) -public class IntegratedClientGetClientPRMetaDataAuthDistributedTest - extends AbstractSecureServerDUnitTest { - - @Test - @Ignore("This is not a supported client message") - // this would fail sporadically because ServerConnection.isInternalMessage would return true for this message, - // and it won't bind the correct subject on the executing thread. - public void testGetClientPartitionAttrCmd() { - client1.invoke("logging in stranger", () -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("stranger", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - - ClientMetadataService service = ((GemFireCacheImpl) cache).getClientMetadataService(); - assertNotAuthorized(() -> service.getClientPRMetadata((LocalRegion) cache.getRegion(region.getName())), "CLUSTER:READ"); - }); - - client2.invoke("logging in super-user", () -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("super-user", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - - ClientMetadataService service = ((GemFireCacheImpl) cache).getClientMetadataService(); - service.getClientPRMetadata((LocalRegion) cache.getRegion(region.getName())); - }); - } -} - - http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetClientPartitionAttrCmdAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetClientPartitionAttrCmdAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetClientPartitionAttrCmdAuthDistributedTest.java deleted file mode 100644 index b18ca98..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetClientPartitionAttrCmdAuthDistributedTest.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import org.junit.Ignore; -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import com.gemstone.gemfire.cache.client.ClientCache; -import com.gemstone.gemfire.cache.client.internal.GetClientPartitionAttributesOp; -import com.gemstone.gemfire.cache.client.internal.PoolImpl; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -@Category({ DistributedTest.class, SecurityTest.class }) -public class IntegratedClientGetClientPartitionAttrCmdAuthDistributedTest - extends AbstractSecureServerDUnitTest { - - @Test - @Ignore("This is not a supported client message") - // this would fail sporatically because ServerConnection.isInternalMessage would return true for this message, - // and it won't bind the correct subject on the executing thread. - public void testGetClientPartitionAttrCmd() { - client1.invoke("logging in stranger", () -> { - ClientCache cache = createClientCache("stranger", "1234567", serverPort); - - assertNotAuthorized(() -> GetClientPartitionAttributesOp.execute((PoolImpl) cache.getDefaultPool(), REGION_NAME), "CLUSTER:READ"); - }); - - client2.invoke("logging in super-user with correct password", () -> { - ClientCache cache = createClientCache("super-user", "1234567", serverPort); - - GetClientPartitionAttributesOp.execute((PoolImpl) cache.getDefaultPool(), REGION_NAME); - }); - } -} - - http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetEntryAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetEntryAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetEntryAuthDistributedTest.java deleted file mode 100644 index 656659e..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetEntryAuthDistributedTest.java +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import com.gemstone.gemfire.cache.CacheTransactionManager; -import com.gemstone.gemfire.cache.Region; -import com.gemstone.gemfire.cache.client.ClientCache; -import com.gemstone.gemfire.cache.client.ClientCacheFactory; -import com.gemstone.gemfire.cache.client.ClientRegionShortcut; -import com.gemstone.gemfire.test.dunit.AsyncInvocation; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -@Category({ DistributedTest.class, SecurityTest.class }) -public class IntegratedClientGetEntryAuthDistributedTest extends AbstractSecureServerDUnitTest { - - @Test - public void testGetEntry() throws InterruptedException { - // client1 connects to server as a user not authorized to do any operations - - AsyncInvocation ai1 = client1.invokeAsync(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("stranger", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - CacheTransactionManager transactionManager = cache.getCacheTransactionManager(); - transactionManager.begin(); - try { - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - assertNotAuthorized(() -> region.getEntry("key3"), "DATA:READ:AuthRegion:key3"); - } finally { - transactionManager.commit(); - } - - }); - - AsyncInvocation ai2 = client2.invokeAsync(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("authRegionReader", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - CacheTransactionManager transactionManager = cache.getCacheTransactionManager(); - transactionManager.begin(); - try { - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - region.getEntry("key3"); - } finally { - transactionManager.commit(); - } - - }); - - ai1.join(); - ai2.join(); - ai1.checkException(); - ai2.checkException(); - - } -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetPutAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetPutAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetPutAuthDistributedTest.java deleted file mode 100644 index 6d4374d..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetPutAuthDistributedTest.java +++ /dev/null @@ -1,116 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import static org.junit.Assert.*; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Set; - -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import com.gemstone.gemfire.cache.Region; -import com.gemstone.gemfire.cache.client.ClientCache; -import com.gemstone.gemfire.test.dunit.AsyncInvocation; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.FlakyTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -@Category({ DistributedTest.class, SecurityTest.class, FlakyTest.class }) -public class IntegratedClientGetPutAuthDistributedTest extends AbstractSecureServerDUnitTest { - - @Test - public void testGetPutAuthorization() throws InterruptedException { - Map<String, String> allValues = new HashMap<String, String>(); - allValues.put("key1", "value1"); - allValues.put("key2", "value2"); - - List<String> keys = new ArrayList<>(); - keys.add("key1"); - keys.add("key2"); - - // client1 connects to server as a user not authorized to do any operations - AsyncInvocation ai1 = client1.invokeAsync(()->{ - ClientCache cache = createClientCache("stranger", "1234567", serverPort); - Region region = cache.getRegion(REGION_NAME); - - assertNotAuthorized(() -> region.put("key3", "value3"), "DATA:WRITE:AuthRegion:key3"); - assertNotAuthorized(() -> region.get("key3"), "DATA:READ:AuthRegion:key3"); - - //putall - assertNotAuthorized(() -> region.putAll(allValues), "DATA:WRITE:AuthRegion"); - - // not authorized for either keys, get no record back - Map keyValues = region.getAll(keys); - assertEquals(0, keyValues.size()); - - assertNotAuthorized(() -> region.keySetOnServer(), "DATA:READ:AuthRegion"); - }); - - - // client2 connects to user as a user authorized to use AuthRegion region - AsyncInvocation ai2 = client2.invokeAsync(()->{ - ClientCache cache = createClientCache("authRegionUser", "1234567", serverPort); - Region region = cache.getRegion(REGION_NAME); - - region.put("key3", "value3"); - assertEquals("value3", region.get("key3")); - - // put all - region.putAll(allValues); - - // get all - Map keyValues = region.getAll(keys); - assertEquals(2, keyValues.size()); - - // keyset - Set keySet = region.keySetOnServer(); - assertEquals(5, keySet.size()); - }); - - // client3 connects to user as a user authorized to use key1 in AuthRegion region - AsyncInvocation ai3 = client3.invokeAsync(()->{ - ClientCache cache = createClientCache("key1User", "1234567", serverPort); - Region region = cache.getRegion(REGION_NAME); - - assertNotAuthorized(() -> region.put("key2", "value1"), "DATA:WRITE:AuthRegion:key2"); - assertNotAuthorized(() -> region.get("key2"), "DATA:READ:AuthRegion:key2"); - - assertNotAuthorized(() -> region.putAll(allValues), "DATA:WRITE:AuthRegion"); - - // only authorized for one recrod - Map keyValues = region.getAll(keys); - assertEquals(1, keyValues.size()); - - // keyset - assertNotAuthorized(() -> region.keySetOnServer(), "DATA:READ:AuthRegion"); - }); - - ai1.join(); - ai2.join(); - ai3.join(); - - ai1.checkException(); - ai2.checkException(); - ai3.checkException(); - } - -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientRegionClearAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientRegionClearAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientRegionClearAuthDistributedTest.java deleted file mode 100644 index 3c5a2ef..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientRegionClearAuthDistributedTest.java +++ /dev/null @@ -1,63 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import com.gemstone.gemfire.cache.Region; -import com.gemstone.gemfire.cache.client.ClientCache; -import com.gemstone.gemfire.cache.client.ClientCacheFactory; -import com.gemstone.gemfire.cache.client.ClientRegionShortcut; -import com.gemstone.gemfire.test.dunit.SerializableRunnable; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -@Category({ DistributedTest.class, SecurityTest.class }) -public class IntegratedClientRegionClearAuthDistributedTest extends AbstractSecureServerDUnitTest { - - @Test - public void testRegionClear() throws InterruptedException { - // Verify that an unauthorized user can't clear the region - SerializableRunnable clearUnauthorized = new SerializableRunnable() { - @Override - public void run() { - ClientCache cache = new ClientCacheFactory(createClientProperties("stranger", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - assertNotAuthorized(() -> region.clear(), "DATA:WRITE:AuthRegion"); - } - }; - client1.invoke(clearUnauthorized); - - // Verify that an authorized user can clear the region - SerializableRunnable clearAuthorized = new SerializableRunnable() { - @Override - public void run() { - ClientCache cache = new ClientCacheFactory(createClientProperties("authRegionUser", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - region.clear(); - } - }; - client2.invoke(clearAuthorized); - } -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientRegisterInterestAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientRegisterInterestAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientRegisterInterestAuthDistributedTest.java deleted file mode 100644 index 8e67ead..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientRegisterInterestAuthDistributedTest.java +++ /dev/null @@ -1,164 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import java.util.ArrayList; -import java.util.List; - -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import com.gemstone.gemfire.cache.Region; -import com.gemstone.gemfire.cache.client.ClientCache; -import com.gemstone.gemfire.cache.client.ClientCacheFactory; -import com.gemstone.gemfire.cache.client.ClientRegionShortcut; -import com.gemstone.gemfire.test.dunit.AsyncInvocation; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -@Category({ DistributedTest.class, SecurityTest.class }) -public class IntegratedClientRegisterInterestAuthDistributedTest extends AbstractSecureServerDUnitTest { - - @Test - public void testRegisterInterest() throws InterruptedException { - // client1 connects to server as a user not authorized to do any operations - AsyncInvocation ai1 = client1.invokeAsync(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("stranger", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - assertNotAuthorized(() -> region.registerInterest("key3"), "DATA:READ:AuthRegion:key3"); - }); - - // client2 connects to user as a user authorized to use AuthRegion region - AsyncInvocation ai2 = client2.invokeAsync(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("authRegionUser", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - region.registerInterest("key3"); // DATA:READ:AuthRegion:key3; - }); - - // client3 connects to user as a user authorized to use key1 in AuthRegion region - AsyncInvocation ai3 = client3.invokeAsync(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("key1User", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - assertNotAuthorized(() -> region.registerInterest("key2"), "DATA:READ:AuthRegion:key2"); - }); - - ai1.join(); - ai2.join(); - ai3.join(); - - ai1.checkException(); - ai2.checkException(); - ai3.checkException(); - } - - @Test - public void testRegisterInterestRegex() throws InterruptedException { - //client1 connects to server as a user not authorized to do any operations - AsyncInvocation ai1 = client1.invokeAsync(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("stranger", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - assertNotAuthorized(() -> region.registerInterestRegex("key.*"), "DATA:READ:AuthRegion"); - }); - - // client2 connects to user as a user authorized to use AuthRegion region - AsyncInvocation ai2 = client2.invokeAsync(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("authRegionUser", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - region.registerInterestRegex("key[0-9]+"); // DATA:READ:AuthRegion:key3; - }); - - // client3 connects to user as a user authorized to use key1 in AuthRegion region - AsyncInvocation ai3 = client3.invokeAsync(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("key1User", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - assertNotAuthorized(() -> region.registerInterestRegex("key[0-9]+"), "DATA:READ:AuthRegion"); - assertNotAuthorized(() -> region.registerInterestRegex("key1"), "DATA:READ:AuthRegion"); - }); - - ai1.join(); - ai2.join(); - ai3.join(); - - ai1.checkException(); - ai2.checkException(); - ai3.checkException(); - } - - @Test - public void testRegisterInterestList() throws InterruptedException { - List<String> keys = new ArrayList<>(); - keys.add("key1"); - keys.add("key2"); - - //client1 connects to server as a user not authorized to do any operations - AsyncInvocation ai1 = client1.invokeAsync(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("stranger", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - assertNotAuthorized(() -> region.registerInterest(keys), "DATA:READ:AuthRegion"); - }); - - // client2 connects to user as a user authorized to use AuthRegion region - AsyncInvocation ai2 = client2.invokeAsync(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("authRegionUser", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - region.registerInterest(keys); // DATA:READ:AuthRegion; - }); - - // client3 connects to user as a user authorized to use key1 in AuthRegion region - AsyncInvocation ai3 = client3.invokeAsync(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("key1User", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - assertNotAuthorized(() -> region.registerInterest(keys), "DATA:READ:AuthRegion"); - }); - - ai1.join(); - ai2.join(); - ai3.join(); - - ai1.checkException(); - ai2.checkException(); - ai3.checkException(); - } - -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientRemoveAllAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientRemoveAllAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientRemoveAllAuthDistributedTest.java deleted file mode 100644 index 357ed98..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientRemoveAllAuthDistributedTest.java +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import static org.junit.Assert.*; - -import java.util.Arrays; - -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import com.gemstone.gemfire.cache.Region; -import com.gemstone.gemfire.cache.client.ClientCache; -import com.gemstone.gemfire.cache.client.ClientCacheFactory; -import com.gemstone.gemfire.cache.client.ClientRegionShortcut; -import com.gemstone.gemfire.test.dunit.AsyncInvocation; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -@Category({ DistributedTest.class, SecurityTest.class }) -public class IntegratedClientRemoveAllAuthDistributedTest extends AbstractSecureServerDUnitTest { - - @Test - public void testRemoveAll() throws InterruptedException { - - AsyncInvocation ai1 = client1.invokeAsync(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("authRegionReader", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - assertNotAuthorized(() -> region.removeAll(Arrays.asList("key1", "key2", "key3", "key4")), "DATA:WRITE:AuthRegion"); - }); - - AsyncInvocation ai2 = client2.invokeAsync(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("authRegionWriter", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - region.removeAll(Arrays.asList("key1", "key2", "key3", "key4")); - assertFalse(region.containsKey("key1")); - assertNotAuthorized(() -> region.containsKeyOnServer("key1"), "DATA:READ:AuthRegion:key1"); - }); - ai1.join(); - ai2.join(); - ai1.checkException(); - ai2.checkException(); - } - -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientSizeAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientSizeAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientSizeAuthDistributedTest.java deleted file mode 100644 index 8ca6995..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientSizeAuthDistributedTest.java +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import org.junit.Ignore; -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import com.gemstone.gemfire.cache.client.ClientCache; -import com.gemstone.gemfire.cache.client.internal.InternalPool; -import com.gemstone.gemfire.cache.client.internal.SizeOp; -import com.gemstone.gemfire.test.dunit.AsyncInvocation; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -@Category({ DistributedTest.class, SecurityTest.class }) -public class IntegratedClientSizeAuthDistributedTest extends AbstractSecureServerDUnitTest { - - @Test - @Ignore("This is not a supported client message") - // this would fail sporadically because ServerConnection.isInternalMessage would return true for this message, - // and it won't bind the correct subject on the executing thread. - public void testSize() throws InterruptedException { - - AsyncInvocation ai1 = client1.invokeAsync(() -> { - ClientCache cache = createClientCache("dataWriter", "1234567", serverPort); - assertNotAuthorized(() -> SizeOp.execute((InternalPool) cache.getDefaultPool(), REGION_NAME), "DATA:READ:AuthRegion"); - }); - - AsyncInvocation ai2 = client2.invokeAsync(() -> { - ClientCache cache = createClientCache("authRegionReader", "1234567", serverPort); - SizeOp.execute((InternalPool) cache.getDefaultPool(), REGION_NAME); - }); - - ai1.join(); - ai2.join(); - ai1.checkException(); - ai2.checkException(); - } -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientUnregisterInterestAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientUnregisterInterestAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientUnregisterInterestAuthDistributedTest.java deleted file mode 100644 index 14edeb4..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientUnregisterInterestAuthDistributedTest.java +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import com.gemstone.gemfire.cache.Region; -import com.gemstone.gemfire.cache.client.ClientCache; -import com.gemstone.gemfire.cache.client.ClientCacheFactory; -import com.gemstone.gemfire.cache.client.ClientRegionShortcut; -import com.gemstone.gemfire.test.dunit.AsyncInvocation; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -@Category({ DistributedTest.class, SecurityTest.class }) -public class IntegratedClientUnregisterInterestAuthDistributedTest extends AbstractSecureServerDUnitTest { - - @Test - public void testUnregisterInterest() throws InterruptedException { - // client2 connects to user as a user authorized to use AuthRegion region - AsyncInvocation ai1 = client2.invokeAsync(() -> { - ClientCache cache = new ClientCacheFactory(createClientProperties("authRegionUser", "1234567")).setPoolSubscriptionEnabled(true) - .addPoolServer("localhost", serverPort) - .create(); - - Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME); - region.registerInterest("key3"); - region.unregisterInterest("key3"); // DATA:READ:AuthRegion:key3; - }); - ai1.join(); - ai1.checkException(); - } -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleDistributedTest.java deleted file mode 100644 index 2920fd5..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleDistributedTest.java +++ /dev/null @@ -1,134 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import static com.gemstone.gemfire.distributed.ConfigurationProperties.*; -import static org.assertj.core.api.Assertions.*; - -import java.io.IOException; -import java.util.Properties; - -import org.apache.geode.security.templates.SampleSecurityManager; -import org.junit.Ignore; -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import com.gemstone.gemfire.cache.server.CacheServer; -import com.gemstone.gemfire.internal.AvailablePort; -import com.gemstone.gemfire.internal.security.IntegratedSecurityService; -import com.gemstone.gemfire.internal.security.SecurityService; -import com.gemstone.gemfire.internal.AvailablePortHelper; -import com.gemstone.gemfire.management.ManagementService; -import com.gemstone.gemfire.test.dunit.DistributedTestUtils; -import com.gemstone.gemfire.test.dunit.Host; -import com.gemstone.gemfire.test.dunit.NetworkUtils; -import com.gemstone.gemfire.test.dunit.VM; -import com.gemstone.gemfire.test.dunit.cache.internal.JUnit4CacheTestCase; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -@Ignore("This is broken but fixed on feature/GEODE-1673") -@Category({DistributedTest.class, SecurityTest.class}) -public class IntegratedSecurityCacheLifecycleDistributedTest extends JUnit4CacheTestCase { - - private String locators; - private VM locator; - private SecurityService securityService; - - @Override - public final void postSetUp() throws Exception { - Host host = Host.getHost(0); - locator = host.getVM(0); - - securityService = IntegratedSecurityService.getSecurityService(); - - int[] ports = AvailablePortHelper.getRandomAvailableTCPPorts(2); - int locatorPort = ports[0]; - int managerPort = ports[1]; - - locators = NetworkUtils.getServerHostName(host) + "[" + locatorPort + "]"; - - locator.invoke(() -> { - DistributedTestUtils.deleteLocatorStateFile(locatorPort); - - final Properties properties = new Properties(); - properties.setProperty(SampleSecurityManager.SECURITY_JSON, "com/gemstone/gemfire/management/internal/security/clientServer.json"); - properties.setProperty(LOCATORS, locators); - properties.setProperty(MCAST_PORT, "0"); - properties.setProperty(SECURITY_ENABLED_COMPONENTS, ""); - properties.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName()); - properties.setProperty(START_LOCATOR, locators); - properties.setProperty(JMX_MANAGER, "true"); - properties.setProperty(JMX_MANAGER_START, "true"); - properties.setProperty(JMX_MANAGER_PORT, String.valueOf(managerPort)); - properties.setProperty(USE_CLUSTER_CONFIGURATION, "false"); - getSystem(properties); - getCache(); - }); - } - - @Test - public void initAndCloseTest() throws Exception { - connect(); - - { - ManagementService ms = ManagementService.getExistingManagementService(getCache()); - assertThat(ms).isNotNull(); - assertThat(ms.isManager()).isFalse(); - - verifyInitCloseInvoked(); - } - - locator.invoke(() -> { - ManagementService ms = ManagementService.getExistingManagementService(getCache()); - assertThat(ms).isNotNull(); - assertThat(ms.isManager()).isTrue(); - - verifyInitCloseInvoked(); - }); - } - - private void connect() throws IOException { - final Properties properties = new Properties(); - properties.setProperty(SampleSecurityManager.SECURITY_JSON, "com/gemstone/gemfire/management/internal/security/clientServer.json"); - properties.setProperty(LOCATORS, locators); - properties.setProperty(MCAST_PORT, "0"); - properties.setProperty(SECURITY_ENABLED_COMPONENTS, ""); - properties.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName()); - properties.setProperty(USE_CLUSTER_CONFIGURATION, "false"); - - getSystem(properties); - - CacheServer server1 = getCache().addCacheServer(); - server1.setPort(0); - server1.start(); - - getCache(); - } - - @Override - public void postTearDownCacheTestCase() throws Exception { - closeAllCache(); - } - - private void verifyInitCloseInvoked() { - SpySecurityManager ssm = (SpySecurityManager) this.securityService.getSecurityManager(); - assertThat(ssm.initInvoked).isEqualTo(1); - getCache().close(); - assertThat(ssm.closeInvoked).isEqualTo(1); - } -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java deleted file mode 100644 index 8cb894a..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import static com.gemstone.gemfire.distributed.ConfigurationProperties.*; -import static org.assertj.core.api.Assertions.*; -import static org.mockito.Mockito.*; - -import java.util.Properties; - -import com.gemstone.gemfire.cache.Cache; -import com.gemstone.gemfire.cache.CacheFactory; -import com.gemstone.gemfire.internal.security.IntegratedSecurityService; -import com.gemstone.gemfire.internal.security.SecurityService; -import com.gemstone.gemfire.test.junit.categories.IntegrationTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -import org.junit.After; -import org.junit.Before; -import org.junit.Test; -import org.junit.experimental.categories.Category; - -@Category({IntegrationTest.class, SecurityTest.class}) -public class IntegratedSecurityCacheLifecycleIntegrationTest { - - private Properties securityProps; - private Cache cache; - private SecurityService securityService; - - @Before - public void before() { - securityService = IntegratedSecurityService.getSecurityService(); - - securityProps = new Properties(); - securityProps.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName()); - - Properties props = new Properties(); - props.putAll(securityProps); - props.setProperty(MCAST_PORT, "0"); - props.setProperty(LOCATORS, ""); - - cache = new CacheFactory(props).create(); - } - - @After - public void after() { - if (cache != null && !cache.isClosed()) { - cache.close(); - } - } - - @Test - public void initAndCloseTest () { - SpySecurityManager ssm = (SpySecurityManager)securityService.getSecurityManager(); - assertThat(ssm.initInvoked).isEqualTo(1); - cache.close(); - assertThat(ssm.closeInvoked).isEqualTo(1); - } - -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPeerAuthDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPeerAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPeerAuthDistributedTest.java deleted file mode 100644 index 7a4830d..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPeerAuthDistributedTest.java +++ /dev/null @@ -1,146 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import static com.gemstone.gemfire.distributed.ConfigurationProperties.*; -import static com.gemstone.gemfire.test.dunit.Invoke.*; -import static org.assertj.core.api.Assertions.*; - -import java.util.Properties; - -import com.gemstone.gemfire.internal.AvailablePort; -import com.gemstone.gemfire.security.templates.UserPasswordAuthInit; -import com.gemstone.gemfire.test.dunit.DistributedTestUtils; -import com.gemstone.gemfire.test.dunit.Host; -import com.gemstone.gemfire.test.dunit.NetworkUtils; -import com.gemstone.gemfire.test.dunit.VM; -import com.gemstone.gemfire.test.dunit.cache.internal.JUnit4CacheTestCase; -import com.gemstone.gemfire.test.junit.categories.DistributedTest; -import com.gemstone.gemfire.test.junit.categories.SecurityTest; - -import org.apache.geode.security.templates.SampleSecurityManager; -import org.junit.Test; -import org.junit.experimental.categories.Category; - -@Category({ DistributedTest.class, SecurityTest.class }) -public class IntegratedSecurityPeerAuthDistributedTest extends JUnit4CacheTestCase{ - - private static SpySecurityManager spySecurityManager; - - private VM locator; - private VM server1; - private VM server2; - - private String locators; - - @Override - public final void postSetUp() throws Exception { - Host host = Host.getHost(0); - locator = host.getVM(0); - server1 = host.getVM(1); - server2 = host.getVM(2); - - int locatorPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET); - locators = NetworkUtils.getServerHostName(host) + "[" + locatorPort + "]"; - - locator.invoke(() -> { - spySecurityManager = new SpySecurityManager(); - - DistributedTestUtils.deleteLocatorStateFile(locatorPort); - - final Properties properties = createProperties(locators); - properties.setProperty(SampleSecurityManager.SECURITY_JSON, "com/gemstone/gemfire/security/peerAuth.json"); - properties.setProperty(UserPasswordAuthInit.USER_NAME, "locator1"); - properties.setProperty(UserPasswordAuthInit.PASSWORD, "1234567"); - properties.setProperty(START_LOCATOR, locators); - - getSystem(properties); - getCache(); - }); - - server1.invoke(()-> { - spySecurityManager = new SpySecurityManager(); - - final Properties properties = createProperties(locators); - properties.setProperty(SampleSecurityManager.SECURITY_JSON, "com/gemstone/gemfire/security/peerAuth.json"); - properties.setProperty(UserPasswordAuthInit.USER_NAME, "server1"); - properties.setProperty(UserPasswordAuthInit.PASSWORD, "1234567"); - - getSystem(properties); - getCache(); - }); - - server2.invoke(()-> { - spySecurityManager = new SpySecurityManager(); - - final Properties properties = createProperties(locators); - properties.setProperty(SampleSecurityManager.SECURITY_JSON, "com/gemstone/gemfire/security/peerAuth.json"); - properties.setProperty(UserPasswordAuthInit.USER_NAME, "server2"); - properties.setProperty(UserPasswordAuthInit.PASSWORD, "1234567"); - - getSystem(properties); - getCache(); - }); - } - - @Test - public void initAndCloseTest() throws Exception { - spySecurityManager = new SpySecurityManager(); - - final Properties properties = createProperties(locators); - properties.setProperty(SampleSecurityManager.SECURITY_JSON, "com/gemstone/gemfire/security/peerAuth.json"); - properties.setProperty(UserPasswordAuthInit.USER_NAME, "stranger"); - properties.setProperty(UserPasswordAuthInit.PASSWORD, "1234567"); - - assertThatThrownBy(() -> getSystem(properties)).isExactlyInstanceOf(AuthenticationFailedException.class); - } - - @Override - public void postTearDownCacheTestCase() throws Exception { - closeAllCache(); - spySecurityManager = null; - invokeInEveryVM(() -> { spySecurityManager = null; }); - } - - private static Properties createProperties(String locators) { - Properties allProperties = new Properties(); - allProperties.setProperty(LOCATORS, locators); - allProperties.setProperty(MCAST_PORT, "0"); - allProperties.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName()); - allProperties.setProperty(SECURITY_PEER_AUTH_INIT, UserPasswordAuthInit.class.getName() + ".create"); - allProperties.setProperty(USE_CLUSTER_CONFIGURATION, "false"); - return allProperties; - } - - public static class SpySecurityManager extends SampleSecurityManager { - - static int initInvoked = 0; - static int closeInvoked = 0; - - @Override - public void init(final Properties securityProps) { - initInvoked++; - super.init(securityProps); - } - - @Override - public void close() { - closeInvoked++; - super.close(); - } - } -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java b/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java deleted file mode 100644 index d2adffd..0000000 --- a/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gemstone.gemfire.security; - -import java.io.Serializable; - -import org.apache.geode.security.PostProcessor; - -public class NoShowValue1PostProcessor implements PostProcessor { - - @Override - public Object processRegionValue(final Object principal, - final String regionName, - final Object key, - final Object value) { - if (value.equals("value1")) { - return null; - } else { - return value; - } - } -}
