http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/management/internal/security/GfshShellConnectionRule.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/GfshShellConnectionRule.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/GfshShellConnectionRule.java index 4d1bae9..da7a883 100644 --- a/geode-core/src/test/java/org/apache/geode/management/internal/security/GfshShellConnectionRule.java +++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/GfshShellConnectionRule.java @@ -25,10 +25,11 @@ import org.apache.geode.management.internal.cli.result.CommandResult; import org.apache.geode.management.internal.cli.result.ErrorResultData; import org.apache.geode.management.internal.cli.result.ResultBuilder; import org.apache.geode.management.internal.cli.util.CommandStringBuilder; +import org.apache.geode.test.dunit.rules.ConnectionConfiguration; import org.apache.geode.test.junit.rules.DescribedExternalResource; /** - * Class which eases the creation of MBeans for security testing. When combined with {@link JMXConnectionConfiguration} + * Class which eases the creation of MBeans for security testing. When combined with {@link ConnectionConfiguration} * it allows for the creation of per-test connections with different user/password combinations. */ public class GfshShellConnectionRule extends DescribedExternalResource { @@ -53,7 +54,7 @@ public class GfshShellConnectionRule extends DescribedExternalResource { } protected void before(Description description) throws Throwable { - JMXConnectionConfiguration config = description.getAnnotation(JMXConnectionConfiguration.class); + ConnectionConfiguration config = description.getAnnotation(ConnectionConfiguration.class); if(config==null) return;
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/management/internal/security/JMXConnectionConfiguration.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/JMXConnectionConfiguration.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/JMXConnectionConfiguration.java deleted file mode 100644 index 4f57baa..0000000 --- a/geode-core/src/test/java/org/apache/geode/management/internal/security/JMXConnectionConfiguration.java +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.geode.management.internal.security; - -import java.lang.annotation.ElementType; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; - -/** - * This annotation is intended to be used with {@link MBeanServerConnectionRule} in order to configure a per-test JMX - * connection with a specific user and password. - */ -@Retention(RetentionPolicy.RUNTIME) -@Target({ElementType.METHOD}) -public @interface JMXConnectionConfiguration { - String user(); - String password(); -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/management/internal/security/JavaRmiServerNameTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/JavaRmiServerNameTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/JavaRmiServerNameTest.java index c544e6f..e885344 100644 --- a/geode-core/src/test/java/org/apache/geode/management/internal/security/JavaRmiServerNameTest.java +++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/JavaRmiServerNameTest.java @@ -23,11 +23,13 @@ import static org.junit.Assert.*; import java.util.Properties; +import org.junit.After; +import org.junit.BeforeClass; import org.junit.Test; import org.junit.experimental.categories.Category; -import org.apache.geode.cache.CacheFactory; import org.apache.geode.internal.AvailablePort; +import org.apache.geode.test.dunit.rules.ServerStarter; import org.apache.geode.test.junit.categories.IntegrationTest; @Category(IntegrationTest.class) @@ -36,20 +38,26 @@ public class JavaRmiServerNameTest { private static final String JMX_HOST = "myHostname"; private static int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET); + static Properties properties = new Properties(){{ + setProperty(JMX_MANAGER_PORT, AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET)+""); + setProperty("jmx-manager-hostname-for-clients", JMX_HOST); + }}; + + @BeforeClass + public static void beforeClass() throws Exception { + ServerStarter serverStarter = new ServerStarter(properties); + serverStarter.startServer(); + } //https://issues.apache.org/jira/browse/GEODE-1548 @Test public void testThatJavaRmiServerNameGetsSet() { - Properties properties = new Properties(); - properties.put(LOCATORS, ""); - properties.put(MCAST_PORT, "0"); - properties.put(JMX_MANAGER, "true"); - properties.put(JMX_MANAGER_START, "true"); - properties.put(JMX_MANAGER_PORT, String.valueOf(jmxManagerPort)); - properties.put("jmx-manager-hostname-for-clients", JMX_HOST); - - new CacheFactory(properties).create(); assertEquals(JMX_HOST, System.getProperty("java.rmi.server.hostname")); } + @After + public void after(){ + System.setProperty("java.rmi.server.hostname", ""); + } + } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/management/internal/security/JsonAuthorizationCacheStartRule.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/JsonAuthorizationCacheStartRule.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/JsonAuthorizationCacheStartRule.java deleted file mode 100644 index 136319c..0000000 --- a/geode-core/src/test/java/org/apache/geode/management/internal/security/JsonAuthorizationCacheStartRule.java +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.geode.management.internal.security; - -import static org.apache.geode.distributed.ConfigurationProperties.*; - -import java.util.Properties; - -import org.apache.geode.security.templates.SampleSecurityManager; -import org.junit.rules.ExternalResource; - -import org.apache.geode.cache.Cache; -import org.apache.geode.cache.CacheFactory; - -public class JsonAuthorizationCacheStartRule extends ExternalResource { - - private Cache cache; - private int jmxManagerPort = 0; - private int httpPort = 0; - private String jsonFile; - private Class postProcessor; - - public JsonAuthorizationCacheStartRule(int jmxManagerPort, String jsonFile, Class postProcessor) { - this.jmxManagerPort = jmxManagerPort; - this.jsonFile = jsonFile; - this.postProcessor = postProcessor; - } - - public JsonAuthorizationCacheStartRule(int jmxManagerPort, String jsonFile) { - this.jmxManagerPort = jmxManagerPort; - this.jsonFile = jsonFile; - } - - public JsonAuthorizationCacheStartRule(int jmxManagerPort, int httpPort, String jsonFile) { - this.jmxManagerPort = jmxManagerPort; - this.httpPort = httpPort; - this.jsonFile = jsonFile; - } - - protected void before() throws Throwable { - Properties properties = new Properties(); - properties.put(SampleSecurityManager.SECURITY_JSON, jsonFile); - properties.put(NAME, JsonAuthorizationCacheStartRule.class.getSimpleName()); - properties.put(LOCATORS, ""); - properties.put(MCAST_PORT, "0"); - properties.put(JMX_MANAGER, "true"); - properties.put(JMX_MANAGER_START, "true"); - properties.put(JMX_MANAGER_PORT, String.valueOf(jmxManagerPort)); - properties.put(HTTP_SERVICE_PORT, String.valueOf(httpPort)); - properties.put(SECURITY_MANAGER, SampleSecurityManager.class.getName()); - - if (postProcessor!=null) { - properties.put(SECURITY_POST_PROCESSOR, postProcessor.getName()); - } - - cache = new CacheFactory(properties).create(); - cache.addCacheServer().start(); - cache.createRegionFactory().create("region1"); - } - - public Cache getCache() { - return cache; - } - - /** - * Override to tear down your specific external resource. - */ - protected void after() { - cache.close(); - cache = null; - } -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/management/internal/security/LockServiceMBeanAuthorizationJUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/LockServiceMBeanAuthorizationJUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/LockServiceMBeanAuthorizationJUnitTest.java index 1377fb6..2862369 100644 --- a/geode-core/src/test/java/org/apache/geode/management/internal/security/LockServiceMBeanAuthorizationJUnitTest.java +++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/LockServiceMBeanAuthorizationJUnitTest.java @@ -31,6 +31,8 @@ import org.apache.geode.distributed.internal.InternalDistributedSystem; import org.apache.geode.distributed.internal.locks.DLockService; import org.apache.geode.internal.AvailablePort; import org.apache.geode.management.LockServiceMXBean; +import org.apache.geode.test.dunit.rules.ConnectionConfiguration; +import org.apache.geode.test.dunit.rules.MBeanServerConnectionRule; import org.apache.geode.test.junit.categories.IntegrationTest; import org.apache.geode.test.junit.categories.SecurityTest; @@ -42,8 +44,7 @@ public class LockServiceMBeanAuthorizationJUnitTest { private LockServiceMXBean lockServiceMBean; @ClassRule - public static JsonAuthorizationCacheStartRule serverRule = new JsonAuthorizationCacheStartRule( - jmxManagerPort, "org/apache/geode/management/internal/security/cacheServer.json"); + public static CacheServerStartupRule serverRule = CacheServerStartupRule.withDefaultSecurityJson(jmxManagerPort); @Rule public MBeanServerConnectionRule connectionRule = new MBeanServerConnectionRule(jmxManagerPort); @@ -65,7 +66,7 @@ public class LockServiceMBeanAuthorizationJUnitTest { } @Test - @JMXConnectionConfiguration(user = "data-admin", password = "1234567") + @ConnectionConfiguration(user = "data-admin", password = "1234567") public void testAllAccess() throws Exception { lockServiceMBean.becomeLockGrantor(); lockServiceMBean.fetchGrantorMember(); @@ -75,14 +76,14 @@ public class LockServiceMBeanAuthorizationJUnitTest { } @Test - @JMXConnectionConfiguration(user = "cluster-admin", password = "1234567") + @ConnectionConfiguration(user = "cluster-admin", password = "1234567") public void testSomeAccess() throws Exception { assertThatThrownBy(() -> lockServiceMBean.becomeLockGrantor()); lockServiceMBean.getMemberCount(); } @Test - @JMXConnectionConfiguration(user = "data-user", password = "1234567") + @ConnectionConfiguration(user = "data-user", password = "1234567") public void testNoAccess() throws Exception { assertThatThrownBy(() -> lockServiceMBean.becomeLockGrantor()).hasMessageContaining(TestCommand.dataManage.toString()); assertThatThrownBy(() -> lockServiceMBean.fetchGrantorMember()).hasMessageContaining(TestCommand.clusterRead.toString()); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanSecurityJUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanSecurityJUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanSecurityJUnitTest.java index 4beff0b..9614bf8 100644 --- a/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanSecurityJUnitTest.java +++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanSecurityJUnitTest.java @@ -40,6 +40,8 @@ import org.apache.geode.management.ManagementException; import org.apache.geode.management.ManagementService; import org.apache.geode.management.MemberMXBean; import org.apache.geode.management.internal.MBeanJMXAdapter; +import org.apache.geode.test.dunit.rules.ConnectionConfiguration; +import org.apache.geode.test.dunit.rules.MBeanServerConnectionRule; import org.apache.geode.test.junit.categories.IntegrationTest; import org.apache.geode.test.junit.categories.SecurityTest; @@ -49,7 +51,7 @@ public class MBeanSecurityJUnitTest { private static int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET); @ClassRule - public static JsonAuthorizationCacheStartRule serverRule = new JsonAuthorizationCacheStartRule(jmxManagerPort, "org/apache/geode/management/internal/security/cacheServer.json"); + public static CacheServerStartupRule serverRule = CacheServerStartupRule.withDefaultSecurityJson(jmxManagerPort); @Rule public MBeanServerConnectionRule connectionRule = new MBeanServerConnectionRule(jmxManagerPort); @@ -58,7 +60,7 @@ public class MBeanSecurityJUnitTest { * No user can call createBean or unregisterBean of GemFire Domain */ @Test - @JMXConnectionConfiguration(user = "super-user", password = "1234567") + @ConnectionConfiguration(user = "super-user", password = "1234567") public void testNoAccessWithWhoever() throws Exception{ MBeanServerConnection con = connectionRule.getMBeanServerConnection(); assertThatThrownBy( @@ -79,7 +81,7 @@ public class MBeanSecurityJUnitTest { * looks like everyone can query for beans, but the AccessControlMXBean is filtered from the result */ @Test - @JMXConnectionConfiguration(user = "stranger", password = "1234567") + @ConnectionConfiguration(user = "stranger", password = "1234567") public void testQueryBean() throws MalformedObjectNameException, IOException { MBeanServerConnection con = connectionRule.getMBeanServerConnection(); Set<ObjectInstance> objects = con.queryMBeans(ObjectName.getInstance(ResourceConstants.OBJECT_NAME_ACCESSCONTROL), null); @@ -106,7 +108,7 @@ public class MBeanSecurityJUnitTest { } @Test - @JMXConnectionConfiguration(user = "stranger", password = "1234567") + @ConnectionConfiguration(user = "stranger", password = "1234567") public void testServerSideCalls(){ // calls through ManagementService is not going through authorization checks ManagementService service = ManagementService.getManagementService(serverRule.getCache()); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanServerConnectionRule.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanServerConnectionRule.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanServerConnectionRule.java deleted file mode 100644 index 9243032..0000000 --- a/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanServerConnectionRule.java +++ /dev/null @@ -1,130 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.geode.management.internal.security; - -import static org.junit.Assert.*; - -import java.io.IOException; -import java.util.HashMap; -import java.util.Map; -import java.util.Set; - -import javax.management.JMX; -import javax.management.MBeanServerConnection; -import javax.management.MalformedObjectNameException; -import javax.management.ObjectInstance; -import javax.management.ObjectName; -import javax.management.Query; -import javax.management.QueryExp; -import javax.management.remote.JMXConnector; -import javax.management.remote.JMXConnectorFactory; -import javax.management.remote.JMXServiceURL; - -import org.junit.runner.Description; - -import org.apache.geode.test.junit.rules.DescribedExternalResource; - -/** - * Class which eases the creation of MBeans for security testing. When combined with {@link JMXConnectionConfiguration} - * it allows for the creation of per-test connections with different user/password combinations. - */ -public class MBeanServerConnectionRule extends DescribedExternalResource { - - private final int jmxServerPort; - private JMXConnector jmxConnector; - private MBeanServerConnection con; - - /** - * Rule constructor - * - * @param port The JMX server port to connect to - */ - public MBeanServerConnectionRule(int port) { - this.jmxServerPort = port; - } - - /** - * Retrieve a new proxy MBean - * - * @return A new proxy MBean of the same type with which the class was constructed - */ - public <T> T getProxyMBean(Class<T> proxyClass, String beanQueryName) throws MalformedObjectNameException, IOException { - ObjectName name = null; - QueryExp query = null; - - if (proxyClass != null) { - query = Query.isInstanceOf(Query.value(proxyClass.getName())); - } - - if (beanQueryName != null) { - name = ObjectName.getInstance(beanQueryName); - } - - Set<ObjectInstance> beans = con.queryMBeans(name, query); - assertEquals("failed to find only one instance of type " + proxyClass.getName() + " with name " + beanQueryName, 1, beans.size()); - - return JMX.newMXBeanProxy(con, ((ObjectInstance) beans.toArray()[0]).getObjectName(), proxyClass); - } - - public AccessControlMXBean getAccessControlMBean() throws Exception{ - return JMX.newMXBeanProxy(con, new ObjectName("GemFire:service=AccessControl,type=Distributed"), AccessControlMXBean.class); - } - - /** - * Retrieve a new proxy MBean - * - * @return A new proxy MBean of the same type with which the class was constructed - */ - public <T> T getProxyMBean(Class<T> proxyClass) throws MalformedObjectNameException, IOException { - return getProxyMBean(proxyClass, null); - } - - public <T> T getProxyMBean(String beanQueryName) throws MalformedObjectNameException, IOException { - return getProxyMBean(null, beanQueryName); - } - - public MBeanServerConnection getMBeanServerConnection() throws IOException { - return con; - } - - protected void before(Description description) throws Throwable { - JMXConnectionConfiguration config = description.getAnnotation(JMXConnectionConfiguration.class); - Map<String, String[]> env = new HashMap<>(); - if (config != null) { - String user = config.user(); - String password = config.password(); - env.put(JMXConnector.CREDENTIALS, new String[] { user, password }); - - JMXServiceURL url = new JMXServiceURL("service:jmx:rmi:///jndi/rmi://:" + jmxServerPort + "/jmxrmi"); - jmxConnector = JMXConnectorFactory.connect(url, env); - con = jmxConnector.getMBeanServerConnection(); - } - } - - /** - * Override to tear down your specific external resource. - */ - protected void after(Description description) throws Throwable { - if (jmxConnector != null) { - jmxConnector.close(); - jmxConnector = null; - } - - con = null; - } - -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/management/internal/security/ManagerMBeanAuthorizationJUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/ManagerMBeanAuthorizationJUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/ManagerMBeanAuthorizationJUnitTest.java index 873b649..ed653f9 100644 --- a/geode-core/src/test/java/org/apache/geode/management/internal/security/ManagerMBeanAuthorizationJUnitTest.java +++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/ManagerMBeanAuthorizationJUnitTest.java @@ -33,6 +33,8 @@ import org.junit.experimental.categories.Category; import org.apache.geode.internal.AvailablePort; import org.apache.geode.management.ManagerMXBean; import org.apache.geode.management.internal.beans.ManagerMBean; +import org.apache.geode.test.dunit.rules.ConnectionConfiguration; +import org.apache.geode.test.dunit.rules.MBeanServerConnectionRule; import org.apache.geode.test.junit.categories.IntegrationTest; import org.apache.geode.test.junit.categories.SecurityTest; @@ -44,8 +46,7 @@ public class ManagerMBeanAuthorizationJUnitTest { private ManagerMXBean managerMXBean; @ClassRule - public static JsonAuthorizationCacheStartRule serverRule = new JsonAuthorizationCacheStartRule( - jmxManagerPort, "org/apache/geode/management/internal/security/cacheServer.json"); + public static CacheServerStartupRule serverRule = CacheServerStartupRule.withDefaultSecurityJson(jmxManagerPort); @Rule public MBeanServerConnectionRule connectionRule = new MBeanServerConnectionRule(jmxManagerPort); @@ -64,7 +65,7 @@ public class ManagerMBeanAuthorizationJUnitTest { } @Test - @JMXConnectionConfiguration(user = "cluster-admin", password = "1234567") + @ConnectionConfiguration(user = "cluster-admin", password = "1234567") public void testAllAccess() throws Exception { managerMXBean.setPulseURL("foo"); managerMXBean.start(); @@ -73,7 +74,7 @@ public class ManagerMBeanAuthorizationJUnitTest { } @Test - @JMXConnectionConfiguration(user = "data-admin", password = "1234567") + @ConnectionConfiguration(user = "data-admin", password = "1234567") public void testSomeAccess() throws Exception { assertThatThrownBy(() -> managerMXBean.start()).hasMessageContaining(TestCommand.clusterManage.toString()); assertThatThrownBy(() -> managerMXBean.getPulseURL()).hasMessageContaining(TestCommand.clusterWrite.toString()); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/management/internal/security/MemberMBeanSecurityJUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/MemberMBeanSecurityJUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/MemberMBeanSecurityJUnitTest.java index e5cbd15..8d7dbe5 100644 --- a/geode-core/src/test/java/org/apache/geode/management/internal/security/MemberMBeanSecurityJUnitTest.java +++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/MemberMBeanSecurityJUnitTest.java @@ -26,6 +26,8 @@ import org.junit.experimental.categories.Category; import org.apache.geode.internal.AvailablePort; import org.apache.geode.management.MemberMXBean; +import org.apache.geode.test.dunit.rules.ConnectionConfiguration; +import org.apache.geode.test.dunit.rules.MBeanServerConnectionRule; import org.apache.geode.test.junit.categories.IntegrationTest; import org.apache.geode.test.junit.categories.SecurityTest; @@ -37,8 +39,7 @@ public class MemberMBeanSecurityJUnitTest { private MemberMXBean bean; @ClassRule - public static JsonAuthorizationCacheStartRule serverRule = new JsonAuthorizationCacheStartRule( - jmxManagerPort, "org/apache/geode/management/internal/security/cacheServer.json"); + public static CacheServerStartupRule serverRule = CacheServerStartupRule.withDefaultSecurityJson(jmxManagerPort); @Rule public MBeanServerConnectionRule connectionRule = new MBeanServerConnectionRule(jmxManagerPort); @@ -49,7 +50,7 @@ public class MemberMBeanSecurityJUnitTest { } @Test - @JMXConnectionConfiguration(user = "super-user", password = "1234567") + @ConnectionConfiguration(user = "super-user", password = "1234567") public void testAllAccess() throws Exception { bean.shutDownMember(); bean.compactAllDiskStores(); @@ -67,7 +68,7 @@ public class MemberMBeanSecurityJUnitTest { } @Test - @JMXConnectionConfiguration(user = "cluster-admin", password = "1234567") + @ConnectionConfiguration(user = "cluster-admin", password = "1234567") public void testClusterAdmin() throws Exception { assertThatThrownBy(() -> bean.compactAllDiskStores()).hasMessageContaining(TestCommand.dataManage.toString()); bean.shutDownMember(); @@ -84,7 +85,7 @@ public class MemberMBeanSecurityJUnitTest { } @Test - @JMXConnectionConfiguration(user = "data-admin", password = "1234567") + @ConnectionConfiguration(user = "data-admin", password = "1234567") public void testDataAdmin() throws Exception { bean.compactAllDiskStores(); assertThatThrownBy(() -> bean.shutDownMember()).hasMessageContaining(TestCommand.clusterManage.toString()); @@ -94,7 +95,7 @@ public class MemberMBeanSecurityJUnitTest { } @Test - @JMXConnectionConfiguration(user = "data-user", password = "1234567") + @ConnectionConfiguration(user = "data-user", password = "1234567") public void testDataUser() throws Exception { assertThatThrownBy(() -> bean.shutDownMember()).hasMessageContaining(TestCommand.clusterManage.toString()); assertThatThrownBy(() -> bean.createManager()).hasMessageContaining(TestCommand.clusterManage.toString()); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/management/internal/security/ResourcePermissionTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/ResourcePermissionTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/ResourcePermissionTest.java index d6491ff..8378876 100644 --- a/geode-core/src/test/java/org/apache/geode/management/internal/security/ResourcePermissionTest.java +++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/ResourcePermissionTest.java @@ -18,19 +18,18 @@ package org.apache.geode.management.internal.security; import static org.junit.Assert.*; -import org.apache.geode.security.ResourcePermission; -import org.apache.geode.security.ResourcePermission.Operation; -import org.apache.geode.security.ResourcePermission.Resource; import org.apache.shiro.authz.permission.WildcardPermission; import org.junit.Test; import org.junit.experimental.categories.Category; +import org.apache.geode.security.ResourcePermission; +import org.apache.geode.security.ResourcePermission.Operation; +import org.apache.geode.security.ResourcePermission.Resource; import org.apache.geode.test.junit.categories.SecurityTest; import org.apache.geode.test.junit.categories.UnitTest; @Category({ UnitTest.class, SecurityTest.class }) public class ResourcePermissionTest { - private ResourcePermission context; @Test @@ -90,5 +89,23 @@ public class ResourcePermissionTest { context = new ResourcePermission("DATA", "MANAGE", "REGIONA"); assertEquals("DATA:MANAGE:REGIONA", context.toString()); + + context = new ResourcePermission("data", "manage"); + assertEquals("DATA:MANAGE", context.toString()); + } + + @Test + public void testImples(){ + WildcardPermission role = new WildcardPermission("*:read"); + role.implies(new ResourcePermission("data", "read")); + role.implies(new ResourcePermission("cluster", "read")); + + role = new WildcardPermission("*:read:*"); + role.implies(new ResourcePermission("data", "read", "testRegion")); + role.implies(new ResourcePermission("cluster", "read", "anotherRegion", "key1")); + + role = new WildcardPermission("data:*:testRegion"); + role.implies(new ResourcePermission("data", "read", "testRegion")); + role.implies(new ResourcePermission("data", "write", "testRegion")); } } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/management/internal/security/ShiroCacheStartRule.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/ShiroCacheStartRule.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/ShiroCacheStartRule.java deleted file mode 100644 index 848c05c..0000000 --- a/geode-core/src/test/java/org/apache/geode/management/internal/security/ShiroCacheStartRule.java +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.geode.management.internal.security; - -import static org.apache.geode.distributed.ConfigurationProperties.*; - -import java.util.Properties; - -import org.junit.rules.ExternalResource; - -import org.apache.geode.cache.Cache; -import org.apache.geode.cache.CacheFactory; - -public class ShiroCacheStartRule extends ExternalResource { - private Cache cache; - private int jmxManagerPort; - private String shiroFile; - - public ShiroCacheStartRule(int jmxManagerPort, String shiroFile) { - this.jmxManagerPort = jmxManagerPort; - this.shiroFile = shiroFile; - } - - protected void before() throws Throwable { - Properties properties = new Properties(); - properties.put(NAME, ShiroCacheStartRule.class.getSimpleName()); - properties.put(LOCATORS, ""); - properties.put(MCAST_PORT, "0"); - properties.put(JMX_MANAGER, "true"); - properties.put(JMX_MANAGER_START, "true"); - properties.put(JMX_MANAGER_PORT, String.valueOf(jmxManagerPort)); - properties.put(HTTP_SERVICE_PORT, "0"); - properties.put(SECURITY_SHIRO_INIT, shiroFile); - - cache = new CacheFactory(properties).create(); - cache.addCacheServer().start(); - } - - public Cache getCache(){ - return cache; - } - - /** - * Override to tear down your specific external resource. - */ - protected void after() { - cache.close(); - cache = null; - } -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/security/AbstractSecureServerDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/security/AbstractSecureServerDUnitTest.java b/geode-core/src/test/java/org/apache/geode/security/AbstractSecureServerDUnitTest.java index d2e4440..2cf804b 100644 --- a/geode-core/src/test/java/org/apache/geode/security/AbstractSecureServerDUnitTest.java +++ b/geode-core/src/test/java/org/apache/geode/security/AbstractSecureServerDUnitTest.java @@ -14,6 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ + package org.apache.geode.security; import static org.apache.geode.distributed.ConfigurationProperties.*; @@ -27,24 +28,20 @@ import java.util.Properties; import org.assertj.core.api.ThrowableAssert.ThrowingCallable; import org.junit.Before; -import org.apache.geode.cache.Cache; -import org.apache.geode.cache.CacheFactory; import org.apache.geode.cache.Region; import org.apache.geode.cache.RegionShortcut; import org.apache.geode.cache.client.ClientCache; import org.apache.geode.cache.client.ClientCacheFactory; import org.apache.geode.cache.client.ClientRegionShortcut; -import org.apache.geode.cache.server.CacheServer; -import org.apache.geode.distributed.ConfigurationProperties; import org.apache.geode.security.templates.SampleSecurityManager; import org.apache.geode.security.templates.UserPasswordAuthInit; import org.apache.geode.test.dunit.Host; import org.apache.geode.test.dunit.IgnoredException; -import org.apache.geode.test.dunit.Invoke; import org.apache.geode.test.dunit.VM; -import org.apache.geode.test.dunit.cache.internal.JUnit4CacheTestCase; +import org.apache.geode.test.dunit.internal.JUnit4DistributedTestCase; +import org.apache.geode.test.dunit.rules.ServerStarter; -public class AbstractSecureServerDUnitTest extends JUnit4CacheTestCase { +public abstract class AbstractSecureServerDUnitTest extends JUnit4DistributedTestCase { protected static final String REGION_NAME = "AuthRegion"; @@ -52,87 +49,41 @@ public class AbstractSecureServerDUnitTest extends JUnit4CacheTestCase { protected VM client2 = null; protected VM client3 = null; protected int serverPort; - - // child classes can customize these parameters - protected Class postProcessor = null; protected boolean pdxPersistent = false; - protected int jmxPort = 0; - protected int restPort = 0; - protected Map<String, Object> values; - protected volatile Properties dsProperties; - public AbstractSecureServerDUnitTest(){ - values = new HashMap(); + // overwrite this in child classes + public Properties getProperties(){ + return new Properties() {{ + setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName()); + setProperty(SampleSecurityManager.SECURITY_JSON, "org/apache/geode/management/internal/security/clientServer.json"); + }}; + } + + // overwrite this if you want a different set of initial data + public Map<String, String> getData(){ + Map<String, String> data = new HashMap(); for(int i=0; i<5; i++){ - values.put("key"+i, "value"+i); + data.put("key"+i, "value"+i); } + return data; } @Before public void before() throws Exception { - IgnoredException.addIgnoredException("No longer connected to localhost"); + ServerStarter serverStarter = new ServerStarter(getProperties()); + serverStarter.startServer(0, pdxPersistent); + serverPort = serverStarter.server.getPort(); + Region region = serverStarter.cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME); + for(Entry entry:getData().entrySet()){ + region.put(entry.getKey(), entry.getValue()); + } + IgnoredException.addIgnoredException("No longer connected to localhost"); + IgnoredException.addIgnoredException(AuthenticationFailedException.class.getName()); final Host host = Host.getHost(0); this.client1 = host.getVM(1); this.client2 = host.getVM(2); this.client3 = host.getVM(3); - - Properties props = new Properties(); - props.setProperty(SampleSecurityManager.SECURITY_JSON, "org/apache/geode/management/internal/security/clientServer.json"); - props.setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName()); - props.setProperty(LOCATORS, ""); - props.setProperty(MCAST_PORT, "0"); - if (postProcessor!=null) { - props.setProperty(SECURITY_POST_PROCESSOR, postProcessor.getName()); - } - props.setProperty(SECURITY_LOG_LEVEL, "finest"); - - props.setProperty("security-pdx", pdxPersistent+""); - if(jmxPort>0){ - props.put(JMX_MANAGER, "true"); - props.put(JMX_MANAGER_START, "true"); - props.put(JMX_MANAGER_PORT, String.valueOf(jmxPort)); - } - - if(restPort>0){ - props.setProperty(START_DEV_REST_API, "true"); - props.setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost"); - props.setProperty(HTTP_SERVICE_PORT, restPort+""); - } - - props.put(ConfigurationProperties.ENABLE_NETWORK_PARTITION_DETECTION, "false"); - - this.dsProperties = props; - - getSystem(props); - - CacheFactory cf = new CacheFactory(); - cf.setPdxPersistent(pdxPersistent); - cf.setPdxReadSerialized(pdxPersistent); - Cache cache = getCache(cf); - - Region region = cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME); - - CacheServer server = cache.addCacheServer(); - server.setPort(0); - server.start(); - - this.serverPort = server.getPort(); - - for(Entry entry:values.entrySet()){ - region.put(entry.getKey(), entry.getValue()); - } - } - - @Override - public Properties getDistributedSystemProperties() { - return dsProperties; - } - - @Override - public void preTearDownCacheTestCase() throws Exception { - Invoke.invokeInEveryVM(()->closeCache()); - closeCache(); } public static void assertNotAuthorized(ThrowingCallable shouldRaiseThrowable, String permString) { @@ -146,8 +97,7 @@ public class AbstractSecureServerDUnitTest extends JUnit4CacheTestCase { props.setProperty(LOG_LEVEL, "fine"); props.setProperty(LOCATORS, ""); props.setProperty(MCAST_PORT, "0"); - props.setProperty(SECURITY_CLIENT_AUTH_INIT, UserPasswordAuthInit.class.getName() + ".create"); - props.setProperty(SECURITY_LOG_LEVEL, "finest"); + props.setProperty(SECURITY_CLIENT_AUTH_INIT, UserPasswordAuthInit.class.getName()); return props; } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/security/ClusterConfigWithoutSecurityDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/security/ClusterConfigWithoutSecurityDUnitTest.java b/geode-core/src/test/java/org/apache/geode/security/ClusterConfigWithoutSecurityDUnitTest.java index 3854bb1..72dbd1a 100644 --- a/geode-core/src/test/java/org/apache/geode/security/ClusterConfigWithoutSecurityDUnitTest.java +++ b/geode-core/src/test/java/org/apache/geode/security/ClusterConfigWithoutSecurityDUnitTest.java @@ -30,13 +30,13 @@ import org.junit.Test; import org.junit.experimental.categories.Category; import org.apache.geode.GemFireConfigException; -import org.apache.geode.cache.CacheFactory; -import org.apache.geode.distributed.internal.InternalDistributedSystem; +import org.apache.geode.distributed.DistributedSystem; import org.apache.geode.internal.i18n.LocalizedStrings; import org.apache.geode.security.templates.SimpleSecurityManager; import org.apache.geode.test.dunit.IgnoredException; import org.apache.geode.test.dunit.internal.JUnit4DistributedTestCase; -import org.apache.geode.test.dunit.rules.LocatorServerConfigurationRule; +import org.apache.geode.test.dunit.rules.LocatorServerStartupRule; +import org.apache.geode.test.dunit.rules.ServerStarter; import org.apache.geode.test.junit.categories.DistributedTest; import org.apache.geode.test.junit.categories.SecurityTest; @@ -45,13 +45,13 @@ import org.apache.geode.test.junit.categories.SecurityTest; public class ClusterConfigWithoutSecurityDUnitTest extends JUnit4DistributedTestCase { @Rule - public LocatorServerConfigurationRule lsRule = new LocatorServerConfigurationRule(this); + public LocatorServerStartupRule lsRule = new LocatorServerStartupRule(); @Before public void before() throws Exception { IgnoredException.addIgnoredException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toString()); IgnoredException.addIgnoredException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION_2.toString()); - lsRule.getLocatorVM(new Properties()); + lsRule.getLocatorVM(0, new Properties()); } @After @@ -70,10 +70,9 @@ public class ClusterConfigWithoutSecurityDUnitTest extends JUnit4DistributedTest props.setProperty("use-cluster-configuration", "false"); // initial security properties should only contain initial set of values - InternalDistributedSystem ds = lsRule.getSystem(props); - assertEquals(2, ds.getSecurityProperties().size()); - - CacheFactory.create(ds); + ServerStarter serverStarter = new ServerStarter(props); + serverStarter.startServer(lsRule.getLocatorPort(0)); + DistributedSystem ds = serverStarter.cache.getDistributedSystem(); // after cache is created, the configuration won't chagne Properties secProps = ds.getSecurityProperties(); @@ -91,12 +90,11 @@ public class ClusterConfigWithoutSecurityDUnitTest extends JUnit4DistributedTest props.setProperty("security-manager", "mySecurityManager"); props.setProperty("use-cluster-configuration", "true"); - InternalDistributedSystem ds = lsRule.getSystem(props); - - assertThatThrownBy(() -> CacheFactory.create(ds)).isInstanceOf(GemFireConfigException.class) - .hasMessage(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION - .toLocalizedString()); + ServerStarter serverStarter = new ServerStarter(props); + assertThatThrownBy(() -> serverStarter.startServer(lsRule.getLocatorPort(0))) + .isInstanceOf(GemFireConfigException.class) + .hasMessage(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toLocalizedString()); } } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/security/IntegratedClientAuthDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/security/IntegratedClientAuthDUnitTest.java b/geode-core/src/test/java/org/apache/geode/security/IntegratedClientAuthDUnitTest.java index 2aa633c..3a066ca 100644 --- a/geode-core/src/test/java/org/apache/geode/security/IntegratedClientAuthDUnitTest.java +++ b/geode-core/src/test/java/org/apache/geode/security/IntegratedClientAuthDUnitTest.java @@ -17,6 +17,7 @@ package org.apache.geode.security; import static com.googlecode.catchexception.CatchException.*; +import static com.googlecode.catchexception.apis.BDDCatchException.caughtException; import static org.assertj.core.api.Assertions.*; import org.junit.Test; @@ -24,42 +25,28 @@ import org.junit.experimental.categories.Category; import org.apache.geode.cache.client.ClientCache; import org.apache.geode.cache.client.ClientCacheFactory; -import org.apache.geode.cache.client.ClientRegionFactory; -import org.apache.geode.cache.client.ClientRegionShortcut; -import org.apache.geode.test.dunit.IgnoredException; import org.apache.geode.test.junit.categories.DistributedTest; -import org.apache.geode.test.junit.categories.FlakyTest; import org.apache.geode.test.junit.categories.SecurityTest; @Category({ DistributedTest.class, SecurityTest.class }) public class IntegratedClientAuthDUnitTest extends AbstractSecureServerDUnitTest { - @Category(FlakyTest.class) // GEODE-1877 @Test public void authWithCorrectPasswordShouldPass() { client1.invoke("logging in super-user with correct password", () -> { ClientCache cache = new ClientCacheFactory(createClientProperties("super-user", "1234567")).setPoolSubscriptionEnabled(true) .addPoolServer("localhost", serverPort) .create(); - - ClientRegionFactory<String, String> crf = cache.createClientRegionFactory(ClientRegionShortcut.PROXY); - - crf.create(REGION_NAME); }); } - @Category(FlakyTest.class) // GEODE-1875 @Test public void authWithIncorrectPasswordShouldFail() { - IgnoredException.addIgnoredException(AuthenticationFailedException.class.getName()); - client2.invoke("logging in super-user with wrong password", () -> { - AuthenticationFailedException expected = new AuthenticationFailedException("Authentication error. Please check your credentials."); - - catchException(new ClientCacheFactory(createClientProperties("super-user", "wrong")).setPoolSubscriptionEnabled(true) + catchException(new ClientCacheFactory(createClientProperties("data", "wrong")).setPoolSubscriptionEnabled(true) .addPoolServer("localhost", serverPort)) .create(); - assertThat((Throwable) caughtException()).hasCause(expected); + assertThat((Throwable) caughtException()).isInstanceOf(AuthenticationFailedException.class); }); } } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/security/NoShowValue1PostProcessorDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/security/NoShowValue1PostProcessorDUnitTest.java b/geode-core/src/test/java/org/apache/geode/security/NoShowValue1PostProcessorDUnitTest.java index d2a9887..932235b 100644 --- a/geode-core/src/test/java/org/apache/geode/security/NoShowValue1PostProcessorDUnitTest.java +++ b/geode-core/src/test/java/org/apache/geode/security/NoShowValue1PostProcessorDUnitTest.java @@ -16,11 +16,13 @@ */ package org.apache.geode.security; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR; import static org.junit.Assert.*; import java.util.ArrayList; import java.util.List; import java.util.Map; +import java.util.Properties; import org.junit.Test; import org.junit.experimental.categories.Category; @@ -36,8 +38,10 @@ import org.apache.geode.test.junit.categories.SecurityTest; @Category({ DistributedTest.class, SecurityTest.class }) public class NoShowValue1PostProcessorDUnitTest extends AbstractSecureServerDUnitTest { - public NoShowValue1PostProcessorDUnitTest(){ - this.postProcessor = NoShowValue1PostProcessor.class; + public Properties getProperties(){ + Properties properties = super.getProperties(); + properties.setProperty(SECURITY_POST_PROCESSOR, NoShowValue1PostProcessor.class.getName()); + return properties; } @Test http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessorDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessorDUnitTest.java b/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessorDUnitTest.java index cf0df1b..7423fdc 100644 --- a/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessorDUnitTest.java +++ b/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessorDUnitTest.java @@ -17,12 +17,15 @@ package org.apache.geode.security; +import static org.apache.geode.distributed.ConfigurationProperties.*; import static org.junit.Assert.*; import java.util.Arrays; import java.util.Collection; import java.util.HashMap; import java.util.Iterator; +import java.util.Map; +import java.util.Properties; import java.util.concurrent.TimeUnit; import com.jayway.awaitility.Awaitility; @@ -59,6 +62,7 @@ import org.apache.geode.test.junit.runners.CategoryWithParameterizedRunnerFactor @Parameterized.UseParametersRunnerFactory(CategoryWithParameterizedRunnerFactory.class) public class PDXPostProcessorDUnitTest extends AbstractSecureServerDUnitTest { private static byte[] BYTES = PDXPostProcessor.BYTES; + private int jmxPort = AvailablePortHelper.getRandomAvailableTCPPort(); @Parameterized.Parameters public static Collection<Object[]> parameters(){ @@ -66,11 +70,19 @@ public class PDXPostProcessorDUnitTest extends AbstractSecureServerDUnitTest { return Arrays.asList(params); } + public Properties getProperties(){ + Properties properties = super.getProperties(); + properties.setProperty(SECURITY_POST_PROCESSOR, PDXPostProcessor.class.getName()); + properties.setProperty(JMX_MANAGER_PORT, jmxPort+""); + properties.setProperty("security-pdx", pdxPersistent+""); + return properties; + } + + public Map<String, String> getData(){ + return new HashMap(); + } public PDXPostProcessorDUnitTest(boolean pdxPersistent){ - this.postProcessor = PDXPostProcessor.class; this.pdxPersistent = pdxPersistent; - this.jmxPort = AvailablePortHelper.getRandomAvailableTCPPort(); - values = new HashMap(); } @Test http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/security/PostProcessorDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/security/PostProcessorDUnitTest.java b/geode-core/src/test/java/org/apache/geode/security/PostProcessorDUnitTest.java index a7cdb0f..760c292 100644 --- a/geode-core/src/test/java/org/apache/geode/security/PostProcessorDUnitTest.java +++ b/geode-core/src/test/java/org/apache/geode/security/PostProcessorDUnitTest.java @@ -16,13 +16,14 @@ */ package org.apache.geode.security; +import static org.apache.geode.distributed.ConfigurationProperties.*; import static org.junit.Assert.*; import java.util.ArrayList; import java.util.List; import java.util.Map; +import java.util.Properties; -import org.apache.geode.security.templates.SamplePostProcessor; import org.junit.Test; import org.junit.experimental.categories.Category; @@ -36,14 +37,17 @@ import org.apache.geode.cache.client.Pool; import org.apache.geode.cache.client.PoolManager; import org.apache.geode.cache.query.SelectResults; import org.apache.geode.cache.util.CacheListenerAdapter; +import org.apache.geode.security.templates.SamplePostProcessor; import org.apache.geode.test.junit.categories.DistributedTest; import org.apache.geode.test.junit.categories.SecurityTest; @Category({ DistributedTest.class, SecurityTest.class }) public class PostProcessorDUnitTest extends AbstractSecureServerDUnitTest { - public PostProcessorDUnitTest(){ - this.postProcessor = SamplePostProcessor.class; + public Properties getProperties(){ + Properties properties = super.getProperties(); + properties.setProperty(SECURITY_POST_PROCESSOR, SamplePostProcessor.class.getName()); + return properties; } @Test http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/security/SecurityClusterConfigDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/security/SecurityClusterConfigDUnitTest.java b/geode-core/src/test/java/org/apache/geode/security/SecurityClusterConfigDUnitTest.java index 54c02f7..5364c91 100644 --- a/geode-core/src/test/java/org/apache/geode/security/SecurityClusterConfigDUnitTest.java +++ b/geode-core/src/test/java/org/apache/geode/security/SecurityClusterConfigDUnitTest.java @@ -29,13 +29,13 @@ import org.junit.Test; import org.junit.experimental.categories.Category; import org.apache.geode.GemFireConfigException; -import org.apache.geode.cache.CacheFactory; -import org.apache.geode.distributed.internal.InternalDistributedSystem; +import org.apache.geode.distributed.DistributedSystem; import org.apache.geode.internal.i18n.LocalizedStrings; import org.apache.geode.security.templates.SimpleSecurityManager; import org.apache.geode.test.dunit.IgnoredException; import org.apache.geode.test.dunit.internal.JUnit4DistributedTestCase; -import org.apache.geode.test.dunit.rules.LocatorServerConfigurationRule; +import org.apache.geode.test.dunit.rules.LocatorServerStartupRule; +import org.apache.geode.test.dunit.rules.ServerStarter; import org.apache.geode.test.junit.categories.DistributedTest; import org.apache.geode.test.junit.categories.SecurityTest; @@ -43,7 +43,7 @@ import org.apache.geode.test.junit.categories.SecurityTest; public class SecurityClusterConfigDUnitTest extends JUnit4DistributedTestCase { @Rule - public LocatorServerConfigurationRule lsRule = new LocatorServerConfigurationRule(this); + public LocatorServerStartupRule lsRule = new LocatorServerStartupRule(); @Before public void before() throws Exception { @@ -55,7 +55,7 @@ public class SecurityClusterConfigDUnitTest extends JUnit4DistributedTestCase { props.put(JMX_MANAGER_START, "false"); props.put(JMX_MANAGER_PORT, 0); props.setProperty(SECURITY_POST_PROCESSOR, PDXPostProcessor.class.getName()); - lsRule.getLocatorVM(props); + lsRule.getLocatorVM(0, props); } @Test @@ -67,10 +67,9 @@ public class SecurityClusterConfigDUnitTest extends JUnit4DistributedTestCase { props.setProperty("use-cluster-configuration", "true"); // initial security properties should only contain initial set of values - InternalDistributedSystem ds = lsRule.getSystem(props); - assertEquals(2, ds.getSecurityProperties().size()); - - CacheFactory.create(ds); + ServerStarter serverStarter = new ServerStarter(props); + serverStarter.startServer(lsRule.getLocatorPort(0)); + DistributedSystem ds = serverStarter.cache.getDistributedSystem(); // after cache is created, we got the security props passed in by cluster config Properties secProps = ds.getSecurityProperties(); @@ -90,9 +89,9 @@ public class SecurityClusterConfigDUnitTest extends JUnit4DistributedTestCase { props.setProperty(SECURITY_MANAGER, SimpleSecurityManager.class.getName()); // initial security properties should only contain initial set of values - InternalDistributedSystem ds = lsRule.getSystem(props); - - CacheFactory.create(ds); + ServerStarter serverStarter = new ServerStarter(props); + serverStarter.startServer(lsRule.getLocatorPort(0)); + DistributedSystem ds = serverStarter.cache.getDistributedSystem(); // after cache is created, we got the security props passed in by cluster config Properties secProps = ds.getSecurityProperties(); @@ -111,11 +110,12 @@ public class SecurityClusterConfigDUnitTest extends JUnit4DistributedTestCase { props.setProperty("use-cluster-configuration", "true"); // initial security properties should only contain initial set of values - InternalDistributedSystem ds = lsRule.getSystem(props); + ServerStarter serverStarter = new ServerStarter(props); - assertThatThrownBy(() -> CacheFactory.create(ds)).isInstanceOf(GemFireConfigException.class) - .hasMessage(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION - .toLocalizedString()); + assertThatThrownBy(() -> serverStarter.startServer(lsRule.getLocatorPort(0))) + .isInstanceOf(GemFireConfigException.class) + .hasMessage(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION + .toLocalizedString()); } @@ -130,10 +130,11 @@ public class SecurityClusterConfigDUnitTest extends JUnit4DistributedTestCase { props.setProperty("use-cluster-configuration", "true"); // initial security properties should only contain initial set of values - InternalDistributedSystem ds = lsRule.getSystem(props); + ServerStarter serverStarter = new ServerStarter(props); - assertThatThrownBy(() -> CacheFactory.create(ds)).isInstanceOf(GemFireConfigException.class) - .hasMessage(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION + assertThatThrownBy(() -> serverStarter.startServer(lsRule.getLocatorPort(0))) + .isInstanceOf(GemFireConfigException.class) + .hasMessage(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION .toLocalizedString()); } @@ -148,10 +149,11 @@ public class SecurityClusterConfigDUnitTest extends JUnit4DistributedTestCase { props.setProperty("security-manager", "mySecurityManager"); props.setProperty("use-cluster-configuration", "false"); - InternalDistributedSystem ds = lsRule.getSystem(props); + ServerStarter serverStarter = new ServerStarter(props); - assertThatThrownBy(() -> CacheFactory.create(ds)).isInstanceOf(GemFireConfigException.class) - .hasMessage(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION_2 + assertThatThrownBy(() -> serverStarter.startServer(lsRule.getLocatorPort(0))) + .isInstanceOf(GemFireConfigException.class) + .hasMessage(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION_2 .toLocalizedString()); } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/security/SecurityWithoutClusterConfigDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/security/SecurityWithoutClusterConfigDUnitTest.java b/geode-core/src/test/java/org/apache/geode/security/SecurityWithoutClusterConfigDUnitTest.java index d5f8686..d3ed823 100644 --- a/geode-core/src/test/java/org/apache/geode/security/SecurityWithoutClusterConfigDUnitTest.java +++ b/geode-core/src/test/java/org/apache/geode/security/SecurityWithoutClusterConfigDUnitTest.java @@ -27,14 +27,14 @@ import org.junit.Rule; import org.junit.Test; import org.junit.experimental.categories.Category; -import org.apache.geode.cache.CacheFactory; -import org.apache.geode.distributed.internal.InternalDistributedSystem; +import org.apache.geode.distributed.DistributedSystem; import org.apache.geode.internal.i18n.LocalizedStrings; import org.apache.geode.security.templates.SampleSecurityManager; import org.apache.geode.security.templates.SimpleSecurityManager; import org.apache.geode.test.dunit.IgnoredException; import org.apache.geode.test.dunit.internal.JUnit4DistributedTestCase; -import org.apache.geode.test.dunit.rules.LocatorServerConfigurationRule; +import org.apache.geode.test.dunit.rules.LocatorServerStartupRule; +import org.apache.geode.test.dunit.rules.ServerStarter; import org.apache.geode.test.junit.categories.DistributedTest; import org.apache.geode.test.junit.categories.SecurityTest; @@ -43,7 +43,7 @@ import org.apache.geode.test.junit.categories.SecurityTest; public class SecurityWithoutClusterConfigDUnitTest extends JUnit4DistributedTestCase { @Rule - public LocatorServerConfigurationRule lsRule = new LocatorServerConfigurationRule(this); + public LocatorServerStartupRule lsRule = new LocatorServerStartupRule(); @Before public void before() throws Exception { @@ -53,7 +53,7 @@ public class SecurityWithoutClusterConfigDUnitTest extends JUnit4DistributedTest props.setProperty(SECURITY_MANAGER, SimpleSecurityManager.class.getName()); props.setProperty(SECURITY_POST_PROCESSOR, PDXPostProcessor.class.getName()); props.setProperty(ENABLE_CLUSTER_CONFIGURATION, "false"); - lsRule.getLocatorVM(props); + lsRule.getLocatorVM(0, props); } @Test @@ -69,11 +69,11 @@ public class SecurityWithoutClusterConfigDUnitTest extends JUnit4DistributedTest props.setProperty("use-cluster-configuration", "true"); // initial security properties should only contain initial set of values - InternalDistributedSystem ds = lsRule.getSystem(props); + ServerStarter serverStarter = new ServerStarter(props); + serverStarter.startServer(lsRule.getLocatorPort(0)); + DistributedSystem ds = serverStarter.cache.getDistributedSystem(); assertEquals(3, ds.getSecurityProperties().size()); - CacheFactory.create(ds); - // after cache is created, we got the security props passed in by cluster config Properties secProps = ds.getSecurityProperties(); assertEquals(3, secProps.size()); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/security/StartServerAuthorizationTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/security/StartServerAuthorizationTest.java b/geode-core/src/test/java/org/apache/geode/security/StartServerAuthorizationTest.java index 953cdb7..f6928bf 100644 --- a/geode-core/src/test/java/org/apache/geode/security/StartServerAuthorizationTest.java +++ b/geode-core/src/test/java/org/apache/geode/security/StartServerAuthorizationTest.java @@ -30,7 +30,8 @@ import org.junit.experimental.categories.Category; import org.apache.geode.security.templates.SimpleSecurityManager; import org.apache.geode.test.dunit.VM; import org.apache.geode.test.dunit.internal.JUnit4DistributedTestCase; -import org.apache.geode.test.dunit.rules.LocatorServerConfigurationRule; +import org.apache.geode.test.dunit.rules.LocatorServerStartupRule; +import org.apache.geode.test.dunit.rules.ServerStarter; import org.apache.geode.test.junit.categories.DistributedTest; import org.apache.geode.test.junit.categories.SecurityTest; @@ -38,17 +39,13 @@ import org.apache.geode.test.junit.categories.SecurityTest; public class StartServerAuthorizationTest extends JUnit4DistributedTestCase { @Rule - public LocatorServerConfigurationRule lsRule = new LocatorServerConfigurationRule(this); + public LocatorServerStartupRule lsRule = new LocatorServerStartupRule(); @Before public void before() throws Exception { Properties props = new Properties(); props.setProperty(SECURITY_MANAGER, SimpleSecurityManager.class.getName()); - props.put(JMX_MANAGER, "true"); - props.put(JMX_MANAGER_START, "true"); - props.put(JMX_MANAGER_PORT, 0); - props.setProperty(SECURITY_POST_PROCESSOR, PDXPostProcessor.class.getName()); - lsRule.getLocatorVM(props); + lsRule.getLocatorVM(0, props); } @Test @@ -60,7 +57,8 @@ public class StartServerAuthorizationTest extends JUnit4DistributedTestCase { VM server = lsRule.getNodeVM(1); server.invoke(()->{ - assertThatThrownBy(()->lsRule.getSystem(props)).isInstanceOf(GemFireSecurityException.class).hasMessageContaining("Security check failed. Authentication error. Please check your credentials"); + ServerStarter serverStarter = new ServerStarter(props); + assertThatThrownBy(()->serverStarter.startServer(lsRule.getLocatorPort(0))).isInstanceOf(GemFireSecurityException.class).hasMessageContaining("Security check failed. Authentication error. Please check your credentials"); }); } @@ -74,7 +72,8 @@ public class StartServerAuthorizationTest extends JUnit4DistributedTestCase { VM server = lsRule.getNodeVM(1); server.invoke(()->{ - assertThatThrownBy(()->lsRule.getSystem(props)).isInstanceOf(GemFireSecurityException.class).hasMessageContaining("user not authorized for CLUSTER:MANAGE"); + ServerStarter serverStarter = new ServerStarter(props); + assertThatThrownBy(()->serverStarter.startServer(lsRule.getLocatorPort(0))).isInstanceOf(GemFireSecurityException.class).hasMessageContaining("user not authorized for CLUSTER:MANAGE"); }); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/test/dunit/rules/ConnectionConfiguration.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/test/dunit/rules/ConnectionConfiguration.java b/geode-core/src/test/java/org/apache/geode/test/dunit/rules/ConnectionConfiguration.java new file mode 100644 index 0000000..3ba300f --- /dev/null +++ b/geode-core/src/test/java/org/apache/geode/test/dunit/rules/ConnectionConfiguration.java @@ -0,0 +1,34 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.geode.test.dunit.rules; + +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +/** + * This annotation is intended to be used with {@link MBeanServerConnectionRule} in order to configure a per-test JMX + * connection with a specific user and password. + */ +@Retention(RetentionPolicy.RUNTIME) +@Target({ElementType.METHOD}) +public @interface ConnectionConfiguration { + String user(); + String password(); +} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/test/dunit/rules/LocatorServerConfigurationRule.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/test/dunit/rules/LocatorServerConfigurationRule.java b/geode-core/src/test/java/org/apache/geode/test/dunit/rules/LocatorServerConfigurationRule.java deleted file mode 100644 index 7f52ce1..0000000 --- a/geode-core/src/test/java/org/apache/geode/test/dunit/rules/LocatorServerConfigurationRule.java +++ /dev/null @@ -1,148 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.geode.test.dunit.rules; - -import static org.apache.geode.distributed.ConfigurationProperties.*; -import static org.apache.geode.test.dunit.Host.*; -import static org.apache.geode.test.dunit.internal.JUnit4DistributedTestCase.*; -import static org.junit.Assert.*; - -import java.io.IOException; -import java.io.Serializable; -import java.net.InetAddress; -import java.net.UnknownHostException; -import java.util.Properties; -import java.util.concurrent.TimeUnit; - -import com.jayway.awaitility.Awaitility; -import org.junit.rules.ExternalResource; - -import org.apache.geode.distributed.Locator; -import org.apache.geode.distributed.internal.InternalDistributedSystem; -import org.apache.geode.distributed.internal.InternalLocator; -import org.apache.geode.test.dunit.Host; -import org.apache.geode.test.dunit.VM; -import org.apache.geode.test.dunit.cache.internal.JUnit4CacheTestCase; -import org.apache.geode.test.dunit.internal.JUnit4DistributedTestCase; - - -public class LocatorServerConfigurationRule extends ExternalResource implements Serializable { - - private int locatorPort = 0; - - private boolean locatorInitialized = false; - - private JUnit4DistributedTestCase testCase; - - public LocatorServerConfigurationRule(JUnit4DistributedTestCase testCase) { - this.testCase = testCase; - } - - Host host = getHost(0); - VM locator = host.getVM(0); - - @Override - protected void before() { - // Add initialization requirement if any. - disconnectAllFromDS(); - } - - @Override - protected void after() { - disconnectAllFromDS(); - } - - /** - * Returns getHost(0).getVM(0) as a locator instance with the given - * configuration properties. - * @param locatorProperties - * - * @return VM locator vm - * - * @throws IOException - */ - public VM getLocatorVM(Properties locatorProperties) throws IOException { - if (!locatorProperties.containsKey(MCAST_PORT)) { - locatorProperties.setProperty(MCAST_PORT, "0"); - } - - locatorPort = locator.invoke(() -> { - InternalLocator locator = (InternalLocator) Locator.startLocatorAndDS(0, null, locatorProperties); - locator.resetInternalLocatorFileNamesWithCorrectPortNumber(locatorPort); - - if (locator.getConfig().getEnableClusterConfiguration()) { - Awaitility.await().atMost(65, TimeUnit.SECONDS).until(() -> assertTrue(locator.isSharedConfigurationRunning())); - } - return locator.getPort(); - }); - - this.locatorInitialized = true; - return locator; - } - - /** - * Returns a node VM with given configuration properties. - * @param index valid 1 to 3 (returns getHist(0).getVM(index) - * @param properties - * - * @return VM node vm - */ - public VM getServerVM(int index, Properties properties) { - assertTrue("Locator not initialized. Initialize locator by calling getLocatorVM()", this.locatorInitialized); - assertTrue("VM with index 0 is used for locator service.", (index != 0)); - VM nodeVM = getNodeVM(index); - nodeVM.invoke(() -> { - getSystem(properties); - }); - return nodeVM; - } - - /** - * this will simply returns the node - * @param index - * @return - */ - public VM getNodeVM(int index){ - return host.getVM(index); - } - - public InternalDistributedSystem getSystem(Properties properties){ - if (!properties.containsKey(MCAST_PORT)) { - properties.setProperty(MCAST_PORT, "0"); - } - properties.setProperty(LOCATORS, getHostName() + "[" + locatorPort + "]"); - InternalDistributedSystem ds = testCase.getSystem(properties); - if(testCase instanceof JUnit4CacheTestCase){ - ((JUnit4CacheTestCase)testCase).getCache(); - } - return ds; - } - - public int getLocatorPort(){ - return locatorPort; - } - - private String getHostName() { - try { - return InetAddress.getLocalHost().getHostName(); - } catch (UnknownHostException ignore) { - return "localhost"; - } - } - -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/test/dunit/rules/LocatorServerStartupRule.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/test/dunit/rules/LocatorServerStartupRule.java b/geode-core/src/test/java/org/apache/geode/test/dunit/rules/LocatorServerStartupRule.java new file mode 100644 index 0000000..71894c8 --- /dev/null +++ b/geode-core/src/test/java/org/apache/geode/test/dunit/rules/LocatorServerStartupRule.java @@ -0,0 +1,133 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.geode.test.dunit.rules; + +import static org.apache.geode.distributed.ConfigurationProperties.*; +import static org.apache.geode.test.dunit.Host.*; + +import java.io.IOException; +import java.io.Serializable; +import java.util.Properties; + +import org.junit.After; +import org.junit.Before; +import org.junit.rules.ExternalResource; + +import org.apache.geode.test.dunit.Host; +import org.apache.geode.test.dunit.Invoke; +import org.apache.geode.test.dunit.VM; + + +/** + * this rule can help you start up locator/server in different VMs + * you can multiple locators/servers combination + */ +public class LocatorServerStartupRule extends ExternalResource implements Serializable { + + private Host host = getHost(0); + + public int[] locatorPorts = new int[4]; + + + // these are only avaialbe in each VM + public static ServerStarter serverStarter; + public static LocatorStarter locatorStarter; + + @Before + public void before() { + after(); + } + + @After + public void after() { + stop(); + Invoke.invokeInEveryVM("Stop each VM", ()->stop()); + } + + /** + * Returns getHost(0).getVM(0) as a locator instance with the given + * configuration properties. + * @param locatorProperties + * + * @return VM locator vm + * + * @throws IOException + */ + public VM getLocatorVM(int index, Properties locatorProperties) throws IOException { + VM locatorVM = host.getVM(index); + int locatorPort = locatorVM.invoke(() -> { + locatorStarter = new LocatorStarter(locatorProperties); + locatorStarter.startLocator(); + return locatorStarter.locator.getPort(); + }); + locatorPorts[index] = locatorPort; + return locatorVM; + } + + /** + * starts a cache server that does not connect to a locator + * @return VM node vm + */ + + public VM getServerVM(int index, Properties properties) { + return getServerVM(index, properties, 0); + } + + /** + * starts a cache server that connect to the locator running at the given port. + * @param index + * @param properties + * @param locatorPort + * @return + */ + public VM getServerVM(int index, Properties properties, int locatorPort) { + VM nodeVM = getNodeVM(index); + properties.setProperty(NAME, "server-"+index); + nodeVM.invoke(() -> { + serverStarter = new ServerStarter(properties); + serverStarter.startServer(locatorPort); + }); + return nodeVM; + } + + + + /** + * this will simply returns the node + * @param index + * @return + */ + public VM getNodeVM(int index){ + return host.getVM(index); + } + + public int getLocatorPort(int index){ + return locatorPorts[index]; + } + + + public final void stop(){ + if(serverStarter!=null) { + serverStarter.after(); + } + if(locatorStarter!=null){ + locatorStarter.after(); + } + } + +} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/test/dunit/rules/LocatorStarter.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/test/dunit/rules/LocatorStarter.java b/geode-core/src/test/java/org/apache/geode/test/dunit/rules/LocatorStarter.java new file mode 100644 index 0000000..02ba672 --- /dev/null +++ b/geode-core/src/test/java/org/apache/geode/test/dunit/rules/LocatorStarter.java @@ -0,0 +1,74 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.geode.test.dunit.rules; + +import static org.apache.geode.distributed.ConfigurationProperties.*; +import static org.junit.Assert.*; + +import java.io.Serializable; +import java.util.Properties; +import java.util.concurrent.TimeUnit; + +import com.jayway.awaitility.Awaitility; +import org.junit.rules.ExternalResource; + +import org.apache.geode.distributed.Locator; +import org.apache.geode.distributed.internal.InternalLocator; + +/** + * This is a rule to start up a locator in your current VM. It's useful for your + * Integration Tests. + * + * If you need a rule to start a server/locator in different VM for Distribution tests, + * You should use LocatorServerStartupRule + * + * This rule does not have a before(), because you may choose to start a locator in different time + * of your tests. You may choose to use this class not as a rule or use it in your own rule, + * (see LocatorServerStartupRule) you will need to call after() manually in that case. + */ + +public class LocatorStarter extends ExternalResource implements Serializable { + + public InternalLocator locator; + + private Properties properties; + + public LocatorStarter(Properties properties){ + this.properties = properties; + } + + public void startLocator() throws Exception{ + if (!properties.containsKey(MCAST_PORT)) { + properties.setProperty(MCAST_PORT, "0"); + } + locator = (InternalLocator) Locator.startLocatorAndDS(0, null, properties); + int locatorPort = locator.getPort(); + locator.resetInternalLocatorFileNamesWithCorrectPortNumber(locatorPort); + + if (locator.getConfig().getEnableClusterConfiguration()) { + Awaitility.await().atMost(65, TimeUnit.SECONDS).until(() -> assertTrue(locator.isSharedConfigurationRunning())); + } + } + + @Override + public void after(){ + if(locator!=null){ + locator.stop(); + } + } +} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/test/dunit/rules/MBeanServerConnectionRule.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/test/dunit/rules/MBeanServerConnectionRule.java b/geode-core/src/test/java/org/apache/geode/test/dunit/rules/MBeanServerConnectionRule.java new file mode 100644 index 0000000..ace0c53 --- /dev/null +++ b/geode-core/src/test/java/org/apache/geode/test/dunit/rules/MBeanServerConnectionRule.java @@ -0,0 +1,132 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.geode.test.dunit.rules; + +import static org.junit.Assert.*; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; +import java.util.Set; + +import javax.management.JMX; +import javax.management.MBeanServerConnection; +import javax.management.MalformedObjectNameException; +import javax.management.ObjectInstance; +import javax.management.ObjectName; +import javax.management.Query; +import javax.management.QueryExp; +import javax.management.remote.JMXConnector; +import javax.management.remote.JMXConnectorFactory; +import javax.management.remote.JMXServiceURL; + +import org.junit.runner.Description; + +import org.apache.geode.management.internal.security.AccessControlMXBean; +import org.apache.geode.test.junit.rules.DescribedExternalResource; + +/** + * Class which eases the creation of MBeans for security testing. When combined with {@link ConnectionConfiguration} + * it allows for the creation of per-test connections with different user/password combinations. + */ +public class MBeanServerConnectionRule extends DescribedExternalResource { + + private final int jmxServerPort; + private JMXConnector jmxConnector; + private MBeanServerConnection con; + + /** + * Rule constructor + * + * @param port The JMX server port to connect to + */ + public MBeanServerConnectionRule(int port) { + this.jmxServerPort = port; + } + + /** + * Retrieve a new proxy MBean + * + * @return A new proxy MBean of the same type with which the class was constructed + */ + public <T> T getProxyMBean(Class<T> proxyClass, String beanQueryName) throws MalformedObjectNameException, IOException { + ObjectName name = null; + QueryExp query = null; + + if (proxyClass != null) { + query = Query.isInstanceOf(Query.value(proxyClass.getName())); + } + + if (beanQueryName != null) { + name = ObjectName.getInstance(beanQueryName); + } + + Set<ObjectInstance> beans = con.queryMBeans(name, query); + assertEquals("failed to find only one instance of type " + proxyClass.getName() + " with name " + beanQueryName, 1, beans.size()); + + return JMX.newMXBeanProxy(con, ((ObjectInstance) beans.toArray()[0]).getObjectName(), proxyClass); + } + + public AccessControlMXBean getAccessControlMBean() throws Exception{ + return JMX.newMXBeanProxy(con, new ObjectName("GemFire:service=AccessControl,type=Distributed"), AccessControlMXBean.class); + } + + /** + * Retrieve a new proxy MBean + * + * @return A new proxy MBean of the same type with which the class was constructed + */ + public <T> T getProxyMBean(Class<T> proxyClass) throws MalformedObjectNameException, IOException { + return getProxyMBean(proxyClass, null); + } + + public <T> T getProxyMBean(String beanQueryName) throws MalformedObjectNameException, IOException { + return getProxyMBean(null, beanQueryName); + } + + public MBeanServerConnection getMBeanServerConnection() throws IOException { + return con; + } + + protected void before(Description description) throws Throwable { + ConnectionConfiguration config = description.getAnnotation(ConnectionConfiguration.class); + Map<String, String[]> env = new HashMap<>(); + if (config != null) { + String user = config.user(); + String password = config.password(); + env.put(JMXConnector.CREDENTIALS, new String[] { user, password }); + + JMXServiceURL url = new JMXServiceURL("service:jmx:rmi:///jndi/rmi://:" + jmxServerPort + "/jmxrmi"); + jmxConnector = JMXConnectorFactory.connect(url, env); + con = jmxConnector.getMBeanServerConnection(); + } + } + + /** + * Override to tear down your specific external resource. + */ + protected void after(Description description) throws Throwable { + if (jmxConnector != null) { + jmxConnector.close(); + jmxConnector = null; + } + + con = null; + } + +} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/de621597/geode-core/src/test/java/org/apache/geode/test/dunit/rules/ServerStarter.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/test/dunit/rules/ServerStarter.java b/geode-core/src/test/java/org/apache/geode/test/dunit/rules/ServerStarter.java new file mode 100644 index 0000000..910f232 --- /dev/null +++ b/geode-core/src/test/java/org/apache/geode/test/dunit/rules/ServerStarter.java @@ -0,0 +1,99 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.geode.test.dunit.rules; + +import static org.apache.geode.distributed.ConfigurationProperties.*; + +import java.io.Serializable; +import java.util.Properties; + +import org.junit.rules.ExternalResource; + +import org.apache.geode.cache.Cache; +import org.apache.geode.cache.CacheFactory; +import org.apache.geode.cache.server.CacheServer; + + +/** + * This is a rule to start up a server in your current VM. It's useful for your + * Integration Tests. + * + * If you need a rule to start a server/locator in different VM for Distribution tests, + * You should use LocatorServerStartupRule + * + * This rule does not have a before(), because you may choose to start a server in different time + * of your tests. You may choose to use this class not as a rule or use it in your own rule, + * (see LocatorServerStartupRule) you will need to call after() manually in that case. + */ +public class ServerStarter extends ExternalResource implements Serializable{ + + public Cache cache; + public CacheServer server; + + private Properties properties; + + public ServerStarter(Properties properties){ + this.properties = properties; + } + + public void startServer() throws Exception { + startServer(0, false); + } + + public void startServer(int locatorPort) throws Exception { + startServer(locatorPort, false); + } + + public void startServer(int locatorPort, boolean pdxPersistent) throws Exception { + if (!properties.containsKey(MCAST_PORT)) { + properties.setProperty(MCAST_PORT, "0"); + } + if (!properties.containsKey(NAME)) { + properties.setProperty(NAME, this.getClass().getName()); + } + if (locatorPort>0) { + properties.setProperty(LOCATORS, "localhost["+locatorPort+"]"); + } + else { + properties.setProperty(LOCATORS, ""); + } + if(properties.containsKey(JMX_MANAGER_PORT)){ + int jmxPort = Integer.parseInt(properties.getProperty(JMX_MANAGER_PORT)); + if(jmxPort>0) { + if (!properties.containsKey(JMX_MANAGER)) + properties.put(JMX_MANAGER, "true"); + if (!properties.containsKey(JMX_MANAGER_START)) + properties.put(JMX_MANAGER_START, "true"); + } + } + + CacheFactory cf = new CacheFactory(properties); + cf.setPdxReadSerialized(pdxPersistent); + cf.setPdxPersistent(pdxPersistent); + + cache = cf.create(); + server = cache.addCacheServer(); + server.setPort(0); + server.start(); + } + + public void after(){ + if(cache!=null) cache.close(); + if(server!=null) server.stop(); + } +}