This is an automated email from the ASF dual-hosted git repository. orudyy pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/qpid-broker-j.git
The following commit(s) were added to refs/heads/master by this push: new 59b1b8a NO-JIRA: Add extra debug to understand sproradic test failures in KerberosAuthenticationManagerTest 59b1b8a is described below commit 59b1b8a599daf1950a82f9e9a2f87bf0283496b5 Author: Alex Rudyy <oru...@apache.org> AuthorDate: Fri Nov 29 13:08:51 2019 +0000 NO-JIRA: Add extra debug to understand sproradic test failures in KerberosAuthenticationManagerTest --- .../manager/KerberosAuthenticationManagerTest.java | 42 ++++++++++++++++++++++ .../qpid/server/test/EmbeddedKdcResource.java | 1 + 2 files changed, 43 insertions(+) diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/KerberosAuthenticationManagerTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/KerberosAuthenticationManagerTest.java index e24d56c..e0ede79 100644 --- a/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/KerberosAuthenticationManagerTest.java +++ b/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/KerberosAuthenticationManagerTest.java @@ -62,6 +62,8 @@ import org.apache.qpid.server.security.auth.sasl.SaslNegotiator; import org.apache.qpid.server.security.auth.sasl.SaslSettings; import org.apache.qpid.server.test.EmbeddedKdcResource; import org.apache.qpid.server.test.KerberosUtilities; +import org.apache.qpid.server.util.FileUtils; +import org.apache.qpid.server.util.StringUtil; import org.apache.qpid.test.utils.JvmVendor; import org.apache.qpid.test.utils.SystemPropertySetter; import org.apache.qpid.test.utils.UnitTestBase; @@ -117,6 +119,28 @@ public class KerberosAuthenticationManagerTest extends UnitTestBase _kerberosAuthenticationProvider.create(); when(_broker.getChildren(AuthenticationProvider.class)) .thenReturn(Collections.singleton(_kerberosAuthenticationProvider)); + + if (LOGGER.isDebugEnabled()) + { + final String krb5Conf = System.getProperty("java.security.krb5.conf"); + if (krb5Conf != null) + { + final File file = new File(krb5Conf); + if (file.exists()) + { + String config = FileUtils.readFileAsString(file); + debug("Kerberos config: {}", config); + } + else + { + LOGGER.warn("Kerberos config file was not found in the expected location at '{}'", krb5Conf); + } + } + else + { + LOGGER.warn("JVM system property 'java.security.krb5.conf' is not set"); + } + } } @Test @@ -200,7 +224,9 @@ public class KerberosAuthenticationManagerTest extends UnitTestBase try { lc.login(); + final Subject clientSubject = lc.getSubject(); + debug("LoginContext subject {}", clientSubject); final SaslClient saslClient = createSaslClient(clientSubject); return performNegotiation(clientSubject, saslClient, negotiator); } @@ -210,6 +236,15 @@ public class KerberosAuthenticationManagerTest extends UnitTestBase } } + private void debug(String message, Object... args) + { + LOGGER.debug(message, args); + if (Boolean.TRUE.toString().equalsIgnoreCase(System.getProperty("sun.security.krb5.debug"))) + { + System.out.println(String.format(message.replace("{}", "%s"), args)); + } + } + private AuthenticationResult performNegotiation(final Subject clientSubject, final SaslClient saslClient, final SaslNegotiator negotiator) @@ -223,6 +258,7 @@ public class KerberosAuthenticationManagerTest extends UnitTestBase if (!initiated) { initiated = true; + debug("Sending initial challenge"); response = Subject.doAs(clientSubject, (PrivilegedExceptionAction<byte[]>) () -> { if (saslClient.hasInitialResponse()) { @@ -230,19 +266,25 @@ public class KerberosAuthenticationManagerTest extends UnitTestBase } return null; }); + debug("Initial challenge sent"); } + debug("Handling response: {}", StringUtil.toHex(response)); result = negotiator.handleResponse(response); byte[] challenge = result.getChallenge(); + if (challenge != null) { + debug("Challenge: {}", StringUtil.toHex(challenge)); response = Subject.doAs(clientSubject, (PrivilegedExceptionAction<byte[]>) () -> saslClient.evaluateChallenge( challenge)); } } while (result.getStatus() == AuthenticationResult.AuthenticationStatus.CONTINUE); + + debug("Result {}", result.getStatus()); return result; } diff --git a/broker-core/src/test/java/org/apache/qpid/server/test/EmbeddedKdcResource.java b/broker-core/src/test/java/org/apache/qpid/server/test/EmbeddedKdcResource.java index cda31a8..07e20b3 100644 --- a/broker-core/src/test/java/org/apache/qpid/server/test/EmbeddedKdcResource.java +++ b/broker-core/src/test/java/org/apache/qpid/server/test/EmbeddedKdcResource.java @@ -80,6 +80,7 @@ public class EmbeddedKdcResource extends ExternalResource _simpleKdcServer.setWorkDir(_kdcDirectory); _simpleKdcServer.init(); _simpleKdcServer.start(); + LOGGER.info("SimpleKdcServer started on port {}, realm '{}'", getPort(), getRealm()); } @Override --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org For additional commands, e-mail: commits-h...@qpid.apache.org