sr...

bdelacretaz Thu, 08 Aug 2013 07:14:36 -0700

Author: bdelacretaz
Date: Thu Aug  8 14:12:16 2013
New Revision: 1511793

URL: http://svn.apache.org/r1511793
Log:
SLING-2987 - DefaultLoginsHealthCheck added


Added:
    
sling/branches/SLING-2987-healthcheck-redesign/hc-core/src/main/java/org/apache/sling/hc/impl/healthchecks/DefaultLoginsHealthCheck.java
    
sling/branches/SLING-2987-healthcheck-redesign/hc-core/src/test/java/org/apache/sling/hc/impl/DefaultLoginsHealthCheckTest.java
    
sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.DefaultLoginsHealthCheck-1.json
Modified:
    sling/branches/SLING-2987-healthcheck-redesign/hc-core/pom.xml
    
sling/branches/SLING-2987-healthcheck-redesign/hc-core/src/main/resources/OSGI-INF/metatype/metatype.properties
    
sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.JmxAttributeHealthCheck-1.json
    
sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.ScriptableHealthCheck-1.json
    
sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.ScriptableHealthCheck-2.json

Modified: sling/branches/SLING-2987-healthcheck-redesign/hc-core/pom.xml
URL: 
http://svn.apache.org/viewvc/sling/branches/SLING-2987-healthcheck-redesign/hc-core/pom.xml?rev=1511793&r1=1511792&r2=1511793&view=diff
==============================================================================
--- sling/branches/SLING-2987-healthcheck-redesign/hc-core/pom.xml (original)
+++ sling/branches/SLING-2987-healthcheck-redesign/hc-core/pom.xml Thu Aug  8 
14:12:16 2013
@@ -102,6 +102,12 @@
             <scope>provided</scope>
         </dependency>
         <dependency>
+            <groupId>org.apache.sling</groupId>
+            <artifactId>org.apache.sling.jcr.api</artifactId>
+            <version>2.0.4</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-api</artifactId>
             <version>1.6.2</version>
@@ -112,7 +118,12 @@
             <artifactId>servlet-api</artifactId>
             <scope>provided</scope>
         </dependency>
-        <dependency>
+       <dependency>
+            <groupId>javax.jcr</groupId>
+            <artifactId>jcr</artifactId>
+            <scope>provided</scope>
+        </dependency>
+         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-simple</artifactId>
             <version>1.6.2</version>

Added: 
sling/branches/SLING-2987-healthcheck-redesign/hc-core/src/main/java/org/apache/sling/hc/impl/healthchecks/DefaultLoginsHealthCheck.java
URL: 
http://svn.apache.org/viewvc/sling/branches/SLING-2987-healthcheck-redesign/hc-core/src/main/java/org/apache/sling/hc/impl/healthchecks/DefaultLoginsHealthCheck.java?rev=1511793&view=auto
==============================================================================
--- 
sling/branches/SLING-2987-healthcheck-redesign/hc-core/src/main/java/org/apache/sling/hc/impl/healthchecks/DefaultLoginsHealthCheck.java
 (added)
+++ 
sling/branches/SLING-2987-healthcheck-redesign/hc-core/src/main/java/org/apache/sling/hc/impl/healthchecks/DefaultLoginsHealthCheck.java
 Thu Aug  8 14:12:16 2013
@@ -0,0 +1,114 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The SF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.sling.hc.impl.healthchecks;
+
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.jcr.Credentials;
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+import javax.jcr.SimpleCredentials;
+
+import org.apache.felix.scr.annotations.Activate;
+import org.apache.felix.scr.annotations.Component;
+import org.apache.felix.scr.annotations.ConfigurationPolicy;
+import org.apache.felix.scr.annotations.Property;
+import org.apache.felix.scr.annotations.Reference;
+import org.apache.felix.scr.annotations.Service;
+import org.apache.sling.commons.osgi.PropertiesUtil;
+import org.apache.sling.hc.api.Constants;
+import org.apache.sling.hc.api.HealthCheck;
+import org.apache.sling.hc.api.Result;
+import org.apache.sling.hc.api.ResultLog;
+import org.apache.sling.jcr.api.SlingRepository;
+import org.osgi.service.component.ComponentContext;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/** {@link HealthCheck} that checks that Sling default logins fail.
+ *  Used to verify that those logins are disabled on production systems */
+@Component(
+        name="org.apache.sling.hc.DefaultLoginsHealthCheck",
+        configurationFactory=true, 
+        policy=ConfigurationPolicy.REQUIRE, 
+        metatype=true)
+@Service
+public class DefaultLoginsHealthCheck implements HealthCheck {
+
+    private final Logger log = LoggerFactory.getLogger(getClass());
+    private final Map<String, String> info = new HashMap<String, String>();
+    private String username;
+    private String password;
+    
+    @Property
+    public static final String PROP_USERNAME = "username";
+    
+    @Property
+    public static final String PROP_PASSWORD = "password";
+    
+    @Property(cardinality=50)
+    public static final String PROP_TAGS = Constants.HC_TAGS;
+    
+    @Property
+    public static final String PROP_NAME = Constants.HC_NAME;
+    
+    @Reference
+    private SlingRepository repository;
+    
+    @Activate
+    public void activate(ComponentContext ctx) {
+        username = 
PropertiesUtil.toString(ctx.getProperties().get(PROP_USERNAME), "");
+        password = 
PropertiesUtil.toString(ctx.getProperties().get(PROP_PASSWORD), "");
+        
+        info.put(PROP_USERNAME, username);
+        info.put(Constants.HC_NAME, 
PropertiesUtil.toString(ctx.getProperties().get(Constants.HC_NAME), ""));
+        info.put(Constants.HC_TAGS, 
+                
Arrays.asList(PropertiesUtil.toStringArray(ctx.getProperties().get(Constants.HC_TAGS),
 new String[] {})).toString());
+        
+        log.info("Activated, username={}", username);
+    }
+    
+    @Override
+    public Result execute(ResultLog log) {
+        final Result result = new Result(this, log);
+        final Credentials creds = new SimpleCredentials(username, 
password.toCharArray());
+        Session s = null;
+        try {
+            s = repository.login(creds);
+            if(s != null) {
+                log.warn("Login as [{}] succeeded, was expecting it to fail", 
username);
+            } else {
+                log.debug("Login as [{}] didn't throw an Exception but 
returned null Session", username);
+            }
+        } catch(RepositoryException re) {
+            log.debug("Login as [{}] failed, as expected", username);
+        } finally {
+            if(s != null) {
+                s.logout();
+            }
+        }
+        return result;
+    }
+
+    @Override
+    public Map<String, String> getInfo() {
+        return info;
+    }
+}
\ No newline at end of file

Modified: 
sling/branches/SLING-2987-healthcheck-redesign/hc-core/src/main/resources/OSGI-INF/metatype/metatype.properties
URL: 
http://svn.apache.org/viewvc/sling/branches/SLING-2987-healthcheck-redesign/hc-core/src/main/resources/OSGI-INF/metatype/metatype.properties?rev=1511793&r1=1511792&r2=1511793&view=diff
==============================================================================
--- 
sling/branches/SLING-2987-healthcheck-redesign/hc-core/src/main/resources/OSGI-INF/metatype/metatype.properties
 (original)
+++ 
sling/branches/SLING-2987-healthcheck-redesign/hc-core/src/main/resources/OSGI-INF/metatype/metatype.properties
 Thu Aug  8 14:12:16 2013
@@ -29,6 +29,10 @@ org.apache.sling.hc.ScriptableHealthChec
 org.apache.sling.hc.ScriptableHealthCheck.description = Uses scripted 
expressions to verify multiple JMX \
   attributes or other values.
 
+org.apache.sling.hc.DefaultLoginsHealthCheck.name = Default Logins Health 
Check 
+org.apache.sling.hc.DefaultLoginsHealthCheck.description = Expects default 
logins to fail, used to verify \
+    that they are disabled on production systems
+
 mbean.name.name = MBean name
 mbean.name.description = The name of the MBean to check.
 
@@ -53,4 +57,10 @@ expression.description = The value of th
 language.extension.name = Language extension
 language.extension.description = File extension of the language to use to 
evaluate the \
     expression, for example "ecma" or "groovy", asssuming the corresponding 
script engine \
-    is available.
\ No newline at end of file
+    is available.
+    
+username.name = Username
+username.description = The username to use to test logins.
+
+password.name = Password
+password.description = The password to use to test logins.        
\ No newline at end of file

Added: 
sling/branches/SLING-2987-healthcheck-redesign/hc-core/src/test/java/org/apache/sling/hc/impl/DefaultLoginsHealthCheckTest.java
URL: 
http://svn.apache.org/viewvc/sling/branches/SLING-2987-healthcheck-redesign/hc-core/src/test/java/org/apache/sling/hc/impl/DefaultLoginsHealthCheckTest.java?rev=1511793&view=auto
==============================================================================
--- 
sling/branches/SLING-2987-healthcheck-redesign/hc-core/src/test/java/org/apache/sling/hc/impl/DefaultLoginsHealthCheckTest.java
 (added)
+++ 
sling/branches/SLING-2987-healthcheck-redesign/hc-core/src/test/java/org/apache/sling/hc/impl/DefaultLoginsHealthCheckTest.java
 Thu Aug  8 14:12:16 2013
@@ -0,0 +1,83 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The SF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.sling.hc.impl;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import java.lang.reflect.Field;
+
+import javax.jcr.Credentials;
+import javax.jcr.Session;
+import javax.jcr.SimpleCredentials;
+
+import org.apache.sling.hc.api.Result;
+import org.apache.sling.hc.api.ResultLog;
+import org.apache.sling.hc.impl.healthchecks.DefaultLoginsHealthCheck;
+import org.apache.sling.jcr.api.SlingRepository;
+import org.junit.Test;
+import org.mockito.Matchers;
+import org.mockito.Mockito;
+import org.mockito.invocation.InvocationOnMock;
+import org.mockito.stubbing.Answer;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class DefaultLoginsHealthCheckTest {
+    
+    private final Logger logger = LoggerFactory.getLogger(getClass());
+    
+    private Result getTestResult(String username, String password) throws 
Exception {
+        final DefaultLoginsHealthCheck c = new DefaultLoginsHealthCheck();
+        setField(c, "username", username);
+        setField(c, "password", password);
+        
+        final SlingRepository repo = Mockito.mock(SlingRepository.class);
+        setField(c, "repository", repo);
+        final Session s = Mockito.mock(Session.class);
+        
Mockito.when(repo.login(Matchers.any(Credentials.class))).thenAnswer(new 
Answer<Session>() {
+            @Override
+            public Session answer(InvocationOnMock invocation) {
+                final SimpleCredentials c = 
(SimpleCredentials)invocation.getArguments()[0];
+                if("admin".equals(c.getUserID())) {
+                    return s;
+                }
+                return null;
+            }
+        });
+        
+        final ResultLog log = new ResultLog(logger);
+        return c.execute(log);
+    }
+    
+    private void setField(Object o, String name, Object value) throws 
Exception {
+        final Field f = o.getClass().getDeclaredField(name);
+        f.setAccessible(true);
+        f.set(o, value);
+    }
+    
+    @Test
+    public void testHealthCheckFails() throws Exception {
+        assertFalse("Expecting failed check", getTestResult("admin",  
"admin").isOk());
+    }
+    
+    @Test
+    public void testHealthCheckSucceeds() throws Exception {
+        assertTrue("Expecting successful check", getTestResult("FOO",  
"bar").isOk());
+    }
+}
\ No newline at end of file

Added: 
sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.DefaultLoginsHealthCheck-1.json
URL: 
http://svn.apache.org/viewvc/sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.DefaultLoginsHealthCheck-1.json?rev=1511793&view=auto
==============================================================================
--- 
sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.DefaultLoginsHealthCheck-1.json
 (added)
+++ 
sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.DefaultLoginsHealthCheck-1.json
 Thu Aug  8 14:12:16 2013
@@ -0,0 +1,7 @@
+{
+    "jcr:primaryType" : "sling:OsgiConfig",
+    "username" : "admin",
+    "password" : "admin",
+    "hc.name" : "Default Admin Login Disabled", 
+    "hc.tags" : [security] 
+}

Modified: 
sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.JmxAttributeHealthCheck-1.json
URL: 
http://svn.apache.org/viewvc/sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.JmxAttributeHealthCheck-1.json?rev=1511793&r1=1511792&r2=1511793&view=diff
==============================================================================
--- 
sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.JmxAttributeHealthCheck-1.json
 (original)
+++ 
sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.JmxAttributeHealthCheck-1.json
 Thu Aug  8 14:12:16 2013
@@ -3,6 +3,6 @@
     "mbean.name" : "java.lang:type=ClassLoading", 
     "attribute.name" : "LoadedClassCount", 
     "attribute.value.constraint" : "between 5000 and 50000", 
-    "hc.name" : "JMX class loading example", 
-    "hc.tags" : [jvm, classloading] 
+    "hc.name" : "JMX LoadedClassCount attribute", 
+    "hc.tags" : [jvm, classloading, jmx] 
 }

Modified: 
sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.ScriptableHealthCheck-1.json
URL: 
http://svn.apache.org/viewvc/sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.ScriptableHealthCheck-1.json?rev=1511793&r1=1511792&r2=1511793&view=diff
==============================================================================
--- 
sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.ScriptableHealthCheck-1.json
 (original)
+++ 
sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.ScriptableHealthCheck-1.json
 Thu Aug  8 14:12:16 2013
@@ -1,7 +1,7 @@
 {
     "jcr:primaryType" : "sling:OsgiConfig",
     "expression" : "jmx.attribute('java.lang:type=ClassLoading', 
'LoadedClassCount') > 10 &&  jmx.attribute('java.lang:type=Runtime', 
'ManagementSpecVersion') > 1", 
-    "hc.name" : "Scripted example: check two JMX attributes", 
+    "hc.name" : "Check two JMX attributes", 
     "language.extension" : "ecma", 
     "hc.tags" : [jvm, script] 
 }

Modified: 
sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.ScriptableHealthCheck-2.json
URL: 
http://svn.apache.org/viewvc/sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.ScriptableHealthCheck-2.json?rev=1511793&r1=1511792&r2=1511793&view=diff
==============================================================================
--- 
sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.ScriptableHealthCheck-2.json
 (original)
+++ 
sling/branches/SLING-2987-healthcheck-redesign/sling-demo/src/main/resources/SLING-CONTENT/apps/hc/demo/install/org.apache.sling.hc.ScriptableHealthCheck-2.json
 Thu Aug  8 14:12:16 2013
@@ -1,7 +1,7 @@
 {
     "jcr:primaryType" : "sling:OsgiConfig",
     "expression" : "osgi.inactiveBundlesCount() == 0 ",
-    "hc.name" : "Scripted example: check inactive bundles", 
+    "hc.name" : "Check inactive bundles", 
     "language.extension" : "ecma", 
     "hc.tags" : [bundles, script] 
 }

svn commit: r1511793 - in /sling/branches/SLING-2987-healthcheck-redesign: hc-core/ hc-core/src/main/java/org/apache/sling/hc/impl/healthchecks/ hc-core/src/main/resources/OSGI-INF/metatype/ hc-core/src/test/java/org/apache/sling/hc/impl/ sling-demo/sr...

Reply via email to