risdenk commented on a change in pull request #61: KNOX-1793 -
DefaultKeystoreService should not validate the signing key on initialization
URL: https://github.com/apache/knox/pull/61#discussion_r260577327
##########
File path:
gateway-server/src/test/java/org/apache/knox/gateway/services/token/impl/DefaultTokenAuthorityServiceTest.java
##########
@@ -327,4 +327,215 @@ public void testTokenCreationCustomSigningKey() throws
Exception {
assertFalse(ta.verifyToken(token));
assertTrue(ta.verifyToken(token, customPublicKey));
}
+
+ @Test
+ public void testServiceStart() throws Exception {
+ /*
+ Generated testSigningKeyName.jks with the following commands:
+ cd gateway-server/src/test/resources/keystores/
+ keytool -genkey -alias testSigningKeyAlias -keyalg RSA -keystore
testSigningKeyName.jks \
+ -storepass testSigningKeyPassphrase -keypass testSigningKeyPassphrase
-keysize 2048 \
+ -dname 'CN=testSigningKey,OU=example,O=Apache,L=US,ST=CA,C=US'
-noprompt
+ */
+
+ String basedir = System.getProperty("basedir");
+ if (basedir == null) {
+ basedir = new File(".").getCanonicalPath();
+ }
+
+ GatewayConfig config = EasyMock.createMock(GatewayConfig.class);
+ EasyMock.expect(config.getGatewayKeystoreDir()).andReturn(basedir +
"/target/test-classes/keystores").atLeastOnce();
+ EasyMock.expect(config.getSigningKeystorePath()).andReturn(basedir +
"/target/test-classes/keystores/server-keystore.jks").atLeastOnce();
+
EasyMock.expect(config.getSigningKeystoreType()).andReturn("jks").atLeastOnce();
+
EasyMock.expect(config.getSigningKeystorePasswordAlias()).andReturn(GatewayConfig.DEFAULT_SIGNING_KEYSTORE_PASSWORD_ALIAS).anyTimes();
+
EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
+
+ MasterService ms = EasyMock.createMock(MasterService.class);
+
EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray()).atLeastOnce();
+
+ AliasService as = EasyMock.createMock(AliasService.class);
+
EasyMock.expect(as.getSigningKeyPassphrase()).andReturn("horton".toCharArray()).atLeastOnce();
+
+ EasyMock.replay(config, ms, as);
+
+ DefaultKeystoreService ks = new DefaultKeystoreService();
+ ks.setMasterService(ms);
+ ks.init(config, new HashMap<>());
+ ks.start();
+
+ DefaultTokenAuthorityService ta = new DefaultTokenAuthorityService();
+ ta.setAliasService(as);
+ ta.setKeystoreService(ks);
+ ta.init(config, new HashMap<>());
+ ta.start();
+
+ EasyMock.verify(config, ms, as);
Review comment:
Yea I guess thats true. I have experience with Apache Lucene/Solr where they
track leaking threads so try to keep an eye out for start/stop patterns.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
