[
https://issues.apache.org/jira/browse/GEODE-3951?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16251484#comment-16251484
]
ASF GitHub Bot commented on GEODE-3951:
---------------------------------------
jdeppe-pivotal closed pull request #1041: GEODE-3951: PULSE Logout exception
when using the defaults.
URL: https://github.com/apache/geode/pull/1041
This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:
As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):
diff --git
a/geode-pulse/src/main/java/org/apache/geode/tools/pulse/internal/security/LogoutHandler.java
b/geode-pulse/src/main/java/org/apache/geode/tools/pulse/internal/security/LogoutHandler.java
index 5fec88eb98..a1fa3ce6f5 100644
---
a/geode-pulse/src/main/java/org/apache/geode/tools/pulse/internal/security/LogoutHandler.java
+++
b/geode-pulse/src/main/java/org/apache/geode/tools/pulse/internal/security/LogoutHandler.java
@@ -41,13 +41,12 @@ public LogoutHandler(String defaultTargetURL) {
public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse
response,
Authentication authentication) throws IOException, ServletException {
- logger.debug("Invoked #LogoutHandler ...");
- GemFireAuthentication gemauthentication = (GemFireAuthentication)
authentication;
- if (gemauthentication != null) {
- Repository.get().logoutUser(gemauthentication.getName());
- logger.info("#LogoutHandler : Closing GemFireAuthentication JMX
Connection...");
+
+ if (authentication != null) {
+ Repository.get().logoutUser(authentication.getName());
+ logger.info("#LogoutHandler: GemFireAuthentication JMX Connection
Closed.");
}
+
super.onLogoutSuccess(request, response, authentication);
}
-
}
diff --git
a/geode-pulse/src/test/java/org/apache/geode/tools/pulse/internal/security/LogoutHandlerUnitTest.java
b/geode-pulse/src/test/java/org/apache/geode/tools/pulse/internal/security/LogoutHandlerUnitTest.java
new file mode 100644
index 0000000000..b1b4a800d6
--- /dev/null
+++
b/geode-pulse/src/test/java/org/apache/geode/tools/pulse/internal/security/LogoutHandlerUnitTest.java
@@ -0,0 +1,103 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
contributor license
+ * agreements. See the NOTICE file distributed with this work for additional
information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache
License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express
+ * or implied. See the License for the specific language governing permissions
and limitations under
+ * the License.
+ */
+package org.apache.geode.tools.pulse.internal.security;
+
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Mockito.doReturn;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+import static org.powermock.api.mockito.PowerMockito.spy;
+import static org.powermock.api.mockito.PowerMockito.when;
+
+import java.util.Arrays;
+import java.util.Collection;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+import org.mockito.Mockito;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.powermock.modules.junit4.PowerMockRunner;
+import org.powermock.modules.junit4.PowerMockRunnerDelegate;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.security.core.Authentication;
+
+import org.apache.geode.test.junit.categories.UnitTest;
+import org.apache.geode.tools.pulse.internal.data.Cluster;
+import org.apache.geode.tools.pulse.internal.data.Repository;
+
+@Category(UnitTest.class)
+@RunWith(PowerMockRunner.class)
+@PrepareForTest(Repository.class)
+@PowerMockRunnerDelegate(Parameterized.class)
+@PowerMockIgnore({"javax.management.*", "javax.security.*", "*.UnitTest"})
+public class LogoutHandlerUnitTest {
+ private Repository repository;
+ private LogoutHandler handler;
+ private static String mockUser = "admin";
+
+ @Parameterized.Parameter
+ public static Authentication authentication;
+
+ @Parameterized.Parameters(name = "{0}")
+ public static Collection<Authentication> authentications() throws Exception {
+ Authentication defaultAuthentication = mock(Authentication.class, "Default
Authentication");
+ when(defaultAuthentication.getName()).thenReturn(mockUser);
+
+ GemFireAuthentication gemfireAuthentication =
+ mock(GemFireAuthentication.class, "GemFire Authentication");
+ when(gemfireAuthentication.getName()).thenReturn(mockUser);
+
+ return Arrays.asList(new Authentication[] {defaultAuthentication,
gemfireAuthentication});
+ }
+
+ @Before
+ public void setup() throws Exception {
+ Cluster cluster = Mockito.spy(Cluster.class);
+ repository = Mockito.spy(Repository.class);
+ spy(Repository.class);
+ when(Repository.class, "get").thenReturn(repository);
+ doReturn(cluster).when(repository).getCluster();
+ handler = new LogoutHandler("/defaultTargetUrl");
+ }
+
+ @Test
+ public void testNullAuthentication() throws Exception {
+ MockHttpServletRequest request = new MockHttpServletRequest();
+ MockHttpServletResponse response = new MockHttpServletResponse();
+
+ handler.onLogoutSuccess(request, response, null);
+
+ assertThat(response.getStatus()).isEqualTo(302);
+ assertThat(response.getHeader("Location")).isEqualTo("/defaultTargetUrl");
+ }
+
+ @Test
+ public void testNotNullAuthentication() throws Exception {
+ MockHttpServletRequest request = new MockHttpServletRequest();
+ MockHttpServletResponse response = new MockHttpServletResponse();
+
+ handler.onLogoutSuccess(request, response, authentication);
+
+ assertThat(response.getStatus()).isEqualTo(302);
+ assertThat(response.getHeader("Location")).isEqualTo("/defaultTargetUrl");
+ verify(repository, Mockito.times(1)).logoutUser(mockUser);
+ }
+}
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
> ClassCastException in PULSE Logout - Default Configurations
> -----------------------------------------------------------
>
> Key: GEODE-3951
> URL: https://issues.apache.org/jira/browse/GEODE-3951
> Project: Geode
> Issue Type: Bug
> Components: pulse
> Reporter: Juan José Ramos Cassella
> Assignee: Juan José Ramos Cassella
> Priority: Trivial
>
> The issue is 100% reproducible (latest {{develop}} branch) when using PULSE
> in embedded mode and the default configurations, *the integrated security
> feature must not be enabled*.
> Steps to reproduce:
> {noformat}
> 1. Start locator: gfsh start locator --name=locator1.
> 2. Open Pulse: gfsh start pulse.
> 3. Login into pulse application.
> 4. Click on the logout button.
> {noformat}
> At this stage, the following exception will be shown:
> {code}
> HTTP ERROR 500
> Problem accessing /pulse/clusterLogout. Reason:
> Server Error
> Caused by:
> java.lang.ClassCastException:
> org.springframework.security.authentication.UsernamePasswordAuthenticationToken
> cannot be cast to
> org.apache.geode.tools.pulse.internal.security.GemFireAuthentication
> at
> org.apache.geode.tools.pulse.internal.security.LogoutHandler.onLogoutSuccess(LogoutHandler.java:43)
> at
> org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:111)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> at
> org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> at
> org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> at
> org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
> at
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> at
> org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214)
> at
> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)
> at
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
> at
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
> at
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
> at
> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
> at
> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
> at
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180)
> at
> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511)
> at
> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
> at
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
> at
> org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:119)
> at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
> at org.eclipse.jetty.server.Server.handle(Server.java:524)
> at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:319)
> at
> org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:253)
> at
> org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:273)
> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
> at
> org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)
> at
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303)
> at
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148)
> at
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589)
> at java.lang.Thread.run(Thread.java:745)
> {code}
> The problem is within the {{LogoutHandler}} class, it's always trying to get
> an instance of {{GemFireAuthentication}} through downcasting, but the
> {{Authentication}} object is an instance of {{GemFireAuthentication}} *only*
> when the Integrated Security feature is used. This means that the
> {{LogoutHandler}} will only be successful when the profile
> {{pulse.authentication.gemfire}} is active and the
> {{GemFireAuthenticationProvider}} is in charge. In the default case scenario,
> on the other hand, the {{Authentication}} object is populated by the default
> classes from {{spring-security}} and, thus, the exception is thrown.
> The fix should be quick and without major impact, anyway: the filter actually
> doesn't need to downcast to {{GemFireAuthentication}} since there's nothing
> extra on that object that needs to be used by the handler, it just needs to
> use the instance of {{Authentication}} as follows:
> {code:java;title=LogoutHandler.java}
> public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse
> response, Authentication authentication) throws IOException, ServletException
> {
> logger.debug("Invoked #LogoutHandler ...");
> if (authentication != null) {
> Repository.get().logoutUser(authentication.getName());
> logger.info("#LogoutHandler : Closing GemFireAuthentication JMX
> Connection...");
> }
> super.onLogoutSuccess(request, response, authentication);
> }
> {code}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
