pivotal-jbarrett commented on a change in pull request #7116:
URL: https://github.com/apache/geode/pull/7116#discussion_r756400566
##########
File path:
geode-core/src/main/java/org/apache/geode/internal/security/SecurityServiceFactory.java
##########
@@ -51,6 +53,11 @@ public static SecurityService create(Properties
securityProps, CacheConfig cache
public static SecurityService create(Properties securityProps,
SecurityManager preferredSecurityManager, PostProcessor
preferredPostProcessor) {
+ String securityServiceClassName =
System.getProperty(SECURITY_SERVICE_SYSTEM_PROPERTY);
Review comment:
Is this system property get in a hot path? System property access is
synchronized. This should probably be part of the static initializer for this
class rather than on a per-call basis. System properties should not be mutated
at runtime.
##########
File path:
geode-core/src/main/java/org/apache/geode/internal/security/SecurityServiceFactory.java
##########
@@ -51,6 +53,11 @@ public static SecurityService create(Properties
securityProps, CacheConfig cache
public static SecurityService create(Properties securityProps,
SecurityManager preferredSecurityManager, PostProcessor
preferredPostProcessor) {
+ String securityServiceClassName =
System.getProperty(SECURITY_SERVICE_SYSTEM_PROPERTY);
+ if (securityServiceClassName != null) {
Review comment:
If this is truly for testing purposes only please isolate this code in
its own method with some indicator in the name that it is an intended testing
only smell.
```java
final SecurityManager testOnlySecurityManager =
whateverThisMethodIsDoingForTesting();
if (null != testOnlySecurityManager) {
return testOnlySecurityManager;
}
```
Though I would seriously question why we need something like this in
production code? Perhaps there is a different way to write the tests that
doesn't require special test only code in production. Could a custom security
manager delegate be used that delegates to this testing only instance when
necessary?
##########
File path:
geode-core/src/distributedTest/java/org/apache/geode/security/SecurityManagerAvailabilityDUnitTest.java
##########
@@ -0,0 +1,132 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
contributor license
+ * agreements. See the NOTICE file distributed with this work for additional
information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache
License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express
+ * or implied. See the License for the specific language governing permissions
and limitations under
+ * the License.
+ *
+ */
+
+package org.apache.geode.security;
+
+
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_CLIENT_AUTH_INIT;
+import static
org.apache.geode.distributed.ConfigurationProperties.SECURITY_LOG_LEVEL;
+import static
org.apache.geode.internal.security.SecurityServiceFactory.SECURITY_SERVICE_SYSTEM_PROPERTY;
+import static
org.apache.geode.security.TestIntegratedSecurityService.FAIL_TIMES;
+import static org.assertj.core.api.Assertions.assertThat;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import org.apache.geode.cache.Region;
+import org.apache.geode.cache.RegionShortcut;
+import org.apache.geode.cache.client.ClientCache;
+import org.apache.geode.cache.client.ClientRegionShortcut;
+import org.apache.geode.internal.cache.InternalCache;
+import org.apache.geode.test.dunit.rules.ClientVM;
+import org.apache.geode.test.dunit.rules.ClusterStartupRule;
+import org.apache.geode.test.dunit.rules.MemberVM;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.apache.geode.test.junit.rules.VMProvider;
+
+@Category({SecurityTest.class})
+public class SecurityManagerAvailabilityDUnitTest {
+ @Rule
+ public ClusterStartupRule clusterStartupRule = new ClusterStartupRule();
+
+ private MemberVM server1;
+ private MemberVM server2;
+ private ClientVM clientVM;
+
+ @Before
+ public void setup() throws Exception {
+ MemberVM locatorVM =
+ clusterStartupRule.startLocatorVM(0,
+ l -> l.withSecurityManager(ExpirableSecurityManager.class)
+ .withProperty(SECURITY_LOG_LEVEL, "debug"));
+ int locatorPort = locatorVM.getPort();
+
+ server1 = clusterStartupRule.startServerVM(1,
+ s -> s.withSecurityManager(ExpirableSecurityManager.class)
+ .withProperty(SECURITY_LOG_LEVEL, "debug")
+ .withCredential("test", "test")
+ .withConnectionToLocator(locatorPort)
+ .withSystemProperty(SECURITY_SERVICE_SYSTEM_PROPERTY,
+ TestIntegratedSecurityService.class.getName()));
+ server2 = clusterStartupRule.startServerVM(2,
+ s -> s.withSecurityManager(ExpirableSecurityManager.class)
Review comment:
On the surface this looks like duplicate code from lines 65-70. Perhaps
assign the lambda to a local variable and use in both places rather than
duplicate.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
