Repository: incubator-geode Updated Branches: refs/heads/develop 65f35581b -> 45ecd4cb1
GEODE-1648: revert commits related to security-enabled-components. * revert this if we want to pull this back in. Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/45ecd4cb Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/45ecd4cb Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/45ecd4cb Branch: refs/heads/develop Commit: 45ecd4cb1f52bb151d7bd003ccb28308bf40b289 Parents: 65f3558 Author: Jinmei Liao <jil...@pivotal.io> Authored: Thu Sep 15 13:39:27 2016 -0700 Committer: Jinmei Liao <jil...@pivotal.io> Committed: Thu Sep 15 15:00:41 2016 -0700 ---------------------------------------------------------------------- .../client/internal/ConnectionFactoryImpl.java | 11 +- .../distributed/ConfigurationProperties.java | 16 -- .../internal/AbstractDistributionConfig.java | 26 --- .../internal/DistributionConfig.java | 29 ---- .../internal/DistributionConfigImpl.java | 20 --- .../membership/gms/auth/GMSAuthenticator.java | 2 +- .../membership/gms/fd/GMSHealthMonitor.java | 1 - .../internal/tcpserver/TcpClient.java | 1 - .../internal/tcpserver/TcpServer.java | 1 - .../apache/geode/internal/admin/SSLConfig.java | 1 - .../cache/tier/sockets/AcceptorImpl.java | 4 +- .../geode/internal/net/SocketCreator.java | 1 - .../security/IntegratedSecurityService.java | 145 ++--------------- .../internal/security/SecurableComponent.java | 55 ------- .../internal/security/SecurityService.java | 73 +++++++-- .../apache/geode/internal/tcp/TCPConduit.java | 1 - .../geode/management/GemFireProperties.java | 1 - .../management/internal/ManagementAgent.java | 13 +- .../geode/security/SecurableComponents.java | 62 ------- .../CacheServerSSLConnectionDUnitTest.java | 7 +- .../LocatorLauncherRemoteIntegrationTest.java | 29 ++-- .../ServerLauncherRemoteIntegrationTest.java | 34 ++-- .../AbstractDistributionConfigTest.java | 78 --------- .../internal/DistributionConfigJUnitTest.java | 89 +--------- .../security/IntegratedSecurityServiceTest.java | 163 ++----------------- .../security/SecurityConfigIntegrationTest.java | 57 ------- .../ConnectToLocatorSSLDUnitTest.java | 1 - .../geode/management/JMXMBeanDUnitTest.java | 1 - ...edSecurityCacheLifecycleDistributedTest.java | 14 +- .../geode/codeAnalysis/excludedClasses.txt | 1 - 30 files changed, 153 insertions(+), 784 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/cache/client/internal/ConnectionFactoryImpl.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/cache/client/internal/ConnectionFactoryImpl.java b/geode-core/src/main/java/org/apache/geode/cache/client/internal/ConnectionFactoryImpl.java index b6460eb..92b3dae 100644 --- a/geode-core/src/main/java/org/apache/geode/cache/client/internal/ConnectionFactoryImpl.java +++ b/geode-core/src/main/java/org/apache/geode/cache/client/internal/ConnectionFactoryImpl.java @@ -16,6 +16,10 @@ */ package org.apache.geode.cache.client.internal; +import java.util.HashSet; +import java.util.Set; +import java.util.concurrent.ScheduledExecutorService; + import org.apache.geode.CancelCriterion; import org.apache.geode.CancelException; import org.apache.geode.cache.GatewayConfigurationException; @@ -24,7 +28,6 @@ import org.apache.geode.cache.client.internal.ServerBlackList.FailureTracker; import org.apache.geode.cache.wan.GatewaySender; import org.apache.geode.distributed.internal.InternalDistributedSystem; import org.apache.geode.distributed.internal.ServerLocation; -import org.apache.geode.internal.net.SocketCreator; import org.apache.geode.internal.cache.tier.Acceptor; import org.apache.geode.internal.cache.tier.sockets.CacheClientUpdater; import org.apache.geode.internal.cache.tier.sockets.ClientProxyMembershipID; @@ -32,16 +35,12 @@ import org.apache.geode.internal.cache.tier.sockets.HandShake; import org.apache.geode.internal.i18n.LocalizedStrings; import org.apache.geode.internal.logging.LogService; import org.apache.geode.internal.logging.log4j.LocalizedMessage; +import org.apache.geode.internal.net.SocketCreator; import org.apache.geode.internal.net.SocketCreatorFactory; import org.apache.geode.internal.security.SecurableCommunicationChannel; -import org.apache.geode.internal.security.SecurableComponent; import org.apache.geode.security.GemFireSecurityException; import org.apache.logging.log4j.Logger; -import java.util.HashSet; -import java.util.Set; -import java.util.concurrent.ScheduledExecutorService; - /** * Creates connections, using a connection source to determine * which server to connect to. http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java b/geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java index d2dd371..66b1472 100644 --- a/geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java +++ b/geode-core/src/main/java/org/apache/geode/distributed/ConfigurationProperties.java @@ -1347,22 +1347,6 @@ public interface ConfigurationProperties { */ String SECURITY_PEER_VERIFY_MEMBER_TIMEOUT = SECURITY_PREFIX + "peer-verifymember-timeout"; /** - * The static String definition of the <i>"security-enabled-components"</i> property - * <a name="security-enabled-components"/> - * <p> - * <u>Description</u>: This setting is a comma delimited list of - * {@link org.apache.geode.security.SecurableComponents} specifying which components will be secured - * by a {@link #SECURITY_MANAGER}. - * <p> - * This property has no effect unless a {@link #SECURITY_MANAGER} is - * specified. - * <p> - * <u>Options</u>: "all","server","cluster","gateway","http","jmx" - * <p> - * <u>Since</u>: Geode 1.0 - */ - String SECURITY_ENABLED_COMPONENTS = SECURITY_PREFIX + "enabled-components"; - /** * The static String definition of the <i>"server-bind-address"</i> property * <a name="server-bind-address"/a><p> * <U>Description</U>: The IP address that this distributed system's http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/distributed/internal/AbstractDistributionConfig.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/distributed/internal/AbstractDistributionConfig.java b/geode-core/src/main/java/org/apache/geode/distributed/internal/AbstractDistributionConfig.java index 727c5ab..31fa4f6 100644 --- a/geode-core/src/main/java/org/apache/geode/distributed/internal/AbstractDistributionConfig.java +++ b/geode-core/src/main/java/org/apache/geode/distributed/internal/AbstractDistributionConfig.java @@ -42,7 +42,6 @@ import org.apache.geode.internal.i18n.LocalizedStrings; import org.apache.geode.internal.logging.LogWriterImpl; import org.apache.geode.internal.net.SocketCreator; import org.apache.geode.internal.security.SecurableCommunicationChannel; -import org.apache.geode.internal.security.SecurableComponent; import org.apache.geode.memcached.GemFireMemcachedServer; /** @@ -496,29 +495,6 @@ public abstract class AbstractDistributionConfig extends AbstractConfig implemen return value; } - /** - * First check if sslComponents are in the list of valid components. If so, check that no other *-ssl-* properties other than cluster-ssl-* are set. - * This would mean one is mixing the "old" with the "new" - */ - @ConfigAttributeChecker(name = SECURITY_ENABLED_COMPONENTS) - protected String checkSecurityEnabledComponents(String value) { - // value with no commas - // empty value - // null - if (StringUtils.isEmpty(value) || SecurableComponent.NONE.name().equalsIgnoreCase(value)) { - return value; - } - if (!value.contains(",")) { - SecurableComponent.getEnum(value); - return value; - } - StringTokenizer stringTokenizer = new StringTokenizer(value, ","); - while (stringTokenizer.hasMoreTokens()) { - SecurableComponent.getEnum(stringTokenizer.nextToken()); - } - return value; - } - // AbstractConfig overriding methods @Override @@ -974,8 +950,6 @@ public abstract class AbstractDistributionConfig extends AbstractConfig implemen m.put(SECURITY_MANAGER, "User defined fully qualified class name implementing SecurityManager interface for integrated security. Defaults to \"{0}\". Legal values can be any \"class name\" implementing SecurityManager that is present in the classpath."); m.put(SECURITY_POST_PROCESSOR, "User defined fully qualified class name implementing PostProcessor interface for integrated security. Defaults to \"{0}\". Legal values can be any \"class name\" implementing PostProcessor that is present in the classpath."); - m.put(SECURITY_ENABLED_COMPONENTS, "A comma delimited list of components that should be secured"); - m.put(SSL_ENABLED_COMPONENTS, "A comma delimited list of components that require SSL communications"); m.put(SSL_CIPHERS, "List of available SSL cipher suites that are to be enabled. Defaults to \"" + DEFAULT_SSL_CIPHERS + "\" meaning your provider''s defaults."); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/distributed/internal/DistributionConfig.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/distributed/internal/DistributionConfig.java b/geode-core/src/main/java/org/apache/geode/distributed/internal/DistributionConfig.java index 692c2b9..9da08da 100644 --- a/geode-core/src/main/java/org/apache/geode/distributed/internal/DistributionConfig.java +++ b/geode-core/src/main/java/org/apache/geode/distributed/internal/DistributionConfig.java @@ -4595,35 +4595,6 @@ public interface DistributionConfig extends Config, LogConfig { */ boolean DEFAULT_SSL_HTTP_SERVICE_REQUIRE_AUTHENTICATION = false; - /** - * Returns the value of the {@link ConfigurationProperties#SECURITY_ENABLED_COMPONENTS} - * property. - * @since Geode 1.0 - */ - @ConfigAttributeGetter(name = SECURITY_ENABLED_COMPONENTS) - String getSecurityEnabledComponents(); - - /** - * Sets the value of the {@link ConfigurationProperties#SECURITY_ENABLED_COMPONENTS} - * property. - * @since Geode 1.0 - */ - @ConfigAttributeSetter(name = SECURITY_ENABLED_COMPONENTS) - void setSecurityEnabledComponents(String securityEnabledComponents); - - /** - * The name of the {@link ConfigurationProperties#SECURITY_ENABLED_COMPONENTS} property - * @since Geode 1.0 - */ - @ConfigAttribute(type = String.class) - String SECURITY_ENABLED_COMPONENTS_NAME = SECURITY_ENABLED_COMPONENTS; - - /** - * The default ssl enabled components - * @since Geode 1.0 - */ - String DEFAULT_SECURITY_ENABLED_COMPONENTS = "all"; - //*************** Initializers to gather all the annotations in this class ************************ Map<String, ConfigAttribute> attributes = new HashMap<>(); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/distributed/internal/DistributionConfigImpl.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/distributed/internal/DistributionConfigImpl.java b/geode-core/src/main/java/org/apache/geode/distributed/internal/DistributionConfigImpl.java index 5a3ec27..4d3d751 100644 --- a/geode-core/src/main/java/org/apache/geode/distributed/internal/DistributionConfigImpl.java +++ b/geode-core/src/main/java/org/apache/geode/distributed/internal/DistributionConfigImpl.java @@ -38,7 +38,6 @@ import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.builder.EqualsBuilder; import org.apache.commons.lang.builder.HashCodeBuilder; import org.apache.geode.redis.GeodeRedisServer; -import org.apache.geode.security.SecurableComponents; import org.apache.geode.GemFireConfigException; import org.apache.geode.GemFireIOException; @@ -50,7 +49,6 @@ import org.apache.geode.internal.i18n.LocalizedStrings; import org.apache.geode.internal.net.SocketCreator; import org.apache.geode.internal.process.ProcessLauncherContext; import org.apache.geode.internal.security.SecurableCommunicationChannel; -import org.apache.geode.internal.security.SecurableComponent; import org.apache.geode.memcached.GemFireMemcachedServer; /** @@ -574,8 +572,6 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement protected String userCommandPackages = DEFAULT_USER_COMMAND_PACKAGES; - private String securityEnabledComponents = DEFAULT_SECURITY_ENABLED_COMPONENTS; - /** * "off-heap-memory-size" with value of "" or "<size>[g|m]" */ @@ -767,7 +763,6 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement this.securityManager = other.getSecurityManager(); this.postProcessor = other.getPostProcessor(); - this.securityEnabledComponents = ((DistributionConfigImpl) other).securityEnabledComponents; this.clusterSSLAlias = other.getClusterSSLAlias(); this.gatewaySSLAlias = other.getGatewaySSLAlias(); this.httpServiceSSLAlias = other.getHTTPServiceSSLAlias(); @@ -2193,9 +2188,6 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement } public Properties getSecurityProps() { - if (security.containsKey(SECURITY_MANAGER) && !security.containsKey(SECURITY_ENABLED_COMPONENTS)) { - security.setProperty(SECURITY_ENABLED_COMPONENTS, SecurableComponents.ALL); - } return security; } @@ -2514,16 +2506,6 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement } @Override - public String getSecurityEnabledComponents() { - return securityEnabledComponents; - } - - @Override - public void setSecurityEnabledComponents(final String securityEnabledComponents) { - this.securityEnabledComponents = securityEnabledComponents; - } - - @Override public String getClusterSSLAlias() { return clusterSSLAlias; } @@ -2880,7 +2862,6 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement .append(sslDefaultAlias, that.sslDefaultAlias) .append(sourceMap, that.sourceMap) .append(userCommandPackages, that.userCommandPackages) - .append(securityEnabledComponents, that.securityEnabledComponents) .append(offHeapMemorySize, that.offHeapMemorySize) .append(shiroInit, that.shiroInit) .isEquals(); @@ -3056,7 +3037,6 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement .append(sslDefaultAlias) .append(sourceMap) .append(userCommandPackages) - .append(securityEnabledComponents) .append(offHeapMemorySize) .append(lockMemory) .append(shiroInit) http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/auth/GMSAuthenticator.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/auth/GMSAuthenticator.java b/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/auth/GMSAuthenticator.java index a448d8c..3f030c9 100755 --- a/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/auth/GMSAuthenticator.java +++ b/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/auth/GMSAuthenticator.java @@ -106,7 +106,7 @@ public class GMSAuthenticator implements Authenticator { * Method is package protected to be used in testing. */ String authenticate(DistributedMember member, Properties credentials, Properties secProps, DistributedMember localMember) throws AuthenticationFailedException { - if (!this.securityService.isPeerSecurityRequired()) { + if (!securityService.isPeerSecurityRequired()) { return null; } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/fd/GMSHealthMonitor.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/fd/GMSHealthMonitor.java b/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/fd/GMSHealthMonitor.java index 5717c30..aafb498 100644 --- a/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/fd/GMSHealthMonitor.java +++ b/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/fd/GMSHealthMonitor.java @@ -66,7 +66,6 @@ import org.apache.geode.internal.ConnectionWatcher; import org.apache.geode.internal.Version; import org.apache.geode.internal.net.SocketCreatorFactory; import org.apache.geode.internal.security.SecurableCommunicationChannel; -import org.apache.geode.internal.security.SecurableComponent; /** * Failure Detection http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/distributed/internal/tcpserver/TcpClient.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/distributed/internal/tcpserver/TcpClient.java b/geode-core/src/main/java/org/apache/geode/distributed/internal/tcpserver/TcpClient.java index 495a85b..def631f 100644 --- a/geode-core/src/main/java/org/apache/geode/distributed/internal/tcpserver/TcpClient.java +++ b/geode-core/src/main/java/org/apache/geode/distributed/internal/tcpserver/TcpClient.java @@ -41,7 +41,6 @@ import org.apache.geode.internal.logging.LogService; import org.apache.geode.internal.net.SocketCreator; import org.apache.geode.internal.net.SocketCreatorFactory; import org.apache.geode.internal.security.SecurableCommunicationChannel; -import org.apache.geode.internal.security.SecurableComponent; /** * <p>Client for the TcpServer component of the Locator. http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/distributed/internal/tcpserver/TcpServer.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/distributed/internal/tcpserver/TcpServer.java b/geode-core/src/main/java/org/apache/geode/distributed/internal/tcpserver/TcpServer.java index bd6a8f8..3c07771 100755 --- a/geode-core/src/main/java/org/apache/geode/distributed/internal/tcpserver/TcpServer.java +++ b/geode-core/src/main/java/org/apache/geode/distributed/internal/tcpserver/TcpServer.java @@ -61,7 +61,6 @@ import org.apache.geode.internal.logging.LogService; import org.apache.geode.internal.net.SocketCreator; import org.apache.geode.internal.net.SocketCreatorFactory; import org.apache.geode.internal.security.SecurableCommunicationChannel; -import org.apache.geode.internal.security.SecurableComponent; /** * TCP server which listens on a port and delegates requests to a request http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/internal/admin/SSLConfig.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/admin/SSLConfig.java b/geode-core/src/main/java/org/apache/geode/internal/admin/SSLConfig.java index 4b96d55..6f0c52f 100755 --- a/geode-core/src/main/java/org/apache/geode/internal/admin/SSLConfig.java +++ b/geode-core/src/main/java/org/apache/geode/internal/admin/SSLConfig.java @@ -23,7 +23,6 @@ import java.util.Properties; import org.apache.geode.distributed.internal.DistributionConfig; import org.apache.geode.internal.security.SecurableCommunicationChannel; -import org.apache.geode.internal.security.SecurableComponent; import org.apache.geode.management.internal.SSLUtil; /** http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/AcceptorImpl.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/AcceptorImpl.java b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/AcceptorImpl.java index 5bddfa5..74fca50 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/AcceptorImpl.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/AcceptorImpl.java @@ -87,7 +87,6 @@ import org.apache.geode.internal.logging.LoggingThreadGroup; import org.apache.geode.internal.logging.log4j.LocalizedMessage; import org.apache.geode.internal.security.IntegratedSecurityService; import org.apache.geode.internal.security.SecurableCommunicationChannel; -import org.apache.geode.internal.security.SecurableComponent; import org.apache.geode.internal.security.SecurityService; import org.apache.geode.internal.net.SocketCreatorFactory; import org.apache.geode.internal.tcp.ConnectionTable; @@ -630,8 +629,7 @@ public class AcceptorImpl extends Acceptor implements Runnable this.hsPool = tmp_hsPool; } - isAuthenticationRequired = (this.isGatewayReceiver && this.securityService.isGatewaySecurityRequired()) || - (! this.isGatewayReceiver && this.securityService.isClientSecurityRequired()); + isAuthenticationRequired = this.securityService.isClientSecurityRequired(); isIntegratedSecurity = this.securityService.isIntegratedSecurity(); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/internal/net/SocketCreator.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/net/SocketCreator.java b/geode-core/src/main/java/org/apache/geode/internal/net/SocketCreator.java index c6ad9ce..bc1e896 100755 --- a/geode-core/src/main/java/org/apache/geode/internal/net/SocketCreator.java +++ b/geode-core/src/main/java/org/apache/geode/internal/net/SocketCreator.java @@ -97,7 +97,6 @@ import org.apache.geode.internal.i18n.LocalizedStrings; import org.apache.geode.internal.logging.LogService; import org.apache.geode.internal.logging.log4j.LocalizedMessage; import org.apache.geode.internal.security.SecurableCommunicationChannel; -import org.apache.geode.internal.security.SecurableComponent; import org.apache.geode.internal.util.PasswordUtil; /** http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java b/geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java index a328acb..a515de5 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java +++ b/geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java @@ -20,7 +20,6 @@ import static org.apache.geode.distributed.ConfigurationProperties.*; import java.io.IOException; import java.io.Serializable; -import java.lang.reflect.Method; import java.security.AccessController; import java.util.Properties; import java.util.Set; @@ -28,11 +27,22 @@ import java.util.concurrent.Callable; import org.apache.commons.lang.SerializationException; import org.apache.commons.lang.StringUtils; +import org.apache.geode.GemFireIOException; +import org.apache.geode.internal.cache.EntryEventImpl; +import org.apache.geode.internal.logging.LogService; +import org.apache.geode.internal.security.shiro.CustomAuthRealm; +import org.apache.geode.internal.security.shiro.GeodeAuthenticationToken; +import org.apache.geode.internal.security.shiro.ShiroPrincipal; +import org.apache.geode.internal.util.BlobHelper; +import org.apache.geode.management.internal.security.ResourceConstants; +import org.apache.geode.management.internal.security.ResourceOperation; +import org.apache.geode.security.AuthenticationFailedException; +import org.apache.geode.security.GemFireSecurityException; +import org.apache.geode.security.NotAuthorizedException; import org.apache.geode.security.PostProcessor; import org.apache.geode.security.ResourcePermission; import org.apache.geode.security.ResourcePermission.Operation; import org.apache.geode.security.ResourcePermission.Resource; -import org.apache.geode.security.SecurableComponents; import org.apache.geode.security.SecurityManager; import org.apache.logging.log4j.Logger; import org.apache.shiro.SecurityUtils; @@ -46,21 +56,6 @@ import org.apache.shiro.subject.support.SubjectThreadState; import org.apache.shiro.util.ThreadContext; import org.apache.shiro.util.ThreadState; -import org.apache.geode.GemFireIOException; -import org.apache.geode.distributed.internal.DistributionConfig; -import org.apache.geode.internal.ClassLoadUtil; -import org.apache.geode.internal.cache.EntryEventImpl; -import org.apache.geode.internal.logging.LogService; -import org.apache.geode.internal.security.shiro.CustomAuthRealm; -import org.apache.geode.internal.security.shiro.GeodeAuthenticationToken; -import org.apache.geode.internal.security.shiro.ShiroPrincipal; -import org.apache.geode.internal.util.BlobHelper; -import org.apache.geode.management.internal.security.ResourceConstants; -import org.apache.geode.management.internal.security.ResourceOperation; -import org.apache.geode.security.AuthenticationFailedException; -import org.apache.geode.security.GemFireSecurityException; -import org.apache.geode.security.NotAuthorizedException; - public class IntegratedSecurityService implements SecurityService{ private static Logger logger = LogService.getLogger(LogService.SECURITY_LOGGER_NAME); @@ -82,12 +77,6 @@ public class IntegratedSecurityService implements SecurityService{ private boolean isClientAuthenticator; // is there a SECURITY_CLIENT_AUTHENTICATOR private boolean isPeerAuthenticator; // is there a SECURITY_PEER_AUTHENTICATOR - private boolean isJmxSecurityRequired; - private boolean isHttpSecurityRequired; - private boolean isGatewaySecurityRequired; - private boolean isClusterSecurityRequired; - private boolean isServerSecurityRequired; - /** * It first looks the shiro subject in AccessControlContext since JMX will * use multiple threads to process operations from the same client, then it @@ -322,17 +311,6 @@ public class IntegratedSecurityService implements SecurityService{ return; } - String enabledComponentsString = securityProps.getProperty(SECURITY_ENABLED_COMPONENTS); - if (enabledComponentsString == null) { - enabledComponentsString = DistributionConfig.DEFAULT_SECURITY_ENABLED_COMPONENTS; - } - - boolean isClusterSecured = enabledComponentsString.contains(SecurableComponents.ALL) || enabledComponentsString.contains(SecurableComponents.CLUSTER); - boolean isGatewaySecured = enabledComponentsString.contains(SecurableComponents.ALL) || enabledComponentsString.contains(SecurableComponents.GATEWAY); - boolean isHttpSecured = enabledComponentsString.contains(SecurableComponents.ALL) || enabledComponentsString.contains(SecurableComponents.HTTP_SERVICE); - boolean isJmxSecured = enabledComponentsString.contains(SecurableComponents.ALL) || enabledComponentsString.contains(SecurableComponents.JMX); - boolean isServerSecured = enabledComponentsString.contains(SecurableComponents.ALL) || enabledComponentsString.contains(SecurableComponents.SERVER); - String shiroConfig = securityProps.getProperty(SECURITY_SHIRO_INIT); String securityConfig = securityProps.getProperty(SECURITY_MANAGER); String clientAuthenticatorConfig = securityProps.getProperty(SECURITY_CLIENT_AUTHENTICATOR); @@ -354,7 +332,7 @@ public class IntegratedSecurityService implements SecurityService{ } // only set up shiro realm if user has implemented SecurityManager else if (!StringUtils.isBlank(securityConfig)) { - securityManager = getObjectOfTypeFromClassName(securityConfig, SecurityManager.class); + securityManager = SecurityService.getObjectOfTypeFromClassName(securityConfig, SecurityManager.class); securityManager.init(securityProps); Realm realm = new CustomAuthRealm(securityManager); org.apache.shiro.mgt.SecurityManager shiroManager = new DefaultSecurityManager(realm); @@ -373,17 +351,10 @@ public class IntegratedSecurityService implements SecurityService{ isPeerAuthenticator = false; } - isServerSecurityRequired = isClientAuthenticator || (isIntegratedSecurity && isServerSecured); - isClusterSecurityRequired = isPeerAuthenticator || (isIntegratedSecurity && isClusterSecured); - - isGatewaySecurityRequired = isClientAuthenticator || (isIntegratedSecurity && isGatewaySecured); - isHttpSecurityRequired = isIntegratedSecurity && isHttpSecured; - isJmxSecurityRequired = isIntegratedSecurity && isJmxSecured; - // this initializes the post processor String customPostProcessor = securityProps.getProperty(SECURITY_POST_PROCESSOR); if( !StringUtils.isBlank(customPostProcessor)) { - postProcessor = getObjectOfTypeFromClassName(customPostProcessor, PostProcessor.class); + postProcessor = SecurityService.getObjectOfTypeFromClassName(customPostProcessor, PostProcessor.class); postProcessor.init(securityProps); } else{ @@ -453,74 +424,6 @@ public class IntegratedSecurityService implements SecurityService{ return newValue; } - private static void checkSameClass(Object obj1, Object obj2){ - - } - - /** - * this method would never return null, it either throws an exception or - * returns an object - */ - public static <T> T getObjectOfTypeFromClassName(String className, Class<T> expectedClazz) { - Class actualClass = null; - try { - actualClass = ClassLoadUtil.classFromName(className); - } - catch (Exception ex) { - throw new GemFireSecurityException("Instance could not be obtained, "+ex.toString(), ex); - } - - if(!expectedClazz.isAssignableFrom(actualClass)){ - throw new GemFireSecurityException("Instance could not be obtained. Expecting a "+expectedClazz.getName()+" class."); - } - - T actualObject = null; - try { - actualObject = (T)actualClass.newInstance(); - } catch (Exception e) { - throw new GemFireSecurityException("Instance could not be obtained. Error instantiating "+actualClass.getName(), e); - } - return actualObject; - } - - /** - * this method would never return null, it either throws an exception or - * returns an object - */ - public static <T> T getObjectOfTypeFromFactoryMethod(String factoryMethodName, Class<T> expectedClazz){ - T actualObject = null; - try { - Method factoryMethod = ClassLoadUtil.methodFromName(factoryMethodName); - actualObject = (T)factoryMethod.invoke(null, (Object[])null); - } catch (Exception e) { - throw new GemFireSecurityException("Instance could not be obtained from "+factoryMethodName, e); - } - - if(actualObject == null){ - throw new GemFireSecurityException("Instance could not be obtained from "+factoryMethodName); - } - - return actualObject; - } - - /** - * this method would never return null, it either throws an exception or - * returns an object - * - * @return an object of type expectedClazz. This method would never return - * null. It either returns an non-null object or throws exception. - */ - public static <T> T getObjectOfType(String classOrMethod, Class<T> expectedClazz) { - T object = null; - try{ - object = getObjectOfTypeFromClassName(classOrMethod, expectedClazz); - } - catch (Exception e){ - object = getObjectOfTypeFromFactoryMethod(classOrMethod, expectedClazz); - } - return object; - } - public SecurityManager getSecurityManager(){ return securityManager; } @@ -533,23 +436,11 @@ public class IntegratedSecurityService implements SecurityService{ return isIntegratedSecurity; } - public boolean isClientSecurityRequired() { // TODO: rename as isServerSecurityRequired - return isServerSecurityRequired; - } - - public boolean isPeerSecurityRequired() { // TODO: rename as isClusterSecurityRequired - return isClusterSecurityRequired; - } - - public boolean isJmxSecurityRequired() { - return isJmxSecurityRequired; - } - - public boolean isGatewaySecurityRequired() { - return isGatewaySecurityRequired; + public boolean isClientSecurityRequired() { + return isClientAuthenticator || isIntegratedSecurity; } - public boolean isHttpSecurityRequired() { - return isHttpSecurityRequired; + public boolean isPeerSecurityRequired() { + return isPeerAuthenticator || isIntegratedSecurity; } } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/internal/security/SecurableComponent.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/security/SecurableComponent.java b/geode-core/src/main/java/org/apache/geode/internal/security/SecurableComponent.java deleted file mode 100644 index 1eac87c..0000000 --- a/geode-core/src/main/java/org/apache/geode/internal/security/SecurableComponent.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.geode.internal.security; - -import org.apache.geode.GemFireConfigException; -import org.apache.geode.security.SecurableComponents; - -public enum SecurableComponent { - ALL(SecurableComponents.ALL), - CLUSTER(SecurableComponents.CLUSTER), - SERVER(SecurableComponents.SERVER), - JMX(SecurableComponents.JMX), - HTTP_SERVICE(SecurableComponents.HTTP_SERVICE), - GATEWAY(SecurableComponents.GATEWAY), - LOCATOR(SecurableComponents.LOCATOR), - NONE("NO_COMPONENT"); - - private final String constant; - - SecurableComponent(final String constant) { - this.constant = constant; - } - - public static SecurableComponent getEnum(String enumString) { - for (SecurableComponent securableComponent : SecurableComponent.values()) { - if (securableComponent.constant.equalsIgnoreCase(enumString)) { - return securableComponent; - } - } - throw new GemFireConfigException("There is no registered component for the name: " + enumString); - } - - public String getConstant() { - return constant; - } - - @Override - public String toString() { - return constant; - } -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java b/geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java index 4d4fcfa..d645bbf 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java +++ b/geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java @@ -16,11 +16,14 @@ */ package org.apache.geode.internal.security; +import java.lang.reflect.Method; import java.util.Properties; import java.util.concurrent.Callable; +import org.apache.geode.internal.ClassLoadUtil; import org.apache.geode.management.internal.security.ResourceConstants; import org.apache.geode.management.internal.security.ResourceOperation; +import org.apache.geode.security.GemFireSecurityException; import org.apache.geode.security.PostProcessor; import org.apache.geode.security.ResourcePermission; import org.apache.geode.security.SecurityManager; @@ -56,24 +59,73 @@ public interface SecurityService { Object postProcess(String regionPath, Object key, Object value, boolean valueIsSerialized); Object postProcess(Object principal, String regionPath, Object key, Object value, boolean valueIsSerialized); boolean isClientSecurityRequired(); - boolean isJmxSecurityRequired(); - boolean isGatewaySecurityRequired(); - boolean isHttpSecurityRequired(); - boolean isPeerSecurityRequired(); boolean isIntegratedSecurity(); + boolean isPeerSecurityRequired(); SecurityManager getSecurityManager(); PostProcessor getPostProcessor(); - static <T> T getObjectOfType(String factoryName, Class<T> clazz) { - return IntegratedSecurityService.getObjectOfType(factoryName, clazz); + /** + * this method would never return null, it either throws an exception or + * returns an object + */ + public static <T> T getObjectOfTypeFromClassName(String className, Class<T> expectedClazz) { + Class actualClass = null; + try { + actualClass = ClassLoadUtil.classFromName(className); + } + catch (Exception ex) { + throw new GemFireSecurityException("Instance could not be obtained, " + ex.toString(), ex); + } + + if(!expectedClazz.isAssignableFrom(actualClass)){ + throw new GemFireSecurityException("Instance could not be obtained. Expecting a "+expectedClazz.getName()+" class."); + } + + T actualObject = null; + try { + actualObject = (T)actualClass.newInstance(); + } catch (Exception e) { + throw new GemFireSecurityException("Instance could not be obtained. Error instantiating "+actualClass.getName(), e); + } + return actualObject; } - static <T> T getObjectOfTypeFromFactoryMethod(String factoryMethodName, Class<T> expectedClazz) { - return IntegratedSecurityService.getObjectOfTypeFromFactoryMethod(factoryMethodName, expectedClazz); + /** + * this method would never return null, it either throws an exception or + * returns an object + */ + public static <T> T getObjectOfTypeFromFactoryMethod(String factoryMethodName, Class<T> expectedClazz){ + T actualObject = null; + try { + Method factoryMethod = ClassLoadUtil.methodFromName(factoryMethodName); + actualObject = (T)factoryMethod.invoke(null, (Object[])null); + } catch (Exception e) { + throw new GemFireSecurityException("Instance could not be obtained from "+factoryMethodName, e); + } + + if(actualObject == null){ + throw new GemFireSecurityException("Instance could not be obtained from " + factoryMethodName); + } + + return actualObject; } - static <T> T getObjectOfTypeFromClassName(String className, Class<T> expectedClazz) { - return IntegratedSecurityService.getObjectOfTypeFromClassName(className, expectedClazz); + /** + * this method would never return null, it either throws an exception or + * returns an object + * + * @return an object of type expectedClazz. This method would never return + * null. It either returns an non-null object or throws exception. + */ + public static <T> T getObjectOfType(String classOrMethod, Class<T> expectedClazz) { + T object = null; + try{ + object = getObjectOfTypeFromClassName(classOrMethod, expectedClazz); + } + catch (Exception e){ + object = getObjectOfTypeFromFactoryMethod(classOrMethod, expectedClazz); + } + return object; } public static Properties getCredentials(Properties securityProps){ @@ -89,4 +141,5 @@ public interface SecurityService { static SecurityService getSecurityService(){ return IntegratedSecurityService.getSecurityService(); } + } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/internal/tcp/TCPConduit.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/tcp/TCPConduit.java b/geode-core/src/main/java/org/apache/geode/internal/tcp/TCPConduit.java index 67f2424..1eb7626 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/tcp/TCPConduit.java +++ b/geode-core/src/main/java/org/apache/geode/internal/tcp/TCPConduit.java @@ -62,7 +62,6 @@ import org.apache.geode.internal.logging.log4j.LogMarker; import org.apache.geode.internal.net.SocketCreator; import org.apache.geode.internal.net.SocketCreatorFactory; import org.apache.geode.internal.security.SecurableCommunicationChannel; -import org.apache.geode.internal.security.SecurableComponent; /** * <p>TCPConduit manages a server socket and a collection of connections to http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/management/GemFireProperties.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/management/GemFireProperties.java b/geode-core/src/main/java/org/apache/geode/management/GemFireProperties.java index 592bfdd..2b2c1a6 100644 --- a/geode-core/src/main/java/org/apache/geode/management/GemFireProperties.java +++ b/geode-core/src/main/java/org/apache/geode/management/GemFireProperties.java @@ -18,7 +18,6 @@ package org.apache.geode.management; import org.apache.geode.internal.security.SecurableCommunicationChannel; -import org.apache.geode.internal.security.SecurableComponent; /** * Composite Data type to be used by member to depict gemfire properties in key value manner http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/management/internal/ManagementAgent.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/management/internal/ManagementAgent.java b/geode-core/src/main/java/org/apache/geode/management/internal/ManagementAgent.java index ad4b3b7..f1daa78 100755 --- a/geode-core/src/main/java/org/apache/geode/management/internal/ManagementAgent.java +++ b/geode-core/src/main/java/org/apache/geode/management/internal/ManagementAgent.java @@ -56,7 +56,7 @@ import org.apache.geode.internal.GemFireVersion; import org.apache.geode.internal.cache.GemFireCacheImpl; import org.apache.geode.internal.lang.StringUtils; import org.apache.geode.internal.logging.LogService; -import org.apache.geode.internal.security.IntegratedSecurityService; +import org.apache.geode.internal.security.SecurityService; import org.apache.geode.internal.net.SSLConfigurationFactory; import org.apache.geode.internal.net.SocketCreator; import org.apache.geode.internal.net.SocketCreatorFactory; @@ -95,7 +95,7 @@ public class ManagementAgent { private JMXConnectorServer jmxConnectorServer; private JMXShiroAuthenticator shiroAuthenticator; private final DistributionConfig config; - // TODO: add this -- private boolean isSecured; + private SecurityService securityService = SecurityService.getSecurityService(); private boolean isHttpServiceRunning = false; /** @@ -205,7 +205,7 @@ public class ManagementAgent { if (logger.isDebugEnabled()) { logger.debug(message); } - } else if (isIntegratedSecurity()) { + } else if (securityService.isIntegratedSecurity()) { System.setProperty("spring.profiles.active", "pulse.authentication.gemfire"); } @@ -437,7 +437,7 @@ public class ManagementAgent { } }; - if (isIntegratedSecurity()) { + if (securityService.isIntegratedSecurity()) { shiroAuthenticator = new JMXShiroAuthenticator(); env.put(JMXConnectorServer.AUTHENTICATOR, shiroAuthenticator); jmxConnectorServer.addNotificationListener(shiroAuthenticator, null, jmxConnectorServer.getAttributes()); @@ -494,11 +494,6 @@ public class ManagementAgent { } } - - private boolean isIntegratedSecurity() { - return IntegratedSecurityService.getSecurityService().isJmxSecurityRequired(); - } - private static class GemFireRMIClientSocketFactory implements RMIClientSocketFactory, Serializable { private static final long serialVersionUID = -7604285019188827617L; http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/main/java/org/apache/geode/security/SecurableComponents.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/security/SecurableComponents.java b/geode-core/src/main/java/org/apache/geode/security/SecurableComponents.java deleted file mode 100644 index beb5600..0000000 --- a/geode-core/src/main/java/org/apache/geode/security/SecurableComponents.java +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.geode.security; - -import org.apache.geode.distributed.ConfigurationProperties; - -/** - * This class defines all the static definitions for the {@link ConfigurationProperties#SECURITY_ENABLED_COMPONENTS} - * <U>Since</U>: Geode 1.0 - */ -public interface SecurableComponents { - - /** - * This determines that all components will be secured. - * <U>Since</U>: Geode 1.0 - */ - String ALL = "all"; - /** - * This determines that the client-server communication will be secured. - * <U>Since</U>: Geode 1.0 - */ - String SERVER = "server"; - /** - * This determines that the inter-server (or server-to-server) communication will be secured. - * <U>Since</U>: Geode 1.0 - */ - String CLUSTER = "cluster"; - /** - * This determines that test jmx communication will be secured. - * <U>Since</U>: Geode 1.0 - */ - String JMX = "jmx"; - /** - * This determines that the http service communication will be secured. - * <U>Since</U>: Geode 1.0 - */ - String HTTP_SERVICE = "http"; - /** - * This determines that the gateway communication will be secured. - * <U>Since</U>: Geode 1.0 - */ - String GATEWAY = "gateway"; - /** - * This determines that the locator communication will be secured. - * <U>Since</U>: Geode 1.0 - */ - String LOCATOR = "locator"; -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/test/java/org/apache/geode/cache/client/internal/CacheServerSSLConnectionDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/cache/client/internal/CacheServerSSLConnectionDUnitTest.java b/geode-core/src/test/java/org/apache/geode/cache/client/internal/CacheServerSSLConnectionDUnitTest.java index e1ee4b1..9d53265 100644 --- a/geode-core/src/test/java/org/apache/geode/cache/client/internal/CacheServerSSLConnectionDUnitTest.java +++ b/geode-core/src/test/java/org/apache/geode/cache/client/internal/CacheServerSSLConnectionDUnitTest.java @@ -24,9 +24,6 @@ import java.io.PrintWriter; import java.io.StringWriter; import java.util.Properties; -import org.junit.Test; -import org.junit.experimental.categories.Category; - import org.apache.geode.cache.Cache; import org.apache.geode.cache.CacheFactory; import org.apache.geode.cache.Region; @@ -37,9 +34,7 @@ import org.apache.geode.cache.client.ClientCacheFactory; import org.apache.geode.cache.client.ClientRegionFactory; import org.apache.geode.cache.client.ClientRegionShortcut; import org.apache.geode.cache.server.CacheServer; -import org.apache.geode.internal.net.SocketCreatorFactory; import org.apache.geode.internal.security.SecurableCommunicationChannel; -import org.apache.geode.internal.security.SecurableComponent; import org.apache.geode.security.AuthenticationRequiredException; import org.apache.geode.test.dunit.Host; import org.apache.geode.test.dunit.IgnoredException; @@ -47,6 +42,8 @@ import org.apache.geode.test.dunit.VM; import org.apache.geode.test.dunit.internal.JUnit4DistributedTestCase; import org.apache.geode.test.junit.categories.DistributedTest; import org.apache.geode.util.test.TestUtil; +import org.junit.Test; +import org.junit.experimental.categories.Category; /** * Tests cacheserver ssl support added. See https://svn.gemstone.com/trac/gemfire/ticket/48995 for details http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/test/java/org/apache/geode/distributed/LocatorLauncherRemoteIntegrationTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/distributed/LocatorLauncherRemoteIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/distributed/LocatorLauncherRemoteIntegrationTest.java index 2aa0c7d..312ca56 100755 --- a/geode-core/src/test/java/org/apache/geode/distributed/LocatorLauncherRemoteIntegrationTest.java +++ b/geode-core/src/test/java/org/apache/geode/distributed/LocatorLauncherRemoteIntegrationTest.java @@ -16,6 +16,20 @@ */ package org.apache.geode.distributed; +import static org.apache.geode.distributed.ConfigurationProperties.*; +import static org.hamcrest.CoreMatchers.*; +import static org.junit.Assert.*; + +import java.io.File; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.PrintStream; +import java.lang.management.ManagementFactory; +import java.net.InetAddress; +import java.util.ArrayList; +import java.util.List; +import java.util.concurrent.atomic.AtomicBoolean; + import org.apache.geode.distributed.AbstractLauncher.Status; import org.apache.geode.distributed.LocatorLauncher.Builder; import org.apache.geode.distributed.LocatorLauncher.LocatorState; @@ -30,7 +44,6 @@ import org.apache.geode.internal.process.ProcessControllerFactory; import org.apache.geode.internal.process.ProcessStreamReader; import org.apache.geode.internal.process.ProcessType; import org.apache.geode.internal.process.ProcessUtils; -import org.apache.geode.internal.security.SecurableComponent; import org.apache.geode.test.junit.categories.FlakyTest; import org.apache.geode.test.junit.categories.IntegrationTest; import org.apache.geode.test.junit.runners.CategoryWithParameterizedRunnerFactory; @@ -42,20 +55,6 @@ import org.junit.experimental.categories.Category; import org.junit.runner.RunWith; import org.junit.runners.Parameterized; -import java.io.File; -import java.io.FileNotFoundException; -import java.io.FileOutputStream; -import java.io.PrintStream; -import java.lang.management.ManagementFactory; -import java.net.InetAddress; -import java.util.ArrayList; -import java.util.List; -import java.util.concurrent.atomic.AtomicBoolean; - -import static org.apache.geode.distributed.ConfigurationProperties.MCAST_PORT; -import static org.hamcrest.CoreMatchers.*; -import static org.junit.Assert.*; - /** * Integration tests for launching a Locator in a forked process. * http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/test/java/org/apache/geode/distributed/ServerLauncherRemoteIntegrationTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/distributed/ServerLauncherRemoteIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/distributed/ServerLauncherRemoteIntegrationTest.java index 98ee86f..3b3d11e 100755 --- a/geode-core/src/test/java/org/apache/geode/distributed/ServerLauncherRemoteIntegrationTest.java +++ b/geode-core/src/test/java/org/apache/geode/distributed/ServerLauncherRemoteIntegrationTest.java @@ -16,6 +16,22 @@ */ package org.apache.geode.distributed; +import static org.apache.geode.distributed.ConfigurationProperties.*; +import static org.hamcrest.CoreMatchers.*; +import static org.junit.Assert.*; + +import java.io.File; +import java.io.FileOutputStream; +import java.io.FileWriter; +import java.io.IOException; +import java.io.PrintStream; +import java.io.PrintWriter; +import java.lang.management.ManagementFactory; +import java.net.InetAddress; +import java.util.ArrayList; +import java.util.List; +import java.util.concurrent.atomic.AtomicBoolean; + import org.apache.geode.cache.DataPolicy; import org.apache.geode.cache.Scope; import org.apache.geode.distributed.AbstractLauncher.Status; @@ -32,8 +48,11 @@ import org.apache.geode.internal.cache.xmlcache.RegionAttributesCreation; import org.apache.geode.internal.logging.InternalLogWriter; import org.apache.geode.internal.logging.LocalLogWriter; import org.apache.geode.internal.net.SocketCreatorFactory; -import org.apache.geode.internal.process.*; -import org.apache.geode.internal.security.SecurableComponent; +import org.apache.geode.internal.process.PidUnavailableException; +import org.apache.geode.internal.process.ProcessControllerFactory; +import org.apache.geode.internal.process.ProcessStreamReader; +import org.apache.geode.internal.process.ProcessType; +import org.apache.geode.internal.process.ProcessUtils; import org.apache.geode.test.junit.categories.FlakyTest; import org.apache.geode.test.junit.categories.IntegrationTest; import org.apache.geode.test.process.ProcessWrapper; @@ -41,17 +60,6 @@ import org.junit.Ignore; import org.junit.Test; import org.junit.experimental.categories.Category; -import java.io.*; -import java.lang.management.ManagementFactory; -import java.net.InetAddress; -import java.util.ArrayList; -import java.util.List; -import java.util.concurrent.atomic.AtomicBoolean; - -import static org.apache.geode.distributed.ConfigurationProperties.*; -import static org.hamcrest.CoreMatchers.*; -import static org.junit.Assert.*; - /** * Integration tests for launching a Server in a forked process. * http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/test/java/org/apache/geode/distributed/internal/AbstractDistributionConfigTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/distributed/internal/AbstractDistributionConfigTest.java b/geode-core/src/test/java/org/apache/geode/distributed/internal/AbstractDistributionConfigTest.java deleted file mode 100644 index 293cbd2..0000000 --- a/geode-core/src/test/java/org/apache/geode/distributed/internal/AbstractDistributionConfigTest.java +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.geode.distributed.internal; - -import static org.assertj.core.api.Assertions.*; -import static org.mockito.Answers.*; - -import org.junit.Test; -import org.junit.experimental.categories.Category; -import org.junit.runner.RunWith; -import org.mockito.Mock; -import org.mockito.runners.MockitoJUnitRunner; - -import org.apache.geode.GemFireConfigException; -import org.apache.geode.security.SecurableComponents; -import org.apache.geode.test.junit.categories.UnitTest; - -@Category(UnitTest.class) -@RunWith(MockitoJUnitRunner.class) -public class AbstractDistributionConfigTest { - - @Mock(answer = CALLS_REAL_METHODS) - private AbstractDistributionConfig abstractDistributionConfig; - - @Test - public void testNoCommaInvalidStringThrows() { - assertThatThrownBy(() -> abstractDistributionConfig.checkSecurityEnabledComponents("This has no commas in it")).isExactlyInstanceOf(GemFireConfigException.class); - } - - @Test - public void testOneSecurityEnabledComponents() { - String returnValue = abstractDistributionConfig.checkSecurityEnabledComponents(SecurableComponents.JMX); - assertThat(returnValue).isEqualTo(SecurableComponents.JMX); - } - - @Test - public void testEmptySecurityEnabledComponents() { - String returnValue = abstractDistributionConfig.checkSecurityEnabledComponents(""); - assertThat(returnValue).isEqualTo(""); - } - - @Test - public void testNoneSecurityEnabledComponents() { - String returnValue = abstractDistributionConfig.checkSecurityEnabledComponents("none"); - assertThat(returnValue).isEqualTo("none"); - } - - @Test - public void testNullSecurityEnabledComponents() { - String returnValue = abstractDistributionConfig.checkSecurityEnabledComponents(null); - assertThat(returnValue).isEqualTo(null); - } - - @Test - public void testTwoSecurityEnabledComponents() { - String returnValue = abstractDistributionConfig.checkSecurityEnabledComponents(SecurableComponents.JMX + "," + SecurableComponents.SERVER); - assertThat(returnValue).isEqualTo(SecurableComponents.JMX + "," + SecurableComponents.SERVER); - } - - @Test - public void testOneValidSecurityEnabledComponentAndOneInvalid() { - assertThatThrownBy(() -> abstractDistributionConfig.checkSecurityEnabledComponents(SecurableComponents.JMX + "," + SecurableComponents.SERVER + "," + "this should throw")).isExactlyInstanceOf(GemFireConfigException.class); - } -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/test/java/org/apache/geode/distributed/internal/DistributionConfigJUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/distributed/internal/DistributionConfigJUnitTest.java b/geode-core/src/test/java/org/apache/geode/distributed/internal/DistributionConfigJUnitTest.java index 978a0d0..04bfad6 100644 --- a/geode-core/src/test/java/org/apache/geode/distributed/internal/DistributionConfigJUnitTest.java +++ b/geode-core/src/test/java/org/apache/geode/distributed/internal/DistributionConfigJUnitTest.java @@ -17,7 +17,6 @@ package org.apache.geode.distributed.internal; import static org.apache.geode.distributed.ConfigurationProperties.*; -import static org.assertj.core.api.Assertions.*; import static org.junit.Assert.*; import static org.mockito.Matchers.any; import static org.mockito.Mockito.*; @@ -31,19 +30,16 @@ import java.util.List; import java.util.Map; import java.util.Properties; +import org.apache.geode.InternalGemFireException; +import org.apache.geode.UnmodifiableException; +import org.apache.geode.internal.ConfigSource; import org.apache.geode.security.templates.SamplePostProcessor; import org.apache.geode.security.templates.SampleSecurityManager; +import org.apache.geode.test.junit.categories.UnitTest; import org.junit.Before; import org.junit.Test; import org.junit.experimental.categories.Category; -import org.apache.geode.GemFireConfigException; -import org.apache.geode.InternalGemFireException; -import org.apache.geode.UnmodifiableException; -import org.apache.geode.security.SecurableComponents; -import org.apache.geode.internal.ConfigSource; -import org.apache.geode.test.junit.categories.UnitTest; - @Category(UnitTest.class) public class DistributionConfigJUnitTest { @@ -81,7 +77,7 @@ public class DistributionConfigJUnitTest { @Test public void testGetAttributeNames() { String[] attNames = AbstractDistributionConfig._getAttNames(); - assertEquals(attNames.length, 157); + assertEquals(attNames.length, 156); List boolList = new ArrayList(); List intList = new ArrayList(); @@ -116,7 +112,7 @@ public class DistributionConfigJUnitTest { //TODO - This makes no sense. One has no idea what the correct expected number of attributes are. assertEquals(29, boolList.size()); assertEquals(33, intList.size()); - assertEquals(86, stringList.size()); + assertEquals(85, stringList.size()); assertEquals(5, fileList.size()); assertEquals(4, otherList.size()); } @@ -343,7 +339,7 @@ public class DistributionConfigJUnitTest { DistributionConfig config = new DistributionConfigImpl(props); // SECURITY_ENABLED_COMPONENTS is automatically added to getSecurityProps - assertEquals(config.getSecurityProps().size(), 4); + assertEquals(config.getSecurityProps().size(), 3); } @Test @@ -358,76 +354,7 @@ public class DistributionConfigJUnitTest { DistributionConfig config = new DistributionConfigImpl(props); // SECURITY_ENABLED_COMPONENTS is automatically added to getSecurityProps - assertEquals(config.getSecurityProps().size(), 5); - } - - @Test - public void securityEnabledComponentsDefaultShouldBeAll() throws Exception { - Properties props = new Properties(); - props.put(SECURITY_MANAGER, SampleSecurityManager.class.getName()); - - DistributionConfig config = new DistributionConfigImpl(props); - - assertThat(config.getSecurityEnabledComponents()).contains(SecurableComponents.ALL); - } - - @Test - public void oneSecurityEnabledComponent() throws Exception { - Properties props = new Properties(); - props.put(SECURITY_MANAGER, SampleSecurityManager.class.getName()); - props.put(SECURITY_ENABLED_COMPONENTS, SecurableComponents.JMX); - - DistributionConfig config = new DistributionConfigImpl(props); - - assertThat(config.getSecurityEnabledComponents()) - .doesNotContain(SecurableComponents.ALL) - .doesNotContain(SecurableComponents.GATEWAY) - .doesNotContain(SecurableComponents.SERVER) - .doesNotContain(SecurableComponents.HTTP_SERVICE) - .doesNotContain(SecurableComponents.CLUSTER) - .contains(SecurableComponents.JMX); - } - - @Test - public void twoSecurityEnabledComponents() throws Exception { - Properties props = new Properties(); - props.put(SECURITY_MANAGER, SampleSecurityManager.class.getName()); - props.put(SECURITY_ENABLED_COMPONENTS, SecurableComponents.JMX + "," + SecurableComponents.CLUSTER); - - DistributionConfig config = new DistributionConfigImpl(props); - - assertThat(config.getSecurityEnabledComponents()) - .doesNotContain(SecurableComponents.ALL) - .doesNotContain(SecurableComponents.GATEWAY) - .doesNotContain(SecurableComponents.SERVER) - .doesNotContain(SecurableComponents.HTTP_SERVICE) - .contains(SecurableComponents.CLUSTER) - .contains(SecurableComponents.JMX); - } - - @Test - public void multipleSecurityEnabledComponents() throws Exception { - Properties props = new Properties(); - props.put(SECURITY_MANAGER, SampleSecurityManager.class.getName()); - props.put(SECURITY_ENABLED_COMPONENTS, SecurableComponents.JMX + "," + SecurableComponents.CLUSTER+ "," + SecurableComponents.HTTP_SERVICE); - - DistributionConfig config = new DistributionConfigImpl(props); - - assertThat(config.getSecurityEnabledComponents()) - .doesNotContain(SecurableComponents.ALL) - .doesNotContain(SecurableComponents.GATEWAY) - .doesNotContain(SecurableComponents.SERVER) - .contains(SecurableComponents.HTTP_SERVICE) - .contains(SecurableComponents.CLUSTER) - .contains(SecurableComponents.JMX); - } - - @Test - public void nonExistentSecurityEnabledComponentShouldThrow() throws Exception { - Properties props = new Properties(); - props.put(SECURITY_ENABLED_COMPONENTS, "notapplicable"); - - assertThatThrownBy(() -> new DistributionConfigImpl(props)).isExactlyInstanceOf(GemFireConfigException.class); + assertEquals(config.getSecurityProps().size(), 4); } @Test http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceTest.java b/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceTest.java index 333875e..e3e140e 100644 --- a/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceTest.java +++ b/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceTest.java @@ -27,7 +27,6 @@ import org.junit.Before; import org.junit.Test; import org.junit.experimental.categories.Category; -import org.apache.geode.security.SecurableComponents; import org.apache.geode.security.GemFireSecurityException; import org.apache.geode.test.junit.categories.UnitTest; @@ -46,47 +45,42 @@ public class IntegratedSecurityServiceTest { @Test public void testGetObjectFromConstructor() { - String string = IntegratedSecurityService.getObjectOfType(String.class.getName(), String.class); + String string = SecurityService.getObjectOfType(String.class.getName(), String.class); assertNotNull(string); - CharSequence charSequence = IntegratedSecurityService.getObjectOfType(String.class.getName(), CharSequence.class); + CharSequence charSequence = SecurityService.getObjectOfType(String.class.getName(), CharSequence.class); assertNotNull(charSequence); - assertThatThrownBy(() -> IntegratedSecurityService.getObjectOfType("com.abc.testString", String.class)).isInstanceOf(GemFireSecurityException.class); + assertThatThrownBy(() -> SecurityService.getObjectOfType("com.abc.testString", String.class)).isInstanceOf(GemFireSecurityException.class); - assertThatThrownBy(() -> IntegratedSecurityService.getObjectOfType(String.class.getName(), Boolean.class)).isInstanceOf(GemFireSecurityException.class); + assertThatThrownBy(() -> SecurityService.getObjectOfType(String.class.getName(), Boolean.class)).isInstanceOf(GemFireSecurityException.class); - assertThatThrownBy(() -> IntegratedSecurityService.getObjectOfType("", String.class)).isInstanceOf(GemFireSecurityException.class); + assertThatThrownBy(() -> SecurityService.getObjectOfType("", String.class)).isInstanceOf(GemFireSecurityException.class); - assertThatThrownBy(() -> IntegratedSecurityService.getObjectOfType(null, String.class)).isInstanceOf(GemFireSecurityException.class); + assertThatThrownBy(() -> SecurityService.getObjectOfType(null, String.class)).isInstanceOf(GemFireSecurityException.class); - assertThatThrownBy(() -> IntegratedSecurityService.getObjectOfType(" ", String.class)).isInstanceOf(GemFireSecurityException.class); + assertThatThrownBy(() -> SecurityService.getObjectOfType(" ", String.class)).isInstanceOf(GemFireSecurityException.class); } @Test public void testGetObjectFromFactoryMethod() { - String string = IntegratedSecurityService.getObjectOfType(Factories.class.getName() + ".getString", String.class); + String string = SecurityService.getObjectOfType(Factories.class.getName() + ".getString", String.class); assertNotNull(string); - CharSequence charSequence = IntegratedSecurityService.getObjectOfType(Factories.class.getName() + ".getString", String.class); + CharSequence charSequence = SecurityService.getObjectOfType(Factories.class.getName() + ".getString", String.class); assertNotNull(charSequence); - assertThatThrownBy(() -> IntegratedSecurityService.getObjectOfType(Factories.class.getName() + ".getStringNonStatic", String.class)) + assertThatThrownBy(() -> SecurityService.getObjectOfType(Factories.class.getName() + ".getStringNonStatic", String.class)) .isInstanceOf(GemFireSecurityException.class); - assertThatThrownBy(() -> IntegratedSecurityService.getObjectOfType(Factories.class.getName() + ".getNullString", String.class)) + assertThatThrownBy(() -> SecurityService.getObjectOfType(Factories.class.getName() + ".getNullString", String.class)) .isInstanceOf(GemFireSecurityException.class); } - @Test public void testInitialSecurityFlags() { // initial state of IntegratedSecurityService assertFalse(securityService.isIntegratedSecurity()); - assertFalse(securityService.isClientSecurityRequired()); - assertFalse(securityService.isGatewaySecurityRequired()); - assertFalse(securityService.isHttpSecurityRequired()); - assertFalse(securityService.isJmxSecurityRequired()); assertFalse(securityService.isPeerSecurityRequired()); } @@ -98,11 +92,7 @@ public class IntegratedSecurityServiceTest { securityService.initSecurity(properties); assertTrue(securityService.isIntegratedSecurity()); - assertTrue(securityService.isClientSecurityRequired()); - assertTrue(securityService.isGatewaySecurityRequired()); - assertTrue(securityService.isHttpSecurityRequired()); - assertTrue(securityService.isJmxSecurityRequired()); assertTrue(securityService.isPeerSecurityRequired()); } @@ -111,14 +101,8 @@ public class IntegratedSecurityServiceTest { properties.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "org.abc.test"); securityService.initSecurity(properties); - assertFalse(securityService.isIntegratedSecurity()); - assertTrue(securityService.isClientSecurityRequired()); - assertTrue(securityService.isGatewaySecurityRequired()); - - assertFalse(securityService.isHttpSecurityRequired()); - assertFalse(securityService.isJmxSecurityRequired()); assertFalse(securityService.isPeerSecurityRequired()); } @@ -129,11 +113,7 @@ public class IntegratedSecurityServiceTest { securityService.initSecurity(properties); assertFalse(securityService.isIntegratedSecurity()); - assertFalse(securityService.isClientSecurityRequired()); - assertFalse(securityService.isGatewaySecurityRequired()); - assertFalse(securityService.isHttpSecurityRequired()); - assertFalse(securityService.isJmxSecurityRequired()); assertTrue(securityService.isPeerSecurityRequired()); } @@ -144,128 +124,7 @@ public class IntegratedSecurityServiceTest { securityService.initSecurity(properties); assertTrue(securityService.isIntegratedSecurity()); - - assertTrue(securityService.isClientSecurityRequired()); - assertTrue(securityService.isGatewaySecurityRequired()); - assertTrue(securityService.isHttpSecurityRequired()); - assertTrue(securityService.isJmxSecurityRequired()); - assertTrue(securityService.isPeerSecurityRequired()); - } - - @Test - public void allEnabledWithSecurityManager() { - properties.setProperty(SECURITY_MANAGER, "org.apache.geode.security.templates.SampleSecurityManager"); - properties.setProperty(SampleSecurityManager.SECURITY_JSON, "org/apache/geode/security/templates/security.json"); - properties.setProperty(SECURITY_ENABLED_COMPONENTS, SecurableComponents.ALL); - - securityService.initSecurity(properties); - - assertTrue(securityService.isIntegratedSecurity()); - - assertTrue(securityService.isClientSecurityRequired()); - assertTrue(securityService.isGatewaySecurityRequired()); - assertTrue(securityService.isHttpSecurityRequired()); - assertTrue(securityService.isJmxSecurityRequired()); - assertTrue(securityService.isPeerSecurityRequired()); - } - - @Test - public void emptyEnabledWithSecurityManager() { - properties.setProperty(SECURITY_MANAGER, "org.apache.geode.security.templates.SampleSecurityManager"); - properties.setProperty(SampleSecurityManager.SECURITY_JSON, "org/apache/geode/security/templates/security.json"); - properties.setProperty(SECURITY_ENABLED_COMPONENTS,""); - - securityService.initSecurity(properties); - - assertTrue(securityService.isIntegratedSecurity()); - - assertFalse(securityService.isClientSecurityRequired()); - assertFalse(securityService.isGatewaySecurityRequired()); - assertFalse(securityService.isHttpSecurityRequired()); - assertFalse(securityService.isJmxSecurityRequired()); - assertFalse(securityService.isPeerSecurityRequired()); - } - - @Test - public void noneEnabledWithSecurityManager() { - properties.setProperty(SECURITY_MANAGER, "org.apache.geode.security.templates.SampleSecurityManager"); - properties.setProperty(SampleSecurityManager.SECURITY_JSON, "org/apache/geode/security/templates/security.json"); - properties.setProperty(SECURITY_ENABLED_COMPONENTS,"none"); - - securityService.initSecurity(properties); - - assertTrue(securityService.isIntegratedSecurity()); - - assertFalse(securityService.isClientSecurityRequired()); - assertFalse(securityService.isGatewaySecurityRequired()); - assertFalse(securityService.isHttpSecurityRequired()); - assertFalse(securityService.isJmxSecurityRequired()); - assertFalse(securityService.isPeerSecurityRequired()); - } - - @Test - public void allSecurableComponentsWithoutAnySecurity() { - properties.setProperty(SECURITY_ENABLED_COMPONENTS, SecurableComponents.ALL); - - securityService.initSecurity(properties); - - assertFalse(securityService.isIntegratedSecurity()); - - assertFalse(securityService.isClientSecurityRequired()); - assertFalse(securityService.isGatewaySecurityRequired()); - assertFalse(securityService.isHttpSecurityRequired()); - assertFalse(securityService.isJmxSecurityRequired()); - assertFalse(securityService.isPeerSecurityRequired()); - } - - @Test - public void oneSecurableComponentEnabledWithSecurityManager() { - properties.setProperty(SECURITY_MANAGER, "org.apache.geode.security.templates.SampleSecurityManager"); - properties.setProperty(SampleSecurityManager.SECURITY_JSON, "org/apache/geode/security/templates/security.json"); - properties.setProperty(SECURITY_ENABLED_COMPONENTS, SecurableComponents.JMX); - - securityService.initSecurity(properties); - - assertTrue(securityService.isIntegratedSecurity()); - - assertFalse(securityService.isClientSecurityRequired()); - assertFalse(securityService.isGatewaySecurityRequired()); - assertFalse(securityService.isHttpSecurityRequired()); - assertTrue(securityService.isJmxSecurityRequired()); - assertFalse(securityService.isPeerSecurityRequired()); - } - - @Test - public void twoSecurableComponentEnabledWithSecurityManager() { - properties.setProperty(SECURITY_MANAGER, "org.apache.geode.security.templates.SampleSecurityManager"); - properties.setProperty(SampleSecurityManager.SECURITY_JSON, "org/apache/geode/security/templates/security.json"); - properties.setProperty(SECURITY_ENABLED_COMPONENTS, SecurableComponents.JMX + "," + SecurableComponents.SERVER); - - securityService.initSecurity(properties); - - assertTrue(securityService.isIntegratedSecurity()); - - assertTrue(securityService.isClientSecurityRequired()); - assertFalse(securityService.isGatewaySecurityRequired()); - assertFalse(securityService.isHttpSecurityRequired()); - assertTrue(securityService.isJmxSecurityRequired()); - assertFalse(securityService.isPeerSecurityRequired()); - } - - @Test - public void manySecurableComponentEnabledWithSecurityManager() { - properties.setProperty(SECURITY_MANAGER, "org.apache.geode.security.templates.SampleSecurityManager"); - properties.setProperty(SampleSecurityManager.SECURITY_JSON, "org/apache/geode/security/templates/security.json"); - properties.setProperty(SECURITY_ENABLED_COMPONENTS, SecurableComponents.JMX + "," + SecurableComponents.SERVER + "," + SecurableComponents.CLUSTER); - - securityService.initSecurity(properties); - - assertTrue(securityService.isIntegratedSecurity()); - assertTrue(securityService.isClientSecurityRequired()); - assertFalse(securityService.isGatewaySecurityRequired()); - assertFalse(securityService.isHttpSecurityRequired()); - assertTrue(securityService.isJmxSecurityRequired()); assertTrue(securityService.isPeerSecurityRequired()); } http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/test/java/org/apache/geode/internal/security/SecurityConfigIntegrationTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/SecurityConfigIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/internal/security/SecurityConfigIntegrationTest.java deleted file mode 100644 index aab934e..0000000 --- a/geode-core/src/test/java/org/apache/geode/internal/security/SecurityConfigIntegrationTest.java +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.geode.internal.security; - -import static org.apache.geode.distributed.ConfigurationProperties.*; -import static org.assertj.core.api.Assertions.*; - -import java.util.Properties; - -import org.apache.geode.security.templates.SampleSecurityManager; -import org.junit.Test; -import org.junit.experimental.categories.Category; - -import org.apache.geode.security.SecurableComponents; -import org.apache.geode.distributed.internal.DistributionConfig; -import org.apache.geode.distributed.internal.DistributionConfigImpl; -import org.apache.geode.test.junit.categories.IntegrationTest; - -@Category(IntegrationTest.class) -public class SecurityConfigIntegrationTest { - - @Test - public void securityEnabledComponentsDefaultShouldBeAll() throws Exception { - SecurityService securityService = SecurityService.getSecurityService(); - Properties props = new Properties(); - props.put(SECURITY_MANAGER, SampleSecurityManager.class.getName()); - props.put(SampleSecurityManager.SECURITY_JSON, "org/apache/geode/security/templates/security.json"); - - DistributionConfig config = new DistributionConfigImpl(props); - Properties securityProps = config.getSecurityProps(); - - assertThat(securityProps).containsKeys(SECURITY_MANAGER, SECURITY_ENABLED_COMPONENTS); - assertThat(securityProps.getProperty(SECURITY_ENABLED_COMPONENTS)).isEqualTo(SecurableComponents.ALL); - - securityService.initSecurity(securityProps); - - assertThat(securityService.isClientSecurityRequired()); - assertThat(securityService.isGatewaySecurityRequired()); - assertThat(securityService.isPeerSecurityRequired()); - assertThat(securityService.isJmxSecurityRequired()); - assertThat(securityService.isHttpSecurityRequired()); - } -} http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/test/java/org/apache/geode/management/ConnectToLocatorSSLDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/management/ConnectToLocatorSSLDUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/ConnectToLocatorSSLDUnitTest.java index 1bf1056..41ffa48 100644 --- a/geode-core/src/test/java/org/apache/geode/management/ConnectToLocatorSSLDUnitTest.java +++ b/geode-core/src/test/java/org/apache/geode/management/ConnectToLocatorSSLDUnitTest.java @@ -37,7 +37,6 @@ import org.junit.rules.TemporaryFolder; import org.apache.geode.distributed.Locator; import org.apache.geode.internal.AvailablePortHelper; import org.apache.geode.internal.security.SecurableCommunicationChannel; -import org.apache.geode.internal.security.SecurableComponent; import org.apache.geode.management.cli.Result.Status; import org.apache.geode.management.internal.cli.CliUtil; import org.apache.geode.management.internal.cli.HeadlessGfsh; http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/test/java/org/apache/geode/management/JMXMBeanDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/management/JMXMBeanDUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/JMXMBeanDUnitTest.java index 05c9022..ffa024f 100644 --- a/geode-core/src/test/java/org/apache/geode/management/JMXMBeanDUnitTest.java +++ b/geode-core/src/test/java/org/apache/geode/management/JMXMBeanDUnitTest.java @@ -41,7 +41,6 @@ import org.junit.experimental.categories.Category; import org.apache.geode.distributed.LocatorLauncher; import org.apache.geode.internal.AvailablePortHelper; import org.apache.geode.internal.security.SecurableCommunicationChannel; -import org.apache.geode.internal.security.SecurableComponent; import org.apache.geode.test.dunit.DistributedTestCase; import org.apache.geode.test.dunit.DistributedTestUtils; import org.apache.geode.test.dunit.Host; http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/test/java/org/apache/geode/security/IntegratedSecurityCacheLifecycleDistributedTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/security/IntegratedSecurityCacheLifecycleDistributedTest.java b/geode-core/src/test/java/org/apache/geode/security/IntegratedSecurityCacheLifecycleDistributedTest.java index 494c4d4..040bbf0 100644 --- a/geode-core/src/test/java/org/apache/geode/security/IntegratedSecurityCacheLifecycleDistributedTest.java +++ b/geode-core/src/test/java/org/apache/geode/security/IntegratedSecurityCacheLifecycleDistributedTest.java @@ -22,17 +22,12 @@ import static org.assertj.core.api.Assertions.*; import java.io.IOException; import java.util.Properties; -import org.apache.geode.security.templates.SampleSecurityManager; -import org.junit.Ignore; -import org.junit.Test; -import org.junit.experimental.categories.Category; - import org.apache.geode.cache.server.CacheServer; -import org.apache.geode.internal.AvailablePort; +import org.apache.geode.internal.AvailablePortHelper; import org.apache.geode.internal.security.IntegratedSecurityService; import org.apache.geode.internal.security.SecurityService; -import org.apache.geode.internal.AvailablePortHelper; import org.apache.geode.management.ManagementService; +import org.apache.geode.security.templates.SampleSecurityManager; import org.apache.geode.test.dunit.DistributedTestUtils; import org.apache.geode.test.dunit.Host; import org.apache.geode.test.dunit.NetworkUtils; @@ -40,6 +35,9 @@ import org.apache.geode.test.dunit.VM; import org.apache.geode.test.dunit.cache.internal.JUnit4CacheTestCase; import org.apache.geode.test.junit.categories.DistributedTest; import org.apache.geode.test.junit.categories.SecurityTest; +import org.junit.Ignore; +import org.junit.Test; +import org.junit.experimental.categories.Category; @Ignore("This is broken but fixed on feature/GEODE-1673") @Category({DistributedTest.class, SecurityTest.class}) @@ -69,7 +67,6 @@ public class IntegratedSecurityCacheLifecycleDistributedTest extends JUnit4Cache properties.setProperty(SampleSecurityManager.SECURITY_JSON, "org/apache/geode/management/internal/security/clientServer.json"); properties.setProperty(LOCATORS, locators); properties.setProperty(MCAST_PORT, "0"); - properties.setProperty(SECURITY_ENABLED_COMPONENTS, ""); properties.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName()); properties.setProperty(START_LOCATOR, locators); properties.setProperty(JMX_MANAGER, "true"); @@ -107,7 +104,6 @@ public class IntegratedSecurityCacheLifecycleDistributedTest extends JUnit4Cache properties.setProperty(SampleSecurityManager.SECURITY_JSON, "org/apache/geode/management/internal/security/clientServer.json"); properties.setProperty(LOCATORS, locators); properties.setProperty(MCAST_PORT, "0"); - properties.setProperty(SECURITY_ENABLED_COMPONENTS, ""); properties.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName()); properties.setProperty(USE_CLUSTER_CONFIGURATION, "false"); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/45ecd4cb/geode-core/src/test/resources/org/apache/geode/codeAnalysis/excludedClasses.txt ---------------------------------------------------------------------- diff --git a/geode-core/src/test/resources/org/apache/geode/codeAnalysis/excludedClasses.txt b/geode-core/src/test/resources/org/apache/geode/codeAnalysis/excludedClasses.txt index b3bab0f..6d5c84c 100644 --- a/geode-core/src/test/resources/org/apache/geode/codeAnalysis/excludedClasses.txt +++ b/geode-core/src/test/resources/org/apache/geode/codeAnalysis/excludedClasses.txt @@ -116,7 +116,6 @@ org/apache/geode/internal/process/ClusterConfigurationNotAvailableException org/apache/geode/internal/security/GeodeSecurityUtil org/apache/geode/internal/security/IntegratedSecurityService org/apache/geode/internal/security/IntegratedSecurityService$SerializationProxy -org/apache/geode/internal/security/SecurableComponent org/apache/geode/internal/security/SecurityService org/apache/geode/internal/statistics/platform/LinuxProcFsStatistics$CPU com/gemstone/org/apache/logging/log4j/core/config/xml/GemFireXmlConfiguration
