You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by no...@apache.org on 2020/10/09 04:09:20 UTC
[lucene-solr] branch reference_impl_dev updated: Reuse crypto keys
in tests (#1932)
This is an automated email from the ASF dual-hosted git repository.
noble pushed a commit to branch reference_impl_dev
in repository https://gitbox.apache.org/repos/asf/lucene-solr.git
The following commit(s) were added to refs/heads/reference_impl_dev by this push:
new 083cd54 Reuse crypto keys in tests (#1932)
083cd54 is described below
commit 083cd54feef1294979b5570779ac5e9ed9d98cfe
Author: Noble Paul <no...@users.noreply.github.com>
AuthorDate: Fri Oct 9 15:09:09 2020 +1100
Reuse crypto keys in tests (#1932)
---
.../java/org/apache/solr/core/CoreContainer.java | 24 +++++++--------
.../org/apache/solr/security/PublicKeyHandler.java | 8 +++--
.../test/org/apache/solr/cloud/TestCryptoKeys.java | 5 ++--
.../cloud/TestSolrCloudWithDelegationTokens.java | 2 +-
.../solr/security/BasicAuthIntegrationTest.java | 4 +--
.../security/JWTAuthPluginIntegrationTest.java | 2 +-
.../apache/solr/security/JWTAuthPluginTest.java | 2 +-
.../security/PKIAuthenticationIntegrationTest.java | 2 +-
.../solr/security/TestAuthorizationFramework.java | 4 +--
.../solr/security/TestPKIAuthenticationPlugin.java | 4 ++-
.../hadoop/TestDelegationWithHadoopAuth.java | 5 +---
.../hadoop/TestImpersonationWithHadoopAuth.java | 2 +-
.../hadoop/TestSolrCloudWithHadoopAuthPlugin.java | 4 +--
.../src/java/org/apache/solr/SolrTestCase.java | 35 ++++++++++++++++++++--
.../apache/solr/cloud/SolrCloudAuthTestCase.java | 5 ++--
15 files changed, 66 insertions(+), 42 deletions(-)
diff --git a/solr/core/src/java/org/apache/solr/core/CoreContainer.java b/solr/core/src/java/org/apache/solr/core/CoreContainer.java
index 4cd1fea..5f4d063 100644
--- a/solr/core/src/java/org/apache/solr/core/CoreContainer.java
+++ b/solr/core/src/java/org/apache/solr/core/CoreContainer.java
@@ -361,15 +361,13 @@ public class CoreContainer implements Closeable {
solrMetricsContext = new SolrMetricsContext(metricManager, registryName, metricTag);
try (ParWork work = new ParWork(this)) {
- if (Boolean.getBoolean("solr.enablePublicKeyHandler")) {
- work.collect("", () -> {
- try {
- containerHandlers.put(PublicKeyHandler.PATH, new PublicKeyHandler(cfg.getCloudConfig()));
- } catch (IOException | InvalidKeySpecException e) {
- throw new RuntimeException("Bad PublicKeyHandler configuration.", e);
- }
- });
- }
+ work.collect("", () -> {
+ try {
+ containerHandlers.put(PublicKeyHandler.PATH, new PublicKeyHandler(cfg.getCloudConfig()));
+ } catch (IOException | InvalidKeySpecException e) {
+ throw new RuntimeException("Bad PublicKeyHandler configuration.", e);
+ }
+ });
work.collect("",() -> {
updateShardHandler = new UpdateShardHandler(cfg.getUpdateShardHandlerConfig());
@@ -743,11 +741,9 @@ public class CoreContainer implements Closeable {
hostName = cfg.getNodeName();
if (isZooKeeperAware()) {
- if (!Boolean.getBoolean("solr.disablePublicKeyHandler")) {
- pkiAuthenticationPlugin = new PKIAuthenticationPlugin(this, zkSys.getZkController().getNodeName(), (PublicKeyHandler) containerHandlers.get(PublicKeyHandler.PATH));
- // use deprecated API for back-compat, remove in 9.0
- pkiAuthenticationPlugin.initializeMetrics(solrMetricsContext, "/authentication/pki");
- }
+ pkiAuthenticationPlugin = new PKIAuthenticationPlugin(this, zkSys.getZkController().getNodeName(), (PublicKeyHandler) containerHandlers.get(PublicKeyHandler.PATH));
+ // use deprecated API for back-compat, remove in 9.0
+ pkiAuthenticationPlugin.initializeMetrics(solrMetricsContext, "/authentication/pki");
TracerConfigurator.loadTracer(loader, cfg.getTracerConfiguratorPluginInfo(), getZkController().getZkStateReader());
packageLoader = new PackageLoader(this);
containerHandlers.getApiBag().registerObject(packageLoader.getPackageAPI().editAPI);
diff --git a/solr/core/src/java/org/apache/solr/security/PublicKeyHandler.java b/solr/core/src/java/org/apache/solr/security/PublicKeyHandler.java
index 208fe6c..4f2ae04 100644
--- a/solr/core/src/java/org/apache/solr/security/PublicKeyHandler.java
+++ b/solr/core/src/java/org/apache/solr/security/PublicKeyHandler.java
@@ -32,11 +32,13 @@ import java.security.spec.InvalidKeySpecException;
public class PublicKeyHandler extends RequestHandlerBase {
public static final String PATH = "/admin/info/key";
+ //This is an optimization for tests only
+ public static volatile CryptoKeys.RSAKeyPair REUSABLE_KEYPAIR ;
final CryptoKeys.RSAKeyPair keyPair;
@VisibleForTesting
- public PublicKeyHandler() {
- keyPair = new CryptoKeys.RSAKeyPair();
+ public PublicKeyHandler() throws IOException, InvalidKeySpecException {
+ keyPair = createKeyPair(null);
}
public PublicKeyHandler(CloudConfig config) throws IOException, InvalidKeySpecException {
@@ -44,6 +46,8 @@ public class PublicKeyHandler extends RequestHandlerBase {
}
private CryptoKeys.RSAKeyPair createKeyPair(CloudConfig config) throws IOException, InvalidKeySpecException {
+ CryptoKeys.RSAKeyPair reused = REUSABLE_KEYPAIR;
+ if(reused != null) return reused;
if (config == null) {
return new CryptoKeys.RSAKeyPair();
}
diff --git a/solr/core/src/test/org/apache/solr/cloud/TestCryptoKeys.java b/solr/core/src/test/org/apache/solr/cloud/TestCryptoKeys.java
index 56d5ae3..48c82ee 100644
--- a/solr/core/src/test/org/apache/solr/cloud/TestCryptoKeys.java
+++ b/solr/core/src/test/org/apache/solr/cloud/TestCryptoKeys.java
@@ -23,7 +23,6 @@ import java.util.Arrays;
import java.util.Map;
import org.apache.solr.client.solrj.impl.Http2SolrClient;
-import org.apache.solr.client.solrj.impl.HttpSolrClient;
import org.apache.solr.common.LinkedHashMapWriter;
import org.apache.solr.common.cloud.SolrZkClient;
import org.apache.solr.common.util.Utils;
@@ -51,13 +50,13 @@ public class TestCryptoKeys extends AbstractFullDistribZkTestBase {
@BeforeClass
public static void setupCluster() throws Exception {
- System.setProperty("solr.disablePublicKeyHandler", "false");
+ disableReuseOfCryptoKeys();
}
@Test
public void test() throws Exception {
System.setProperty("enable.runtime.lib", "true");
- System.setProperty("solr.disablePublicKeyHandler", "true");
+ disableReuseOfCryptoKeys();
setupRestTestHarnesses();
String pk1sig = "G8LEW7uJ1is81Aqqfl3Sld3qDtOxPuVFeTLJHFJWecgDvUkmJNFXmf7nkHOVlXnDWahp1vqZf0W02VHXg37lBw==";
String pk2sig = "pCyBQycB/0YvLVZfKLDIIqG1tFwM/awqzkp2QNpO7R3ThTqmmrj11wEJFDRLkY79efuFuQPHt40EE7jrOKoj9jLNELsfEqvU3jw9sZKiDONY+rV9Bj9QPeW8Pgt+F9Y1";
diff --git a/solr/core/src/test/org/apache/solr/cloud/TestSolrCloudWithDelegationTokens.java b/solr/core/src/test/org/apache/solr/cloud/TestSolrCloudWithDelegationTokens.java
index ee089a6..d5d90c9 100644
--- a/solr/core/src/test/org/apache/solr/cloud/TestSolrCloudWithDelegationTokens.java
+++ b/solr/core/src/test/org/apache/solr/cloud/TestSolrCloudWithDelegationTokens.java
@@ -68,7 +68,7 @@ public class TestSolrCloudWithDelegationTokens extends SolrTestCaseJ4 {
@BeforeClass
public static void startup() throws Exception {
- System.setProperty("solr.disablePublicKeyHandler", "false");
+ disableReuseOfCryptoKeys();
System.setProperty("authenticationPlugin", HttpParamDelegationTokenPlugin.class.getName());
System.setProperty(KerberosPlugin.DELEGATION_TOKEN_ENABLED, "true");
System.setProperty("solr.kerberos.cookie.domain", "127.0.0.1");
diff --git a/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java b/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
index 5d29c8d..1ee653a 100644
--- a/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
+++ b/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
@@ -27,7 +27,6 @@ import java.util.Collections;
import java.util.Map;
import java.util.Random;
import java.util.Set;
-import java.util.concurrent.TimeUnit;
import com.codahale.metrics.MetricRegistry;
import org.apache.commons.io.IOUtils;
@@ -43,7 +42,6 @@ import org.apache.solr.client.solrj.embedded.JettySolrRunner;
import org.apache.solr.client.solrj.impl.BaseHttpSolrClient;
import org.apache.solr.client.solrj.impl.Http2SolrClient;
import org.apache.solr.client.solrj.impl.HttpClientUtil;
-import org.apache.solr.client.solrj.impl.HttpSolrClient;
import org.apache.solr.client.solrj.request.CollectionAdminRequest;
import org.apache.solr.client.solrj.request.GenericSolrRequest;
import org.apache.solr.client.solrj.request.QueryRequest;
@@ -83,7 +81,7 @@ public class BasicAuthIntegrationTest extends SolrCloudAuthTestCase {
@Before
public void setupCluster() throws Exception {
- System.setProperty("solr.disablePublicKeyHandler", "false");
+ disableReuseOfCryptoKeys();
System.setProperty("solr.disableDefaultJmxReporter", "false");
useFactory(null);
configureCluster(3)
diff --git a/solr/core/src/test/org/apache/solr/security/JWTAuthPluginIntegrationTest.java b/solr/core/src/test/org/apache/solr/security/JWTAuthPluginIntegrationTest.java
index d6a5e86..39140d1 100644
--- a/solr/core/src/test/org/apache/solr/security/JWTAuthPluginIntegrationTest.java
+++ b/solr/core/src/test/org/apache/solr/security/JWTAuthPluginIntegrationTest.java
@@ -82,7 +82,7 @@ public class JWTAuthPluginIntegrationTest extends SolrCloudAuthTestCase {
@BeforeClass
public static void beforeClass() throws Exception {
- System.setProperty("solr.disablePublicKeyHandler", "false");
+ disableReuseOfCryptoKeys();
}
@Override
diff --git a/solr/core/src/test/org/apache/solr/security/JWTAuthPluginTest.java b/solr/core/src/test/org/apache/solr/security/JWTAuthPluginTest.java
index 73cd320..904fc25 100644
--- a/solr/core/src/test/org/apache/solr/security/JWTAuthPluginTest.java
+++ b/solr/core/src/test/org/apache/solr/security/JWTAuthPluginTest.java
@@ -82,7 +82,7 @@ public class JWTAuthPluginTest extends SolrTestCaseJ4 {
@BeforeClass
public static void beforeAll() throws Exception {
- System.setProperty("solr.disablePublicKeyHandler", "false");
+ disableReuseOfCryptoKeys();
JwtClaims claims = generateClaims();
JsonWebSignature jws = new JsonWebSignature();
jws.setPayload(claims.toJson());
diff --git a/solr/core/src/test/org/apache/solr/security/PKIAuthenticationIntegrationTest.java b/solr/core/src/test/org/apache/solr/security/PKIAuthenticationIntegrationTest.java
index 03163a6..c7dff75 100644
--- a/solr/core/src/test/org/apache/solr/security/PKIAuthenticationIntegrationTest.java
+++ b/solr/core/src/test/org/apache/solr/security/PKIAuthenticationIntegrationTest.java
@@ -47,7 +47,7 @@ public class PKIAuthenticationIntegrationTest extends SolrCloudAuthTestCase {
@BeforeClass
public static void setupCluster() throws Exception {
- System.setProperty("solr.disablePublicKeyHandler", "false");
+ disableReuseOfCryptoKeys();
final String SECURITY_CONF = Utils.toJSONString
(makeMap("authorization", singletonMap("class", MockAuthorizationPlugin.class.getName()),
"authentication", singletonMap("class", MockAuthenticationPlugin.class.getName())));
diff --git a/solr/core/src/test/org/apache/solr/security/TestAuthorizationFramework.java b/solr/core/src/test/org/apache/solr/security/TestAuthorizationFramework.java
index 8fb18f0..2b9fb7d 100644
--- a/solr/core/src/test/org/apache/solr/security/TestAuthorizationFramework.java
+++ b/solr/core/src/test/org/apache/solr/security/TestAuthorizationFramework.java
@@ -21,14 +21,12 @@ import java.nio.charset.StandardCharsets;
import java.util.List;
import java.util.Map;
import java.util.Objects;
-import java.util.concurrent.TimeUnit;
import java.util.function.Predicate;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.util.EntityUtils;
import org.apache.lucene.util.LuceneTestCase;
-import org.apache.solr.client.solrj.impl.Http2SolrClient;
import org.apache.solr.client.solrj.impl.HttpClientUtil;
import org.apache.solr.cloud.AbstractFullDistribZkTestBase;
import org.apache.solr.common.cloud.ZkStateReader;
@@ -49,7 +47,7 @@ public class TestAuthorizationFramework extends AbstractFullDistribZkTestBase {
@BeforeClass
public static void beforeTestAuthorizationFramework() throws Exception {
- System.setProperty("solr.disablePublicKeyHandler", "false");
+ disableReuseOfCryptoKeys();
}
static final int TIMEOUT = 10000;
diff --git a/solr/core/src/test/org/apache/solr/security/TestPKIAuthenticationPlugin.java b/solr/core/src/test/org/apache/solr/security/TestPKIAuthenticationPlugin.java
index fefacba..79ff8fa 100644
--- a/solr/core/src/test/org/apache/solr/security/TestPKIAuthenticationPlugin.java
+++ b/solr/core/src/test/org/apache/solr/security/TestPKIAuthenticationPlugin.java
@@ -19,8 +19,10 @@ package org.apache.solr.security;
import javax.servlet.FilterChain;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
+import java.io.IOException;
import java.security.Principal;
import java.security.PublicKey;
+import java.security.spec.InvalidKeySpecException;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicReference;
@@ -49,7 +51,7 @@ public class TestPKIAuthenticationPlugin extends SolrTestCaseJ4 {
Map<String, PublicKey> remoteKeys = new ConcurrentHashMap<>();
- public MockPKIAuthenticationPlugin(CoreContainer cores, String node) {
+ public MockPKIAuthenticationPlugin(CoreContainer cores, String node) throws IOException, InvalidKeySpecException {
super(cores, node, new PublicKeyHandler());
}
diff --git a/solr/core/src/test/org/apache/solr/security/hadoop/TestDelegationWithHadoopAuth.java b/solr/core/src/test/org/apache/solr/security/hadoop/TestDelegationWithHadoopAuth.java
index 7242a0c..3cb4c27 100644
--- a/solr/core/src/test/org/apache/solr/security/hadoop/TestDelegationWithHadoopAuth.java
+++ b/solr/core/src/test/org/apache/solr/security/hadoop/TestDelegationWithHadoopAuth.java
@@ -21,12 +21,9 @@ import java.util.HashSet;
import java.util.Optional;
import java.util.Set;
-import com.carrotsearch.randomizedtesting.annotations.ThreadLeakFilters;
import org.apache.hadoop.security.authentication.client.PseudoAuthenticator;
import org.apache.hadoop.util.Time;
import org.apache.http.HttpStatus;
-import org.apache.lucene.util.QuickPatchThreadsFilter;
-import org.apache.solr.SolrIgnoredThreadsFilter;
import org.apache.solr.client.solrj.SolrClient;
import org.apache.solr.client.solrj.SolrRequest;
import org.apache.solr.client.solrj.embedded.JettySolrRunner;
@@ -58,7 +55,7 @@ public class TestDelegationWithHadoopAuth extends SolrCloudTestCase {
@BeforeClass
public static void setupClass() throws Exception {
- System.setProperty("solr.disablePublicKeyHandler", "false");
+ disableReuseOfCryptoKeys();
HdfsTestUtil.checkAssumptions();
configureCluster(NUM_SERVERS)// nodes
diff --git a/solr/core/src/test/org/apache/solr/security/hadoop/TestImpersonationWithHadoopAuth.java b/solr/core/src/test/org/apache/solr/security/hadoop/TestImpersonationWithHadoopAuth.java
index 74af5c4..9318dc5 100644
--- a/solr/core/src/test/org/apache/solr/security/hadoop/TestImpersonationWithHadoopAuth.java
+++ b/solr/core/src/test/org/apache/solr/security/hadoop/TestImpersonationWithHadoopAuth.java
@@ -55,7 +55,7 @@ public class TestImpersonationWithHadoopAuth extends SolrCloudTestCase {
@BeforeClass
public static void setupClass() throws Exception {
System.setProperty("solr.disableDefaultJmxReporter", "false");
- System.setProperty("solr.disablePublicKeyHandler", "false");
+ disableReuseOfCryptoKeys();
HdfsTestUtil.checkAssumptions();
InetAddress loopback = InetAddress.getLoopbackAddress();
diff --git a/solr/core/src/test/org/apache/solr/security/hadoop/TestSolrCloudWithHadoopAuthPlugin.java b/solr/core/src/test/org/apache/solr/security/hadoop/TestSolrCloudWithHadoopAuthPlugin.java
index a7176e1..83273a6 100644
--- a/solr/core/src/test/org/apache/solr/security/hadoop/TestSolrCloudWithHadoopAuthPlugin.java
+++ b/solr/core/src/test/org/apache/solr/security/hadoop/TestSolrCloudWithHadoopAuthPlugin.java
@@ -22,10 +22,8 @@ import java.nio.charset.StandardCharsets;
import org.apache.commons.io.FileUtils;
import org.apache.solr.client.solrj.SolrQuery;
import org.apache.solr.client.solrj.impl.CloudHttp2SolrClient;
-import org.apache.solr.client.solrj.impl.CloudSolrClient;
import org.apache.solr.client.solrj.request.CollectionAdminRequest;
import org.apache.solr.client.solrj.response.QueryResponse;
-import org.apache.solr.cloud.AbstractDistribZkTestBase;
import org.apache.solr.cloud.KerberosTestServices;
import org.apache.solr.cloud.SolrCloudAuthTestCase;
import org.apache.solr.cloud.hdfs.HdfsTestUtil;
@@ -44,7 +42,7 @@ public class TestSolrCloudWithHadoopAuthPlugin extends SolrCloudAuthTestCase {
@BeforeClass
public static void setupClass() throws Exception {
System.setProperty("solr.disableDefaultJmxReporter", "false");
- System.setProperty("solr.disablePublicKeyHandler", "false");
+ disableReuseOfCryptoKeys();
HdfsTestUtil.checkAssumptions();
setupMiniKdc();
diff --git a/solr/test-framework/src/java/org/apache/solr/SolrTestCase.java b/solr/test-framework/src/java/org/apache/solr/SolrTestCase.java
index 8ca5222..fa22c7a 100644
--- a/solr/test-framework/src/java/org/apache/solr/SolrTestCase.java
+++ b/solr/test-framework/src/java/org/apache/solr/SolrTestCase.java
@@ -18,6 +18,7 @@
package org.apache.solr;
import java.io.File;
+import java.io.IOException;
import java.lang.annotation.Documented;
import java.lang.annotation.ElementType;
import java.lang.annotation.Inherited;
@@ -27,6 +28,7 @@ import java.lang.annotation.Target;
import java.lang.invoke.MethodHandles;
import java.net.URL;
import java.nio.file.Path;
+import java.security.spec.InvalidKeySpecException;
import java.util.Iterator;
import java.util.Map;
import java.util.Random;
@@ -52,6 +54,7 @@ import org.apache.solr.common.ParWork;
import org.apache.solr.common.PerThreadExecService;
import org.apache.solr.common.SolrDocument;
import org.apache.solr.common.SolrDocumentList;
+import org.apache.solr.common.StringUtils;
import org.apache.solr.common.TimeTracker;
import org.apache.solr.common.params.ModifiableSolrParams;
import org.apache.solr.common.util.CloseTracker;
@@ -59,7 +62,9 @@ import org.apache.solr.common.util.ExecutorUtil;
import org.apache.solr.common.util.ObjectReleaseTracker;
import org.apache.solr.common.util.SolrQueuedThreadPool;
import org.apache.solr.common.util.SysStats;
+import org.apache.solr.security.PublicKeyHandler;
import org.apache.solr.servlet.SolrDispatchFilter;
+import org.apache.solr.util.CryptoKeys;
import org.apache.solr.util.ExternalPaths;
import org.apache.solr.util.RandomizeSSL;
import org.apache.solr.util.RevertDefaultThreadHandlerRule;
@@ -124,6 +129,33 @@ public class SolrTestCase extends LuceneTestCase {
protected volatile static PerThreadExecService testExecutor;
+ private static final CryptoKeys.RSAKeyPair reusedKeys = getRsaKeyPair();
+
+ private static CryptoKeys.RSAKeyPair getRsaKeyPair() {
+ String publicKey = System.getProperty("pkiHandlerPublicKeyPath");
+ String privateKey = System.getProperty("pkiHandlerPrivateKeyPath");
+ // If both properties unset, then we fall back to generating a new key pair
+ if (StringUtils.isEmpty(publicKey) && StringUtils.isEmpty(privateKey)) {
+ return new CryptoKeys.RSAKeyPair();
+ }
+
+ try {
+ return new CryptoKeys.RSAKeyPair(new URL(privateKey), new URL(publicKey));
+ } catch (Exception e) {
+ log.error("Error in pblic key/private key URLs", e);
+ }
+ return new CryptoKeys.RSAKeyPair();
+ }
+
+ public static void enableReuseOfCryptoKeys() {
+ PublicKeyHandler.REUSABLE_KEYPAIR = reusedKeys;
+ }
+
+ public static void disableReuseOfCryptoKeys() {
+ PublicKeyHandler.REUSABLE_KEYPAIR = null;
+ }
+
+
@Rule
public TestRule solrTestRules =
RuleChain.outerRule(new SystemPropertiesRestoreRule()).around(new SolrTestWatcher());
@@ -225,7 +257,7 @@ public class SolrTestCase extends LuceneTestCase {
System.setProperty("solr.clustering.enabled", "false");
System.setProperty("solr.peerSync.useRangeVersions", String.valueOf(random().nextBoolean()));
System.setProperty("zookeeper.nio.directBufferBytes", Integer.toString(32 * 1024 * 2));
- System.setProperty("solr.disablePublicKeyHandler", "true");
+ enableReuseOfCryptoKeys();
if (!TEST_NIGHTLY) {
//TestInjection.randomDelayMaxInCoreCreationInSec = 2;
@@ -279,7 +311,6 @@ public class SolrTestCase extends LuceneTestCase {
System.setProperty("solr.http2solrclient.maxpool.size", "16");
System.setProperty("solr.http2solrclient.pool.keepalive", "1500");
- System.setProperty("solr.disablePublicKeyHandler", "false");
System.setProperty("solr.dependentupdate.timeout", "1500");
// System.setProperty("lucene.cms.override_core_count", "3");
diff --git a/solr/test-framework/src/java/org/apache/solr/cloud/SolrCloudAuthTestCase.java b/solr/test-framework/src/java/org/apache/solr/cloud/SolrCloudAuthTestCase.java
index 8d4016e..8cff388 100644
--- a/solr/test-framework/src/java/org/apache/solr/cloud/SolrCloudAuthTestCase.java
+++ b/solr/test-framework/src/java/org/apache/solr/cloud/SolrCloudAuthTestCase.java
@@ -40,11 +40,12 @@ import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.message.AbstractHttpMessage;
import org.apache.http.message.BasicHeader;
-import org.apache.http.util.EntityUtils;
import org.apache.solr.client.solrj.embedded.JettySolrRunner;
import org.apache.solr.common.util.Base64;
import org.apache.solr.common.util.StrUtils;
import org.apache.solr.common.util.Utils;
+import org.apache.solr.security.PublicKeyHandler;
+import org.apache.solr.util.CryptoKeys;
import org.apache.solr.util.TimeOut;
import org.jose4j.jws.JsonWebSignature;
import org.jose4j.lang.JoseException;
@@ -74,7 +75,7 @@ public class SolrCloudAuthTestCase extends SolrCloudTestCase {
@BeforeClass
public static void beforeSolrCloudAuthTestCase() {
- System.setProperty("solr.disablePublicKeyHandler", "false");
+ enableReuseOfCryptoKeys();
}
/**
* Used to check metric counts for PKI auth