You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by ds...@apache.org on 2015/10/16 02:29:49 UTC
[4/4] incubator-geode git commit: added unit test to verify client
auth config is working
added unit test to verify client auth config is working
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/b023af4c
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/b023af4c
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/b023af4c
Branch: refs/heads/feature/GEODE-397
Commit: b023af4c953bde51222af0924307d0216950a88a
Parents: 8c1c911
Author: Darrel Schneider <ds...@pivotal.io>
Authored: Thu Oct 15 17:29:01 2015 -0700
Committer: Darrel Schneider <ds...@pivotal.io>
Committed: Thu Oct 15 17:29:01 2015 -0700
----------------------------------------------------------------------
.../internal/SSLNoClientAuthDUnitTest.java | 271 +++++++++++++++++++
.../cache/client/internal/default.keystore | Bin 0 -> 1115 bytes
2 files changed, 271 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/b023af4c/gemfire-core/src/test/java/com/gemstone/gemfire/cache/client/internal/SSLNoClientAuthDUnitTest.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/com/gemstone/gemfire/cache/client/internal/SSLNoClientAuthDUnitTest.java b/gemfire-core/src/test/java/com/gemstone/gemfire/cache/client/internal/SSLNoClientAuthDUnitTest.java
new file mode 100644
index 0000000..390c285
--- /dev/null
+++ b/gemfire-core/src/test/java/com/gemstone/gemfire/cache/client/internal/SSLNoClientAuthDUnitTest.java
@@ -0,0 +1,271 @@
+/*=========================================================================
+ * Copyright (c) 2010-2014 Pivotal Software, Inc. All Rights Reserved.
+ * This product is protected by U.S. and international copyright
+ * and intellectual property laws. Pivotal products are covered by
+ * one or more patents listed at http://www.pivotal.io/patents.
+ *=========================================================================
+ */
+package com.gemstone.gemfire.cache.client.internal;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.util.Properties;
+import com.gemstone.gemfire.cache.Cache;
+import com.gemstone.gemfire.cache.CacheFactory;
+import com.gemstone.gemfire.cache.Region;
+import com.gemstone.gemfire.cache.RegionFactory;
+import com.gemstone.gemfire.cache.RegionShortcut;
+import com.gemstone.gemfire.cache.client.ClientCache;
+import com.gemstone.gemfire.cache.client.ClientCacheFactory;
+import com.gemstone.gemfire.cache.client.ClientRegionFactory;
+import com.gemstone.gemfire.cache.client.ClientRegionShortcut;
+import com.gemstone.gemfire.cache.server.CacheServer;
+import com.gemstone.gemfire.distributed.internal.DistributionConfig;
+import com.gemstone.gemfire.internal.AvailablePortHelper;
+import com.gemstone.gemfire.security.AuthenticationRequiredException;
+import com.gemstone.gemfire.util.test.TestUtil;
+
+import dunit.DistributedTestCase;
+import dunit.Host;
+import dunit.VM;
+
+/**
+ * Test for GEODE-396
+ */
+public class SSLNoClientAuthDUnitTest extends DistributedTestCase {
+
+ private static final long serialVersionUID = 1L;
+ private Cache cache;
+ private CacheServer cacheServer;
+ private ClientCache clientCache;
+ private int cacheServerPort;
+ private String hostName;
+
+ private static final String DEFAULT_STORE = "default.keystore";
+
+ private static SSLNoClientAuthDUnitTest instance = new SSLNoClientAuthDUnitTest("SSLNoClientAuthDUnitTest");
+
+
+ public void setUp() throws Exception {
+ disconnectAllFromDS();
+ super.setUp();
+ }
+
+ public SSLNoClientAuthDUnitTest(String name) {
+ super(name);
+ }
+
+ public Cache createCache(Properties props) throws Exception
+ {
+ props.setProperty("mcast-port", "0");
+ props.setProperty("locators", "");
+ cache = new CacheFactory(props).create();
+ if (cache == null) {
+ throw new Exception("CacheFactory.create() returned null ");
+ }
+ return cache;
+ }
+
+ private void createServer() throws IOException{
+ cacheServerPort = AvailablePortHelper.getRandomAvailableTCPPort();
+ cacheServer = cache.addCacheServer();
+ cacheServer.setPort(cacheServerPort);
+ cacheServer.start();
+ hostName = cacheServer.getHostnameForClients();
+ }
+
+ public int getCacheServerPort(){
+ return cacheServerPort;
+ }
+
+ public String getCacheServerHost(){
+ return hostName;
+ }
+
+ public void stopCacheServer(){
+ this.cacheServer.stop();
+ }
+
+
+ @SuppressWarnings("rawtypes")
+ public void setUpServerVM(boolean cacheServerSslenabled) throws Exception {
+ Properties gemFireProps = new Properties();
+
+ String cacheServerSslprotocols = "any";
+ String cacheServerSslciphers = "any";
+ boolean cacheServerSslRequireAuth = false;
+ gemFireProps.put(DistributionConfig.SERVER_SSL_ENABLED_NAME,
+ String.valueOf(cacheServerSslenabled));
+ gemFireProps.put(DistributionConfig.SERVER_SSL_PROTOCOLS_NAME,
+ cacheServerSslprotocols);
+ gemFireProps.put(DistributionConfig.SERVER_SSL_CIPHERS_NAME,
+ cacheServerSslciphers);
+ gemFireProps.put(
+ DistributionConfig.SERVER_SSL_REQUIRE_AUTHENTICATION_NAME,
+ String.valueOf(cacheServerSslRequireAuth));
+
+ String keyStore = TestUtil.getResourcePath(SSLNoClientAuthDUnitTest.class, DEFAULT_STORE);
+ String trustStore = TestUtil.getResourcePath(SSLNoClientAuthDUnitTest.class, DEFAULT_STORE);
+ gemFireProps.put(DistributionConfig.SERVER_SSL_KEYSTORE_TYPE_NAME, "jks");
+ gemFireProps.put(DistributionConfig.SERVER_SSL_KEYSTORE_NAME, keyStore);
+ gemFireProps.put(DistributionConfig.SERVER_SSL_KEYSTORE_PASSWORD_NAME, "password");
+ gemFireProps.put(DistributionConfig.SERVER_SSL_TRUSTSTORE_NAME, trustStore);
+ gemFireProps.put(DistributionConfig.SERVER_SSL_TRUSTSTORE_PASSWORD_NAME, "password");
+
+ StringWriter sw = new StringWriter();
+ PrintWriter writer = new PrintWriter(sw);
+ gemFireProps.list(writer);
+ System.out.println("Starting cacheserver ds with following properties \n" + sw);
+ createCache(gemFireProps);
+
+ RegionFactory factory = cache.createRegionFactory(RegionShortcut.REPLICATE);
+ Region r = factory.create("serverRegion");
+ r.put("serverkey", "servervalue");
+ }
+
+ public void setUpClientVM(String host, int port,
+ boolean cacheServerSslenabled, boolean cacheServerSslRequireAuth,
+ String keyStore, String trustStore) {
+
+ Properties gemFireProps = new Properties();
+
+ String cacheServerSslprotocols = "any";
+ String cacheServerSslciphers = "any";
+
+ String keyStorePath = TestUtil.getResourcePath(SSLNoClientAuthDUnitTest.class, keyStore);
+ String trustStorePath = TestUtil.getResourcePath(SSLNoClientAuthDUnitTest.class, trustStore);
+ //using new server-ssl-* properties
+ gemFireProps.put(DistributionConfig.SERVER_SSL_ENABLED_NAME,
+ String.valueOf(cacheServerSslenabled));
+ gemFireProps.put(DistributionConfig.SERVER_SSL_PROTOCOLS_NAME,
+ cacheServerSslprotocols);
+ gemFireProps.put(DistributionConfig.SERVER_SSL_CIPHERS_NAME,
+ cacheServerSslciphers);
+ gemFireProps.put(
+ DistributionConfig.SERVER_SSL_REQUIRE_AUTHENTICATION_NAME,
+ String.valueOf(cacheServerSslRequireAuth));
+
+ gemFireProps.put(DistributionConfig.SERVER_SSL_KEYSTORE_TYPE_NAME, "jks");
+ gemFireProps.put(DistributionConfig.SERVER_SSL_KEYSTORE_NAME, keyStorePath);
+ gemFireProps.put(DistributionConfig.SERVER_SSL_KEYSTORE_PASSWORD_NAME, "password");
+ gemFireProps.put(DistributionConfig.SERVER_SSL_TRUSTSTORE_NAME, trustStorePath);
+ gemFireProps.put(DistributionConfig.SERVER_SSL_TRUSTSTORE_PASSWORD_NAME, "password");
+
+ StringWriter sw = new StringWriter();
+ PrintWriter writer = new PrintWriter(sw);
+ gemFireProps.list(writer);
+ System.out.println("Starting client ds with following properties \n" + sw.getBuffer());
+
+ ClientCacheFactory clientCacheFactory = new ClientCacheFactory(gemFireProps);
+ clientCacheFactory.addPoolServer(host, port);
+ clientCache = clientCacheFactory.create();
+
+ ClientRegionFactory<String,String> regionFactory = clientCache.createClientRegionFactory(ClientRegionShortcut.PROXY);
+ Region<String, String> region = regionFactory.create("serverRegion");
+ assertNotNull(region);
+ }
+
+ public void doClientRegionTest(){
+ Region<String, String> region = clientCache.getRegion("serverRegion");
+ assertEquals("servervalue",region.get("serverkey"));
+ region.put("clientkey", "clientvalue");
+ assertEquals("clientvalue",region.get("clientkey"));
+ }
+
+ public void doServerRegionTest(){
+ Region<String, String> region = cache.getRegion("serverRegion");
+ assertEquals("servervalue",region.get("serverkey"));
+ assertEquals("clientvalue",region.get("clientkey"));
+ }
+
+
+ public static void setUpServerVMTask(boolean cacheServerSslenabled) throws Exception{
+ instance.setUpServerVM(cacheServerSslenabled);
+ }
+
+ public static void createServerTask() throws Exception {
+ instance.createServer();
+ }
+
+ public static void setUpClientVMTask(String host, int port,
+ boolean cacheServerSslenabled, boolean cacheServerSslRequireAuth, String keyStore, String trustStore)
+ throws Exception {
+ instance.setUpClientVM(host, port, cacheServerSslenabled, cacheServerSslRequireAuth, keyStore, trustStore);
+ }
+
+ public static void doClientRegionTestTask() {
+ instance.doClientRegionTest();
+ }
+
+ public static void doServerRegionTestTask() {
+ instance.doServerRegionTest();
+ }
+
+ public static Object[] getCacheServerEndPointTask() {
+ Object[] array = new Object[2];
+ array[0] = instance.getCacheServerHost();
+ array[1] = instance.getCacheServerPort();
+ return array;
+ }
+
+ public static void closeCacheTask(){
+ if (instance != null && instance.cache != null) {
+ instance.cache.close();
+ }
+ }
+
+ public static void closeClientCacheTask(){
+ if (instance != null && instance.clientCache != null) {
+ instance.clientCache.close();
+ }
+ }
+
+ /**
+ * Test for GEODE-396
+ */
+ public void testSSLServerWithNoAuth() throws Exception {
+ final Host host = Host.getHost(0);
+ VM serverVM = host.getVM(1);
+ VM clientVM = host.getVM(2);
+
+ boolean cacheServerSslenabled = true;
+ boolean cacheClientSslenabled = true;
+ boolean cacheClientSslRequireAuth = true;
+
+ serverVM.invoke(SSLNoClientAuthDUnitTest.class, "setUpServerVMTask", new Object[]{cacheServerSslenabled});
+ serverVM.invoke(SSLNoClientAuthDUnitTest.class, "createServerTask");
+
+ Object array[] = (Object[])serverVM.invoke(SSLNoClientAuthDUnitTest.class, "getCacheServerEndPointTask");
+ String hostName = (String)array[0];
+ int port = (Integer) array[1];
+ Object params[] = new Object[6];
+ params[0] = hostName;
+ params[1] = port;
+ params[2] = cacheClientSslenabled;
+ params[3] = cacheClientSslRequireAuth;
+ params[4] = DEFAULT_STORE;
+ params[5] = DEFAULT_STORE;
+ //getLogWriter().info("Starting client with server endpoint " + hostName + ":" + port);
+ try {
+ clientVM.invoke(SSLNoClientAuthDUnitTest.class, "setUpClientVMTask", params);
+ clientVM.invoke(SSLNoClientAuthDUnitTest.class, "doClientRegionTestTask");
+ serverVM.invoke(SSLNoClientAuthDUnitTest.class, "doServerRegionTestTask");
+ } catch (Exception rmiException) {
+ Throwable e = rmiException.getCause();
+ //getLogWriter().info("ExceptionCause at clientVM " + e);
+ fail("Unexpected Exception " + e);
+ }
+ }
+
+ public void tearDown2() throws Exception
+ {
+ final Host host = Host.getHost(0);
+ VM serverVM = host.getVM(1);
+ VM clientVM = host.getVM(2);
+ clientVM.invoke(SSLNoClientAuthDUnitTest.class, "closeClientCacheTask");
+ serverVM.invoke(SSLNoClientAuthDUnitTest.class, "closeCacheTask");
+ super.tearDown2();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/b023af4c/gemfire-core/src/test/resources/com/gemstone/gemfire/cache/client/internal/default.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/com/gemstone/gemfire/cache/client/internal/default.keystore b/gemfire-core/src/test/resources/com/gemstone/gemfire/cache/client/internal/default.keystore
new file mode 100644
index 0000000..9dbc135
Binary files /dev/null and b/gemfire-core/src/test/resources/com/gemstone/gemfire/cache/client/internal/default.keystore differ