You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by kr...@apache.org on 2019/02/19 20:43:20 UTC
[knox] branch master updated (dac2f2e -> 9cdf531)
This is an automated email from the ASF dual-hosted git repository.
krisden pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git.
from dac2f2e KNOX-1162 - Logging stacktrace for FATAL messages and displaying a meaningful error message in case of missing/non-parsable JAAS configuration (#55)
new 6aa1759 KNOX-1786 - Use mocking to simplify DefaultRemoteConfigurationMonitorTest
new 9cdf531 KNOX-1787 - Create PasswordUtils class in gateway-util-common
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../security/impl/DefaultAliasService.java | 19 +-
.../services/security/impl/RemoteAliasService.java | 3 +-
.../DefaultRemoteConfigurationMonitorTest.java | 492 +--------------------
.../apache/knox/gateway/util/PasswordUtils.java | 48 ++
.../knox/gateway/util/PasswordUtilsTest.java | 18 +-
5 files changed, 71 insertions(+), 509 deletions(-)
create mode 100644 gateway-util-common/src/main/java/org/apache/knox/gateway/util/PasswordUtils.java
copy gateway-service-health/src/test/java/org/apache/knox/gateway/service/health/PingResourceTest.java => gateway-util-common/src/test/java/org/apache/knox/gateway/util/PasswordUtilsTest.java (71%)
[knox] 01/02: KNOX-1786 - Use mocking to simplify
DefaultRemoteConfigurationMonitorTest
Posted by kr...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
krisden pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git
commit 6aa1759d108250ffd93ba809e7106705c081e8a2
Author: Kevin Risden <kr...@apache.org>
AuthorDate: Tue Feb 19 15:08:10 2019 -0500
KNOX-1786 - Use mocking to simplify DefaultRemoteConfigurationMonitorTest
Signed-off-by: Kevin Risden <kr...@apache.org>
---
.../DefaultRemoteConfigurationMonitorTest.java | 492 +--------------------
1 file changed, 8 insertions(+), 484 deletions(-)
diff --git a/gateway-server/src/test/java/org/apache/knox/gateway/topology/monitor/DefaultRemoteConfigurationMonitorTest.java b/gateway-server/src/test/java/org/apache/knox/gateway/topology/monitor/DefaultRemoteConfigurationMonitorTest.java
index 03e0f12..0d48828 100644
--- a/gateway-server/src/test/java/org/apache/knox/gateway/topology/monitor/DefaultRemoteConfigurationMonitorTest.java
+++ b/gateway-server/src/test/java/org/apache/knox/gateway/topology/monitor/DefaultRemoteConfigurationMonitorTest.java
@@ -17,497 +17,21 @@
package org.apache.knox.gateway.topology.monitor;
import org.apache.knox.gateway.config.GatewayConfig;
-import org.apache.knox.gateway.services.ServiceLifecycleException;
-import org.apache.knox.gateway.services.config.client.RemoteConfigurationRegistryClient;
import org.apache.knox.gateway.services.config.client.RemoteConfigurationRegistryClientService;
-import org.apache.knox.gateway.services.security.AliasService;
+import org.easymock.EasyMock;
import org.junit.Test;
-import java.net.InetSocketAddress;
-import java.net.UnknownHostException;
-import java.util.List;
-import java.util.Map;
-
-
public class DefaultRemoteConfigurationMonitorTest {
-
@Test(expected=IllegalStateException.class)
public void testInitWithoutRequiredConfig() {
- GatewayConfig testConfig = new TestGatewayConfig();
- new DefaultRemoteConfigurationMonitor(testConfig, new TestRemoteConfigurationRegistryClientService());
- }
-
- private static class TestGatewayConfig implements GatewayConfig {
- @Override
- public String getGatewayConfDir() {
- return null;
- }
-
- @Override
- public String getGatewayDataDir() {
- return null;
- }
-
- @Override
- public String getGatewayServicesDir() {
- return null;
- }
-
- @Override
- public String getGatewayApplicationsDir() {
- return null;
- }
-
- @Override
- public String getHadoopConfDir() {
- return null;
- }
-
- @Override
- public String getGatewayHost() {
- return null;
- }
-
- @Override
- public int getGatewayPort() {
- return 0;
- }
-
- @Override
- public String getGatewayPath() {
- return null;
- }
-
- @Override
- public String getGatewayProvidersConfigDir() {
- return "./shared-providers";
- }
-
- @Override
- public String getGatewayDescriptorsDir() {
- return "./descriptors";
- }
-
- @Override
- public String getGatewayTopologyDir() {
- return null;
- }
-
- @Override
- public String getGatewaySecurityDir() {
- return null;
- }
-
- @Override
- public String getGatewayDeploymentDir() {
- return null;
- }
-
- @Override
- public InetSocketAddress getGatewayAddress() throws UnknownHostException {
- return null;
- }
-
- @Override
- public boolean isSSLEnabled() {
- return false;
- }
-
- @Override
- public List<String> getExcludedSSLProtocols() {
- return null;
- }
-
- @Override
- public List<String> getIncludedSSLCiphers() {
- return null;
- }
-
- @Override
- public List<String> getExcludedSSLCiphers() {
- return null;
- }
-
- @Override
- public boolean isHadoopKerberosSecured() {
- return false;
- }
-
- @Override
- public String getKerberosConfig() {
- return null;
- }
-
- @Override
- public boolean isKerberosDebugEnabled() {
- return false;
- }
-
- @Override
- public String getKerberosLoginConfig() {
- return null;
- }
-
- @Override
- public String getDefaultTopologyName() {
- return null;
- }
-
- @Override
- public String getDefaultAppRedirectPath() {
- return null;
- }
-
- @Override
- public String getFrontendUrl() {
- return null;
- }
-
- @Override
- public boolean isClientAuthNeeded() {
- return false;
- }
-
- @Override
- public boolean isClientAuthWanted() {
- return false;
- }
-
- @Override
- public String getTruststorePath() {
- return null;
- }
-
- @Override
- public boolean getTrustAllCerts() {
- return false;
- }
-
- @Override
- public String getKeystoreType() {
- return null;
- }
-
- @Override
- public String getTruststoreType() {
- return null;
- }
-
- @Override
- public boolean isXForwardedEnabled() {
- return false;
- }
-
- @Override
- public String getEphemeralDHKeySize() {
- return null;
- }
-
- @Override
- public int getHttpClientMaxConnections() {
- return 0;
- }
-
- @Override
- public int getHttpClientConnectionTimeout() {
- return 0;
- }
-
- @Override
- public int getHttpClientSocketTimeout() {
- return 0;
- }
-
- @Override
- public int getThreadPoolMax() {
- return 0;
- }
-
- @Override
- public int getHttpServerRequestBuffer() {
- return 0;
- }
-
- @Override
- public int getHttpServerRequestHeaderBuffer() {
- return 0;
- }
-
- @Override
- public int getHttpServerResponseBuffer() {
- return 0;
- }
-
- @Override
- public int getHttpServerResponseHeaderBuffer() {
- return 0;
- }
-
- @Override
- public int getGatewayDeploymentsBackupVersionLimit() {
- return 0;
- }
-
- @Override
- public long getGatewayDeploymentsBackupAgeLimit() {
- return 0;
- }
-
- @Override
- public long getGatewayIdleTimeout() {
- return 0;
- }
-
- @Override
- public String getSigningKeystoreName() {
- return null;
- }
-
- @Override
- public String getSigningKeyAlias() {
- return null;
- }
-
- @Override
- public List<String> getGlobalRulesServices() {
- return null;
- }
-
- @Override
- public boolean isWebsocketEnabled() {
- return false;
- }
-
- @Override
- public int getWebsocketMaxTextMessageSize() {
- return 0;
- }
-
- @Override
- public int getWebsocketMaxBinaryMessageSize() {
- return 0;
- }
-
- @Override
- public int getWebsocketMaxTextMessageBufferSize() {
- return 0;
- }
-
- @Override
- public int getWebsocketMaxBinaryMessageBufferSize() {
- return 0;
- }
-
- @Override
- public int getWebsocketInputBufferSize() {
- return 0;
- }
-
- @Override
- public int getWebsocketAsyncWriteTimeout() {
- return 0;
- }
-
- @Override
- public int getWebsocketIdleTimeout() {
- return 0;
- }
-
- @Override
- public boolean isMetricsEnabled() {
- return false;
- }
-
- @Override
- public boolean isJmxMetricsReportingEnabled() {
- return false;
- }
-
- @Override
- public boolean isGraphiteMetricsReportingEnabled() {
- return false;
- }
-
- @Override
- public String getGraphiteHost() {
- return null;
- }
-
- @Override
- public int getGraphitePort() {
- return 0;
- }
-
- @Override
- public int getGraphiteReportingFrequency() {
- return 0;
- }
-
- @Override
- public boolean isCookieScopingToPathEnabled() {
- return false;
- }
-
- @Override
- public String getHeaderNameForRemoteAddress() {
- return null;
- }
-
- @Override
- public String getAlgorithm() {
- return null;
- }
-
- @Override
- public String getPBEAlgorithm() {
- return null;
- }
-
- @Override
- public String getTransformation() {
- return null;
- }
-
- @Override
- public String getSaltSize() {
- return null;
- }
-
- @Override
- public String getIterationCount() {
- return null;
- }
-
- @Override
- public String getKeyLength() {
- return null;
- }
-
- @Override
- public Map<String, Integer> getGatewayPortMappings() {
- return null;
- }
-
- @Override
- public boolean isGatewayPortMappingEnabled() {
- return false;
- }
-
- @Override
- public boolean isGatewayServerHeaderEnabled() {
- return false;
- }
-
- @Override
- public String getDefaultDiscoveryAddress() {
- return null;
- }
-
- @Override
- public String getDefaultDiscoveryCluster() {
- return null;
- }
-
- @Override
- public int getClusterMonitorPollingInterval(String type) {
- return 0;
- }
-
- @Override
- public boolean isClusterMonitorEnabled(String type) {
- return false;
- }
-
- @Override
- public List<String> getRemoteRegistryConfigurationNames() {
- return null;
- }
-
- @Override
- public String getRemoteRegistryConfiguration(String name) {
- return null;
- }
-
- @Override
- public String getRemoteConfigurationMonitorClientName() {
- return null;
- }
-
- @Override
- public boolean allowUnauthenticatedRemoteRegistryReadAccess() {
- return false;
- }
-
- @Override
- public boolean isRemoteAliasServiceEnabled() {
- return false;
- }
-
- @Override
- public List<String> getReadOnlyOverrideTopologyNames() {
- return null;
- }
-
- @Override
- public String getKnoxAdminGroups() {
- return null;
- }
-
- @Override
- public String getKnoxAdminUsers() {
- return null;
- }
-
- @Override
- public String getFederationHeaderName() {
- return null;
- }
-
- @Override
- public List<String> getAutoDeployTopologyNames() {
- return null;
- }
-
- @Override
- public String getDispatchWhitelist() {
- return null;
- }
-
- @Override
- public List<String> getDispatchWhitelistServices() {
- return null;
- }
-
- @Override
- public boolean isTopologyValidationEnabled() {
- return false;
- }
- }
-
- private static class TestRemoteConfigurationRegistryClientService implements RemoteConfigurationRegistryClientService {
- @Override
- public void setAliasService(AliasService aliasService) {
-
- }
-
- @Override
- public RemoteConfigurationRegistryClient get(String l) {
- return null;
- }
-
- @Override
- public void init(GatewayConfig config, Map<String, String> options) throws ServiceLifecycleException {
-
- }
-
- @Override
- public void start() throws ServiceLifecycleException {
-
- }
+ GatewayConfig gatewayConfig = EasyMock.createNiceMock(GatewayConfig.class);
+ EasyMock.expect(gatewayConfig.getGatewayProvidersConfigDir()).andReturn("./shared-providers").anyTimes();
+ EasyMock.expect(gatewayConfig.getGatewayDescriptorsDir()).andReturn("./descriptors").anyTimes();
+ EasyMock.replay(gatewayConfig);
- @Override
- public void stop() throws ServiceLifecycleException {
+ RemoteConfigurationRegistryClientService remoteConfigurationRegistryClientService =
+ EasyMock.createNiceMock(RemoteConfigurationRegistryClientService.class);
- }
+ new DefaultRemoteConfigurationMonitor(gatewayConfig, remoteConfigurationRegistryClientService);
}
}
[knox] 02/02: KNOX-1787 - Create PasswordUtils class in
gateway-util-common
Posted by kr...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
krisden pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git
commit 9cdf531fb3d7259e8d16d27bb2ed7cdf1de6e4df
Author: Kevin Risden <kr...@apache.org>
AuthorDate: Tue Feb 19 15:17:35 2019 -0500
KNOX-1787 - Create PasswordUtils class in gateway-util-common
Signed-off-by: Kevin Risden <kr...@apache.org>
---
.../security/impl/DefaultAliasService.java | 19 +--------
.../services/security/impl/RemoteAliasService.java | 3 +-
.../apache/knox/gateway/util/PasswordUtils.java | 48 ++++++++++++++++++++++
.../knox/gateway/util/PasswordUtilsTest.java | 33 +++++++++++++++
4 files changed, 85 insertions(+), 18 deletions(-)
diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultAliasService.java b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultAliasService.java
index 2cafd3f..bddfb88 100644
--- a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultAliasService.java
+++ b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultAliasService.java
@@ -19,7 +19,6 @@ package org.apache.knox.gateway.services.security.impl;
import java.security.KeyStore;
import java.security.KeyStoreException;
-import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
@@ -35,18 +34,13 @@ import org.apache.knox.gateway.services.security.AliasServiceException;
import org.apache.knox.gateway.services.security.KeystoreService;
import org.apache.knox.gateway.services.security.KeystoreServiceException;
import org.apache.knox.gateway.services.security.MasterService;
+import org.apache.knox.gateway.util.PasswordUtils;
public class DefaultAliasService implements AliasService {
private static final GatewayMessages LOG = MessagesFactory.get( GatewayMessages.class );
private static final String GATEWAY_IDENTITY_PASSPHRASE = "gateway-identity-passphrase";
- protected static char[] chars = { 'a', 'b', 'c', 'd', 'e', 'f', 'g',
- 'h', 'j', 'k', 'm', 'n', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w',
- 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'J', 'K',
- 'M', 'N', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
- '2', '3', '4', '5', '6', '7', '8', '9',};
-
private KeystoreService keystoreService;
private MasterService masterService;
@@ -97,15 +91,6 @@ public class DefaultAliasService implements AliasService {
return credential;
}
- protected static String generatePassword(int length) {
- StringBuilder sb = new StringBuilder();
- SecureRandom r = new SecureRandom();
- for (int i = 0; i < length; i++) {
- sb.append(chars[r.nextInt(chars.length)]);
- }
- return sb.toString();
- }
-
public void setKeystoreService(KeystoreService ks) {
this.keystoreService = ks;
}
@@ -124,7 +109,7 @@ public class DefaultAliasService implements AliasService {
LOG.failedToGenerateAliasForCluster(clusterName, e);
throw new AliasServiceException(e);
}
- String passwordString = generatePassword(16);
+ String passwordString = PasswordUtils.generatePassword(16);
addAliasForCluster(clusterName, alias, passwordString);
}
diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/RemoteAliasService.java b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/RemoteAliasService.java
index aca172b..4cd2160 100644
--- a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/RemoteAliasService.java
+++ b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/RemoteAliasService.java
@@ -31,6 +31,7 @@ import org.apache.knox.gateway.services.security.AliasService;
import org.apache.knox.gateway.services.security.AliasServiceException;
import org.apache.knox.gateway.services.security.EncryptionResult;
import org.apache.knox.gateway.services.security.MasterService;
+import org.apache.knox.gateway.util.PasswordUtils;
import org.apache.zookeeper.ZooDefs;
import java.nio.charset.StandardCharsets;
@@ -366,7 +367,7 @@ public class RemoteAliasService implements AliasService {
/* convert all alias names to lower case since JDK expects the same behaviour */
final String alias = givenAlias.toLowerCase(Locale.ROOT);
/* auto-generated password */
- final String passwordString = DefaultAliasService.generatePassword(16);
+ final String passwordString = PasswordUtils.generatePassword(16);
addAliasForCluster(clusterName, alias, passwordString);
}
diff --git a/gateway-util-common/src/main/java/org/apache/knox/gateway/util/PasswordUtils.java b/gateway-util-common/src/main/java/org/apache/knox/gateway/util/PasswordUtils.java
new file mode 100644
index 0000000..55f3f2d
--- /dev/null
+++ b/gateway-util-common/src/main/java/org/apache/knox/gateway/util/PasswordUtils.java
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.util;
+
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+
+public class PasswordUtils {
+ private static final SecureRandom SECURE_RANDOM = getSecureRandom();
+ private static final char[] ALPHANUMERIC_CHARS = { 'a', 'b', 'c', 'd', 'e', 'f', 'g',
+ 'h', 'j', 'k', 'm', 'n', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w',
+ 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'J', 'K',
+ 'M', 'N', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
+ '2', '3', '4', '5', '6', '7', '8', '9',};
+
+ private PasswordUtils() {}
+
+ private static SecureRandom getSecureRandom() {
+ try {
+ return SecureRandom.getInstanceStrong();
+ } catch (NoSuchAlgorithmException e) {
+ throw new IllegalStateException(e);
+ }
+ }
+
+ public static synchronized String generatePassword(int length) {
+ StringBuilder sb = new StringBuilder();
+ for (int i = 0; i < length; i++) {
+ sb.append(ALPHANUMERIC_CHARS[SECURE_RANDOM.nextInt(ALPHANUMERIC_CHARS.length)]);
+ }
+ return sb.toString();
+ }
+}
diff --git a/gateway-util-common/src/test/java/org/apache/knox/gateway/util/PasswordUtilsTest.java b/gateway-util-common/src/test/java/org/apache/knox/gateway/util/PasswordUtilsTest.java
new file mode 100644
index 0000000..c2d9882
--- /dev/null
+++ b/gateway-util-common/src/test/java/org/apache/knox/gateway/util/PasswordUtilsTest.java
@@ -0,0 +1,33 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.util;
+
+import org.junit.Test;
+
+import java.util.Random;
+
+import static org.junit.Assert.assertEquals;
+
+public class PasswordUtilsTest {
+ @Test
+ public void testGeneratePassword() {
+ int len = new Random().nextInt(20);
+ String randomPassword = PasswordUtils.generatePassword(len);
+ assertEquals(len, randomPassword.length());
+ }
+}