You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by or...@apache.org on 2019/11/29 13:09:12 UTC
[qpid-broker-j] branch master updated: NO-JIRA: Add extra debug to
understand sproradic test failures in KerberosAuthenticationManagerTest
This is an automated email from the ASF dual-hosted git repository.
orudyy pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/qpid-broker-j.git
The following commit(s) were added to refs/heads/master by this push:
new 59b1b8a NO-JIRA: Add extra debug to understand sproradic test failures in KerberosAuthenticationManagerTest
59b1b8a is described below
commit 59b1b8a599daf1950a82f9e9a2f87bf0283496b5
Author: Alex Rudyy <or...@apache.org>
AuthorDate: Fri Nov 29 13:08:51 2019 +0000
NO-JIRA: Add extra debug to understand sproradic test failures in KerberosAuthenticationManagerTest
---
.../manager/KerberosAuthenticationManagerTest.java | 42 ++++++++++++++++++++++
.../qpid/server/test/EmbeddedKdcResource.java | 1 +
2 files changed, 43 insertions(+)
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/KerberosAuthenticationManagerTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/KerberosAuthenticationManagerTest.java
index e24d56c..e0ede79 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/KerberosAuthenticationManagerTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/KerberosAuthenticationManagerTest.java
@@ -62,6 +62,8 @@ import org.apache.qpid.server.security.auth.sasl.SaslNegotiator;
import org.apache.qpid.server.security.auth.sasl.SaslSettings;
import org.apache.qpid.server.test.EmbeddedKdcResource;
import org.apache.qpid.server.test.KerberosUtilities;
+import org.apache.qpid.server.util.FileUtils;
+import org.apache.qpid.server.util.StringUtil;
import org.apache.qpid.test.utils.JvmVendor;
import org.apache.qpid.test.utils.SystemPropertySetter;
import org.apache.qpid.test.utils.UnitTestBase;
@@ -117,6 +119,28 @@ public class KerberosAuthenticationManagerTest extends UnitTestBase
_kerberosAuthenticationProvider.create();
when(_broker.getChildren(AuthenticationProvider.class))
.thenReturn(Collections.singleton(_kerberosAuthenticationProvider));
+
+ if (LOGGER.isDebugEnabled())
+ {
+ final String krb5Conf = System.getProperty("java.security.krb5.conf");
+ if (krb5Conf != null)
+ {
+ final File file = new File(krb5Conf);
+ if (file.exists())
+ {
+ String config = FileUtils.readFileAsString(file);
+ debug("Kerberos config: {}", config);
+ }
+ else
+ {
+ LOGGER.warn("Kerberos config file was not found in the expected location at '{}'", krb5Conf);
+ }
+ }
+ else
+ {
+ LOGGER.warn("JVM system property 'java.security.krb5.conf' is not set");
+ }
+ }
}
@Test
@@ -200,7 +224,9 @@ public class KerberosAuthenticationManagerTest extends UnitTestBase
try
{
lc.login();
+
final Subject clientSubject = lc.getSubject();
+ debug("LoginContext subject {}", clientSubject);
final SaslClient saslClient = createSaslClient(clientSubject);
return performNegotiation(clientSubject, saslClient, negotiator);
}
@@ -210,6 +236,15 @@ public class KerberosAuthenticationManagerTest extends UnitTestBase
}
}
+ private void debug(String message, Object... args)
+ {
+ LOGGER.debug(message, args);
+ if (Boolean.TRUE.toString().equalsIgnoreCase(System.getProperty("sun.security.krb5.debug")))
+ {
+ System.out.println(String.format(message.replace("{}", "%s"), args));
+ }
+ }
+
private AuthenticationResult performNegotiation(final Subject clientSubject,
final SaslClient saslClient,
final SaslNegotiator negotiator)
@@ -223,6 +258,7 @@ public class KerberosAuthenticationManagerTest extends UnitTestBase
if (!initiated)
{
initiated = true;
+ debug("Sending initial challenge");
response = Subject.doAs(clientSubject, (PrivilegedExceptionAction<byte[]>) () -> {
if (saslClient.hasInitialResponse())
{
@@ -230,19 +266,25 @@ public class KerberosAuthenticationManagerTest extends UnitTestBase
}
return null;
});
+ debug("Initial challenge sent");
}
+ debug("Handling response: {}", StringUtil.toHex(response));
result = negotiator.handleResponse(response);
byte[] challenge = result.getChallenge();
+
if (challenge != null)
{
+ debug("Challenge: {}", StringUtil.toHex(challenge));
response = Subject.doAs(clientSubject,
(PrivilegedExceptionAction<byte[]>) () -> saslClient.evaluateChallenge(
challenge));
}
}
while (result.getStatus() == AuthenticationResult.AuthenticationStatus.CONTINUE);
+
+ debug("Result {}", result.getStatus());
return result;
}
diff --git a/broker-core/src/test/java/org/apache/qpid/server/test/EmbeddedKdcResource.java b/broker-core/src/test/java/org/apache/qpid/server/test/EmbeddedKdcResource.java
index cda31a8..07e20b3 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/test/EmbeddedKdcResource.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/test/EmbeddedKdcResource.java
@@ -80,6 +80,7 @@ public class EmbeddedKdcResource extends ExternalResource
_simpleKdcServer.setWorkDir(_kdcDirectory);
_simpleKdcServer.init();
_simpleKdcServer.start();
+ LOGGER.info("SimpleKdcServer started on port {}, realm '{}'", getPort(), getRealm());
}
@Override
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org