You are viewing a plain text version of this content. The canonical link for it is here.

Posted to server-dev@james.apache.org by bt...@apache.org on 2017/06/12 09:32:09 UTC

[1/2] james-project git commit: JAMES-2053 JWT should not accept None algorithm

Repository: james-project
Updated Branches:
  refs/heads/master 7d3c8efae -> 794173534


JAMES-2053 JWT should not accept None algorithm


Project: http://git-wip-us.apache.org/repos/asf/james-project/repo
Commit: http://git-wip-us.apache.org/repos/asf/james-project/commit/475f338a
Tree: http://git-wip-us.apache.org/repos/asf/james-project/tree/475f338a
Diff: http://git-wip-us.apache.org/repos/asf/james-project/diff/475f338a

Branch: refs/heads/master
Commit: 475f338ad68bb3939467f7b5d2eea3ecbaeb1281
Parents: 7d3c8ef
Author: benwa <bt...@linagora.com>
Authored: Mon Jun 12 11:03:41 2017 +0700
Committer: benwa <bt...@linagora.com>
Committed: Mon Jun 12 16:11:22 2017 +0700

----------------------------------------------------------------------
 .../apache/james/jwt/JwtTokenVerifierTest.java  | 29 ++++++++++++++++++++
 1 file changed, 29 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/james-project/blob/475f338a/server/protocols/jwt/src/test/java/org/apache/james/jwt/JwtTokenVerifierTest.java
----------------------------------------------------------------------
diff --git a/server/protocols/jwt/src/test/java/org/apache/james/jwt/JwtTokenVerifierTest.java b/server/protocols/jwt/src/test/java/org/apache/james/jwt/JwtTokenVerifierTest.java
index 698b28d..ae77048 100644
--- a/server/protocols/jwt/src/test/java/org/apache/james/jwt/JwtTokenVerifierTest.java
+++ b/server/protocols/jwt/src/test/java/org/apache/james/jwt/JwtTokenVerifierTest.java
@@ -58,6 +58,11 @@ public class JwtTokenVerifierTest {
         "-yDYktd4WT8MYhqY7MgS-wR0vO9jZFv8ZCgd_MkKCvCO0HmMjP5iQPZ0kqGkgWUH7X123tfR38MfbCVAdPDba-K3MfkogV1xvDhlkPScFr_6MxE" +
         "xtedOK2JnQZn7t9sUzSrcyjWverm7gZkPptkIVoS8TsEeMMME5vFXe_nqkEG69q3kuBUm_33tbR5oNS0ZGZKlG9r41lHBjyf9J1xN4UYV8n866d" +
         "a7RPPCzshIWUtO0q9T2umWTnp-6OnOdBCkndrZmRR6pPxsD5YL0_77Wq8KT_5__fGA";
+    // Generated on https://jwt.io/
+    private static final String TOKEN_NONE_ALGORITHM = "eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJzdWIiOiIxMjM0NTY3ODkwIiwi" +
+        "bmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.2XijNOVI9LXP9nWf-oj2SEWWNlcwmxzlQNGK1WdaWcQ";
+    private static final String TOKEN_NONE_ALGORITHM_NO_SIGNATURE = "eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJzdWIiOiIxMjM0NTY3ODkwIiwi" +
+        "bmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.";
     private JwtTokenVerifier sut;
 
     @Rule
@@ -116,11 +121,35 @@ public class JwtTokenVerifierTest {
     }
 
     @Test
+    public void verifyShouldNotAcceptNoneAlgorithm() {
+        assertThat(sut.verify(TOKEN_NONE_ALGORITHM)).isFalse();
+    }
+
+    @Test
+    public void verifyShouldNotAcceptNoneAlgorithmWithoutSignature() {
+        assertThat(sut.verify(TOKEN_NONE_ALGORITHM_NO_SIGNATURE)).isFalse();
+    }
+
+    @Test
     public void shouldReturnUserLoginFromValidToken() {
         assertThat(sut.extractLogin(VALID_TOKEN_WITHOUT_ADMIN)).isEqualTo("1234567890");
     }
 
     @Test
+    public void hasAttributeShouldReturnFalseOnNoneAlgorithm() throws Exception {
+        boolean authorized = sut.hasAttribute("admin", true, TOKEN_NONE_ALGORITHM);
+
+        assertThat(authorized).isFalse();
+    }
+
+    @Test
+    public void hasAttributeShouldReturnFalseOnNoneAlgorithmWithoutSignature() throws Exception {
+        boolean authorized = sut.hasAttribute("admin", true, TOKEN_NONE_ALGORITHM_NO_SIGNATURE);
+
+        assertThat(authorized).isFalse();
+    }
+
+    @Test
     public void hasAttributeShouldReturnTrueIfClaimValid() throws Exception {
         boolean authorized = sut.hasAttribute("admin", true, VALID_TOKEN_ADMIN_TRUE);
 


---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org

[2/2] james-project git commit: JAMES-2054 Update enqueue/dequeue speed claims

Posted by bt...@apache.org.

JAMES-2054 Update enqueue/dequeue speed claims


Project: http://git-wip-us.apache.org/repos/asf/james-project/repo
Commit: http://git-wip-us.apache.org/repos/asf/james-project/commit/79417353
Tree: http://git-wip-us.apache.org/repos/asf/james-project/tree/79417353
Diff: http://git-wip-us.apache.org/repos/asf/james-project/diff/79417353

Branch: refs/heads/master
Commit: 794173534376c77096978de2ddcbf59eaf790678
Parents: 475f338
Author: benwa <bt...@linagora.com>
Authored: Mon Jun 12 10:24:50 2017 +0700
Committer: benwa <bt...@linagora.com>
Committed: Mon Jun 12 16:12:03 2017 +0700

----------------------------------------------------------------------
 src/site/xdoc/server/feature-performance.xml | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/james-project/blob/79417353/src/site/xdoc/server/feature-performance.xml
----------------------------------------------------------------------
diff --git a/src/site/xdoc/server/feature-performance.xml b/src/site/xdoc/server/feature-performance.xml
index d6fbc9b..df731ff 100644
--- a/src/site/xdoc/server/feature-performance.xml
+++ b/src/site/xdoc/server/feature-performance.xml
@@ -79,23 +79,23 @@
     </subsection>
 
     <subsection name="Measuring dequeueing speed">
-      <p>James can spool more than 100 mails per second (configured with Maildir mail storage).</p>
+      <p>James can spool more than 65 mails per second (configured with Maildir mail storage and the FileMailQueue).</p>
 
-      <p>We ran following command (from postfix distribution) with only 10 dequeue threads.</p>
+      <p>We ran some SMTP Gatling load testing during 5 minutes (https://github.com/linagora/james-gatling)</p>
 
-      <source>time smtp-source -A -C1500 -l 100 -m 100000 -s 500 -d -c -f user@domain.net -t te localhost:25 100000</source>
+      <source>sbt
+gatling:testOnly org.apache.james.gatling.smtp.scenari.NoAuthenticationNoEncryptionScenario</source>
 
       <p>The result was:</p>
       <ol>
-        <li>The queuing of the 100000 emails took 8 minutes.</li>
-        <li>The dequeueing of the 100000 emails took 16 minutes.</li>
+        <li>During these 5 minutes, 29.924 mails where enqueued (~100 email per second)</li>
+        <li>The dequeueing of these emails took 7 minutes and 40 seconds (~65 emails per second)</li>
       </ol>
 
-      <p>We thus have a throughput of more than <b>100 mails/second</b>.</p>
+      <p>We thus have a throughput of more than <b>65 mails/second</b>.</p>
 
-      <p>These numbers are obtained with the out-of-the-box configuration (not optimized).
-        I you run for example (depends on JVM) with <code>-XX:+UseParallelGC -XX:+AggressiveOpts -XX:+UseFastAccessorMethods</code>,
-        you may have 10000 mails enqueued in 38 seconds, which represents <b>263 mails per second</b>.</p>
+      <p>These numbers are obtained with the out-of-the-box configuration (not optimized), on a HDD disk. Better performance is expected with
+        better hardware and further JVM tuning (-XX:+UseParallelGC -XX:+AggressiveOpts -XX:+UseFastAccessorMethods).</p>
     </subsection>
 
   </section>


---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org