You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@atlas.apache.org by su...@apache.org on 2016/08/03 19:10:24 UTC
incubator-atlas git commit: ATLAS-762 - Assertion in
NegativeSSLAndKerberosTest.testUnsecuredClient needs to be hardened
Repository: incubator-atlas
Updated Branches:
refs/heads/master bb7895502 -> a165234cd
ATLAS-762 - Assertion in NegativeSSLAndKerberosTest.testUnsecuredClient needs to be hardened
Project: http://git-wip-us.apache.org/repos/asf/incubator-atlas/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-atlas/commit/a165234c
Tree: http://git-wip-us.apache.org/repos/asf/incubator-atlas/tree/a165234c
Diff: http://git-wip-us.apache.org/repos/asf/incubator-atlas/diff/a165234c
Branch: refs/heads/master
Commit: a165234cd373a2fbbcea23ca2a4d6936c907519f
Parents: bb78955
Author: nixonrodrigues <ni...@freestoneinfotech.com>
Authored: Wed Aug 3 18:20:03 2016 +0530
Committer: Suma Shivaprasad <su...@gmail.com>
Committed: Wed Aug 3 12:10:15 2016 -0700
----------------------------------------------------------------------
.../main/java/org/apache/atlas/AtlasClient.java | 8 +-
.../atlas/security/SecureClientUtils.java | 35 +++++++++
release-log.txt | 1 +
.../test/resources/atlas-application.properties | 4 +
.../atlas/web/resources/BaseResourceIT.java | 6 +-
.../web/resources/EntityJerseyResourceIT.java | 13 +++-
.../web/security/BaseSSLAndKerberosTest.java | 4 +-
.../atlas/web/security/BaseSecurityTest.java | 77 ++++++++++++++++++++
.../security/NegativeSSLAndKerberosTest.java | 17 +++--
.../atlas/web/security/SSLAndKerberosTest.java | 33 +++++++--
.../org/apache/atlas/web/security/SSLTest.java | 8 +-
.../web/service/SecureEmbeddedServerTest.java | 2 +-
webapp/src/test/webapp/WEB-INF/web.xml | 23 ++++++
13 files changed, 201 insertions(+), 30 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/a165234c/client/src/main/java/org/apache/atlas/AtlasClient.java
----------------------------------------------------------------------
diff --git a/client/src/main/java/org/apache/atlas/AtlasClient.java b/client/src/main/java/org/apache/atlas/AtlasClient.java
index e284ab4..5ed79bc 100755
--- a/client/src/main/java/org/apache/atlas/AtlasClient.java
+++ b/client/src/main/java/org/apache/atlas/AtlasClient.java
@@ -237,8 +237,12 @@ public class AtlasClient {
URLConnectionClientHandler handler = null;
- if ((!AuthenticationUtil.isKerberosAuthenticationEnabled()) && basicAuthUser!=null && basicAuthPassword!=null) {
- handler = new URLConnectionClientHandler();
+ if ((!AuthenticationUtil.isKerberosAuthenticationEnabled()) && basicAuthUser != null && basicAuthPassword != null) {
+ if (clientConfig.getBoolean(TLS_ENABLED, false)) {
+ handler = SecureClientUtils.getUrlConnectionClientHandler();
+ } else {
+ handler = new URLConnectionClientHandler();
+ }
} else {
handler =
SecureClientUtils.getClientConnectionHandler(config, clientConfig, doAsUser, ugi);
http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/a165234c/client/src/main/java/org/apache/atlas/security/SecureClientUtils.java
----------------------------------------------------------------------
diff --git a/client/src/main/java/org/apache/atlas/security/SecureClientUtils.java b/client/src/main/java/org/apache/atlas/security/SecureClientUtils.java
index 0adb97a..e13d826 100644
--- a/client/src/main/java/org/apache/atlas/security/SecureClientUtils.java
+++ b/client/src/main/java/org/apache/atlas/security/SecureClientUtils.java
@@ -211,4 +211,39 @@ public class SecureClientUtils {
}
}
+ public static URLConnectionClientHandler getUrlConnectionClientHandler() {
+ return new URLConnectionClientHandler(new HttpURLConnectionFactory() {
+ @Override
+ public HttpURLConnection getHttpURLConnection(URL url)
+ throws IOException {
+ HttpURLConnection connection = (HttpURLConnection) url.openConnection();
+
+ if (connection instanceof HttpsURLConnection) {
+ LOG.debug("Attempting to configure HTTPS connection using client "
+ + "configuration");
+ final SSLFactory factory;
+ final SSLSocketFactory sf;
+ final HostnameVerifier hv;
+
+ try {
+ Configuration conf = new Configuration();
+ conf.addResource(conf.get(SSLFactory.SSL_CLIENT_CONF_KEY, SecurityProperties.SSL_CLIENT_PROPERTIES));
+ UserGroupInformation.setConfiguration(conf);
+
+ HttpsURLConnection c = (HttpsURLConnection) connection;
+ factory = new SSLFactory(SSLFactory.Mode.CLIENT, conf);
+ factory.init();
+ sf = factory.createSSLSocketFactory();
+ hv = factory.getHostnameVerifier();
+ c.setSSLSocketFactory(sf);
+ c.setHostnameVerifier(hv);
+ } catch (Exception e) {
+ LOG.info("Unable to configure HTTPS connection from "
+ + "configuration. Leveraging JDK properties.");
+ }
+ }
+ return connection;
+ }
+ });
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/a165234c/release-log.txt
----------------------------------------------------------------------
diff --git a/release-log.txt b/release-log.txt
index b7cff4c..6e73a7d 100644
--- a/release-log.txt
+++ b/release-log.txt
@@ -6,6 +6,7 @@ INCOMPATIBLE CHANGES:
ALL CHANGES:
+ATLAS-762 Assertion in NegativeSSLAndKerberosTest.testUnsecuredClient needs to be hardened (nixonrodrigues via sumasai)
ATLAS-1071 Regression - UI - Details Button under Audits Tab is not working.(kevalbhatt18 via sumasai)
ATLAS-965 Old lineage still exists after dropping tables and re-creating tables with same name. (shwethags via sumasai)
ATLAS-1048 TestMetadata.py test in distro project fails on Windows (jnhagelb via shwethags)
http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/a165234c/typesystem/src/test/resources/atlas-application.properties
----------------------------------------------------------------------
diff --git a/typesystem/src/test/resources/atlas-application.properties b/typesystem/src/test/resources/atlas-application.properties
index 4d7e9b5..a3b6c90 100644
--- a/typesystem/src/test/resources/atlas-application.properties
+++ b/typesystem/src/test/resources/atlas-application.properties
@@ -119,3 +119,7 @@ atlas.server.ha.enabled=false
#########POLICY FILE PATH #########
atlas.auth.policy.file=${sys:user.dir}/distro/src/conf/policy-store.txt
+atlas.authentication.method.file=true
+atlas.authentication.method.ldap.type=none
+atlas.authentication.method.file.filename=${sys:user.dir}/distro/src/conf/users-credentials.properties
+atlas.authentication.method.kerberos=false
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/a165234c/webapp/src/test/java/org/apache/atlas/web/resources/BaseResourceIT.java
----------------------------------------------------------------------
diff --git a/webapp/src/test/java/org/apache/atlas/web/resources/BaseResourceIT.java b/webapp/src/test/java/org/apache/atlas/web/resources/BaseResourceIT.java
index 6b54fcd..aa69556 100755
--- a/webapp/src/test/java/org/apache/atlas/web/resources/BaseResourceIT.java
+++ b/webapp/src/test/java/org/apache/atlas/web/resources/BaseResourceIT.java
@@ -77,19 +77,15 @@ public abstract class BaseResourceIT {
@BeforeClass
public void setUp() throws Exception {
- DefaultClientConfig config = new DefaultClientConfig();
- Client client = Client.create(config);
Configuration configuration = ApplicationProperties.get();
baseUrl = configuration.getString(ATLAS_REST_ADDRESS, "http://localhost:21000/");
- client.resource(UriBuilder.fromUri(baseUrl).build());
-
- service = client.resource(UriBuilder.fromUri(baseUrl).build());
if (!AuthenticationUtil.isKerberosAuthenticationEnabled()) {
serviceClient = new AtlasClient(new String[]{baseUrl}, new String[]{"admin", "admin"});
} else {
serviceClient = new AtlasClient(baseUrl);
}
+ service = serviceClient.getResource();
}
protected void createType(TypesDef typesDef) throws Exception {
http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/a165234c/webapp/src/test/java/org/apache/atlas/web/resources/EntityJerseyResourceIT.java
----------------------------------------------------------------------
diff --git a/webapp/src/test/java/org/apache/atlas/web/resources/EntityJerseyResourceIT.java b/webapp/src/test/java/org/apache/atlas/web/resources/EntityJerseyResourceIT.java
index 9102c75..0b49148 100755
--- a/webapp/src/test/java/org/apache/atlas/web/resources/EntityJerseyResourceIT.java
+++ b/webapp/src/test/java/org/apache/atlas/web/resources/EntityJerseyResourceIT.java
@@ -1,4 +1,4 @@
-/**
+ /**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
@@ -73,6 +73,7 @@ import java.util.UUID;
import static org.testng.Assert.assertEquals;
import static org.testng.Assert.assertNotNull;
import static org.testng.Assert.fail;
+import org.apache.atlas.utils.AuthenticationUtil;
/**
@@ -127,9 +128,13 @@ public class EntityJerseyResourceIT extends BaseResourceIT {
entity.set("name", randomString());
entity.set("description", randomString());
- String user = "testuser";
- UserGroupInformation ugi = UserGroupInformation.createRemoteUser(user);
- AtlasClient localClient = new AtlasClient(ugi, null, baseUrl);
+ String user = "admin";
+ AtlasClient localClient = null;
+ if (!AuthenticationUtil.isKerberosAuthenticationEnabled()) {
+ localClient = new AtlasClient(new String[]{baseUrl}, new String[]{"admin", "admin"});
+ } else {
+ localClient = new AtlasClient(baseUrl);
+ }
String entityId = localClient.createEntity(entity).get(0);
List<EntityAuditEvent> events = serviceClient.getEntityAuditEvents(entityId, (short) 10);
http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/a165234c/webapp/src/test/java/org/apache/atlas/web/security/BaseSSLAndKerberosTest.java
----------------------------------------------------------------------
diff --git a/webapp/src/test/java/org/apache/atlas/web/security/BaseSSLAndKerberosTest.java b/webapp/src/test/java/org/apache/atlas/web/security/BaseSSLAndKerberosTest.java
index 3d1a63a..fdadc2e 100644
--- a/webapp/src/test/java/org/apache/atlas/web/security/BaseSSLAndKerberosTest.java
+++ b/webapp/src/test/java/org/apache/atlas/web/security/BaseSSLAndKerberosTest.java
@@ -40,7 +40,7 @@ public class BaseSSLAndKerberosTest extends BaseSecurityTest {
protected Path jksPath;
protected String providerUrl;
protected File httpKeytabFile;
- private File userKeytabFile;
+ protected File userKeytabFile;
class TestSecureEmbeddedServer extends SecureEmbeddedServer {
@@ -98,7 +98,7 @@ public class BaseSSLAndKerberosTest extends BaseSecurityTest {
File kdcWorkDir = startKDC();
userKeytabFile = createKeytab(kdc, kdcWorkDir, "dgi", "dgi.keytab");
- createKeytab(kdc, kdcWorkDir, "zookeeper", "dgi.keytab");
+ //createKeytab(kdc, kdcWorkDir, "zookeeper", "dgi.keytab");
httpKeytabFile = createKeytab(kdc, kdcWorkDir, "HTTP", "spnego.service.keytab");
// create a test user principal
http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/a165234c/webapp/src/test/java/org/apache/atlas/web/security/BaseSecurityTest.java
----------------------------------------------------------------------
diff --git a/webapp/src/test/java/org/apache/atlas/web/security/BaseSecurityTest.java b/webapp/src/test/java/org/apache/atlas/web/security/BaseSecurityTest.java
index 54c570c..ff2cfc3 100644
--- a/webapp/src/test/java/org/apache/atlas/web/security/BaseSecurityTest.java
+++ b/webapp/src/test/java/org/apache/atlas/web/security/BaseSecurityTest.java
@@ -41,6 +41,13 @@ import static org.apache.atlas.security.SecurityProperties.CERT_STORES_CREDENTIA
import static org.apache.atlas.security.SecurityProperties.KEYSTORE_FILE_KEY;
import static org.apache.atlas.security.SecurityProperties.TLS_ENABLED;
import static org.apache.atlas.security.SecurityProperties.TRUSTSTORE_FILE_KEY;
+import static org.apache.atlas.security.SecurityProperties.SSL_CLIENT_PROPERTIES;
+import static org.apache.atlas.security.SecurityProperties.CLIENT_AUTH_KEY;
+import static org.apache.atlas.security.SecurityProperties.SSL_CLIENT_PROPERTIES;
+import org.apache.commons.io.FileUtils;
+import org.apache.hadoop.conf.Configuration;
+import org.apache.atlas.AtlasException;
+import org.apache.hadoop.security.alias.CredentialProviderFactory;
/**
*
@@ -153,9 +160,79 @@ public class BaseSecurityTest {
configuredProperties.copy(configuration);
String persistDir = TestUtils.getTempDirectory();
+ configuredProperties.setProperty("atlas.authentication.method.file", "true");
+ configuredProperties.setProperty("atlas.authentication.method.file.filename", persistDir
+ + "/users-credentials");
+ configuredProperties.setProperty("atlas.auth.policy.file",persistDir
+ + "/policy-store.txt" );
TestUtils.writeConfiguration(configuredProperties, persistDir + File.separator +
ApplicationProperties.APPLICATION_PROPERTIES);
+ setupUserCredential(persistDir);
+ setUpPolicyStore(persistDir);
ApplicationProperties.forceReload();
return persistDir;
}
+
+ public static void setupUserCredential(String tmpDir) throws Exception {
+
+ StringBuilder credentialFileStr = new StringBuilder(1024);
+ credentialFileStr.append("admin=ADMIN::8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918\n");
+ credentialFileStr.append("michael=DATA_SCIENTIST::95bfb24de17d285d734b9eaa9109bfe922adc85f20d2e5e66a78bddb4a4ebddb\n");
+ credentialFileStr.append("paul=DATA_STEWARD::e7c0dcf5f8a93e93791e9bac1ae454a691c1d2a902fc4256d489e96c1b9ac68c\n");
+ credentialFileStr.append("testuser=DATA_STEWARD::e7c0dcf5f8a93e93791e9bac1ae454a691c1d2a902fc4256d489e96c1b9ac68c\n");
+ File credentialFile = new File(tmpDir, "users-credentials");
+ FileUtils.write(credentialFile, credentialFileStr.toString());
+ }
+
+ public static void setUpPolicyStore(String tmpDir) throws Exception {
+ StringBuilder policyStr = new StringBuilder(1024);
+ policyStr.append("adminPolicy;;admin:rwud;;ROLE_ADMIN:rwud;;type:*,entity:*,operation:*\n");
+ policyStr.append("dataStewardPolicy;;testuser:rwud;;DATA_STEWARD:rwu;;type:*,entity:*,taxonomy:*,term:*\n");
+
+ File policyFile = new File(tmpDir, "policy-store.txt");
+ FileUtils.write(policyFile, policyStr.toString());
+ }
+
+ public static void persistSSLClientConfiguration(org.apache.commons.configuration.Configuration clientConfig)
+ throws AtlasException, IOException {
+ //trust settings
+ Configuration configuration = new Configuration(false);
+ File sslClientFile = getSSLClientFile();
+ if (!sslClientFile.exists()) {
+ configuration.set("ssl.client.truststore.type", "jks");
+ configuration.set("ssl.client.truststore.location", clientConfig.getString(TRUSTSTORE_FILE_KEY));
+ if (clientConfig.getBoolean(CLIENT_AUTH_KEY, false)) {
+ // need to get client key properties
+ configuration.set("ssl.client.keystore.location", clientConfig.getString(KEYSTORE_FILE_KEY));
+ configuration.set("ssl.client.keystore.type", "jks");
+ }
+ // add the configured credential provider
+ configuration.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH,
+ clientConfig.getString(CERT_STORES_CREDENTIAL_PROVIDER_PATH));
+ String hostnameVerifier = clientConfig.getString(SSLFactory.SSL_HOSTNAME_VERIFIER_KEY);
+ if (hostnameVerifier != null) {
+ configuration.set(SSLFactory.SSL_HOSTNAME_VERIFIER_KEY, hostnameVerifier);
+ }
+
+ configuration.writeXml(new FileWriter(sslClientFile));
+ }
+ }
+
+ private static File getSSLClientFile() throws AtlasException {
+ File sslDir;
+ try {
+ String persistDir = null;
+ URL resource = BaseSecurityTest.class.getResource("/");
+ if (resource != null) {
+ persistDir = resource.toURI().getPath();
+ }
+ assert persistDir != null;
+ sslDir = new File(persistDir);
+
+ // LOG.info("ssl-client.xml will be created in {}", sslDir);
+ } catch (Exception e) {
+ throw new AtlasException("Failed to find client configuration directory", e);
+ }
+ return new File(sslDir, SSL_CLIENT_PROPERTIES);
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/a165234c/webapp/src/test/java/org/apache/atlas/web/security/NegativeSSLAndKerberosTest.java
----------------------------------------------------------------------
diff --git a/webapp/src/test/java/org/apache/atlas/web/security/NegativeSSLAndKerberosTest.java b/webapp/src/test/java/org/apache/atlas/web/security/NegativeSSLAndKerberosTest.java
index 4d7794a..4ad01cf 100755
--- a/webapp/src/test/java/org/apache/atlas/web/security/NegativeSSLAndKerberosTest.java
+++ b/webapp/src/test/java/org/apache/atlas/web/security/NegativeSSLAndKerberosTest.java
@@ -61,6 +61,8 @@ public class NegativeSSLAndKerberosTest extends BaseSSLAndKerberosTest {
// client will actually only leverage subset of these properties
final PropertiesConfiguration configuration = getSSLConfiguration(providerUrl);
+ persistSSLClientConfiguration((org.apache.commons.configuration.Configuration) configuration);
+
TestUtils.writeConfiguration(configuration, persistDir + File.separator +
ApplicationProperties.APPLICATION_PROPERTIES);
@@ -74,11 +76,15 @@ public class NegativeSSLAndKerberosTest extends BaseSSLAndKerberosTest {
configuration.load(url);
configuration.setProperty(TLS_ENABLED, true);
- configuration.setProperty("atlas.http.authentication.enabled", "true");
- configuration.setProperty("atlas.http.authentication.type", "kerberos");
- configuration.setProperty("atlas.http.authentication.kerberos.principal", "HTTP/localhost@" + kdc.getRealm());
- configuration.setProperty("atlas.http.authentication.kerberos.keytab", httpKeytabFile.getAbsolutePath());
- configuration.setProperty("atlas.http.authentication.kerberos.name.rules",
+ configuration.setProperty("atlas.authentication.method.kerberos", "true");
+ configuration.setProperty("atlas.authentication.keytab",userKeytabFile.getAbsolutePath());
+ configuration.setProperty("atlas.authentication.principal","dgi/localhost@"+kdc.getRealm());
+
+ configuration.setProperty("atlas.authentication.method.file", "false");
+ configuration.setProperty("atlas.authentication.method.kerberos", "true");
+ configuration.setProperty("atlas.authentication.method.kerberos.principal", "HTTP/localhost@" + kdc.getRealm());
+ configuration.setProperty("atlas.authentication.method.kerberos.keytab", httpKeytabFile.getAbsolutePath());
+ configuration.setProperty("atlas.authentication.method.kerberos.name.rules",
"RULE:[1:$1@$0](.*@EXAMPLE.COM)s/@.*//\nDEFAULT");
TestUtils.writeConfiguration(configuration, persistDir + File.separator +
@@ -127,6 +133,7 @@ public class NegativeSSLAndKerberosTest extends BaseSSLAndKerberosTest {
Assert.fail("Should have failed with GSSException");
} catch(Exception e) {
e.printStackTrace();
+ Assert.assertTrue(e.getMessage().contains("Mechanism level: Failed to find any Kerberos tgt"));
}
}
}
http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/a165234c/webapp/src/test/java/org/apache/atlas/web/security/SSLAndKerberosTest.java
----------------------------------------------------------------------
diff --git a/webapp/src/test/java/org/apache/atlas/web/security/SSLAndKerberosTest.java b/webapp/src/test/java/org/apache/atlas/web/security/SSLAndKerberosTest.java
index b550f70..b21fbd0 100755
--- a/webapp/src/test/java/org/apache/atlas/web/security/SSLAndKerberosTest.java
+++ b/webapp/src/test/java/org/apache/atlas/web/security/SSLAndKerberosTest.java
@@ -70,6 +70,8 @@ public class SSLAndKerberosTest extends BaseSSLAndKerberosTest {
// client will actually only leverage subset of these properties
final PropertiesConfiguration configuration = getSSLConfiguration(providerUrl);
+ persistSSLClientConfiguration((org.apache.commons.configuration.Configuration) configuration);
+
TestUtils.writeConfiguration(configuration, persistDir + File.separator +
ApplicationProperties.APPLICATION_PROPERTIES);
@@ -82,22 +84,39 @@ public class SSLAndKerberosTest extends BaseSSLAndKerberosTest {
}
configuration.load(url);
configuration.setProperty(TLS_ENABLED, true);
- configuration.setProperty("atlas.http.authentication.enabled", "true");
- configuration.setProperty("atlas.http.authentication.type", "kerberos");
- configuration.setProperty("atlas.http.authentication.kerberos.principal", "HTTP/localhost@" + kdc.getRealm());
- configuration.setProperty("atlas.http.authentication.kerberos.keytab", httpKeytabFile.getAbsolutePath());
- configuration.setProperty("atlas.http.authentication.kerberos.name.rules",
+ configuration.setProperty("atlas.authentication.method.kerberos", "true");
+ configuration.setProperty("atlas.authentication.keytab",userKeytabFile.getAbsolutePath());
+ configuration.setProperty("atlas.authentication.principal","dgi/localhost@"+kdc.getRealm());
+
+ configuration.setProperty("atlas.authentication.method.file", "false");
+ configuration.setProperty("atlas.authentication.method.kerberos", "true");
+ configuration.setProperty("atlas.authentication.method.kerberos.principal", "HTTP/localhost@" + kdc.getRealm());
+ configuration.setProperty("atlas.authentication.method.kerberos.keytab", httpKeytabFile.getAbsolutePath());
+ configuration.setProperty("atlas.authentication.method.kerberos.name.rules",
"RULE:[1:$1@$0](.*@EXAMPLE.COM)s/@.*//\nDEFAULT");
+ configuration.setProperty("atlas.authentication.method.file", "true");
+ configuration.setProperty("atlas.authentication.method.file.filename", persistDir
+ + "/users-credentials");
+ configuration.setProperty("atlas.auth.policy.file",persistDir
+ + "/policy-store.txt" );
+
TestUtils.writeConfiguration(configuration, persistDir + File.separator +
"atlas-application.properties");
+ setupUserCredential(persistDir);
+ setUpPolicyStore(persistDir);
+
subject = loginTestUser();
UserGroupInformation.loginUserFromSubject(subject);
UserGroupInformation proxyUser = UserGroupInformation.createProxyUser(
"testUser",
UserGroupInformation.getLoginUser());
+ // save original setting
+ originalConf = System.getProperty("atlas.conf");
+ System.setProperty("atlas.conf", persistDir);
+
dgiCLient = proxyUser.doAs(new PrivilegedExceptionAction<AtlasClient>() {
@Override
public AtlasClient run() throws Exception {
@@ -110,9 +129,7 @@ public class SSLAndKerberosTest extends BaseSSLAndKerberosTest {
}
});
- // save original setting
- originalConf = System.getProperty("atlas.conf");
- System.setProperty("atlas.conf", persistDir);
+
secureEmbeddedServer = new TestSecureEmbeddedServer(21443, getWarPath()) {
@Override
public PropertiesConfiguration getConfiguration() {
http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/a165234c/webapp/src/test/java/org/apache/atlas/web/security/SSLTest.java
----------------------------------------------------------------------
diff --git a/webapp/src/test/java/org/apache/atlas/web/security/SSLTest.java b/webapp/src/test/java/org/apache/atlas/web/security/SSLTest.java
index 8afcc26..0d78285 100755
--- a/webapp/src/test/java/org/apache/atlas/web/security/SSLTest.java
+++ b/webapp/src/test/java/org/apache/atlas/web/security/SSLTest.java
@@ -74,16 +74,18 @@ public class SSLTest extends BaseSSLAndKerberosTest {
setupCredentials();
final PropertiesConfiguration configuration = getSSLConfiguration(providerUrl);
String persistDir = writeConfiguration(configuration);
+ persistSSLClientConfiguration((org.apache.commons.configuration.Configuration) configuration);
- atlasClient = new AtlasClient(DGI_URL) {
+ originalConf = System.getProperty("atlas.conf");
+ System.setProperty("atlas.conf", persistDir);
+
+ atlasClient = new AtlasClient(new String[]{DGI_URL},new String[]{"admin","admin"}) {
@Override
protected PropertiesConfiguration getClientProperties() {
return configuration;
}
};
- originalConf = System.getProperty("atlas.conf");
- System.setProperty("atlas.conf", persistDir);
secureEmbeddedServer = new TestSecureEmbeddedServer(21443, getWarPath()) {
@Override
public PropertiesConfiguration getConfiguration() {
http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/a165234c/webapp/src/test/java/org/apache/atlas/web/service/SecureEmbeddedServerTest.java
----------------------------------------------------------------------
diff --git a/webapp/src/test/java/org/apache/atlas/web/service/SecureEmbeddedServerTest.java b/webapp/src/test/java/org/apache/atlas/web/service/SecureEmbeddedServerTest.java
index c356be6..dc3b936 100644
--- a/webapp/src/test/java/org/apache/atlas/web/service/SecureEmbeddedServerTest.java
+++ b/webapp/src/test/java/org/apache/atlas/web/service/SecureEmbeddedServerTest.java
@@ -67,7 +67,7 @@ public class SecureEmbeddedServerTest extends SecureEmbeddedServerTestBase {
};
secureEmbeddedServer.server.start();
- URL url = new URL("https://localhost:21443/api/atlas/admin/version");
+ URL url = new URL("https://localhost:21443/api/atlas/admin/status");
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setRequestMethod("GET");
connection.connect();
http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/a165234c/webapp/src/test/webapp/WEB-INF/web.xml
----------------------------------------------------------------------
diff --git a/webapp/src/test/webapp/WEB-INF/web.xml b/webapp/src/test/webapp/WEB-INF/web.xml
index 0562643..05d7ebb 100755
--- a/webapp/src/test/webapp/WEB-INF/web.xml
+++ b/webapp/src/test/webapp/WEB-INF/web.xml
@@ -38,6 +38,16 @@
-->
<filter>
+ <filter-name>springSecurityFilterChain</filter-name>
+ <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
+ </filter>
+
+ <filter-mapping>
+ <filter-name>springSecurityFilterChain</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
+
+ <filter>
<filter-name>guiceFilter</filter-name>
<filter-class>com.google.inject.servlet.GuiceFilter</filter-class>
</filter>
@@ -50,4 +60,17 @@
<listener>
<listener-class>org.apache.atlas.web.listeners.TestGuiceServletConfig</listener-class>
</listener>
+
+ <listener>
+ <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
+ </listener>
+
+ <listener>
+ <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
+ </listener>
+
+ <listener>
+ <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
+ </listener>
+
</web-app>