You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by am...@apache.org on 2023/07/19 09:54:01 UTC
[knox] branch master updated: KNOX-2939 - Provider file configured with invalid syntax still gets created with few missing provider contents (#773)
This is an automated email from the ASF dual-hosted git repository.
amagyar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git
The following commit(s) were added to refs/heads/master by this push:
new e74e0b293 KNOX-2939 - Provider file configured with invalid syntax still gets created with few missing provider contents (#773)
e74e0b293 is described below
commit e74e0b293127f7a43945c66eb1d3bdd4f0bf0891
Author: Attila Magyar <m....@gmail.com>
AuthorDate: Wed Jul 19 11:53:56 2023 +0200
KNOX-2939 - Provider file configured with invalid syntax still gets created with few missing provider contents (#773)
---
.../hadoop/xml/HadoopXmlResourceParser.java | 2 +
.../hadoop/xml/HadoopXmlResourceParserTest.java | 8 ++++
.../src/test/resources/testInvalidProvider.xml | 43 ++++++++++++++++++++++
3 files changed, 53 insertions(+)
diff --git a/gateway-topology-hadoop-xml/src/main/java/org/apache/knox/gateway/topology/hadoop/xml/HadoopXmlResourceParser.java b/gateway-topology-hadoop-xml/src/main/java/org/apache/knox/gateway/topology/hadoop/xml/HadoopXmlResourceParser.java
index ec31b2c9d..d00d358fc 100644
--- a/gateway-topology-hadoop-xml/src/main/java/org/apache/knox/gateway/topology/hadoop/xml/HadoopXmlResourceParser.java
+++ b/gateway-topology-hadoop-xml/src/main/java/org/apache/knox/gateway/topology/hadoop/xml/HadoopXmlResourceParser.java
@@ -238,6 +238,8 @@ public class HadoopXmlResourceParser implements AdvancedServiceDiscoveryConfigCh
provider.setName(roleConfiguration.replace(CONFIG_NAME_PROVIDER_CONFIGS_NAME_PREFIX, ""));
} else if (roleConfiguration.startsWith(CONFIG_NAME_PROVIDER_CONFIGS_ENABLED_PREFIX)) {
provider.setEnabled(Boolean.valueOf(roleConfiguration.replace(CONFIG_NAME_PROVIDER_CONFIGS_ENABLED_PREFIX, "")));
+ } else {
+ throw new IllegalArgumentException("Invalid role configuration: " + roleConfiguration + " in provider: " + provider.getName());
}
}
return provider;
diff --git a/gateway-topology-hadoop-xml/src/test/java/org/apache/knox/gateway/topology/hadoop/xml/HadoopXmlResourceParserTest.java b/gateway-topology-hadoop-xml/src/test/java/org/apache/knox/gateway/topology/hadoop/xml/HadoopXmlResourceParserTest.java
index dce2bff0c..1ee49cbcd 100644
--- a/gateway-topology-hadoop-xml/src/test/java/org/apache/knox/gateway/topology/hadoop/xml/HadoopXmlResourceParserTest.java
+++ b/gateway-topology-hadoop-xml/src/test/java/org/apache/knox/gateway/topology/hadoop/xml/HadoopXmlResourceParserTest.java
@@ -275,6 +275,14 @@ public class HadoopXmlResourceParserTest {
assertService(descriptor, "HIVE", "1.0", Collections.singletonList("http://localhost:456"), expectedServiceParameters);
}
+ @Test
+ public void testInvalidProviderConfig() {
+ String testConfigPath = this.getClass().getClassLoader().getResource("testInvalidProvider.xml").getPath();
+ HadoopXmlResourceParserResult parserResult = hadoopXmlResourceParser.parse(testConfigPath);
+ assertEquals(1, parserResult.getProviders().size());
+ assertNotNull(parserResult.getProviders().get("valid"));
+ }
+
private void validateTopology2Descriptors(SimpleDescriptor descriptor, boolean nifiExpected) {
assertTrue(descriptor.isReadOnly());
assertEquals("topology2", descriptor.getName());
diff --git a/gateway-topology-hadoop-xml/src/test/resources/testInvalidProvider.xml b/gateway-topology-hadoop-xml/src/test/resources/testInvalidProvider.xml
new file mode 100644
index 000000000..bb1820049
--- /dev/null
+++ b/gateway-topology-hadoop-xml/src/test/resources/testInvalidProvider.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<configuration>
+ <property>
+ <name>providerConfigs:invalid1,invalid2</name>
+ <value>
+ authentication;::::::::authentication.name=ShiroProvider#
+ authentication.param.main.pamRealm=org.apache.knox.gateway.shirorealm.KnoxPamRealm#
+ authentication.param.main.pamRealm.service=login#
+ authentication.sessionTimeout=30#
+ authentication.urls./**=authcBasic#role=identity-assertion#identity-assertion.name=Default#
+ role=authorization#
+ authorization.name=XASecurePDPKnox##
+ authorization..dummy=false
+ </value>
+ </property>
+ <property>
+ <name>providerConfigs:valid</name>
+ <value>
+ authentication.name=ShiroProvider#
+ authentication.param.main.pamRealm=org.apache.knox.gateway.shirorealm.KnoxPamRealm#
+ authentication.param.main.pamRealm.service=login#
+ authentication.sessionTimeout=30#
+ authentication.urls./**=authcBasic#role=identity-assertion#identity-assertion.name=Default#
+ role=authorization#
+ authorization.name=XASecurePDPKnox#
+ </value>
+ </property>
+</configuration>
\ No newline at end of file