You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@geode.apache.org by GitBox <gi...@apache.org> on 2021/10/01 20:27:02 UTC

[GitHub] [geode] kirklund commented on a change in pull request #6927: GEODE-9663: throw and handle AuthenticationExpiredException at login time

kirklund commented on a change in pull request #6927:
URL: https://github.com/apache/geode/pull/6927#discussion_r720518293



##########
File path: geode-core/src/upgradeTest/java/org/apache/geode/security/AuthExpirationMultiServerDUnitTest.java
##########
@@ -253,6 +254,53 @@ public void registerInterestsWithMultiServers() throws Exception {
         .containsExactly("DATA:READ:partitionRegion:key0");
   }
 
+  @Test
+  public void consecutivePut() throws Exception {
+    int locatorPort = locator.getPort();
+    // do consecutive puts using a client
+    ClientVM client = cluster.startClientVM(3,
+        c -> c.withProperty(SECURITY_CLIENT_AUTH_INIT, UpdatableUserAuthInitialize.class.getName())
+            .withCacheSetup(ccf -> ccf.setPoolMaxConnections(2))
+            .withLocatorConnection(locatorPort));
+    AsyncInvocation invokePut = client.invokeAsync(() -> {

Review comment:
       `AsyncInvocation<Void>`

##########
File path: geode-core/src/upgradeTest/java/org/apache/geode/security/AuthExpirationMultiServerDUnitTest.java
##########
@@ -253,6 +254,53 @@ public void registerInterestsWithMultiServers() throws Exception {
         .containsExactly("DATA:READ:partitionRegion:key0");
   }
 
+  @Test
+  public void consecutivePut() throws Exception {
+    int locatorPort = locator.getPort();
+    // do consecutive puts using a client
+    ClientVM client = cluster.startClientVM(3,
+        c -> c.withProperty(SECURITY_CLIENT_AUTH_INIT, UpdatableUserAuthInitialize.class.getName())
+            .withCacheSetup(ccf -> ccf.setPoolMaxConnections(2))
+            .withLocatorConnection(locatorPort));
+    AsyncInvocation invokePut = client.invokeAsync(() -> {
+      UpdatableUserAuthInitialize.setUser("user1");
+      Region<Object, Object> proxyRegion =
+          ClusterStartupRule.getClientCache()
+              .createClientRegionFactory(ClientRegionShortcut.CACHING_PROXY)
+              .create(PARTITION_REGION);
+      IntStream.range(0, 1000).forEach(i -> proxyRegion.put("key" + i, "value" + i));
+    });
+
+    client.invoke(() -> {
+      // wait till at least 1/3 of the data is in the region to expire the user
+      await().until(() -> getProxyRegion() != null);
+      await().until(() -> getProxyRegion().size() > 10);

Review comment:
       Anytime you're using await for a value that can be more than two possible values, I would use an assertion so that the value can be seen if it ever fails.
   ```
   await().untilAsserted(() -> assertThat(getProxyRegion().size()).isGreaterThan(10));
   ```

##########
File path: geode-core/src/upgradeTest/java/org/apache/geode/security/AuthExpirationMultiServerDUnitTest.java
##########
@@ -253,6 +254,53 @@ public void registerInterestsWithMultiServers() throws Exception {
         .containsExactly("DATA:READ:partitionRegion:key0");
   }
 
+  @Test
+  public void consecutivePut() throws Exception {
+    int locatorPort = locator.getPort();
+    // do consecutive puts using a client
+    ClientVM client = cluster.startClientVM(3,
+        c -> c.withProperty(SECURITY_CLIENT_AUTH_INIT, UpdatableUserAuthInitialize.class.getName())
+            .withCacheSetup(ccf -> ccf.setPoolMaxConnections(2))
+            .withLocatorConnection(locatorPort));
+    AsyncInvocation invokePut = client.invokeAsync(() -> {
+      UpdatableUserAuthInitialize.setUser("user1");
+      Region<Object, Object> proxyRegion =
+          ClusterStartupRule.getClientCache()
+              .createClientRegionFactory(ClientRegionShortcut.CACHING_PROXY)
+              .create(PARTITION_REGION);
+      IntStream.range(0, 1000).forEach(i -> proxyRegion.put("key" + i, "value" + i));
+    });
+
+    client.invoke(() -> {
+      // wait till at least 1/3 of the data is in the region to expire the user
+      await().until(() -> getProxyRegion() != null);
+      await().until(() -> getProxyRegion().size() > 10);
+      UpdatableUserAuthInitialize.setUser("user2");
+    });
+
+    expireUserOnAllVms("user1");
+    invokePut.await();
+
+    ExpirableSecurityManager securityManager = collectSecurityManagers(server1, server2);
+    Map<String, List<String>> authorizedOps = securityManager.getAuthorizedOps();
+    if (authorizedOps.size() == 1) {
+      // in case user1 has finished putting all 1000 values in the region before we can expire it.
+      return;
+    }
+    assertThat(authorizedOps).hasSize(2);
+    assertThat(authorizedOps.get("user1").size() + authorizedOps.get("user2").size())
+        .isEqualTo(1000);

Review comment:
       I recommend adding an `as` into this one so that if it fails, the failure message shows the size for both users:
   ```
   assertThat(authorizedOps.get("user1").size() + authorizedOps.get("user2").size())
       .as(String.format("Combined sizes of user1 %s and user2 %s", 
           authorizedOps.get("user1").size(),
           authorizedOps.get("user2").size()))
       .isEqualTo(1000);
   ```




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@geode.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org