You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by kl...@apache.org on 2017/05/31 23:15:11 UTC
[12/35] geode git commit: GEODE-3000: do not have jetty log at debug
level
GEODE-3000: do not have jetty log at debug level
Project: http://git-wip-us.apache.org/repos/asf/geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/geode/commit/5f4a797a
Tree: http://git-wip-us.apache.org/repos/asf/geode/tree/5f4a797a
Diff: http://git-wip-us.apache.org/repos/asf/geode/diff/5f4a797a
Branch: refs/heads/feature/GEODE-2632-19
Commit: 5f4a797ab00d9c77567b30f09b94cfe1d8c68ba7
Parents: b89d2fb
Author: Jinmei Liao <ji...@pivotal.io>
Authored: Tue May 30 11:03:05 2017 -0700
Committer: Jinmei Liao <ji...@pivotal.io>
Committed: Wed May 31 10:47:51 2017 -0700
----------------------------------------------------------------------
geode-core/src/main/resources/log4j2.xml | 1 +
.../internal/security/LogNoPasswordTest.java | 75 ++++++++++++++++++++
2 files changed, 76 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/geode/blob/5f4a797a/geode-core/src/main/resources/log4j2.xml
----------------------------------------------------------------------
diff --git a/geode-core/src/main/resources/log4j2.xml b/geode-core/src/main/resources/log4j2.xml
index cdb932b..49773a2 100755
--- a/geode-core/src/main/resources/log4j2.xml
+++ b/geode-core/src/main/resources/log4j2.xml
@@ -17,6 +17,7 @@
</filters>
</Logger>
<Logger name="org.jgroups" level="FATAL" additivity="true"/>
+ <Logger name="org.eclipse.jetty" level="FATAL" additivity="true"/>
<Root level="INFO">
<AppenderRef ref="STDOUT"/>
</Root>
http://git-wip-us.apache.org/repos/asf/geode/blob/5f4a797a/geode-web/src/test/java/org/apache/geode/management/internal/security/LogNoPasswordTest.java
----------------------------------------------------------------------
diff --git a/geode-web/src/test/java/org/apache/geode/management/internal/security/LogNoPasswordTest.java b/geode-web/src/test/java/org/apache/geode/management/internal/security/LogNoPasswordTest.java
new file mode 100644
index 0000000..688af78
--- /dev/null
+++ b/geode-web/src/test/java/org/apache/geode/management/internal/security/LogNoPasswordTest.java
@@ -0,0 +1,75 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package org.apache.geode.management.internal.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.LOG_LEVEL;
+import static org.assertj.core.api.Assertions.assertThat;
+
+import org.apache.geode.security.AuthenticationFailedException;
+import org.apache.geode.security.SecurityManager;
+import org.apache.geode.test.dunit.rules.GfshShellConnectionRule;
+import org.apache.geode.test.dunit.rules.LocatorStarterRule;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import java.io.File;
+import java.util.Properties;
+import java.util.Scanner;
+
+@Category(IntegrationTest.class)
+public class LogNoPasswordTest {
+
+ private static String PASSWORD = "abcdefghijklmn";
+ @Rule
+ public LocatorStarterRule locator = new LocatorStarterRule().withProperty(LOG_LEVEL, "DEBUG")
+ .withSecurityManager(MySecurityManager.class);
+
+ @Rule
+ public GfshShellConnectionRule gfsh = new GfshShellConnectionRule();
+
+ @Test
+ public void testPasswordInLogs() throws Exception {
+ locator.startLocator();
+ gfsh.secureConnectAndVerify(locator.getHttpPort(), GfshShellConnectionRule.PortType.http, "any",
+ PASSWORD);
+ gfsh.executeAndVerifyCommand("list members");
+
+ // scan all log files to find any occurrences of password
+ File[] logFiles = locator.getWorkingDir().listFiles(file -> file.toString().endsWith(".log"));
+ for (File logFile : logFiles) {
+ Scanner scanner = new Scanner(logFile);
+ while (scanner.hasNextLine()) {
+ String line = scanner.nextLine();
+ assertThat(line).doesNotContain(PASSWORD);
+ }
+ }
+ }
+
+ public static class MySecurityManager implements SecurityManager {
+ @Override
+ public Object authenticate(Properties credentials) throws AuthenticationFailedException {
+ String user = credentials.getProperty("security-username");
+ String password = credentials.getProperty("security-password");
+ if (PASSWORD.equals(password)) {
+ return user;
+ }
+
+ throw new AuthenticationFailedException("Not authenticated.");
+ }
+ }
+}