You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by kl...@apache.org on 2017/05/31 23:15:11 UTC

[12/35] geode git commit: GEODE-3000: do not have jetty log at debug level

GEODE-3000: do not have jetty log at debug level


Project: http://git-wip-us.apache.org/repos/asf/geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/geode/commit/5f4a797a
Tree: http://git-wip-us.apache.org/repos/asf/geode/tree/5f4a797a
Diff: http://git-wip-us.apache.org/repos/asf/geode/diff/5f4a797a

Branch: refs/heads/feature/GEODE-2632-19
Commit: 5f4a797ab00d9c77567b30f09b94cfe1d8c68ba7
Parents: b89d2fb
Author: Jinmei Liao <ji...@pivotal.io>
Authored: Tue May 30 11:03:05 2017 -0700
Committer: Jinmei Liao <ji...@pivotal.io>
Committed: Wed May 31 10:47:51 2017 -0700

----------------------------------------------------------------------
 geode-core/src/main/resources/log4j2.xml        |  1 +
 .../internal/security/LogNoPasswordTest.java    | 75 ++++++++++++++++++++
 2 files changed, 76 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/geode/blob/5f4a797a/geode-core/src/main/resources/log4j2.xml
----------------------------------------------------------------------
diff --git a/geode-core/src/main/resources/log4j2.xml b/geode-core/src/main/resources/log4j2.xml
index cdb932b..49773a2 100755
--- a/geode-core/src/main/resources/log4j2.xml
+++ b/geode-core/src/main/resources/log4j2.xml
@@ -17,6 +17,7 @@
     </filters>
     </Logger>
     <Logger name="org.jgroups" level="FATAL" additivity="true"/>
+    <Logger name="org.eclipse.jetty" level="FATAL" additivity="true"/>
     <Root level="INFO">
       <AppenderRef ref="STDOUT"/>
     </Root>

http://git-wip-us.apache.org/repos/asf/geode/blob/5f4a797a/geode-web/src/test/java/org/apache/geode/management/internal/security/LogNoPasswordTest.java
----------------------------------------------------------------------
diff --git a/geode-web/src/test/java/org/apache/geode/management/internal/security/LogNoPasswordTest.java b/geode-web/src/test/java/org/apache/geode/management/internal/security/LogNoPasswordTest.java
new file mode 100644
index 0000000..688af78
--- /dev/null
+++ b/geode-web/src/test/java/org/apache/geode/management/internal/security/LogNoPasswordTest.java
@@ -0,0 +1,75 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package org.apache.geode.management.internal.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.LOG_LEVEL;
+import static org.assertj.core.api.Assertions.assertThat;
+
+import org.apache.geode.security.AuthenticationFailedException;
+import org.apache.geode.security.SecurityManager;
+import org.apache.geode.test.dunit.rules.GfshShellConnectionRule;
+import org.apache.geode.test.dunit.rules.LocatorStarterRule;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import java.io.File;
+import java.util.Properties;
+import java.util.Scanner;
+
+@Category(IntegrationTest.class)
+public class LogNoPasswordTest {
+
+  private static String PASSWORD = "abcdefghijklmn";
+  @Rule
+  public LocatorStarterRule locator = new LocatorStarterRule().withProperty(LOG_LEVEL, "DEBUG")
+      .withSecurityManager(MySecurityManager.class);
+
+  @Rule
+  public GfshShellConnectionRule gfsh = new GfshShellConnectionRule();
+
+  @Test
+  public void testPasswordInLogs() throws Exception {
+    locator.startLocator();
+    gfsh.secureConnectAndVerify(locator.getHttpPort(), GfshShellConnectionRule.PortType.http, "any",
+        PASSWORD);
+    gfsh.executeAndVerifyCommand("list members");
+
+    // scan all log files to find any occurrences of password
+    File[] logFiles = locator.getWorkingDir().listFiles(file -> file.toString().endsWith(".log"));
+    for (File logFile : logFiles) {
+      Scanner scanner = new Scanner(logFile);
+      while (scanner.hasNextLine()) {
+        String line = scanner.nextLine();
+        assertThat(line).doesNotContain(PASSWORD);
+      }
+    }
+  }
+
+  public static class MySecurityManager implements SecurityManager {
+    @Override
+    public Object authenticate(Properties credentials) throws AuthenticationFailedException {
+      String user = credentials.getProperty("security-username");
+      String password = credentials.getProperty("security-password");
+      if (PASSWORD.equals(password)) {
+        return user;
+      }
+
+      throw new AuthenticationFailedException("Not authenticated.");
+    }
+  }
+}