You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by kl...@apache.org on 2016/02/10 02:01:43 UTC
[2/4] incubator-geode git commit: Repackage security test classes in
Apache Geode
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4383a711/gemfire-core/src/test/java/security/CredentialGenerator.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/security/CredentialGenerator.java b/gemfire-core/src/test/java/security/CredentialGenerator.java
deleted file mode 100644
index 7a430f1..0000000
--- a/gemfire-core/src/test/java/security/CredentialGenerator.java
+++ /dev/null
@@ -1,343 +0,0 @@
-
-package security;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Properties;
-
-import com.gemstone.gemfire.security.AuthInitialize;
-import com.gemstone.gemfire.security.Authenticator;
-
-/**
- * Encapsulates obtaining valid and invalid credentials. Implementations will be
- * for different kinds of authentication schemes.
- *
- * @author sumedh
- * @since 5.5
- */
-public abstract class CredentialGenerator {
-
- /**
- * Enumeration for various {@link CredentialGenerator} implementations.
- *
- * The following schemes are supported as of now:
- * <code>DummyAuthenticator</code>, <code>LdapUserAuthenticator</code>,
- * <code>PKCSAuthenticator</code>. In addition SSL socket mode with mutual
- * authentication is also supported.
- *
- * To add a new authentication scheme the following needs to be done:
- * <ul>
- * <li>Add implementations for {@link AuthInitialize} and
- * {@link Authenticator} classes for clients/peers.</li>
- * <li>Add a new enumeration value for the scheme in this class. Notice the
- * size of <code>VALUES</code> array and increase that if it is getting
- * overflowed. Note the methods and fields for existing schemes and add for
- * the new one in a similar manner.</li>
- * <li>Add an implementation for {@link CredentialGenerator}.</li>
- * <li>Modify the CredentialGenerator.Factory#create [no such Factory exists] method to add
- * creation of an instance of the new implementation for the
- * <code>ClassCode</code> enumeration value.</li>
- * </ul>
- * All security dunit tests will automagically start testing the new
- * implementation after this.
- *
- * @author sumedh
- * @since 5.5
- */
- public static final class ClassCode {
-
- private static final byte ID_DUMMY = 1;
-
- private static final byte ID_LDAP = 2;
-
- private static final byte ID_PKCS = 3;
-
- private static final byte ID_SSL = 4;
-
- private static byte nextOrdinal = 0;
-
- private static final ClassCode[] VALUES = new ClassCode[10];
-
- private static final Map CodeNameMap = new HashMap();
-
- public static final ClassCode DUMMY = new ClassCode(
- "templates.security.DummyAuthenticator.create", ID_DUMMY);
-
- public static final ClassCode LDAP = new ClassCode(
- "templates.security.LdapUserAuthenticator.create", ID_LDAP);
-
- public static final ClassCode PKCS = new ClassCode(
- "templates.security.PKCSAuthenticator.create", ID_PKCS);
-
- public static final ClassCode SSL = new ClassCode("SSL", ID_SSL);
-
- /** The name of this class. */
- private final String name;
-
- /** byte used as ordinal to represent this class */
- private final byte ordinal;
-
- /**
- * One of the following: ID_DUMMY, ID_LDAP, ID_PKCS
- */
- private final byte classType;
-
- /** Creates a new instance of class code. */
- private ClassCode(String name, byte classType) {
- this.name = name;
- this.classType = classType;
- this.ordinal = nextOrdinal++;
- VALUES[this.ordinal] = this;
- CodeNameMap.put(name, this);
- }
-
- public boolean isDummy() {
- return (this.classType == ID_DUMMY);
- }
-
- public boolean isLDAP() {
- return (this.classType == ID_LDAP);
- }
-
- public boolean isPKCS() {
- return (this.classType == ID_PKCS);
- }
-
- public boolean isSSL() {
- return (this.classType == ID_SSL);
- }
-
- /**
- * Returns the <code>ClassCode</code> represented by specified ordinal.
- */
- public static ClassCode fromOrdinal(byte ordinal) {
- return VALUES[ordinal];
- }
-
- /**
- * Returns the <code>ClassCode</code> represented by specified string.
- */
- public static ClassCode parse(String operationName) {
- return (ClassCode)CodeNameMap.get(operationName);
- }
-
- /**
- * Returns all the possible values.
- */
- public static List getAll() {
- List codes = new ArrayList();
- Iterator iter = CodeNameMap.values().iterator();
- while (iter.hasNext()) {
- codes.add(iter.next());
- }
- return codes;
- }
-
- /**
- * Returns the ordinal for this operation code.
- *
- * @return the ordinal of this operation.
- */
- public byte toOrdinal() {
- return this.ordinal;
- }
-
- /**
- * Returns a string representation for this operation.
- *
- * @return the name of this operation.
- */
- final public String toString() {
- return this.name;
- }
-
- /**
- * Indicates whether other object is same as this one.
- *
- * @return true if other object is same as this one.
- */
- @Override
- final public boolean equals(final Object obj) {
- if (obj == this) {
- return true;
- }
- if (!(obj instanceof ClassCode)) {
- return false;
- }
- final ClassCode other = (ClassCode)obj;
- return (other.ordinal == this.ordinal);
- }
-
- /**
- * Indicates whether other <code>ClassCode</code> is same as this one.
- *
- * @return true if other <code>ClassCode</code> is same as this one.
- */
- final public boolean equals(final ClassCode opCode) {
- return (opCode != null && opCode.ordinal == this.ordinal);
- }
-
- /**
- * Returns a hash code value for this <code>ClassCode</code> which is the
- * same as its ordinal.
- *
- * @return the ordinal of this operation.
- */
- @Override
- final public int hashCode() {
- return this.ordinal;
- }
-
- }
-
- /**
- * A set of properties that should be added to the Gemfire system properties
- * before using the authentication module.
- */
- private Properties sysProps = null;
-
- /**
- * A set of properties that should be added to the java system properties
- * before using the authentication module.
- */
- protected Properties javaProps = null;
-
- /**
- * A factory method to create a new instance of an {@link CredentialGenerator}
- * for the given {@link ClassCode}. Caller is supposed to invoke
- * {@link CredentialGenerator#init} immediately after obtaining the instance.
- *
- * @param classCode
- * the <code>ClassCode</code> of the
- * <code>CredentialGenerator</code> implementation
- *
- * @return an instance of <code>CredentialGenerator</code> for the given
- * class code
- */
- public static CredentialGenerator create(ClassCode classCode) {
- switch (classCode.classType) {
- // Removing dummy one to reduce test run times
- // case ClassCode.ID_DUMMY:
- // return new DummyCredentialGenerator();
- case ClassCode.ID_LDAP:
- return new LdapUserCredentialGenerator();
- // case ClassCode.ID_SSL:ΓΈ
- // return new SSLCredentialGenerator();
- case ClassCode.ID_PKCS:
- return new PKCSCredentialGenerator();
- default:
- return null;
- }
- }
-
- /**
- * Initialize the credential generator.
- *
- * @throws IllegalArgumentException
- * when there is a problem during initialization
- */
- public void init() throws IllegalArgumentException {
- this.sysProps = initialize();
- }
-
- /**
- * Initialize the credential generator. This is provided separately from the
- * {@link #init} method for convenience of implementations so that they do not
- * need to store in {@link #sysProps}. The latter is convenient for the users
- * who do not need to store these properties rather can obtain it later by
- * invoking {@link #getSystemProperties}
- *
- * Required to be implemented by concrete classes that implement this abstract
- * class.
- *
- * @return A set of extra properties that should be added to Gemfire system
- * properties when not null.
- *
- * @throws IllegalArgumentException
- * when there is a problem during initialization
- */
- protected abstract Properties initialize() throws IllegalArgumentException;
-
- /**
- *
- * @return A set of extra properties that should be added to Gemfire system
- * properties when not null.
- */
- public Properties getSystemProperties() {
- return this.sysProps;
- }
-
- /**
- *
- * @return A set of extra properties that should be added to Gemfire system
- * properties when not null.
- */
- public Properties getJavaProperties() {
- return this.javaProps;
- }
-
- /**
- * The {@link ClassCode} of this particular implementation.
- *
- * @return the <code>ClassCode</code>
- */
- public abstract ClassCode classCode();
-
- /**
- * The name of the {@link AuthInitialize} factory function that should be used
- * in conjunction with the credentials generated by this generator.
- *
- * @return name of the <code>AuthInitialize</code> factory function
- */
- public abstract String getAuthInit();
-
- /**
- * The name of the {@link Authenticator} factory function that should be used
- * in conjunction with the credentials generated by this generator.
- *
- * @return name of the <code>Authenticator</code> factory function
- */
- public abstract String getAuthenticator();
-
- /**
- * Get a set of valid credentials generated using the given index.
- */
- public abstract Properties getValidCredentials(int index);
-
- /**
- * Get a set of valid credentials for the given {@link Principal}.
- *
- * @return credentials for the given <code>Principal</code> or null if none
- * possible.
- */
- public abstract Properties getValidCredentials(Principal principal);
-
- /**
- * Get a set of invalid credentials generated using the given index.
- */
- public abstract Properties getInvalidCredentials(int index);
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4383a711/gemfire-core/src/test/java/security/DummyAuthzCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/security/DummyAuthzCredentialGenerator.java b/gemfire-core/src/test/java/security/DummyAuthzCredentialGenerator.java
deleted file mode 100644
index 7e40d13..0000000
--- a/gemfire-core/src/test/java/security/DummyAuthzCredentialGenerator.java
+++ /dev/null
@@ -1,145 +0,0 @@
-
-package security;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-
-import java.security.Principal;
-import java.util.HashSet;
-import java.util.Properties;
-import java.util.Set;
-
-import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import security.AuthzCredentialGenerator;
-import templates.security.DummyAuthorization;
-import templates.security.UsernamePrincipal;
-
-public class DummyAuthzCredentialGenerator extends AuthzCredentialGenerator {
-
- public static final byte READER_ROLE = 1;
-
- public static final byte WRITER_ROLE = 2;
-
- public static final byte ADMIN_ROLE = 3;
-
- private static Set readerOpsSet;
-
- private static Set writerOpsSet;
-
- static {
-
- readerOpsSet = new HashSet();
- for (int index = 0; index < DummyAuthorization.READER_OPS.length; index++) {
- readerOpsSet.add(DummyAuthorization.READER_OPS[index]);
- }
- writerOpsSet = new HashSet();
- for (int index = 0; index < DummyAuthorization.WRITER_OPS.length; index++) {
- writerOpsSet.add(DummyAuthorization.WRITER_OPS[index]);
- }
- }
-
- public DummyAuthzCredentialGenerator() {
- }
-
- protected Properties init() throws IllegalArgumentException {
-
- if (!this.cGen.classCode().isDummy()) {
- throw new IllegalArgumentException(
- "DummyAuthorization module only works with DummyAuthenticator");
- }
- return null;
- }
-
- public ClassCode classCode() {
- return ClassCode.DUMMY;
- }
-
- public String getAuthorizationCallback() {
- return "templates.security.DummyAuthorization.create";
- }
-
- public static byte getRequiredRole(OperationCode[] opCodes) {
-
- byte roleType = ADMIN_ROLE;
- boolean requiresReader = true;
- boolean requiresWriter = true;
-
- for (int opNum = 0; opNum < opCodes.length; opNum++) {
- if (requiresReader && !readerOpsSet.contains(opCodes[opNum])) {
- requiresReader = false;
- }
- if (requiresWriter && !writerOpsSet.contains(opCodes[opNum])) {
- requiresWriter = false;
- }
- }
- if (requiresReader) {
- roleType = READER_ROLE;
- }
- else if (requiresWriter) {
- roleType = WRITER_ROLE;
- }
- return roleType;
- }
-
- private Principal getPrincipal(byte roleType, int index) {
-
- String[] admins = new String[] { "root", "admin", "administrator" };
- switch (roleType) {
- case READER_ROLE:
- return new UsernamePrincipal("reader" + index);
- case WRITER_ROLE:
- return new UsernamePrincipal("writer" + index);
- default:
- return new UsernamePrincipal(admins[index % admins.length]);
- }
- }
-
- protected Principal getAllowedPrincipal(OperationCode[] opCodes,
- String[] regionNames, int index) {
-
- byte roleType = getRequiredRole(opCodes);
- return getPrincipal(roleType, index);
- }
-
- protected Principal getDisallowedPrincipal(OperationCode[] opCodes,
- String[] regionNames, int index) {
-
- byte roleType = getRequiredRole(opCodes);
- byte disallowedRoleType;
- switch (roleType) {
- case READER_ROLE:
- disallowedRoleType = WRITER_ROLE;
- break;
- case WRITER_ROLE:
- disallowedRoleType = READER_ROLE;
- break;
- default:
- disallowedRoleType = READER_ROLE;
- break;
- }
- return getPrincipal(disallowedRoleType, index);
- }
-
- protected int getNumPrincipalTries(OperationCode[] opCodes,
- String[] regionNames) {
- return 5;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4383a711/gemfire-core/src/test/java/security/DummyCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/security/DummyCredentialGenerator.java b/gemfire-core/src/test/java/security/DummyCredentialGenerator.java
deleted file mode 100644
index 86b26a7..0000000
--- a/gemfire-core/src/test/java/security/DummyCredentialGenerator.java
+++ /dev/null
@@ -1,94 +0,0 @@
-
-package security;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-
-import security.CredentialGenerator;
-import templates.security.DummyAuthenticator;
-import templates.security.UserPasswordAuthInit;
-
-import java.security.Principal;
-import java.util.Properties;
-
-public class DummyCredentialGenerator extends CredentialGenerator {
-
- public DummyCredentialGenerator() {
- }
-
- protected Properties initialize() throws IllegalArgumentException {
- return null;
- }
-
- public ClassCode classCode() {
- return ClassCode.DUMMY;
- }
-
- public String getAuthInit() {
- return "templates.security.UserPasswordAuthInit.create";
- }
-
- public String getAuthenticator() {
- return "templates.security.DummyAuthenticator.create";
- }
-
- public Properties getValidCredentials(int index) {
-
- String[] validGroups = new String[] { "admin", "user", "reader", "writer" };
- String[] admins = new String[] { "root", "admin", "administrator" };
-
- Properties props = new Properties();
- int groupNum = (index % validGroups.length);
- String userName;
- if (groupNum == 0) {
- userName = admins[index % admins.length];
- }
- else {
- userName = validGroups[groupNum] + (index / validGroups.length);
- }
- props.setProperty(UserPasswordAuthInit.USER_NAME, userName);
- props.setProperty(UserPasswordAuthInit.PASSWORD, userName);
- return props;
- }
-
- public Properties getValidCredentials(Principal principal) {
-
- String userName = principal.getName();
- if (DummyAuthenticator.testValidName(userName)) {
- Properties props = new Properties();
- props.setProperty(UserPasswordAuthInit.USER_NAME, userName);
- props.setProperty(UserPasswordAuthInit.PASSWORD, userName);
- return props;
- }
- else {
- throw new IllegalArgumentException("Dummy: [" + userName
- + "] is not a valid user");
- }
- }
-
- public Properties getInvalidCredentials(int index) {
-
- Properties props = new Properties();
- props.setProperty(UserPasswordAuthInit.USER_NAME, "invalid" + index);
- props.setProperty(UserPasswordAuthInit.PASSWORD, "none");
- return props;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4383a711/gemfire-core/src/test/java/security/LdapUserCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/security/LdapUserCredentialGenerator.java b/gemfire-core/src/test/java/security/LdapUserCredentialGenerator.java
deleted file mode 100644
index 12bcb62..0000000
--- a/gemfire-core/src/test/java/security/LdapUserCredentialGenerator.java
+++ /dev/null
@@ -1,160 +0,0 @@
-
-package security;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-
-import java.security.Principal;
-import java.util.Properties;
-
-import com.gemstone.gemfire.distributed.internal.DistributionConfig;
-import com.gemstone.gemfire.internal.cache.tier.sockets.HandShake;
-import com.gemstone.gemfire.util.test.TestUtil;
-import templates.security.LdapUserAuthenticator;
-import templates.security.UserPasswordAuthInit;
-
-import java.util.Random;
-
-public class LdapUserCredentialGenerator extends CredentialGenerator {
-
- private static final String USER_PREFIX = "gemfire";
-
- private static boolean enableServerAuthentication = false;
-
- private boolean serverAuthEnabled = false;
-
- private static final Random prng = new Random();
-
- private static final String[] algos = new String[] { "", "DESede", "AES:128",
- "Blowfish:128" };
-
- public LdapUserCredentialGenerator() {
- // Toggle server authentication enabled for each test
- // This is done instead of running all the tests with both
- // server auth enabled/disabled to reduce test run time.
- enableServerAuthentication = !enableServerAuthentication;
- serverAuthEnabled = enableServerAuthentication;
- }
-
- @Override
- protected Properties initialize() throws IllegalArgumentException {
-
- Properties extraProps = new Properties();
- String ldapServer = System.getProperty("gf.ldap.server", "ldap");
- String ldapBaseDN = System.getProperty("gf.ldap.basedn", "ou=ldapTesting,dc=pune,dc=gemstone,dc=com");
- String ldapUseSSL = System.getProperty("gf.ldap.usessl");
- extraProps.setProperty(LdapUserAuthenticator.LDAP_SERVER_NAME, ldapServer);
- extraProps.setProperty(LdapUserAuthenticator.LDAP_BASEDN_NAME, ldapBaseDN);
- if (ldapUseSSL != null && ldapUseSSL.length() > 0) {
- extraProps.setProperty(LdapUserAuthenticator.LDAP_SSL_NAME, ldapUseSSL);
- }
- if (serverAuthEnabled) {
- String keyStoreFile = TestUtil.getResourcePath(LdapUserCredentialGenerator.class, PKCSCredentialGenerator.keyStoreDir + "/gemfire1.keystore");
- extraProps.setProperty(HandShake.PRIVATE_KEY_FILE_PROP, keyStoreFile);
- extraProps.setProperty(HandShake.PRIVATE_KEY_ALIAS_PROP, "gemfire1");
- extraProps.setProperty(HandShake.PRIVATE_KEY_PASSWD_PROP, "gemfire");
- }
- return extraProps;
- }
-
- @Override
- public ClassCode classCode() {
- return ClassCode.LDAP;
- }
-
- @Override
- public String getAuthInit() {
- return "templates.security.UserPasswordAuthInit.create";
- }
-
- @Override
- public String getAuthenticator() {
- return "templates.security.LdapUserAuthenticator.create";
- }
-
- @Override
- public Properties getValidCredentials(int index) {
-
- Properties props = new Properties();
- props.setProperty(UserPasswordAuthInit.USER_NAME, USER_PREFIX
- + ((index % 10) + 1));
- props.setProperty(UserPasswordAuthInit.PASSWORD, USER_PREFIX
- + ((index % 10) + 1));
- props.setProperty(DistributionConfig.SECURITY_CLIENT_DHALGO_NAME,
- algos[prng.nextInt(algos.length)]);
- if (serverAuthEnabled) {
- String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, PKCSCredentialGenerator.keyStoreDir + "/publickeyfile");
- props.setProperty(HandShake.PUBLIC_KEY_FILE_PROP, keyStoreFile);
- props.setProperty(HandShake.PUBLIC_KEY_PASSWD_PROP, "gemfire");
- }
- return props;
- }
-
- @Override
- public Properties getValidCredentials(Principal principal) {
-
- Properties props = null;
- String userName = principal.getName();
- if (userName != null && userName.startsWith(USER_PREFIX)) {
- boolean isValid;
- try {
- int suffix = Integer.parseInt(userName.substring(USER_PREFIX.length()));
- isValid = (suffix >= 1 && suffix <= 10);
- }
- catch (Exception ex) {
- isValid = false;
- }
- if (isValid) {
- props = new Properties();
- props.setProperty(UserPasswordAuthInit.USER_NAME, userName);
- props.setProperty(UserPasswordAuthInit.PASSWORD, userName);
- }
- }
- if (props == null) {
- throw new IllegalArgumentException("LDAP: [" + userName
- + "] not a valid user");
- }
- props.setProperty(DistributionConfig.SECURITY_CLIENT_DHALGO_NAME,
- algos[prng.nextInt(algos.length)]);
- if (serverAuthEnabled) {
- String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, PKCSCredentialGenerator.keyStoreDir + "/publickeyfile");
- props.setProperty(HandShake.PUBLIC_KEY_FILE_PROP, keyStoreFile);
- props.setProperty(HandShake.PUBLIC_KEY_PASSWD_PROP, "gemfire");
- }
- return props;
- }
-
- @Override
- public Properties getInvalidCredentials(int index) {
-
- Properties props = new Properties();
- props.setProperty(UserPasswordAuthInit.USER_NAME, "invalid" + index);
- props.setProperty(UserPasswordAuthInit.PASSWORD, "none");
- props.setProperty(DistributionConfig.SECURITY_CLIENT_DHALGO_NAME,
- algos[prng.nextInt(algos.length)]);
- if (serverAuthEnabled) {
- String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, PKCSCredentialGenerator.keyStoreDir + "/publickeyfile");
- props.setProperty(HandShake.PUBLIC_KEY_FILE_PROP, keyStoreFile);
- props.setProperty(HandShake.PUBLIC_KEY_PASSWD_PROP, "gemfire");
- }
- return props;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4383a711/gemfire-core/src/test/java/security/PKCSCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/security/PKCSCredentialGenerator.java b/gemfire-core/src/test/java/security/PKCSCredentialGenerator.java
deleted file mode 100644
index 24c0100..0000000
--- a/gemfire-core/src/test/java/security/PKCSCredentialGenerator.java
+++ /dev/null
@@ -1,112 +0,0 @@
-
-package security;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-
-import java.security.Principal;
-import java.security.Provider;
-import java.security.Security;
-import java.util.Properties;
-
-import com.gemstone.gemfire.util.test.TestUtil;
-import templates.security.PKCSAuthInit;
-import templates.security.PKCSAuthenticator;
-
-/**
- * @author kneeraj
- *
- */
-public class PKCSCredentialGenerator extends CredentialGenerator {
-
- public static String keyStoreDir = getKeyStoreDir();
-
- public static boolean usesIBMJSSE;
-
- // Checks if the current JVM uses only IBM JSSE providers.
- private static boolean usesIBMProviders() {
- Provider[] providers = Security.getProviders();
- for (int index = 0; index < providers.length; ++index) {
- if (!providers[index].getName().toLowerCase().startsWith("ibm")) {
- return false;
- }
- }
- return true;
- }
-
- private static String getKeyStoreDir() {
- usesIBMJSSE = usesIBMProviders();
- if (usesIBMJSSE) {
- return "/lib/keys/ibm";
- }
- else {
- return "/lib/keys";
- }
- }
-
- public ClassCode classCode() {
- return ClassCode.PKCS;
- }
-
- public String getAuthInit() {
- return "templates.security.PKCSAuthInit.create";
- }
-
- public String getAuthenticator() {
- return "templates.security.PKCSAuthenticator.create";
- }
-
- public Properties getInvalidCredentials(int index) {
- Properties props = new Properties();
- String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, keyStoreDir + "/gemfire11.keystore");
- props.setProperty(PKCSAuthInit.KEYSTORE_FILE_PATH, keyStoreFile);
- props.setProperty(PKCSAuthInit.KEYSTORE_ALIAS, "gemfire11");
- props.setProperty(PKCSAuthInit.KEYSTORE_PASSWORD, "gemfire");
- return props;
- }
-
- public Properties getValidCredentials(int index) {
- Properties props = new Properties();
- int aliasnum = (index % 10) + 1;
- String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, keyStoreDir + "/gemfire" + aliasnum + ".keystore");
- props.setProperty(PKCSAuthInit.KEYSTORE_FILE_PATH, keyStoreFile);
- props.setProperty(PKCSAuthInit.KEYSTORE_ALIAS, "gemfire" + aliasnum);
- props.setProperty(PKCSAuthInit.KEYSTORE_PASSWORD, "gemfire");
- return props;
- }
-
- public Properties getValidCredentials(Principal principal) {
- Properties props = new Properties();
- String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, keyStoreDir + principal.getName() + ".keystore");
- props.setProperty(PKCSAuthInit.KEYSTORE_FILE_PATH, keyStoreFile);
- props.setProperty(PKCSAuthInit.KEYSTORE_ALIAS, principal.getName());
- props.setProperty(PKCSAuthInit.KEYSTORE_PASSWORD, "gemfire");
- return props;
- }
-
- protected Properties initialize() throws IllegalArgumentException {
- Properties props = new Properties();
- String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, keyStoreDir + "/publickeyfile");
- props.setProperty(PKCSAuthenticator.PUBLIC_KEY_FILE, keyStoreFile);
- props.setProperty(PKCSAuthenticator.PUBLIC_KEYSTORE_PASSWORD, "gemfire");
- return props;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4383a711/gemfire-core/src/test/java/security/SSLCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/security/SSLCredentialGenerator.java b/gemfire-core/src/test/java/security/SSLCredentialGenerator.java
deleted file mode 100644
index 29a1a30..0000000
--- a/gemfire-core/src/test/java/security/SSLCredentialGenerator.java
+++ /dev/null
@@ -1,117 +0,0 @@
-
-package security;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-
-import java.io.File;
-import java.io.IOException;
-import java.security.Principal;
-import java.util.Properties;
-
-import com.gemstone.gemfire.security.AuthenticationFailedException;
-import security.CredentialGenerator;
-
-public class SSLCredentialGenerator extends CredentialGenerator {
-
- private File findTrustedJKS() {
- File ssldir = new File(System.getProperty("JTESTS") + "/ssl");
- return new File(ssldir, "trusted.keystore");
- }
-
- private File findUntrustedJKS() {
- File ssldir = new File(System.getProperty("JTESTS") + "/ssl");
- return new File(ssldir, "untrusted.keystore");
- }
-
- private Properties getValidJavaSSLProperties() {
- File jks = findTrustedJKS();
- try {
- Properties props = new Properties();
- props.setProperty("javax.net.ssl.trustStore", jks.getCanonicalPath());
- props.setProperty("javax.net.ssl.trustStorePassword", "password");
- props.setProperty("javax.net.ssl.keyStore", jks.getCanonicalPath());
- props.setProperty("javax.net.ssl.keyStorePassword", "password");
- return props;
- }
- catch (IOException ex) {
- throw new AuthenticationFailedException(
- "SSL: Exception while opening the key store: " + ex);
- }
- }
-
- private Properties getInvalidJavaSSLProperties() {
- File jks = findUntrustedJKS();
- try {
- Properties props = new Properties();
- props.setProperty("javax.net.ssl.trustStore", jks.getCanonicalPath());
- props.setProperty("javax.net.ssl.trustStorePassword", "password");
- props.setProperty("javax.net.ssl.keyStore", jks.getCanonicalPath());
- props.setProperty("javax.net.ssl.keyStorePassword", "password");
- return props;
- }
- catch (IOException ex) {
- throw new AuthenticationFailedException(
- "SSL: Exception while opening the key store: " + ex);
- }
- }
-
- private Properties getSSLProperties() {
- Properties props = new Properties();
- props.setProperty("ssl-enabled", "true");
- props.setProperty("ssl-require-authentication", "true");
- props.setProperty("ssl-ciphers", "SSL_RSA_WITH_RC4_128_MD5");
- props.setProperty("ssl-protocols", "TLSv1");
- return props;
- }
-
- protected Properties initialize() throws IllegalArgumentException {
- this.javaProps = getValidJavaSSLProperties();
- return getSSLProperties();
- }
-
- public ClassCode classCode() {
- return ClassCode.SSL;
- }
-
- public String getAuthInit() {
- return null;
- }
-
- public String getAuthenticator() {
- return null;
- }
-
- public Properties getValidCredentials(int index) {
- this.javaProps = getValidJavaSSLProperties();
- return getSSLProperties();
- }
-
- public Properties getValidCredentials(Principal principal) {
- this.javaProps = getValidJavaSSLProperties();
- return getSSLProperties();
- }
-
- public Properties getInvalidCredentials(int index) {
- this.javaProps = getInvalidJavaSSLProperties();
- return getSSLProperties();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4383a711/gemfire-core/src/test/java/security/UserPasswordWithExtraPropsAuthInit.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/security/UserPasswordWithExtraPropsAuthInit.java b/gemfire-core/src/test/java/security/UserPasswordWithExtraPropsAuthInit.java
deleted file mode 100644
index a41f73a..0000000
--- a/gemfire-core/src/test/java/security/UserPasswordWithExtraPropsAuthInit.java
+++ /dev/null
@@ -1,77 +0,0 @@
-
-package security;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-
-import java.util.Properties;
-import java.util.Iterator;
-
-import com.gemstone.gemfire.distributed.DistributedMember;
-import com.gemstone.gemfire.security.AuthInitialize;
-import com.gemstone.gemfire.security.AuthenticationFailedException;
-import templates.security.UserPasswordAuthInit;
-
-/**
- * An {@link AuthInitialize} implementation that obtains the user name and
- * password as the credentials from the given set of properties. If
- * keep-extra-props property exits, it will copy rest of the
- * properties provided in getCredential props argument will also be
- * copied as new credentials.
- *
- * @author Soubhik
- * @since 5.5
- */
-public class UserPasswordWithExtraPropsAuthInit extends UserPasswordAuthInit {
-
- public static final String EXTRA_PROPS = "security-keep-extra-props";
-
- public static final String SECURITY_PREFIX = "security-";
-
- public static AuthInitialize create() {
- return new UserPasswordWithExtraPropsAuthInit();
- }
-
- public UserPasswordWithExtraPropsAuthInit() {
- super();
- }
-
- public Properties getCredentials(Properties props, DistributedMember server,
- boolean isPeer) throws AuthenticationFailedException {
-
- Properties newProps = super.getCredentials(props, server, isPeer);
- String extraProps = props.getProperty(EXTRA_PROPS);
- if(extraProps != null) {
- for(Iterator it = props.keySet().iterator(); it.hasNext();) {
- String key = (String)it.next();
- if( key.startsWith(SECURITY_PREFIX) &&
- key.equalsIgnoreCase(USER_NAME) == false &&
- key.equalsIgnoreCase(PASSWORD) == false &&
- key.equalsIgnoreCase(EXTRA_PROPS) == false) {
- newProps.setProperty(key, props.getProperty(key));
- }
- }
- this.securitylog.fine("got everything and now have: "
- + newProps.keySet().toString());
- }
- return newProps;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4383a711/gemfire-core/src/test/java/security/XmlAuthzCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/security/XmlAuthzCredentialGenerator.java b/gemfire-core/src/test/java/security/XmlAuthzCredentialGenerator.java
deleted file mode 100644
index 929eafb..0000000
--- a/gemfire-core/src/test/java/security/XmlAuthzCredentialGenerator.java
+++ /dev/null
@@ -1,264 +0,0 @@
-
-package security;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-
-import java.security.Principal;
-import java.util.HashSet;
-import java.util.Properties;
-import java.util.Set;
-
-import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import com.gemstone.gemfire.util.test.TestUtil;
-import templates.security.UsernamePrincipal;
-import templates.security.XmlAuthorization;
-
-public class XmlAuthzCredentialGenerator extends AuthzCredentialGenerator {
-
- private static final String dummyXml = "authz-dummy.xml";
-
- private static final String ldapXml = "authz-ldap.xml";
-
- private static final String pkcsXml = "authz-pkcs.xml";
-
- private static final String sslXml = "authz-ssl.xml";
-
- private static final String[] QUERY_REGIONS = { "/Portfolios", "/Positions",
- "/AuthRegion" };
-
- public static OperationCode[] READER_OPS = { OperationCode.GET,
- OperationCode.REGISTER_INTEREST, OperationCode.UNREGISTER_INTEREST,
- OperationCode.KEY_SET, OperationCode.CONTAINS_KEY, OperationCode.EXECUTE_FUNCTION };
-
- public static OperationCode[] WRITER_OPS = { OperationCode.PUT,
- OperationCode.DESTROY, OperationCode.INVALIDATE, OperationCode.REGION_CLEAR };
-
- public static OperationCode[] QUERY_OPS = { OperationCode.QUERY,
- OperationCode.EXECUTE_CQ, OperationCode.STOP_CQ, OperationCode.CLOSE_CQ };
-
- private static final byte READER_ROLE = 1;
-
- private static final byte WRITER_ROLE = 2;
-
- private static final byte QUERY_ROLE = 3;
-
- private static final byte ADMIN_ROLE = 4;
-
- private static Set readerOpsSet;
-
- private static Set writerOpsSet;
-
- private static Set queryOpsSet;
-
- private static Set queryRegionSet;
-
- static {
-
- readerOpsSet = new HashSet();
- for (int index = 0; index < READER_OPS.length; index++) {
- readerOpsSet.add(READER_OPS[index]);
- }
- writerOpsSet = new HashSet();
- for (int index = 0; index < WRITER_OPS.length; index++) {
- writerOpsSet.add(WRITER_OPS[index]);
- }
- queryOpsSet = new HashSet();
- for (int index = 0; index < QUERY_OPS.length; index++) {
- queryOpsSet.add(QUERY_OPS[index]);
- }
- queryRegionSet = new HashSet();
- for (int index = 0; index < QUERY_REGIONS.length; index++) {
- queryRegionSet.add(QUERY_REGIONS[index]);
- }
- }
-
- public XmlAuthzCredentialGenerator() {
- }
-
- protected Properties init() throws IllegalArgumentException {
-
- Properties sysProps = new Properties();
- String dirName = "/lib/";
- if (this.cGen.classCode().isDummy()) {
- String xmlFilename = TestUtil.getResourcePath(XmlAuthzCredentialGenerator.class, dirName + dummyXml);
- sysProps.setProperty(XmlAuthorization.DOC_URI_PROP_NAME, xmlFilename);
- }
- else if (this.cGen.classCode().isLDAP()) {
- String xmlFilename = TestUtil.getResourcePath(XmlAuthzCredentialGenerator.class, dirName + ldapXml);
- sysProps.setProperty(XmlAuthorization.DOC_URI_PROP_NAME, xmlFilename);
- }
- // else if (this.cGen.classCode().isPKCS()) {
- // sysProps
- // .setProperty(XmlAuthorization.DOC_URI_PROP_NAME, dirName + pkcsXml);
- // }
- // else if (this.cGen.classCode().isSSL()) {
- // sysProps
- // .setProperty(XmlAuthorization.DOC_URI_PROP_NAME, dirName + sslXml);
- // }
- else {
- throw new IllegalArgumentException(
- "No XML defined for XmlAuthorization module to work with "
- + this.cGen.getAuthenticator());
- }
- return sysProps;
- }
-
- public ClassCode classCode() {
- return ClassCode.XML;
- }
-
- public String getAuthorizationCallback() {
- return "templates.security.XmlAuthorization.create";
- }
-
- private Principal getDummyPrincipal(byte roleType, int index) {
-
- String[] admins = new String[] { "root", "admin", "administrator" };
- int numReaders = 3;
- int numWriters = 3;
-
- switch (roleType) {
- case READER_ROLE:
- return new UsernamePrincipal("reader" + (index % numReaders));
- case WRITER_ROLE:
- return new UsernamePrincipal("writer" + (index % numWriters));
- case QUERY_ROLE:
- return new UsernamePrincipal("reader" + ((index % 2) + 3));
- default:
- return new UsernamePrincipal(admins[index % admins.length]);
- }
- }
-
- private Principal getLdapPrincipal(byte roleType, int index) {
-
- final String userPrefix = "gemfire";
- final int[] readerIndices = { 3, 4, 5 };
- final int[] writerIndices = { 6, 7, 8 };
- final int[] queryIndices = { 9, 10 };
- final int[] adminIndices = { 1, 2 };
-
- switch (roleType) {
- case READER_ROLE:
- int readerIndex = readerIndices[index % readerIndices.length];
- return new UsernamePrincipal(userPrefix + readerIndex);
- case WRITER_ROLE:
- int writerIndex = writerIndices[index % writerIndices.length];
- return new UsernamePrincipal(userPrefix + writerIndex);
- case QUERY_ROLE:
- int queryIndex = queryIndices[index % queryIndices.length];
- return new UsernamePrincipal(userPrefix + queryIndex);
- default:
- int adminIndex = adminIndices[index % adminIndices.length];
- return new UsernamePrincipal(userPrefix + adminIndex);
- }
- }
-
- private byte getRequiredRole(OperationCode[] opCodes, String[] regionNames) {
-
- byte roleType = ADMIN_ROLE;
- boolean requiresReader = true;
- boolean requiresWriter = true;
- boolean requiresQuery = true;
-
- for (int opNum = 0; opNum < opCodes.length; opNum++) {
- OperationCode opCode = opCodes[opNum];
- if (requiresReader && !readerOpsSet.contains(opCode)) {
- requiresReader = false;
- }
- if (requiresWriter && !writerOpsSet.contains(opCode)) {
- requiresWriter = false;
- }
- if (requiresQuery && !queryOpsSet.contains(opCode)) {
- requiresQuery = false;
- }
- }
- if (requiresReader) {
- roleType = READER_ROLE;
- }
- else if (requiresWriter) {
- roleType = WRITER_ROLE;
- }
- else if (requiresQuery) {
- if (regionNames != null && regionNames.length > 0) {
- for (int index = 0; index < regionNames.length; index++) {
- String regionName = XmlAuthorization
- .normalizeRegionName(regionNames[index]);
- if (requiresQuery && !queryRegionSet.contains(regionName)) {
- requiresQuery = false;
- break;
- }
- }
- if (requiresQuery) {
- roleType = QUERY_ROLE;
- }
- }
- }
- return roleType;
- }
-
- protected Principal getAllowedPrincipal(OperationCode[] opCodes,
- String[] regionNames, int index) {
-
- if (this.cGen.classCode().isDummy()) {
- byte roleType = getRequiredRole(opCodes, regionNames);
- return getDummyPrincipal(roleType, index);
- }
- else if (this.cGen.classCode().isLDAP()) {
- byte roleType = getRequiredRole(opCodes, regionNames);
- return getLdapPrincipal(roleType, index);
- }
- return null;
- }
-
- protected Principal getDisallowedPrincipal(OperationCode[] opCodes,
- String[] regionNames, int index) {
-
- byte roleType = getRequiredRole(opCodes, regionNames);
- byte disallowedRoleType = READER_ROLE;
- switch (roleType) {
- case READER_ROLE:
- disallowedRoleType = WRITER_ROLE;
- break;
- case WRITER_ROLE:
- disallowedRoleType = READER_ROLE;
- break;
- case QUERY_ROLE:
- disallowedRoleType = READER_ROLE;
- break;
- case ADMIN_ROLE:
- disallowedRoleType = READER_ROLE;
- break;
- }
- if (this.cGen.classCode().isDummy()) {
- return getDummyPrincipal(disallowedRoleType, index);
- }
- else if (this.cGen.classCode().isLDAP()) {
- return getLdapPrincipal(disallowedRoleType, index);
- }
- return null;
- }
-
- protected int getNumPrincipalTries(OperationCode[] opCodes,
- String[] regionNames) {
- return 5;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4383a711/gemfire-core/src/test/java/templates/security/DummyAuthenticator.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/templates/security/DummyAuthenticator.java b/gemfire-core/src/test/java/templates/security/DummyAuthenticator.java
deleted file mode 100644
index 5d33f22..0000000
--- a/gemfire-core/src/test/java/templates/security/DummyAuthenticator.java
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package templates.security;
-
-import java.security.Principal;
-import java.util.Properties;
-
-import com.gemstone.gemfire.LogWriter;
-import com.gemstone.gemfire.distributed.DistributedMember;
-import com.gemstone.gemfire.security.AuthenticationFailedException;
-import com.gemstone.gemfire.security.Authenticator;
-import templates.security.UserPasswordAuthInit;
-import templates.security.UsernamePrincipal;
-
-/**
- * A dummy implementation of the {@link Authenticator} interface that expects a
- * user name and password allowing authentication depending on the format of the
- * user name.
- *
- * @author Sumedh Wale
- * @since 5.5
- */
-public class DummyAuthenticator implements Authenticator {
-
- public static Authenticator create() {
- return new DummyAuthenticator();
- }
-
- public DummyAuthenticator() {
- }
-
- public void init(Properties systemProps, LogWriter systemLogger,
- LogWriter securityLogger) throws AuthenticationFailedException {
- }
-
- public static boolean testValidName(String userName) {
-
- return (userName.startsWith("user") || userName.startsWith("reader")
- || userName.startsWith("writer") || userName.equals("admin")
- || userName.equals("root") || userName.equals("administrator"));
- }
-
- public Principal authenticate(Properties props, DistributedMember member)
- throws AuthenticationFailedException {
-
- String userName = props.getProperty(UserPasswordAuthInit.USER_NAME);
- if (userName == null) {
- throw new AuthenticationFailedException(
- "DummyAuthenticator: user name property ["
- + UserPasswordAuthInit.USER_NAME + "] not provided");
- }
- String password = props.getProperty(UserPasswordAuthInit.PASSWORD);
- if (password == null) {
- throw new AuthenticationFailedException(
- "DummyAuthenticator: password property ["
- + UserPasswordAuthInit.PASSWORD + "] not provided");
- }
-
- if (userName.equals(password) && testValidName(userName)) {
- return new UsernamePrincipal(userName);
- }
- else {
- throw new AuthenticationFailedException(
- "DummyAuthenticator: Invalid user name [" + userName
- + "], password supplied.");
- }
- }
-
- public void close() {
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4383a711/gemfire-core/src/test/java/templates/security/DummyAuthorization.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/templates/security/DummyAuthorization.java b/gemfire-core/src/test/java/templates/security/DummyAuthorization.java
deleted file mode 100644
index fe8e908..0000000
--- a/gemfire-core/src/test/java/templates/security/DummyAuthorization.java
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package templates.security;
-
-import java.security.Principal;
-import java.util.HashSet;
-import java.util.Set;
-
-import com.gemstone.gemfire.LogWriter;
-import com.gemstone.gemfire.cache.Cache;
-import com.gemstone.gemfire.cache.operations.OperationContext;
-import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import com.gemstone.gemfire.distributed.DistributedMember;
-import com.gemstone.gemfire.security.AccessControl;
-import com.gemstone.gemfire.security.NotAuthorizedException;
-
-/**
- * A dummy implementation of the <code>AccessControl</code> interface that
- * allows authorization depending on the format of the <code>Principal</code>
- * string.
- *
- * @author Sumedh Wale
- * @since 5.5
- */
-public class DummyAuthorization implements AccessControl {
-
- private Set allowedOps;
-
- private DistributedMember remoteDistributedMember;
-
- private LogWriter logger;
-
- public static final OperationCode[] READER_OPS = { OperationCode.GET,
- OperationCode.QUERY, OperationCode.EXECUTE_CQ, OperationCode.CLOSE_CQ,
- OperationCode.STOP_CQ, OperationCode.REGISTER_INTEREST,
- OperationCode.UNREGISTER_INTEREST, OperationCode.KEY_SET,
- OperationCode.CONTAINS_KEY, OperationCode.EXECUTE_FUNCTION };
-
- public static final OperationCode[] WRITER_OPS = { OperationCode.PUT, OperationCode.PUTALL,
- OperationCode.DESTROY, OperationCode.INVALIDATE, OperationCode.REGION_CLEAR };
-
- public DummyAuthorization() {
- this.allowedOps = new HashSet(20);
- }
-
- public static AccessControl create() {
- return new DummyAuthorization();
- }
-
- private void addReaderOps() {
-
- for (int index = 0; index < READER_OPS.length; index++) {
- this.allowedOps.add(READER_OPS[index]);
- }
- }
-
- private void addWriterOps() {
-
- for (int index = 0; index < WRITER_OPS.length; index++) {
- this.allowedOps.add(WRITER_OPS[index]);
- }
- }
-
- public void init(Principal principal,
- DistributedMember remoteMember,
- Cache cache) throws NotAuthorizedException {
-
- if (principal != null) {
- String name = principal.getName().toLowerCase();
- if (name != null) {
- if (name.equals("root") || name.equals("admin")
- || name.equals("administrator")) {
- addReaderOps();
- addWriterOps();
- this.allowedOps.add(OperationCode.REGION_CREATE);
- this.allowedOps.add(OperationCode.REGION_DESTROY);
- }
- else if (name.startsWith("writer")) {
- addWriterOps();
- }
- else if (name.startsWith("reader")) {
- addReaderOps();
- }
- }
- }
- this.remoteDistributedMember = remoteMember;
- this.logger = cache.getSecurityLogger();
- }
-
- public boolean authorizeOperation(String regionName, OperationContext context) {
-
- OperationCode opCode = context.getOperationCode();
- this.logger.fine("Invoked authorize operation for [" + opCode
- + "] in region [" + regionName + "] for client: " + remoteDistributedMember);
- return this.allowedOps.contains(opCode);
- }
-
- public void close() {
-
- this.allowedOps.clear();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4383a711/gemfire-core/src/test/java/templates/security/FunctionSecurityPrmsHolder.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/templates/security/FunctionSecurityPrmsHolder.java b/gemfire-core/src/test/java/templates/security/FunctionSecurityPrmsHolder.java
deleted file mode 100755
index 76827bb..0000000
--- a/gemfire-core/src/test/java/templates/security/FunctionSecurityPrmsHolder.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package templates.security;
-
-import java.util.HashSet;
-
-/**
- * This is a sample class for objects which hold information of the authorized
- * function names and authorized value for the optimizeForWrite.
- *
- * @author Aneesh Karayil
- * @since 6.0
- */
-public class FunctionSecurityPrmsHolder {
-
- private final Boolean isOptimizeForWrite;
-
- private final HashSet<String> functionIds;
-
- private final HashSet<String> keySet;
-
- public FunctionSecurityPrmsHolder(Boolean isOptimizeForWrite,
- HashSet<String> functionIds, HashSet<String> keySet) {
- this.isOptimizeForWrite = isOptimizeForWrite;
- this.functionIds = functionIds;
- this.keySet = keySet;
- }
-
- public Boolean isOptimizeForWrite() {
- return isOptimizeForWrite;
- }
-
- public HashSet<String> getFunctionIds() {
- return functionIds;
- }
-
- public HashSet<String> getKeySet() {
- return keySet;
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4383a711/gemfire-core/src/test/java/templates/security/LdapUserAuthenticator.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/templates/security/LdapUserAuthenticator.java b/gemfire-core/src/test/java/templates/security/LdapUserAuthenticator.java
deleted file mode 100755
index db55219..0000000
--- a/gemfire-core/src/test/java/templates/security/LdapUserAuthenticator.java
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package templates.security;
-
-import com.gemstone.gemfire.LogWriter;
-import com.gemstone.gemfire.distributed.DistributedMember;
-import com.gemstone.gemfire.security.AuthenticationFailedException;
-import com.gemstone.gemfire.security.Authenticator;
-
-import java.security.Principal;
-import java.util.Properties;
-import javax.naming.Context;
-import javax.naming.directory.DirContext;
-import javax.naming.directory.InitialDirContext;
-
-/**
- * @author Kumar Neeraj
- * @since 5.5
- */
-public class LdapUserAuthenticator implements Authenticator {
-
- private String ldapServer = null;
-
- private String basedn = null;
-
- private String ldapUrlScheme = null;
-
- public static final String LDAP_SERVER_NAME = "security-ldap-server";
-
- public static final String LDAP_BASEDN_NAME = "security-ldap-basedn";
-
- public static final String LDAP_SSL_NAME = "security-ldap-usessl";
-
- public static Authenticator create() {
- return new LdapUserAuthenticator();
- }
-
- public LdapUserAuthenticator() {
- }
-
- public void init(Properties securityProps, LogWriter systemLogger,
- LogWriter securityLogger) throws AuthenticationFailedException {
- this.ldapServer = securityProps.getProperty(LDAP_SERVER_NAME);
- if (this.ldapServer == null || this.ldapServer.length() == 0) {
- throw new AuthenticationFailedException(
- "LdapUserAuthenticator: LDAP server property [" + LDAP_SERVER_NAME
- + "] not specified");
- }
- this.basedn = securityProps.getProperty(LDAP_BASEDN_NAME);
- if (this.basedn == null || this.basedn.length() == 0) {
- throw new AuthenticationFailedException(
- "LdapUserAuthenticator: LDAP base DN property [" + LDAP_BASEDN_NAME
- + "] not specified");
- }
- String sslStr = securityProps.getProperty(LDAP_SSL_NAME);
- if (sslStr != null && sslStr.toLowerCase().equals("true")) {
- this.ldapUrlScheme = "ldaps://";
- }
- else {
- this.ldapUrlScheme = "ldap://";
- }
- }
-
- public Principal authenticate(Properties props, DistributedMember member) {
-
- String userName = props.getProperty(UserPasswordAuthInit.USER_NAME);
- if (userName == null) {
- throw new AuthenticationFailedException(
- "LdapUserAuthenticator: user name property ["
- + UserPasswordAuthInit.USER_NAME + "] not provided");
- }
- String passwd = props.getProperty(UserPasswordAuthInit.PASSWORD);
- if (passwd == null) {
- passwd = "";
- }
-
- Properties env = new Properties();
- env
- .put(Context.INITIAL_CONTEXT_FACTORY,
- "com.sun.jndi.ldap.LdapCtxFactory");
- env.put(Context.PROVIDER_URL, this.ldapUrlScheme + this.ldapServer + '/'
- + this.basedn);
- String fullentry = "uid=" + userName + "," + this.basedn;
- env.put(Context.SECURITY_PRINCIPAL, fullentry);
- env.put(Context.SECURITY_CREDENTIALS, passwd);
- try {
- DirContext ctx = new InitialDirContext(env);
- ctx.close();
- }
- catch (Exception e) {
- //TODO:hitesh need to add getCause message
- throw new AuthenticationFailedException(
- "LdapUserAuthenticator: Failure with provided username, password "
- + "combination for user name: " + userName);
- }
- return new UsernamePrincipal(userName);
- }
-
- public void close() {
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4383a711/gemfire-core/src/test/java/templates/security/PKCSAuthInit.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/templates/security/PKCSAuthInit.java b/gemfire-core/src/test/java/templates/security/PKCSAuthInit.java
deleted file mode 100755
index d43b78e..0000000
--- a/gemfire-core/src/test/java/templates/security/PKCSAuthInit.java
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package templates.security;
-
-import com.gemstone.gemfire.LogWriter;
-import com.gemstone.gemfire.distributed.DistributedMember;
-import com.gemstone.gemfire.security.AuthInitialize;
-import com.gemstone.gemfire.security.AuthenticationFailedException;
-import com.gemstone.gemfire.security.GemFireSecurityException;
-
-import java.io.FileInputStream;
-import java.security.Key;
-import java.security.KeyStore;
-import java.security.PrivateKey;
-import java.security.Signature;
-import java.security.cert.X509Certificate;
-import java.util.Properties;
-
-/**
- * An {@link AuthInitialize} implementation that obtains the digital signature
- * for use with PKCS scheme on server from the given set of properties.
- *
- * To use this class the <c>security-client-auth-init</c> property should be
- * set to the fully qualified name the static <code>create</code> function
- * viz. <code>templates.security.PKCSAuthInit.create</code>
- *
- * @author Kumar Neeraj
- * @since 5.5
- */
-public class PKCSAuthInit implements AuthInitialize {
-
- public static final String KEYSTORE_FILE_PATH = "security-keystorepath";
-
- public static final String KEYSTORE_ALIAS = "security-alias";
-
- public static final String KEYSTORE_PASSWORD = "security-keystorepass";
-
- public static final String SIGNATURE_DATA = "security-signature";
-
- protected LogWriter securitylog;
-
- protected LogWriter systemlog;
-
- public void close() {
- }
-
- public static AuthInitialize create() {
- return new PKCSAuthInit();
- }
-
- public PKCSAuthInit() {
- }
-
- public void init(LogWriter systemLogger, LogWriter securityLogger)
- throws AuthenticationFailedException {
- this.systemlog = systemLogger;
- this.securitylog = securityLogger;
- }
-
- public Properties getCredentials(Properties props, DistributedMember server,
- boolean isPeer) throws AuthenticationFailedException {
- String keyStorePath = props.getProperty(KEYSTORE_FILE_PATH);
- if (keyStorePath == null) {
- throw new AuthenticationFailedException(
- "PKCSAuthInit: key-store file path property [" + KEYSTORE_FILE_PATH
- + "] not set.");
- }
- String alias = props.getProperty(KEYSTORE_ALIAS);
- if (alias == null) {
- throw new AuthenticationFailedException(
- "PKCSAuthInit: key alias name property [" + KEYSTORE_ALIAS
- + "] not set.");
- }
- String keyStorePass = props.getProperty(KEYSTORE_PASSWORD);
-
- try {
- KeyStore ks = KeyStore.getInstance("PKCS12");
- char[] passPhrase = (keyStorePass != null ? keyStorePass.toCharArray()
- : null);
- FileInputStream certificatefile = new FileInputStream(keyStorePath);
- try {
- ks.load(certificatefile, passPhrase);
- }
- finally {
- certificatefile.close();
- }
-
- Key key = ks.getKey(alias, passPhrase);
-
- if (key instanceof PrivateKey) {
-
- PrivateKey privKey = (PrivateKey)key;
- X509Certificate cert = (X509Certificate)ks.getCertificate(alias);
- Signature sig = Signature.getInstance(cert.getSigAlgName());
-
- sig.initSign(privKey);
- sig.update(alias.getBytes("UTF-8"));
- byte[] signatureBytes = sig.sign();
-
- Properties newprops = new Properties();
- newprops.put(KEYSTORE_ALIAS, alias);
- newprops.put(SIGNATURE_DATA, signatureBytes);
- return newprops;
- }
- else {
- throw new AuthenticationFailedException("PKCSAuthInit: "
- + "Failed to load private key from the given file: " + keyStorePath);
- }
- }
- catch (GemFireSecurityException ex) {
- throw ex;
- }
- catch (Exception ex) {
- throw new AuthenticationFailedException(
- "PKCSAuthInit: Exception while getting credentials: " + ex, ex);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4383a711/gemfire-core/src/test/java/templates/security/PKCSAuthenticator.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/templates/security/PKCSAuthenticator.java b/gemfire-core/src/test/java/templates/security/PKCSAuthenticator.java
deleted file mode 100755
index d3610c4..0000000
--- a/gemfire-core/src/test/java/templates/security/PKCSAuthenticator.java
+++ /dev/null
@@ -1,167 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package templates.security;
-
-import com.gemstone.gemfire.LogWriter;
-import com.gemstone.gemfire.distributed.DistributedMember;
-import com.gemstone.gemfire.security.AuthenticationFailedException;
-import com.gemstone.gemfire.security.Authenticator;
-import com.gemstone.gemfire.security.GemFireSecurityException;
-
-import java.io.FileInputStream;
-import java.security.KeyStore;
-import java.security.NoSuchAlgorithmException;
-import java.security.Principal;
-import java.security.Signature;
-import java.security.cert.Certificate;
-import java.security.cert.X509Certificate;
-import java.security.spec.InvalidKeySpecException;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Properties;
-
-/**
- * @author kneeraj
- *
- */
-public class PKCSAuthenticator implements Authenticator {
-
- public static final String PUBLIC_KEY_FILE = "security-publickey-filepath";
-
- public static final String PUBLIC_KEYSTORE_PASSWORD = "security-publickey-pass";
-
- private String pubKeyFilePath;
-
- private String pubKeyPass;
-
- private Map aliasCertificateMap;
-
- protected LogWriter systemlog;
-
- protected LogWriter securitylog;
-
- public static Authenticator create() {
- return new PKCSAuthenticator();
- }
-
- public PKCSAuthenticator() {
- }
-
- private void populateMap() {
- try {
- KeyStore ks = KeyStore.getInstance("JKS");
- char[] passPhrase = (pubKeyPass != null ? pubKeyPass.toCharArray() : null);
- FileInputStream keystorefile = new FileInputStream(this.pubKeyFilePath);
- try {
- ks.load(keystorefile, passPhrase);
- }
- finally {
- keystorefile.close();
- }
- Enumeration e = ks.aliases();
- while (e.hasMoreElements()) {
- Object alias = e.nextElement();
- Certificate cert = ks.getCertificate((String)alias);
- if (cert instanceof X509Certificate) {
- this.aliasCertificateMap.put(alias, cert);
- }
- }
- }
- catch (Exception e) {
- throw new AuthenticationFailedException(
- "Exception while getting public keys: " + e.getMessage());
- }
- }
-
- public void init(Properties systemProps, LogWriter systemLogger,
- LogWriter securityLogger) throws AuthenticationFailedException {
- this.systemlog = systemLogger;
- this.securitylog = securityLogger;
- this.pubKeyFilePath = systemProps.getProperty(PUBLIC_KEY_FILE);
- if (this.pubKeyFilePath == null) {
- throw new AuthenticationFailedException("PKCSAuthenticator: property "
- + PUBLIC_KEY_FILE + " not specified as the public key file.");
- }
- this.pubKeyPass = systemProps.getProperty(PUBLIC_KEYSTORE_PASSWORD);
- this.aliasCertificateMap = new HashMap();
- populateMap();
- }
-
- private AuthenticationFailedException getException(String exStr,
- Exception cause) {
-
- String exMsg = "PKCSAuthenticator: Authentication of client failed due to: "
- + exStr;
- if (cause != null) {
- return new AuthenticationFailedException(exMsg, cause);
- }
- else {
- return new AuthenticationFailedException(exMsg);
- }
- }
-
- private AuthenticationFailedException getException(String exStr) {
- return getException(exStr, null);
- }
-
- private X509Certificate getCertificate(String alias)
- throws NoSuchAlgorithmException, InvalidKeySpecException {
- if (this.aliasCertificateMap.containsKey(alias)) {
- return (X509Certificate)this.aliasCertificateMap.get(alias);
- }
- return null;
- }
-
- public Principal authenticate(Properties props, DistributedMember member)
- throws AuthenticationFailedException {
- String alias = (String)props.get(PKCSAuthInit.KEYSTORE_ALIAS);
- if (alias == null || alias.length() <= 0) {
- throw new AuthenticationFailedException("No alias received");
- }
- try {
- X509Certificate cert = getCertificate(alias);
- if (cert == null) {
- throw getException("No certificate found for alias:" + alias);
- }
- byte[] signatureBytes = (byte[])props.get(PKCSAuthInit.SIGNATURE_DATA);
- if (signatureBytes == null) {
- throw getException("signature data property ["
- + PKCSAuthInit.SIGNATURE_DATA + "] not provided");
- }
- Signature sig = Signature.getInstance(cert.getSigAlgName());
- sig.initVerify(cert);
- sig.update(alias.getBytes("UTF-8"));
-
- if (!sig.verify(signatureBytes)) {
- throw getException("verification of client signature failed");
- }
- return new PKCSPrincipal(alias);
- }
- catch (GemFireSecurityException ex) {
- throw ex;
- }
- catch (Exception ex) {
- throw getException(ex.toString(), ex);
- }
- }
-
- public void close() {
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4383a711/gemfire-core/src/test/java/templates/security/PKCSPrincipal.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/templates/security/PKCSPrincipal.java b/gemfire-core/src/test/java/templates/security/PKCSPrincipal.java
deleted file mode 100755
index 563689b..0000000
--- a/gemfire-core/src/test/java/templates/security/PKCSPrincipal.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package templates.security;
-
-import java.security.Principal;
-
-/**
- * @author kneeraj
- *
- */
-public class PKCSPrincipal implements Principal {
-
- private String alias;
-
- public PKCSPrincipal(String alias) {
- this.alias = alias;
- }
-
- public String getName() {
- return this.alias;
- }
-
- @Override
- public String toString() {
- return this.alias;
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4383a711/gemfire-core/src/test/java/templates/security/UserPasswordAuthInit.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/templates/security/UserPasswordAuthInit.java b/gemfire-core/src/test/java/templates/security/UserPasswordAuthInit.java
deleted file mode 100644
index f4b6eec..0000000
--- a/gemfire-core/src/test/java/templates/security/UserPasswordAuthInit.java
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package templates.security;
-
-import java.util.Properties;
-
-import com.gemstone.gemfire.LogWriter;
-import com.gemstone.gemfire.distributed.DistributedMember;
-import com.gemstone.gemfire.security.AuthInitialize;
-import com.gemstone.gemfire.security.AuthenticationFailedException;
-
-/**
- * An {@link AuthInitialize} implementation that obtains the user name and
- * password as the credentials from the given set of properties.
- *
- * To use this class the <c>security-client-auth-init</c> property should be
- * set to the fully qualified name the static <code>create</code> function
- * viz. <code>templates.security.UserPasswordAuthInit.create</code>
- *
- * @author Sumedh Wale
- * @since 5.5
- */
-public class UserPasswordAuthInit implements AuthInitialize {
-
- public static final String USER_NAME = "security-username";
-
- public static final String PASSWORD = "security-password";
-
- protected LogWriter securitylog;
-
- protected LogWriter systemlog;
-
- public static AuthInitialize create() {
- return new UserPasswordAuthInit();
- }
-
- public void init(LogWriter systemLogger, LogWriter securityLogger)
- throws AuthenticationFailedException {
- this.systemlog = systemLogger;
- this.securitylog = securityLogger;
- }
-
- public UserPasswordAuthInit() {
- }
-
- public Properties getCredentials(Properties props, DistributedMember server,
- boolean isPeer) throws AuthenticationFailedException {
-
- Properties newProps = new Properties();
- String userName = props.getProperty(USER_NAME);
- if (userName == null) {
- throw new AuthenticationFailedException(
- "UserPasswordAuthInit: user name property [" + USER_NAME
- + "] not set.");
- }
- newProps.setProperty(USER_NAME, userName);
- String passwd = props.getProperty(PASSWORD);
- // If password is not provided then use empty string as the password.
- if (passwd == null) {
- passwd = "";
- }
- newProps.setProperty(PASSWORD, passwd);
- return newProps;
- }
-
- public void close() {
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4383a711/gemfire-core/src/test/java/templates/security/UsernamePrincipal.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/templates/security/UsernamePrincipal.java b/gemfire-core/src/test/java/templates/security/UsernamePrincipal.java
deleted file mode 100644
index 739dd52..0000000
--- a/gemfire-core/src/test/java/templates/security/UsernamePrincipal.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package templates.security;
-
-import java.io.Serializable;
-import java.security.Principal;
-
-/**
- * An implementation of {@link Principal} class for a simple user name.
- *
- * @author Kumar Neeraj
- * @since 5.5
- */
-public class UsernamePrincipal implements Principal, Serializable {
-
- private final String userName;
-
- public UsernamePrincipal(String userName) {
- this.userName = userName;
- }
-
- public String getName() {
- return this.userName;
- }
-
- @Override
- public String toString() {
- return this.userName;
- }
-
-}