You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by is...@apache.org on 2017/03/12 00:18:22 UTC
[13/50] [abbrv] lucene-solr:jira/solr-6736: SOLR-9401:
TestPKIAuthenticationPlugin NPE. do the time consuming pub key creation
before header is set
SOLR-9401: TestPKIAuthenticationPlugin NPE. do the time consuming pub key creation before header is set
Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo
Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/b66d1339
Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/b66d1339
Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/b66d1339
Branch: refs/heads/jira/solr-6736
Commit: b66d13398aef416ec6b64dd5d3e5c00219ae5ce4
Parents: 5ae51d4
Author: Noble Paul <no...@apache.org>
Authored: Sat Mar 4 16:12:57 2017 +1030
Committer: Noble Paul <no...@apache.org>
Committed: Sat Mar 4 16:12:57 2017 +1030
----------------------------------------------------------------------
.../security/TestPKIAuthenticationPlugin.java | 131 +++++++------------
1 file changed, 47 insertions(+), 84 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/b66d1339/solr/core/src/test/org/apache/solr/security/TestPKIAuthenticationPlugin.java
----------------------------------------------------------------------
diff --git a/solr/core/src/test/org/apache/solr/security/TestPKIAuthenticationPlugin.java b/solr/core/src/test/org/apache/solr/security/TestPKIAuthenticationPlugin.java
index 4eb0a80..2595277 100644
--- a/solr/core/src/test/org/apache/solr/security/TestPKIAuthenticationPlugin.java
+++ b/solr/core/src/test/org/apache/solr/security/TestPKIAuthenticationPlugin.java
@@ -38,18 +38,10 @@ import org.apache.solr.util.CryptoKeys;
import static org.mockito.Mockito.*;
public class TestPKIAuthenticationPlugin extends SolrTestCaseJ4 {
- HttpServletRequest mockReq;
- FilterChain filterChain;
- final AtomicReference<ServletRequest> wrappedRequestByFilter = new AtomicReference<>();
- final AtomicReference<Header> header = new AtomicReference<>();
- AtomicReference<Principal> principal = new AtomicReference<>();
- BasicHttpRequest request;
-
static class MockPKIAuthenticationPlugin extends PKIAuthenticationPlugin {
SolrRequestInfo solrRequestInfo;
-
Map<String, PublicKey> remoteKeys = new HashMap<>();
public MockPKIAuthenticationPlugin(CoreContainer cores, String node) {
@@ -78,6 +70,7 @@ public class TestPKIAuthenticationPlugin extends SolrTestCaseJ4 {
}
public void test() throws Exception {
+ AtomicReference<Principal> principal = new AtomicReference<>();
String nodeName = "node_x_233";
final MockPKIAuthenticationPlugin mock = new MockPKIAuthenticationPlugin(null, nodeName);
@@ -92,96 +85,66 @@ public class TestPKIAuthenticationPlugin extends SolrTestCaseJ4 {
principal.set(new BasicUserPrincipal("solr"));
mock.solrRequestInfo = new SolrRequestInfo(localSolrQueryRequest, new SolrQueryResponse());
- request = new BasicHttpRequest("GET", "http://localhost:56565");
+ BasicHttpRequest request = new BasicHttpRequest("GET", "http://localhost:56565");
mock.setHeader(request);
+ final AtomicReference<Header> header = new AtomicReference<>();
header.set(request.getFirstHeader(PKIAuthenticationPlugin.HEADER));
assertNotNull(header.get());
assertTrue(header.get().getValue().startsWith(nodeName));
- mockReq = createMockRequest(header);
- filterChain = (servletRequest, servletResponse) -> wrappedRequestByFilter.set(servletRequest);
-
-
- run("solr", () -> {
- mock.doAuthenticate(mockReq, null, filterChain);
- });
+ final AtomicReference<ServletRequest> wrappedRequestByFilter = new AtomicReference<>();
+ HttpServletRequest mockReq = createMockRequest(header);
+ FilterChain filterChain = (servletRequest, servletResponse) -> wrappedRequestByFilter.set(servletRequest);
+ mock.doAuthenticate(mockReq, null, filterChain);
+ assertNotNull(wrappedRequestByFilter.get());
+ assertEquals("solr", ((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal().getName());
//test 2
-
- run(null, () -> {
- principal.set(null); // no user
- header.set(null);
- wrappedRequestByFilter.set(null);//
- request = new BasicHttpRequest("GET", "http://localhost:56565");
- mock.setHeader(request);
- assertNull(request.getFirstHeader(PKIAuthenticationPlugin.HEADER));
- mock.doAuthenticate(mockReq, null, filterChain);
- });
+ principal.set(null); // no user
+ header.set(null);
+ wrappedRequestByFilter.set(null);//
+ request = new BasicHttpRequest("GET", "http://localhost:56565");
+ mock.setHeader(request);
+ assertNull(request.getFirstHeader(PKIAuthenticationPlugin.HEADER));
+ mock.doAuthenticate(mockReq, null, filterChain);
+ assertNotNull(wrappedRequestByFilter.get());
+ assertNull(((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal());
//test 3 . No user request . Request originated from Solr
- run("$", () -> {
- mock.solrRequestInfo = null;
- header.set(null);
- wrappedRequestByFilter.set(null);
- request = new BasicHttpRequest("GET", "http://localhost:56565");
- mock.setHeader(request);
- header.set(request.getFirstHeader(PKIAuthenticationPlugin.HEADER));
- assertNotNull(header.get());
- assertTrue(header.get().getValue().startsWith(nodeName));
- mock.doAuthenticate(mockReq, null, filterChain);
- });
-
- run("$", () -> {
- mock.solrRequestInfo = null;
- header.set(null);
- wrappedRequestByFilter.set(null);
- request = new BasicHttpRequest("GET", "http://localhost:56565");
- mock.setHeader(request);
- header.set(request.getFirstHeader(PKIAuthenticationPlugin.HEADER));
- assertNotNull(header.get());
- assertTrue(header.get().getValue().startsWith(nodeName));
- MockPKIAuthenticationPlugin mock1 = new MockPKIAuthenticationPlugin(null, nodeName) {
- int called = 0;
-
- @Override
- PublicKey getRemotePublicKey(String nodename) {
- try {
- return called == 0 ? new CryptoKeys.RSAKeyPair().getPublicKey() : correctKey;
- } finally {
- called++;
- }
- }
- };
-
- mock1.doAuthenticate(mockReq, null, filterChain);
-
- });
-
- }
+ //create pub key in advance because it can take time and it should be
+ //created before the header is set
+ PublicKey key = new CryptoKeys.RSAKeyPair().getPublicKey();
+ mock.solrRequestInfo = null;
+ header.set(null);
+ wrappedRequestByFilter.set(null);
+ request = new BasicHttpRequest("GET", "http://localhost:56565");
+ mock.setHeader(request);
+ header.set(request.getFirstHeader(PKIAuthenticationPlugin.HEADER));
+ assertNotNull(header.get());
+ assertTrue(header.get().getValue().startsWith(nodeName));
- interface Runnable {
- void run() throws Exception;
- }
+ mock.doAuthenticate(mockReq, null, filterChain);
+ assertNotNull(wrappedRequestByFilter.get());
+ assertEquals("$", ((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal().getName());
- private void run(String expected, Runnable r) throws Exception {
- int failures = 0;
- for (; ; ) {
- r.run();
- if (expected == null) {
- assertTrue(wrappedRequestByFilter.get() == null || ((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal() == null);
- } else {
- assertNotNull(wrappedRequestByFilter.get());
- if (((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal() == null) {
- //may be timed out
- if (++failures < 3) continue;
- else
- fail("No principal obtained");
+ /*test4 mock the restart of a node*/
+ MockPKIAuthenticationPlugin mock1 = new MockPKIAuthenticationPlugin(null, nodeName) {
+ int called = 0;
+ @Override
+ PublicKey getRemotePublicKey(String nodename) {
+ try {
+ return called == 0 ? key : correctKey;
+ } finally {
+ called++;
}
- assertEquals(expected, ((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal().getName());
}
- return;
+ };
+
+ mock1.doAuthenticate(mockReq, null,filterChain );
+ assertNotNull(wrappedRequestByFilter.get());
+ assertEquals("$", ((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal().getName());
+
- }
}
private HttpServletRequest createMockRequest(final AtomicReference<Header> header) {