You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by kl...@apache.org on 2016/03/29 21:12:57 UTC
[3/4] incubator-geode git commit: Cleanup
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c5bc82d4/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationDUnitTest.java
index 7a738f1..69e2843 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationDUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationDUnitTest.java
@@ -18,8 +18,13 @@
*/
package com.gemstone.gemfire.security;
+import static com.gemstone.gemfire.internal.AvailablePort.*;
+//import static com.gemstone.gemfire.security.ClientAuthenticationUtils.*;
+//import static com.gemstone.gemfire.security.ClientAuthorizationTestBase.*;
import static com.gemstone.gemfire.security.SecurityTestUtil.*;
import static com.gemstone.gemfire.test.dunit.Assert.*;
+import static com.gemstone.gemfire.test.dunit.IgnoredException.*;
+import static com.gemstone.gemfire.test.dunit.LogWriterUtils.*;
import java.util.ArrayList;
import java.util.Iterator;
@@ -27,14 +32,11 @@ import java.util.List;
import java.util.Properties;
import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import com.gemstone.gemfire.internal.AvailablePort;
import com.gemstone.gemfire.security.generator.AuthzCredentialGenerator;
import com.gemstone.gemfire.security.generator.CredentialGenerator;
import com.gemstone.gemfire.security.generator.DummyCredentialGenerator;
import com.gemstone.gemfire.security.generator.XmlAuthzCredentialGenerator;
import com.gemstone.gemfire.security.templates.UserPasswordAuthInit;
-import com.gemstone.gemfire.test.dunit.IgnoredException;
-import com.gemstone.gemfire.test.dunit.LogWriterUtils;
import com.gemstone.gemfire.test.dunit.VM;
import com.gemstone.gemfire.test.junit.categories.DistributedTest;
import org.junit.Test;
@@ -53,187 +55,51 @@ public class ClientAuthorizationDUnitTest extends ClientAuthorizationTestBase {
@Override
public final void preTearDownClientAuthorizationTestBase() throws Exception {
- // close the clients first
- client1.invoke(() -> SecurityTestUtil.closeCache());
- client2.invoke(() -> SecurityTestUtil.closeCache());
- SecurityTestUtil.closeCache();
- // then close the servers
- server1.invoke(() -> SecurityTestUtil.closeCache());
- server2.invoke(() -> SecurityTestUtil.closeCache());
+ closeCache();
}
- private Properties getUserPassword(String userName) {
+ @Test
+ public void testAllowPutsGets() {
+ AuthzCredentialGenerator gen = getXmlAuthzGenerator();
+ CredentialGenerator cGen = gen.getCredentialGenerator();
+ Properties extraAuthProps = cGen.getSystemProperties();
+ Properties javaProps = cGen.getJavaProperties();
+ Properties extraAuthzProps = gen.getSystemProperties();
+ String authenticator = cGen.getAuthenticator();
+ String authInit = cGen.getAuthInit();
+ String accessor = gen.getAuthorizationCallback();
- Properties props = new Properties();
- props.setProperty(UserPasswordAuthInit.USER_NAME, userName);
- props.setProperty(UserPasswordAuthInit.PASSWORD, userName);
- return props;
- }
+ getLogWriter().info("testAllowPutsGets: Using authinit: " + authInit);
+ getLogWriter().info("testAllowPutsGets: Using authenticator: " + authenticator);
+ getLogWriter().info("testAllowPutsGets: Using accessor: " + accessor);
- private void executeRIOpBlock(List opBlock, Integer port1, Integer port2,
- String authInit, Properties extraAuthProps, Properties extraAuthzProps,
- Properties javaProps) throws InterruptedException {
+ // Start servers with all required properties
+ Properties serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
- Iterator opIter = opBlock.iterator();
- while (opIter.hasNext()) {
- // Start client with valid credentials as specified in
- // OperationWithAction
- OperationWithAction currentOp = (OperationWithAction)opIter.next();
- OperationCode opCode = currentOp.getOperationCode();
- int opFlags = currentOp.getFlags();
- int clientNum = currentOp.getClientNum();
- VM clientVM = null;
- boolean useThisVM = false;
- switch (clientNum) {
- case 1:
- clientVM = client1;
- break;
- case 2:
- clientVM = client2;
- break;
- case 3:
- useThisVM = true;
- break;
- default:
- fail("executeRIOpBlock: Unknown client number " + clientNum);
- break;
- }
- LogWriterUtils.getLogWriter().info(
- "executeRIOpBlock: performing operation number ["
- + currentOp.getOpNum() + "]: " + currentOp);
- if ((opFlags & OpFlags.USE_OLDCONN) == 0) {
- Properties opCredentials = null;
- String currentRegionName = '/' + regionName;
- if ((opFlags & OpFlags.USE_SUBREGION) > 0) {
- currentRegionName += ('/' + subregionName);
- }
- String credentialsTypeStr;
- OperationCode authOpCode = currentOp.getAuthzOperationCode();
- if ((opFlags & OpFlags.CHECK_NOTAUTHZ) > 0
- || (opFlags & OpFlags.USE_NOTAUTHZ) > 0
- || !authOpCode.equals(opCode)) {
- credentialsTypeStr = " unauthorized " + authOpCode;
- if (authOpCode.isRegisterInterest()) {
- opCredentials = getUserPassword("reader7");
- }
- else if (authOpCode.isUnregisterInterest()) {
- opCredentials = getUserPassword("reader6");
- }
- else {
- fail("executeRIOpBlock: cannot determine credentials for"
- + credentialsTypeStr);
- }
- }
- else {
- credentialsTypeStr = " authorized " + authOpCode;
- if (authOpCode.isRegisterInterest()
- || authOpCode.isUnregisterInterest()) {
- opCredentials = getUserPassword("reader5");
- }
- else if (authOpCode.isPut()) {
- opCredentials = getUserPassword("writer1");
- }
- else if (authOpCode.isGet()) {
- opCredentials = getUserPassword("reader1");
- }
- else {
- fail("executeRIOpBlock: cannot determine credentials for"
- + credentialsTypeStr);
- }
- }
- Properties clientProps = SecurityTestUtil
- .concatProperties(new Properties[] { opCredentials, extraAuthProps,
- extraAuthzProps });
- // Start the client with valid credentials but allowed or disallowed to
- // perform an operation
- LogWriterUtils.getLogWriter().info(
- "executeRIOpBlock: For client" + clientNum + credentialsTypeStr
- + " credentials: " + opCredentials);
- if (useThisVM) {
- SecurityTestUtil.createCacheClientWithDynamicRegion(authInit, clientProps, javaProps, new int[] { port1, port2 }, 0, false, NO_EXCEPTION);
- }
- else {
- clientVM.invoke(() -> createCacheClient(authInit, clientProps, javaProps, new int[] { port1, port2 }, 0, false, SecurityTestUtil.NO_EXCEPTION));
- }
- }
- int expectedResult;
- if ((opFlags & OpFlags.CHECK_NOTAUTHZ) > 0) {
- expectedResult = SecurityTestUtil.NOTAUTHZ_EXCEPTION;
- }
- else if ((opFlags & OpFlags.CHECK_EXCEPTION) > 0) {
- expectedResult = SecurityTestUtil.OTHER_EXCEPTION;
- }
- else {
- expectedResult = SecurityTestUtil.NO_EXCEPTION;
- }
+ int port1 = createServer1(javaProps, serverProps);
+ int port2 = createServer2(javaProps, serverProps);
- // Perform the operation from selected client
- if (useThisVM) {
- doOp(new Byte(opCode.toOrdinal()), currentOp.getIndices(), new Integer(
- opFlags), new Integer(expectedResult));
- }
- else {
- byte ordinal = opCode.toOrdinal();
- int[] indices = currentOp.getIndices();
- clientVM.invoke(() -> ClientAuthorizationTestBase.doOp( new Byte(ordinal),
- indices, new Integer(opFlags),
- new Integer(expectedResult) ));
- }
- }
- }
+ // Start client1 with valid CREATE credentials
+ Properties createCredentials = gen.getAllowedCredentials(new OperationCode[] { OperationCode.PUT }, new String[] { regionName }, 1);
+ javaProps = cGen.getJavaProperties();
- @Test
- public void testAllowPutsGets() {
- AuthzCredentialGenerator gen = getXmlAuthzGenerator();
- CredentialGenerator cGen = gen.getCredentialGenerator();
- Properties extraAuthProps = cGen.getSystemProperties();
- Properties javaProps = cGen.getJavaProperties();
- Properties extraAuthzProps = gen.getSystemProperties();
- String authenticator = cGen.getAuthenticator();
- String authInit = cGen.getAuthInit();
- String accessor = gen.getAuthorizationCallback();
-
- LogWriterUtils.getLogWriter().info("testAllowPutsGets: Using authinit: " + authInit);
- LogWriterUtils.getLogWriter().info(
- "testAllowPutsGets: Using authenticator: " + authenticator);
- LogWriterUtils.getLogWriter().info("testAllowPutsGets: Using accessor: " + accessor);
-
- // Start servers with all required properties
- Properties serverProps = buildProperties(authenticator, accessor, false,
- extraAuthProps, extraAuthzProps);
- Integer port1 = createServer1(javaProps, serverProps);
- Integer port2 = createServer2(javaProps, serverProps);
-
- // Start client1 with valid CREATE credentials
- Properties createCredentials = gen.getAllowedCredentials(
- new OperationCode[] { OperationCode.PUT },
- new String[] { regionName }, 1);
- javaProps = cGen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testAllowPutsGets: For first client credentials: "
- + createCredentials);
- createClient1NoException(javaProps, authInit, port1, port2,
- createCredentials);
-
- // Start client2 with valid GET credentials
- Properties getCredentials = gen.getAllowedCredentials(
- new OperationCode[] { OperationCode.GET },
- new String[] { regionName }, 2);
- javaProps = cGen.getJavaProperties();
- LogWriterUtils.getLogWriter()
- .info(
- "testAllowPutsGets: For second client credentials: "
- + getCredentials);
- createClient2NoException(javaProps, authInit, port1, port2,
- getCredentials);
-
- // Perform some put operations from client1
- client1.invoke(() -> SecurityTestUtil.doPuts(
- new Integer(2), new Integer(SecurityTestUtil.NO_EXCEPTION) ));
-
- // Verify that the gets succeed
- client2.invoke(() -> SecurityTestUtil.doGets(
- new Integer(2), new Integer(SecurityTestUtil.NO_EXCEPTION) ));
+ getLogWriter().info("testAllowPutsGets: For first client credentials: " + createCredentials);
+
+ createClient1NoException(javaProps, authInit, port1, port2, createCredentials);
+
+ // Start client2 with valid GET credentials
+ Properties getCredentials = gen.getAllowedCredentials(new OperationCode[] { OperationCode.GET }, new String[] { regionName }, 2);
+ javaProps = cGen.getJavaProperties();
+
+ getLogWriter().info("testAllowPutsGets: For second client credentials: " + getCredentials);
+
+ createClient2NoException(javaProps, authInit, port1, port2, getCredentials);
+
+ // Perform some put operations from client1
+ client1.invoke(() -> doPuts(2, NO_EXCEPTION));
+
+ // Verify that the gets succeed
+ client2.invoke(() -> doGets(2, NO_EXCEPTION));
}
@Test
@@ -247,382 +113,228 @@ public class ClientAuthorizationDUnitTest extends ClientAuthorizationTestBase {
String authInit = cGen.getAuthInit();
String accessor = gen.getAuthorizationCallback();
- LogWriterUtils.getLogWriter().info("testPutAllWithSecurity: Using authinit: " + authInit);
- LogWriterUtils.getLogWriter().info("testPutAllWithSecurity: Using authenticator: " + authenticator);
- LogWriterUtils.getLogWriter().info("testPutAllWithSecurity: Using accessor: " + accessor);
+ getLogWriter().info("testPutAllWithSecurity: Using authinit: " + authInit);
+ getLogWriter().info("testPutAllWithSecurity: Using authenticator: " + authenticator);
+ getLogWriter().info("testPutAllWithSecurity: Using accessor: " + accessor);
// Start servers with all required properties
Properties serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
- Integer port1 = createServer1(javaProps, serverProps);
- Integer port2 = createServer2(javaProps, serverProps);
+
+ int port1 = createServer1(javaProps, serverProps);
+ int port2 = createServer2(javaProps, serverProps);
// Start client1 with valid CREATE credentials
Properties createCredentials = gen.getAllowedCredentials(new OperationCode[] { OperationCode.PUTALL }, new String[] { regionName }, 1);
javaProps = cGen.getJavaProperties();
- LogWriterUtils.getLogWriter().info("testPutAllWithSecurity: For first client credentials: " + createCredentials);
+
+ getLogWriter().info("testPutAllWithSecurity: For first client credentials: " + createCredentials);
+
createClient1NoException(javaProps, authInit, port1, port2, createCredentials);
// Perform some put all operations from client1
- client1.invoke(() -> SecurityTestUtil.doPutAllP());
- }
-
- protected void createClient2NoException(Properties javaProps, String authInit,
- Integer port1, Integer port2, Properties getCredentials) {
- client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, getCredentials, javaProps, port1, port2,
- 0, SecurityTestUtil.NO_EXCEPTION));
+ client1.invoke(() -> doPutAllP());
}
- protected void createClient1NoException(Properties javaProps, String authInit,
- Integer port1, Integer port2, Properties createCredentials) {
- client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, createCredentials, javaProps, port1, port2,
- 0, SecurityTestUtil.NO_EXCEPTION));
- }
+ @Test
+ public void testDisallowPutsGets() {
+ AuthzCredentialGenerator gen = getXmlAuthzGenerator();
+ CredentialGenerator cGen = gen.getCredentialGenerator();
+ Properties extraAuthProps = cGen.getSystemProperties();
+ Properties javaProps = cGen.getJavaProperties();
+ Properties extraAuthzProps = gen.getSystemProperties();
+ String authenticator = cGen.getAuthenticator();
+ String authInit = cGen.getAuthInit();
+ String accessor = gen.getAuthorizationCallback();
- protected Integer createServer2(Properties javaProps,
- Properties serverProps) {
- Integer port2 = ((Integer)server2.invoke(() -> ClientAuthorizationTestBase.createCacheServer(
- SecurityTestUtil.getLocatorPort(), serverProps, javaProps )));
- return port2;
- }
+ getLogWriter().info("testDisallowPutsGets: Using authinit: " + authInit);
+ getLogWriter().info("testDisallowPutsGets: Using authenticator: " + authenticator);
+ getLogWriter().info("testDisallowPutsGets: Using accessor: " + accessor);
- protected Integer createServer1(Properties javaProps,
- Properties serverProps) {
- Integer port1 = ((Integer)server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer(
- SecurityTestUtil.getLocatorPort(), serverProps, javaProps )));
- return port1;
- }
+ // Check that we indeed can obtain valid credentials not allowed to do gets
+ Properties createCredentials = gen.getAllowedCredentials(new OperationCode[] { OperationCode.PUT }, new String[] { regionName }, 1);
+ Properties createJavaProps = cGen.getJavaProperties();
- @Test
- public void testDisallowPutsGets() {
+ getLogWriter().info("testDisallowPutsGets: For first client credentials: " + createCredentials);
+
+ Properties getCredentials = gen.getDisallowedCredentials(new OperationCode[] { OperationCode.GET }, new String[] { regionName }, 2);
+ Properties getJavaProps = cGen.getJavaProperties();
+
+ getLogWriter().info("testDisallowPutsGets: For second client disallowed GET credentials: " + getCredentials);
+
+ // Start servers with all required properties
+ Properties serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
+
+ int port1 = createServer1(javaProps, serverProps);
+ int port2 = createServer2(javaProps, serverProps);
+
+ createClient1NoException(createJavaProps, authInit, port1, port2, createCredentials);
+
+ createClient2NoException(getJavaProps, authInit, port1, port2, getCredentials);
+
+ // Perform some put operations from client1
+ client1.invoke(() -> doPuts(2, NO_EXCEPTION));
- AuthzCredentialGenerator gen = getXmlAuthzGenerator();
- CredentialGenerator cGen = gen.getCredentialGenerator();
- Properties extraAuthProps = cGen.getSystemProperties();
- Properties javaProps = cGen.getJavaProperties();
- Properties extraAuthzProps = gen.getSystemProperties();
- String authenticator = cGen.getAuthenticator();
- String authInit = cGen.getAuthInit();
- String accessor = gen.getAuthorizationCallback();
-
- LogWriterUtils.getLogWriter().info("testDisallowPutsGets: Using authinit: " + authInit);
- LogWriterUtils.getLogWriter().info(
- "testDisallowPutsGets: Using authenticator: " + authenticator);
- LogWriterUtils.getLogWriter().info("testDisallowPutsGets: Using accessor: " + accessor);
-
- // Check that we indeed can obtain valid credentials not allowed to do
- // gets
- Properties createCredentials = gen.getAllowedCredentials(
- new OperationCode[] { OperationCode.PUT },
- new String[] { regionName }, 1);
- Properties createJavaProps = cGen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testDisallowPutsGets: For first client credentials: "
- + createCredentials);
- Properties getCredentials = gen.getDisallowedCredentials(
- new OperationCode[] { OperationCode.GET },
- new String[] { regionName }, 2);
- Properties getJavaProps = cGen.getJavaProperties();
-
- LogWriterUtils.getLogWriter().info(
- "testDisallowPutsGets: For second client disallowed GET credentials: "
- + getCredentials);
-
- // Start servers with all required properties
- Properties serverProps = buildProperties(authenticator, accessor, false,
- extraAuthProps, extraAuthzProps);
- Integer port1 = createServer1(javaProps, serverProps);
- Integer port2 = createServer2(javaProps, serverProps);
-
- createClient1NoException(createJavaProps, authInit, port1, port2,
- createCredentials);
-
- createClient2NoException(getJavaProps, authInit, port1, port2,
- getCredentials);
-
- // Perform some put operations from client1
- client1.invoke(() -> SecurityTestUtil.doPuts(
- new Integer(2), new Integer(SecurityTestUtil.NO_EXCEPTION) ));
-
- // Gets as normal user should throw exception
- client2.invoke(() -> SecurityTestUtil.doGets(
- new Integer(2), new Integer(SecurityTestUtil.NOTAUTHZ_EXCEPTION) ));
-
- // Try to connect client2 with reader credentials
- getCredentials = gen.getAllowedCredentials(
- new OperationCode[] { OperationCode.GET },
- new String[] { regionName }, 5);
- getJavaProps = cGen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testDisallowPutsGets: For second client with GET credentials: "
- + getCredentials);
- createClient2NoException(getJavaProps, authInit, port1, port2,
- getCredentials);
-
- // Verify that the gets succeed
- client2.invoke(() -> SecurityTestUtil.doGets(
- new Integer(2), new Integer(SecurityTestUtil.NO_EXCEPTION) ));
-
- // Verify that the puts throw exception
- client2.invoke(() -> SecurityTestUtil.doNPuts(
- new Integer(2), new Integer(SecurityTestUtil.NOTAUTHZ_EXCEPTION) ));
+ // Gets as normal user should throw exception
+ client2.invoke(() -> doGets(2, NOTAUTHZ_EXCEPTION));
+
+ // Try to connect client2 with reader credentials
+ getCredentials = gen.getAllowedCredentials(new OperationCode[] { OperationCode.GET }, new String[] { regionName }, 5);
+ getJavaProps = cGen.getJavaProperties();
+
+ getLogWriter().info("testDisallowPutsGets: For second client with GET credentials: " + getCredentials);
+
+ createClient2NoException(getJavaProps, authInit, port1, port2, getCredentials);
+
+ // Verify that the gets succeed
+ client2.invoke(() -> doGets(2, NO_EXCEPTION));
+
+ // Verify that the puts throw exception
+ client2.invoke(() -> doNPuts(2, NOTAUTHZ_EXCEPTION));
}
@Test
public void testInvalidAccessor() {
- AuthzCredentialGenerator gen = getXmlAuthzGenerator();
- CredentialGenerator cGen = gen.getCredentialGenerator();
- Properties extraAuthProps = cGen.getSystemProperties();
- Properties javaProps = cGen.getJavaProperties();
- Properties extraAuthzProps = gen.getSystemProperties();
- String authenticator = cGen.getAuthenticator();
- String authInit = cGen.getAuthInit();
- String accessor = gen.getAuthorizationCallback();
-
- LogWriterUtils.getLogWriter().info("testInvalidAccessor: Using authinit: " + authInit);
- LogWriterUtils.getLogWriter().info(
- "testInvalidAccessor: Using authenticator: " + authenticator);
-
- // Start server1 with invalid accessor
- Properties serverProps = buildProperties(authenticator,
- "com.gemstone.none", false, extraAuthProps, extraAuthzProps);
- Integer port1 = createServer1(javaProps, serverProps);
- Integer port2 = new Integer(AvailablePort
- .getRandomAvailablePort(AvailablePort.SOCKET));
-
- // Client creation should throw exceptions
- Properties createCredentials = gen.getAllowedCredentials(
- new OperationCode[] { OperationCode.PUT },
- new String[] { regionName }, 3);
- Properties createJavaProps = cGen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testInvalidAccessor: For first client CREATE credentials: "
- + createCredentials);
- Properties getCredentials = gen.getAllowedCredentials(
- new OperationCode[] { OperationCode.GET },
- new String[] { regionName }, 7);
- Properties getJavaProps = cGen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testInvalidAccessor: For second client GET credentials: "
- + getCredentials);
- client1.invoke(() -> ClientAuthenticationUtils.createCacheClient( authInit, createCredentials, createJavaProps, port1,
- port2, 0, Boolean.FALSE, Boolean.FALSE,
- Integer.valueOf(SecurityTestUtil.NO_EXCEPTION) ));
- client1.invoke(() -> SecurityTestUtil.doPuts(
- new Integer(1), new Integer(SecurityTestUtil.AUTHFAIL_EXCEPTION) ));
- client2.invoke(() -> ClientAuthenticationUtils.createCacheClient( authInit, getCredentials, getJavaProps, port1, port2,
- 0, Boolean.FALSE, Boolean.FALSE,
- Integer.valueOf(SecurityTestUtil.NO_EXCEPTION) ));
- client2.invoke(() -> SecurityTestUtil.doPuts(
- new Integer(1), new Integer(SecurityTestUtil.AUTHFAIL_EXCEPTION) ));
-
- // Now start server2 that has valid accessor
- LogWriterUtils.getLogWriter().info("testInvalidAccessor: Using accessor: " + accessor);
- serverProps = buildProperties(authenticator, accessor, false,
- extraAuthProps, extraAuthzProps);
- createServer2(javaProps, serverProps, port2);
- server1.invoke(() -> SecurityTestUtil.closeCache());
-
- createClient1NoException(createJavaProps, authInit, port1, port2,
- createCredentials);
- createClient2NoException(getJavaProps, authInit, port1, port2,
- getCredentials);
-
- // Now perform some put operations from client1
- client1.invoke(() -> SecurityTestUtil.doPuts(
- new Integer(4), new Integer(SecurityTestUtil.NO_EXCEPTION) ));
-
- // Verify that the gets succeed
- client2.invoke(() -> SecurityTestUtil.doGets(
- new Integer(4), new Integer(SecurityTestUtil.NO_EXCEPTION) ));
- }
+ AuthzCredentialGenerator gen = getXmlAuthzGenerator();
+ CredentialGenerator cGen = gen.getCredentialGenerator();
+ Properties extraAuthProps = cGen.getSystemProperties();
+ Properties javaProps = cGen.getJavaProperties();
+ Properties extraAuthzProps = gen.getSystemProperties();
+ String authenticator = cGen.getAuthenticator();
+ String authInit = cGen.getAuthInit();
+ String accessor = gen.getAuthorizationCallback();
+
+ getLogWriter().info("testInvalidAccessor: Using authinit: " + authInit);
+ getLogWriter().info("testInvalidAccessor: Using authenticator: " + authenticator);
+
+ // Start server1 with invalid accessor
+ Properties serverProps = buildProperties(authenticator, "com.gemstone.none", false, extraAuthProps, extraAuthzProps);
+
+ int port1 = createServer1(javaProps, serverProps);
+ int port2 = getRandomAvailablePort(SOCKET);
+
+ // Client creation should throw exceptions
+ Properties createCredentials = gen.getAllowedCredentials(new OperationCode[] { OperationCode.PUT }, new String[] { regionName }, 3);
+ Properties createJavaProps = cGen.getJavaProperties();
+
+ getLogWriter().info("testInvalidAccessor: For first client CREATE credentials: " + createCredentials);
+
+ Properties getCredentials = gen.getAllowedCredentials(new OperationCode[] { OperationCode.GET }, new String[] { regionName }, 7);
+ Properties getJavaProps = cGen.getJavaProperties();
- protected void createServer2(Properties javaProps, Properties serverProps,
- Integer port2) {
- server2.invoke(() -> ClientAuthorizationTestBase.createCacheServer( SecurityTestUtil.getLocatorPort(), port2, serverProps,
- javaProps ));
+ getLogWriter().info("testInvalidAccessor: For second client GET credentials: " + getCredentials);
+
+ client1.invoke(() -> ClientAuthenticationUtils.createCacheClient( authInit, createCredentials, createJavaProps, port1, port2, 0, false, false, NO_EXCEPTION));
+ client1.invoke(() -> doPuts(1, AUTHFAIL_EXCEPTION));
+
+ client2.invoke(() -> ClientAuthenticationUtils.createCacheClient( authInit, getCredentials, getJavaProps, port1, port2, 0, false, false, NO_EXCEPTION));
+ client2.invoke(() -> doPuts(1, AUTHFAIL_EXCEPTION));
+
+ // Now start server2 that has valid accessor
+ getLogWriter().info("testInvalidAccessor: Using accessor: " + accessor);
+ serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
+ createServer2(javaProps, serverProps, port2);
+ server1.invoke(() -> closeCache());
+
+ createClient1NoException(createJavaProps, authInit, port1, port2, createCredentials);
+ createClient2NoException(getJavaProps, authInit, port1, port2, getCredentials);
+
+ // Now perform some put operations from client1
+ client1.invoke(() -> doPuts(4, NO_EXCEPTION));
+
+ // Verify that the gets succeed
+ client2.invoke(() -> doGets(4, NO_EXCEPTION));
}
@Test
public void testPutsGetsWithFailover() {
- AuthzCredentialGenerator gen = getXmlAuthzGenerator();
- CredentialGenerator cGen = gen.getCredentialGenerator();
- Properties extraAuthProps = cGen.getSystemProperties();
- Properties javaProps = cGen.getJavaProperties();
- Properties extraAuthzProps = gen.getSystemProperties();
- String authenticator = cGen.getAuthenticator();
- String authInit = cGen.getAuthInit();
- String accessor = gen.getAuthorizationCallback();
-
- LogWriterUtils.getLogWriter().info(
- "testPutsGetsWithFailover: Using authinit: " + authInit);
- LogWriterUtils.getLogWriter().info(
- "testPutsGetsWithFailover: Using authenticator: " + authenticator);
- LogWriterUtils.getLogWriter().info(
- "testPutsGetsWithFailover: Using accessor: " + accessor);
-
- // Start servers with all required properties
- Properties serverProps = buildProperties(authenticator, accessor, false,
- extraAuthProps, extraAuthzProps);
- Integer port1 = createServer1(javaProps, serverProps);
- // Get a port for second server but do not start it
- // This forces the clients to connect to the first server
- Integer port2 = new Integer(AvailablePort
- .getRandomAvailablePort(AvailablePort.SOCKET));
-
- // Start client1 with valid CREATE credentials
- Properties createCredentials = gen.getAllowedCredentials(
- new OperationCode[] { OperationCode.PUT },
- new String[] { regionName }, 1);
- Properties createJavaProps = cGen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testPutsGetsWithFailover: For first client credentials: "
- + createCredentials);
- createClient1NoException(createJavaProps, authInit, port1, port2,
- createCredentials);
-
- // Start client2 with valid GET credentials
- Properties getCredentials = gen.getAllowedCredentials(
- new OperationCode[] { OperationCode.GET },
- new String[] { regionName }, 5);
- Properties getJavaProps = cGen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testPutsGetsWithFailover: For second client credentials: "
- + getCredentials);
- createClient2NoException(getJavaProps, authInit, port1, port2,
- getCredentials);
-
- // Perform some put operations from client1
- client1.invoke(() -> SecurityTestUtil.doPuts(
- new Integer(2), new Integer(SecurityTestUtil.NO_EXCEPTION) ));
- // Verify that the puts succeeded
- client2.invoke(() -> SecurityTestUtil.doGets(
- new Integer(2), new Integer(SecurityTestUtil.NO_EXCEPTION) ));
-
- createServer2(javaProps, serverProps, port2);
- server1.invoke(() -> SecurityTestUtil.closeCache());
-
- // Perform some put operations from client1
- client1.invoke(() -> SecurityTestUtil.doNPuts(
- new Integer(4), new Integer(SecurityTestUtil.NO_EXCEPTION) ));
- // Verify that the puts succeeded
- client2.invoke(() -> SecurityTestUtil.doNGets(
- new Integer(4), new Integer(SecurityTestUtil.NO_EXCEPTION) ));
-
- // Now re-connect with credentials not allowed to do gets
- Properties noGetCredentials = gen.getDisallowedCredentials(
- new OperationCode[] { OperationCode.GET },
- new String[] { regionName }, 9);
- getJavaProps = cGen.getJavaProperties();
-
- LogWriterUtils.getLogWriter().info(
- "testPutsGetsWithFailover: For second client disallowed GET credentials: "
- + noGetCredentials);
-
- createClient2NoException(getJavaProps, authInit, port1, port2,
- noGetCredentials);
-
- // Perform some put operations from client1
- client1.invoke(() -> SecurityTestUtil.doPuts(
- new Integer(4), new Integer(SecurityTestUtil.NO_EXCEPTION) ));
- // Gets as normal user should throw exception
- client2.invoke(() -> SecurityTestUtil.doGets(
- new Integer(4), new Integer(SecurityTestUtil.NOTAUTHZ_EXCEPTION) ));
-
- // force a failover and do the drill again
- server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer( SecurityTestUtil.getLocatorPort(), port1, serverProps,
- javaProps ));
- server2.invoke(() -> SecurityTestUtil.closeCache());
-
- // Perform some put operations from client1
- client1.invoke(() -> SecurityTestUtil.doNPuts(
- new Integer(4), new Integer(SecurityTestUtil.NO_EXCEPTION) ));
- // Gets as normal user should throw exception
- client2.invoke(() -> SecurityTestUtil.doNGets(
- new Integer(4), new Integer(SecurityTestUtil.NOTAUTHZ_EXCEPTION) ));
-
- createClient2NoException(getJavaProps, authInit, port1, port2,
- getCredentials);
-
- // Verify that the gets succeed
- client2.invoke(() -> SecurityTestUtil.doNGets(
- new Integer(4), new Integer(SecurityTestUtil.NO_EXCEPTION) ));
-
- // Verify that the puts throw exception
- client2.invoke(() -> SecurityTestUtil.doPuts(
- new Integer(4), new Integer(SecurityTestUtil.NOTAUTHZ_EXCEPTION) ));
- }
+ AuthzCredentialGenerator gen = getXmlAuthzGenerator();
+ CredentialGenerator cGen = gen.getCredentialGenerator();
+ Properties extraAuthProps = cGen.getSystemProperties();
+ Properties javaProps = cGen.getJavaProperties();
+ Properties extraAuthzProps = gen.getSystemProperties();
+ String authenticator = cGen.getAuthenticator();
+ String authInit = cGen.getAuthInit();
+ String accessor = gen.getAuthorizationCallback();
- @Test
- public void testUnregisterInterestWithFailover() throws InterruptedException {
+ getLogWriter().info("testPutsGetsWithFailover: Using authinit: " + authInit);
+ getLogWriter().info("testPutsGetsWithFailover: Using authenticator: " + authenticator);
+ getLogWriter().info("testPutsGetsWithFailover: Using accessor: " + accessor);
- OperationWithAction[] unregisterOps = {
- // Register interest in all KEYS using one key at a time
- new OperationWithAction(OperationCode.REGISTER_INTEREST,
- OperationCode.UNREGISTER_INTEREST, 3, OpFlags.NONE, 4),
- new OperationWithAction(OperationCode.REGISTER_INTEREST, 2),
- // UPDATE and test with GET
- new OperationWithAction(OperationCode.PUT),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP, 4),
+ // Start servers with all required properties
+ Properties serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
- // Unregister interest in all KEYS using one key at a time
- new OperationWithAction(OperationCode.UNREGISTER_INTEREST, 3,
- OpFlags.USE_OLDCONN | OpFlags.CHECK_NOTAUTHZ, 4),
- new OperationWithAction(OperationCode.UNREGISTER_INTEREST, 2,
- OpFlags.USE_OLDCONN, 4),
- // UPDATE and test with GET for no updates
- new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN
- | OpFlags.USE_NEWVAL, 4),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP, 4),
+ int port1 = createServer1(javaProps, serverProps);
- OperationWithAction.OPBLOCK_END,
+ // Get a port for second server but do not start it. This forces the clients to connect to the first server
+ int port2 = getRandomAvailablePort(SOCKET);
- // Register interest in all KEYS using list
- new OperationWithAction(OperationCode.REGISTER_INTEREST,
- OperationCode.UNREGISTER_INTEREST, 3, OpFlags.USE_LIST, 4),
- new OperationWithAction(OperationCode.REGISTER_INTEREST, 1,
- OpFlags.USE_LIST, 4),
- // UPDATE and test with GET
- new OperationWithAction(OperationCode.PUT, 2),
- new OperationWithAction(OperationCode.GET, 1, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP, 4),
+ // Start client1 with valid CREATE credentials
+ Properties createCredentials = gen.getAllowedCredentials(new OperationCode[] { OperationCode.PUT }, new String[] { regionName }, 1);
+ Properties createJavaProps = cGen.getJavaProperties();
- // Unregister interest in all KEYS using list
- new OperationWithAction(OperationCode.UNREGISTER_INTEREST, 3,
- OpFlags.USE_OLDCONN | OpFlags.USE_LIST | OpFlags.CHECK_NOTAUTHZ, 4),
- new OperationWithAction(OperationCode.UNREGISTER_INTEREST, 1,
- OpFlags.USE_OLDCONN | OpFlags.USE_LIST, 4),
- // UPDATE and test with GET for no updates
- new OperationWithAction(OperationCode.PUT, 2, OpFlags.USE_OLDCONN
- | OpFlags.USE_NEWVAL, 4),
- new OperationWithAction(OperationCode.GET, 1, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP, 4),
+ getLogWriter().info("testPutsGetsWithFailover: For first client credentials: " + createCredentials);
- OperationWithAction.OPBLOCK_END,
+ createClient1NoException(createJavaProps, authInit, port1, port2, createCredentials);
- // Register interest in all KEYS using regular expression
- new OperationWithAction(OperationCode.REGISTER_INTEREST,
- OperationCode.UNREGISTER_INTEREST, 3, OpFlags.USE_REGEX, 4),
- new OperationWithAction(OperationCode.REGISTER_INTEREST, 2,
- OpFlags.USE_REGEX, 4),
- // UPDATE and test with GET
- new OperationWithAction(OperationCode.PUT),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP, 4),
+ // Start client2 with valid GET credentials
+ Properties getCredentials = gen.getAllowedCredentials(new OperationCode[] { OperationCode.GET }, new String[] { regionName }, 5);
+ Properties getJavaProps = cGen.getJavaProperties();
- // Unregister interest in all KEYS using regular expression
- new OperationWithAction(OperationCode.UNREGISTER_INTEREST, 3,
- OpFlags.USE_OLDCONN | OpFlags.USE_REGEX | OpFlags.CHECK_NOTAUTHZ, 4),
- new OperationWithAction(OperationCode.UNREGISTER_INTEREST, 2,
- OpFlags.USE_OLDCONN | OpFlags.USE_REGEX, 4),
- // UPDATE and test with GET for no updates
- new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN
- | OpFlags.USE_NEWVAL, 4),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP, 4),
+ getLogWriter().info("testPutsGetsWithFailover: For second client credentials: " + getCredentials);
- OperationWithAction.OPBLOCK_END };
+ createClient2NoException(getJavaProps, authInit, port1, port2, getCredentials);
+
+ // Perform some put operations from client1
+ client1.invoke(() -> doPuts(2, NO_EXCEPTION));
+
+ // Verify that the puts succeeded
+ client2.invoke(() -> doGets(2, NO_EXCEPTION));
+
+ createServer2(javaProps, serverProps, port2);
+ server1.invoke(() -> closeCache());
+
+ // Perform some put operations from client1
+ client1.invoke(() -> doNPuts(4, NO_EXCEPTION));
+
+ // Verify that the puts succeeded
+ client2.invoke(() -> doNGets(4, NO_EXCEPTION));
+
+ // Now re-connect with credentials not allowed to do gets
+ Properties noGetCredentials = gen.getDisallowedCredentials(new OperationCode[] { OperationCode.GET }, new String[] { regionName }, 9);
+ getJavaProps = cGen.getJavaProperties();
+
+ getLogWriter().info("testPutsGetsWithFailover: For second client disallowed GET credentials: " + noGetCredentials);
+
+ createClient2NoException(getJavaProps, authInit, port1, port2, noGetCredentials);
+
+ // Perform some put operations from client1
+ client1.invoke(() -> doPuts(4, NO_EXCEPTION));
+
+ // Gets as normal user should throw exception
+ client2.invoke(() -> doGets(4, NOTAUTHZ_EXCEPTION));
+
+ // force a failover and do the drill again
+ server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer( getLocatorPort(), port1, serverProps, javaProps ));
+ server2.invoke(() -> closeCache());
+
+ // Perform some put operations from client1
+ client1.invoke(() -> doNPuts(4, NO_EXCEPTION));
+
+ // Gets as normal user should throw exception
+ client2.invoke(() -> doNGets(4, NOTAUTHZ_EXCEPTION));
+
+ createClient2NoException(getJavaProps, authInit, port1, port2, getCredentials);
+
+ // Verify that the gets succeed
+ client2.invoke(() -> doNGets(4, NO_EXCEPTION));
+
+ // Verify that the puts throw exception
+ client2.invoke(() -> doPuts(4, NOTAUTHZ_EXCEPTION));
+ }
+
+ @Test
+ public void testUnregisterInterestWithFailover() throws InterruptedException {
+ OperationWithAction[] unregisterOps = unregisterOpsForTestUnregisterInterestWithFailover();
AuthzCredentialGenerator gen = new XmlAuthzCredentialGenerator();
CredentialGenerator cGen = new DummyCredentialGenerator();
@@ -635,48 +347,43 @@ public class ClientAuthorizationDUnitTest extends ClientAuthorizationTestBase {
String authInit = cGen.getAuthInit();
String accessor = gen.getAuthorizationCallback();
- LogWriterUtils.getLogWriter().info("testAllOpsWithFailover: Using authinit: " + authInit);
- LogWriterUtils.getLogWriter().info(
- "testAllOpsWithFailover: Using authenticator: " + authenticator);
- LogWriterUtils.getLogWriter().info("testAllOpsWithFailover: Using accessor: " + accessor);
+ getLogWriter().info("testAllOpsWithFailover: Using authinit: " + authInit);
+ getLogWriter().info("testAllOpsWithFailover: Using authenticator: " + authenticator);
+ getLogWriter().info("testAllOpsWithFailover: Using accessor: " + accessor);
// Start servers with all required properties
- Properties serverProps = buildProperties(authenticator, accessor, false,
- extraAuthProps, extraAuthzProps);
+ Properties serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
+
// Get ports for the servers
- Integer port1 = new Integer(AvailablePort
- .getRandomAvailablePort(AvailablePort.SOCKET));
- Integer port2 = new Integer(AvailablePort
- .getRandomAvailablePort(AvailablePort.SOCKET));
+ int port1 = getRandomAvailablePort(SOCKET);
+ int port2 = getRandomAvailablePort(SOCKET);
// Perform all the ops on the clients
List opBlock = new ArrayList();
for (int opNum = 0; opNum < unregisterOps.length; ++opNum) {
- // Start client with valid credentials as specified in
- // OperationWithAction
+
+ // Start client with valid credentials as specified in OperationWithAction
OperationWithAction currentOp = unregisterOps[opNum];
- if (currentOp.equals(OperationWithAction.OPBLOCK_END)
- || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
- // End of current operation block; execute all the operations
- // on the servers with/without failover
+ if (currentOp.equals(OperationWithAction.OPBLOCK_END) || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
+
+ // End of current operation block; execute all the operations on the servers with/without failover
if (opBlock.size() > 0) {
// Start the first server and execute the operation block
- server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer(
- SecurityTestUtil.getLocatorPort(), port1, serverProps,
- javaProps ));
- server2.invoke(() -> SecurityTestUtil.closeCache());
- executeRIOpBlock(opBlock, port1, port2, authInit, extraAuthProps,
- extraAuthzProps, javaProps);
+ server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer(getLocatorPort(), port1, serverProps, javaProps));
+ server2.invoke(() -> closeCache());
+
+ executeRIOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, javaProps);
+
if (!currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
createServer2(javaProps, serverProps, port2);
- server1.invoke(() -> SecurityTestUtil.closeCache());
- executeRIOpBlock(opBlock, port1, port2, authInit, extraAuthProps,
- extraAuthzProps, javaProps);
+ server1.invoke(() -> closeCache());
+
+ executeRIOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, javaProps);
}
opBlock.clear();
}
- }
- else {
+
+ } else {
currentOp.setOpNum(opNum);
opBlock.add(currentOp);
}
@@ -685,104 +392,255 @@ public class ClientAuthorizationDUnitTest extends ClientAuthorizationTestBase {
@Test
public void testAllOpsWithFailover() throws InterruptedException {
- IgnoredException.addIgnoredException("Read timed out");
+ addIgnoredException("Read timed out");
+ runOpsWithFailover(allOpsForAllOpsWithFailover(), "testAllOpsWithFailover");
+ }
+
+ private OperationWithAction[] unregisterOpsForTestUnregisterInterestWithFailover() {
+ return new OperationWithAction[] {
+ // Register interest in all KEYS using one key at a time
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, OperationCode.UNREGISTER_INTEREST, 3, OpFlags.NONE, 4),
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, 2),
+ // UPDATE and test with GET
+ new OperationWithAction(OperationCode.PUT),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP, 4),
+
+ // Unregister interest in all KEYS using one key at a time
+ new OperationWithAction(OperationCode.UNREGISTER_INTEREST, 3, OpFlags.USE_OLDCONN | OpFlags.CHECK_NOTAUTHZ, 4),
+ new OperationWithAction(OperationCode.UNREGISTER_INTEREST, 2, OpFlags.USE_OLDCONN, 4),
+ // UPDATE and test with GET for no updates
+ new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 4),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP, 4),
+
+ OperationWithAction.OPBLOCK_END,
- OperationWithAction[] allOps = {
+ // Register interest in all KEYS using list
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, OperationCode.UNREGISTER_INTEREST, 3, OpFlags.USE_LIST, 4),
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, 1, OpFlags.USE_LIST, 4),
+ // UPDATE and test with GET
+ new OperationWithAction(OperationCode.PUT, 2),
+ new OperationWithAction(OperationCode.GET, 1, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP, 4),
+
+ // Unregister interest in all KEYS using list
+ new OperationWithAction(OperationCode.UNREGISTER_INTEREST, 3, OpFlags.USE_OLDCONN | OpFlags.USE_LIST | OpFlags.CHECK_NOTAUTHZ, 4),
+ new OperationWithAction(OperationCode.UNREGISTER_INTEREST, 1, OpFlags.USE_OLDCONN | OpFlags.USE_LIST, 4),
+ // UPDATE and test with GET for no updates
+ new OperationWithAction(OperationCode.PUT, 2, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 4),
+ new OperationWithAction(OperationCode.GET, 1, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP, 4),
+
+ OperationWithAction.OPBLOCK_END,
+
+ // Register interest in all KEYS using regular expression
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, OperationCode.UNREGISTER_INTEREST, 3, OpFlags.USE_REGEX, 4),
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, 2, OpFlags.USE_REGEX, 4),
+ // UPDATE and test with GET
+ new OperationWithAction(OperationCode.PUT),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP, 4),
+
+ // Unregister interest in all KEYS using regular expression
+ new OperationWithAction(OperationCode.UNREGISTER_INTEREST, 3, OpFlags.USE_OLDCONN | OpFlags.USE_REGEX | OpFlags.CHECK_NOTAUTHZ, 4),
+ new OperationWithAction(OperationCode.UNREGISTER_INTEREST, 2, OpFlags.USE_OLDCONN | OpFlags.USE_REGEX, 4),
+ // UPDATE and test with GET for no updates
+ new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 4),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP, 4),
+
+ OperationWithAction.OPBLOCK_END
+ };
+ }
+
+ private OperationWithAction[] allOpsForAllOpsWithFailover() {
+ return new OperationWithAction[] {
// Test CREATE and verify with a GET
new OperationWithAction(OperationCode.PUT, 3, OpFlags.CHECK_NOTAUTHZ, 4),
new OperationWithAction(OperationCode.PUT),
- new OperationWithAction(OperationCode.GET, 3, OpFlags.CHECK_NOKEY
- | OpFlags.CHECK_NOTAUTHZ, 4),
+ new OperationWithAction(OperationCode.GET, 3, OpFlags.CHECK_NOKEY | OpFlags.CHECK_NOTAUTHZ, 4),
new OperationWithAction(OperationCode.GET, 2, OpFlags.CHECK_NOKEY, 4),
- // OPBLOCK_END indicates end of an operation block; the above block of
- // three operations will be first executed on server1 and then on
- // server2 after failover
+ // OPBLOCK_END indicates end of an operation block; the above block of three operations will be first executed on server1 and then on server2 after failover
OperationWithAction.OPBLOCK_END,
// Test PUTALL and verify with GETs
- new OperationWithAction(OperationCode.PUTALL, 3, OpFlags.USE_NEWVAL
- | OpFlags.CHECK_NOTAUTHZ, 4),
+ new OperationWithAction(OperationCode.PUTALL, 3, OpFlags.USE_NEWVAL | OpFlags.CHECK_NOTAUTHZ, 4),
new OperationWithAction(OperationCode.PUTALL, 1, OpFlags.USE_NEWVAL, 4),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.USE_NEWVAL, 4),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 4),
OperationWithAction.OPBLOCK_END,
-
+
// Test UPDATE and verify with a GET
- new OperationWithAction(OperationCode.PUT, 3, OpFlags.USE_NEWVAL
- | OpFlags.CHECK_NOTAUTHZ, 4),
+ new OperationWithAction(OperationCode.PUT, 3, OpFlags.USE_NEWVAL | OpFlags.CHECK_NOTAUTHZ, 4),
new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_NEWVAL, 4),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.USE_NEWVAL, 4),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 4),
OperationWithAction.OPBLOCK_END,
// Test DESTROY and verify with a GET and that key should not exist
- new OperationWithAction(OperationCode.DESTROY, 3, OpFlags.USE_NEWVAL
- | OpFlags.CHECK_NOTAUTHZ, 4),
+ new OperationWithAction(OperationCode.DESTROY, 3, OpFlags.USE_NEWVAL | OpFlags.CHECK_NOTAUTHZ, 4),
new OperationWithAction(OperationCode.DESTROY),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.CHECK_FAIL, 4), // bruce: added check_nokey because we now bring tombstones to the client in 8.0
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.CHECK_FAIL, 4), // bruce: added check_nokey because we now bring tombstones to the client in 8.0
// Repopulate the region
new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_NEWVAL, 4),
OperationWithAction.OPBLOCK_END,
// Check CONTAINS_KEY
- new OperationWithAction(OperationCode.CONTAINS_KEY, 3,
- OpFlags.CHECK_NOTAUTHZ, 4),
+ new OperationWithAction(OperationCode.CONTAINS_KEY, 3, OpFlags.CHECK_NOTAUTHZ, 4),
new OperationWithAction(OperationCode.CONTAINS_KEY),
// Destroy the KEYS and check for failure in CONTAINS_KEY
new OperationWithAction(OperationCode.DESTROY, 2),
- new OperationWithAction(OperationCode.CONTAINS_KEY, 3,
- OpFlags.CHECK_FAIL | OpFlags.CHECK_NOTAUTHZ, 4),
- new OperationWithAction(OperationCode.CONTAINS_KEY, 1,
- OpFlags.USE_OLDCONN | OpFlags.CHECK_FAIL, 4),
+ new OperationWithAction(OperationCode.CONTAINS_KEY, 3, OpFlags.CHECK_FAIL | OpFlags.CHECK_NOTAUTHZ, 4),
+ new OperationWithAction(OperationCode.CONTAINS_KEY, 1, OpFlags.USE_OLDCONN | OpFlags.CHECK_FAIL, 4),
// Repopulate the region
new OperationWithAction(OperationCode.PUT),
OperationWithAction.OPBLOCK_END,
// Check KEY_SET
- new OperationWithAction(OperationCode.KEY_SET, 3,
- OpFlags.CHECK_NOTAUTHZ, 4),
+ new OperationWithAction(OperationCode.KEY_SET, 3, OpFlags.CHECK_NOTAUTHZ, 4),
new OperationWithAction(OperationCode.KEY_SET, 2),
OperationWithAction.OPBLOCK_END,
// Check QUERY
- new OperationWithAction(OperationCode.QUERY, 3, OpFlags.CHECK_NOTAUTHZ,
- 4),
+ new OperationWithAction(OperationCode.QUERY, 3, OpFlags.CHECK_NOTAUTHZ, 4),
new OperationWithAction(OperationCode.QUERY),
OperationWithAction.OPBLOCK_END,
// Register interest in all KEYS using one key at a time
- new OperationWithAction(OperationCode.REGISTER_INTEREST, 3,
- OpFlags.CHECK_NOTAUTHZ, 4),
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, 3, OpFlags.CHECK_NOTAUTHZ, 4),
new OperationWithAction(OperationCode.REGISTER_INTEREST, 2),
// UPDATE and test with GET
new OperationWithAction(OperationCode.PUT),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP, 4),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP, 4),
// Unregister interest in all KEYS using one key at a time
- new OperationWithAction(OperationCode.UNREGISTER_INTEREST, 2,
- OpFlags.USE_OLDCONN, 4),
+ new OperationWithAction(OperationCode.UNREGISTER_INTEREST, 2, OpFlags.USE_OLDCONN, 4),
// UPDATE and test with GET for no updates
- new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN
- | OpFlags.USE_NEWVAL, 4),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP, 4),
+ new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 4),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP, 4),
OperationWithAction.OPBLOCK_END,
// Test GET_ENTRY inside a TX, see #49951
- new OperationWithAction(OperationCode.GET, 2,
- OpFlags.USE_GET_ENTRY_IN_TX | OpFlags.CHECK_FAIL, 4),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_GET_ENTRY_IN_TX | OpFlags.CHECK_FAIL, 4),
OperationWithAction.OPBLOCK_END };
+ }
+
+ private Properties getUserPassword(final String userName) {
+ Properties props = new Properties();
+ props.setProperty(UserPasswordAuthInit.USER_NAME, userName);
+ props.setProperty(UserPasswordAuthInit.PASSWORD, userName);
+ return props;
+ }
+
+ private void executeRIOpBlock(final List<OperationWithAction> opBlock, final int port1, final int port2, final String authInit, final Properties extraAuthProps, final Properties extraAuthzProps, final Properties javaProps) throws InterruptedException {
+ for (Iterator opIter = opBlock.iterator(); opIter.hasNext();) {
+ // Start client with valid credentials as specified in OperationWithAction
+ OperationWithAction currentOp = (OperationWithAction)opIter.next();
+ OperationCode opCode = currentOp.getOperationCode();
+ int opFlags = currentOp.getFlags();
+ int clientNum = currentOp.getClientNum();
+ VM clientVM = null;
+ boolean useThisVM = false;
+
+ switch (clientNum) {
+ case 1:
+ clientVM = client1;
+ break;
+ case 2:
+ clientVM = client2;
+ break;
+ case 3:
+ useThisVM = true;
+ break;
+ default:
+ fail("executeRIOpBlock: Unknown client number " + clientNum);
+ break;
+ }
+
+ getLogWriter().info( "executeRIOpBlock: performing operation number [" + currentOp.getOpNum() + "]: " + currentOp);
+ if ((opFlags & OpFlags.USE_OLDCONN) == 0) {
+ Properties opCredentials = null;
+ String currentRegionName = '/' + regionName;
+ if ((opFlags & OpFlags.USE_SUBREGION) > 0) {
+ currentRegionName += ('/' + subregionName);
+ }
+ String credentialsTypeStr;
+ OperationCode authOpCode = currentOp.getAuthzOperationCode();
+
+ if ((opFlags & OpFlags.CHECK_NOTAUTHZ) > 0 || (opFlags & OpFlags.USE_NOTAUTHZ) > 0 || !authOpCode.equals(opCode)) {
+ credentialsTypeStr = " unauthorized " + authOpCode;
+ if (authOpCode.isRegisterInterest()) {
+ opCredentials = getUserPassword("reader7");
+ } else if (authOpCode.isUnregisterInterest()) {
+ opCredentials = getUserPassword("reader6");
+ } else {
+ fail("executeRIOpBlock: cannot determine credentials for" + credentialsTypeStr);
+ }
+
+ } else {
+ credentialsTypeStr = " authorized " + authOpCode;
+ if (authOpCode.isRegisterInterest() || authOpCode.isUnregisterInterest()) {
+ opCredentials = getUserPassword("reader5");
+ } else if (authOpCode.isPut()) {
+ opCredentials = getUserPassword("writer1");
+ } else if (authOpCode.isGet()) {
+ opCredentials = getUserPassword("reader1");
+ } else {
+ fail("executeRIOpBlock: cannot determine credentials for" + credentialsTypeStr);
+ }
+ }
+
+ Properties clientProps = concatProperties(new Properties[] { opCredentials, extraAuthProps, extraAuthzProps });
+
+ // Start the client with valid credentials but allowed or disallowed to perform an operation
+ getLogWriter().info("executeRIOpBlock: For client" + clientNum + credentialsTypeStr + " credentials: " + opCredentials);
+ if (useThisVM) {
+ createCacheClientWithDynamicRegion(authInit, clientProps, javaProps, new int[] { port1, port2 }, 0, false, NO_EXCEPTION);
+ } else {
+ clientVM.invoke(() -> createCacheClient(authInit, clientProps, javaProps, new int[] { port1, port2 }, 0, false, NO_EXCEPTION));
+ }
+
+ }
+
+ int expectedResult;
+ if ((opFlags & OpFlags.CHECK_NOTAUTHZ) > 0) {
+ expectedResult = NOTAUTHZ_EXCEPTION;
+ } else if ((opFlags & OpFlags.CHECK_EXCEPTION) > 0) {
+ expectedResult = OTHER_EXCEPTION;
+ } else {
+ expectedResult = NO_EXCEPTION;
+ }
+
+ // Perform the operation from selected client
+ if (useThisVM) {
+ doOp(new Byte(opCode.toOrdinal()), currentOp.getIndices(), opFlags, expectedResult);
+
+ } else {
+ byte ordinal = opCode.toOrdinal();
+ int[] indices = currentOp.getIndices();
+ clientVM.invoke(() -> ClientAuthorizationTestBase.doOp(ordinal, indices, opFlags, expectedResult));
+ }
+ }
+ }
+
+ private void createClient2NoException(final Properties javaProps, final String authInit, final int port1, final int port2, final Properties getCredentials) {
+ client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, getCredentials, javaProps, port1, port2, 0, NO_EXCEPTION));
+ }
+
+ private void createClient1NoException(final Properties javaProps, final String authInit, final int port1, final int port2, final Properties createCredentials) {
+ client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, createCredentials, javaProps, port1, port2, 0, NO_EXCEPTION));
+ }
+
+ private int createServer2(final Properties javaProps, final Properties serverProps) {
+ return server2.invoke(() -> ClientAuthorizationTestBase.createCacheServer(getLocatorPort(), serverProps, javaProps));
+ }
+
+ private int createServer1(final Properties javaProps, final Properties serverProps) {
+ return server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer(getLocatorPort(), serverProps, javaProps));
+ }
- runOpsWithFailover(allOps, "testAllOpsWithFailover");
+ private void createServer2(Properties javaProps, Properties serverProps, int port2) {
+ server2.invoke(() -> ClientAuthorizationTestBase.createCacheServer(getLocatorPort(), port2, serverProps, javaProps));
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c5bc82d4/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationTestBase.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationTestBase.java b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationTestBase.java
index c67a823..0f32306 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationTestBase.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationTestBase.java
@@ -18,6 +18,7 @@
*/
package com.gemstone.gemfire.security;
+import static com.gemstone.gemfire.internal.AvailablePort.*;
import static com.gemstone.gemfire.security.SecurityTestUtil.*;
import static com.gemstone.gemfire.test.dunit.Assert.*;
import static com.gemstone.gemfire.test.dunit.Host.*;
@@ -53,7 +54,6 @@ import com.gemstone.gemfire.cache.query.QueryService;
import com.gemstone.gemfire.cache.query.SelectResults;
import com.gemstone.gemfire.cache.query.Struct;
import com.gemstone.gemfire.distributed.internal.DistributionConfig;
-import com.gemstone.gemfire.internal.AvailablePort;
import com.gemstone.gemfire.internal.AvailablePort.Keeper;
import com.gemstone.gemfire.internal.cache.AbstractRegionEntry;
import com.gemstone.gemfire.internal.cache.LocalRegion;
@@ -199,14 +199,14 @@ public class ClientAuthorizationTestBase extends JUnit4DistributedTestCase {
protected static Integer createCacheServer(int locatorPort, Properties authProps, Properties javaProps) {
if (locatorPort == 0) {
- locatorPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
+ locatorPort = getRandomAvailablePort(SOCKET);
}
return SecurityTestUtil.createCacheServer(authProps, javaProps, locatorPort, null, 0, true, NO_EXCEPTION);
}
protected static int createCacheServer(int locatorPort, int serverPort, Properties authProps, Properties javaProps) {
if (locatorPort == 0) {
- locatorPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
+ locatorPort = getRandomAvailablePort(SOCKET);
}
return SecurityTestUtil.createCacheServer(authProps, javaProps, locatorPort, null, serverPort, true, NO_EXCEPTION);
}
@@ -839,10 +839,10 @@ public class ClientAuthorizationTestBase extends JUnit4DistributedTestCase {
Properties serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
// Get ports for the servers
- Keeper locator1PortKeeper = AvailablePort.getRandomAvailablePortKeeper(AvailablePort.SOCKET);
- Keeper locator2PortKeeper = AvailablePort.getRandomAvailablePortKeeper(AvailablePort.SOCKET);
- Keeper port1Keeper = AvailablePort.getRandomAvailablePortKeeper(AvailablePort.SOCKET);
- Keeper port2Keeper = AvailablePort.getRandomAvailablePortKeeper(AvailablePort.SOCKET);
+ Keeper locator1PortKeeper = getRandomAvailablePortKeeper(SOCKET);
+ Keeper locator2PortKeeper = getRandomAvailablePortKeeper(SOCKET);
+ Keeper port1Keeper = getRandomAvailablePortKeeper(SOCKET);
+ Keeper port2Keeper = getRandomAvailablePortKeeper(SOCKET);
int locator1Port = locator1PortKeeper.getPort();
int locator2Port = locator2PortKeeper.getPort();
int port1 = port1Keeper.getPort();