You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by ji...@apache.org on 2016/04/29 21:23:18 UTC
[08/50] [abbrv] incubator-geode git commit: GEODE-17: enable
authentication/authorization of rest admin API and add a test suite to test
it.
GEODE-17: enable authentication/authorization of rest admin API and add a test suite to test it.
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/fbcaa51e
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/fbcaa51e
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/fbcaa51e
Branch: refs/heads/develop
Commit: fbcaa51ed47f6c807f321518bc4bcbe1446da0cc
Parents: e45a247
Author: Jinmei Liao <ji...@pivotal.io>
Authored: Wed Apr 13 14:08:19 2016 -0700
Committer: Jinmei Liao <ji...@pivotal.io>
Committed: Wed Apr 13 14:08:19 2016 -0700
----------------------------------------------------------------------
.../controllers/AbstractCommandsController.java | 54 ------------------
.../EnvironmentVariablesHandlerInterceptor.java | 8 ++-
.../cli/commands/CommandOverHttpDunitTest.java | 56 ++++++++++++++++++
.../CommandOverHttpSecurityDUnitTest.java | 60 ++++++++++++++++++++
.../commands/CommandOverHttpSecurityTests.java | 58 -------------------
.../cli/commands/CommandOverHttpTests.java | 56 ------------------
6 files changed, 122 insertions(+), 170 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/fbcaa51e/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java
index fc90c79..d641956 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java
@@ -17,21 +17,16 @@
package com.gemstone.gemfire.management.internal.web.controllers;
-import com.gemstone.gemfire.cache.CacheFactory;
import com.gemstone.gemfire.internal.lang.StringUtils;
import com.gemstone.gemfire.internal.logging.LogService;
import com.gemstone.gemfire.internal.logging.log4j.LogMarker;
import com.gemstone.gemfire.internal.util.ArrayUtils;
import com.gemstone.gemfire.management.DistributedSystemMXBean;
-import com.gemstone.gemfire.management.ManagementService;
import com.gemstone.gemfire.management.MemberMXBean;
import com.gemstone.gemfire.management.internal.MBeanJMXAdapter;
import com.gemstone.gemfire.management.internal.ManagementConstants;
-import com.gemstone.gemfire.management.internal.SystemManagementService;
import com.gemstone.gemfire.management.internal.cli.shell.Gfsh;
import com.gemstone.gemfire.management.internal.cli.util.CommandStringBuilder;
-import com.gemstone.gemfire.management.internal.security.CLIOperationContext;
-import com.gemstone.gemfire.management.internal.security.ResourceOperationContext;
import com.gemstone.gemfire.management.internal.web.controllers.support.EnvironmentVariablesHandlerInterceptor;
import com.gemstone.gemfire.management.internal.web.controllers.support.MemberMXBeanAdapter;
import com.gemstone.gemfire.management.internal.web.util.UriUtils;
@@ -617,60 +612,11 @@ public abstract class AbstractCommandsController {
protected String processCommand(final String command, final Map<String, String> environment, final byte[][] fileData) {
logger.info(LogMarker.CONFIG, "Processing Command ({}) with Environment ({}) having File Data ({})...", command,
environment, (fileData != null));
-// // create the jmx connection
-// // con.getMemberMXBean then call the processCommand on that bean
-// Map<String, String[]> env = new HashMap<>();
-// GemFireCacheImpl cache = GemFireCacheImpl.getInstance();
-// int jmxPort = cache.getDistributedSystem().getConfig().getJmxManagerPort();
-// Properties credentials = EnvironmentVariablesHandlerInterceptor.CREDENTIALS.get();
-// if(credentials!=null) {
-// env.put(JMXConnector.CREDENTIALS, new String[] { credentials.getProperty("security-username"), credentials.getProperty("security-password") });
-// }
-//
-// String result = null;
-// try {
-// JMXServiceURL url = new JMXServiceURL("service:jmx:rmi:///jndi/rmi://:" + jmxPort + "/jmxrmi");
-// JMXConnector jmxConnector = JMXConnectorFactory.connect(url, env);
-// MBeanServerConnection con = jmxConnector.getMBeanServerConnection();
-//
-// MemberMXBean memberMXBean = JMX.newMXBeanProxy(con, ObjectName.getInstance("GemFire:type=Member,member=Manager"), MemberMXBean.class);
-// result = memberMXBean.processCommand(command, environment, ArrayUtils.toByteArray(fileData));
-// }
-// catch(Exception e){
-// e.printStackTrace();
-// }
-
- ResourceOperationContext ctx = authorize(command);
String result = getManagingMemberMXBean().processCommand(command, environment, ArrayUtils.toByteArray(fileData));
- ctx = postAuthorize(command, ctx, result);
return result;
}
- protected ResourceOperationContext authorize(final String command) {
-
-
- SystemManagementService service = (SystemManagementService) ManagementService
- .getExistingManagementService(CacheFactory.getAnyInstance());
- Properties credentials = EnvironmentVariablesHandlerInterceptor.CREDENTIALS.get();
- CLIOperationContext context = CLIOperationContext.getOperationContext(command);
- service.getAuthManager().authorize(credentials, context);
- return context;
- }
-
- protected ResourceOperationContext postAuthorize(final String command, ResourceOperationContext context, Object result) {
-
- context.setPostOperationResult(result);
- SystemManagementService service = (SystemManagementService) ManagementService
- .getExistingManagementService(CacheFactory.getAnyInstance());
- Properties credentials = EnvironmentVariablesHandlerInterceptor.CREDENTIALS.get();
-
- service.getAuthManager().postAuthorize(credentials, context);
- return context;
- }
-
-
-
/**
* The MemberMXBeanProxy class is a proxy for the MemberMXBean interface transforming an operation on the member
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/fbcaa51e/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptor.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptor.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptor.java
index 29a3005..569440d 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptor.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptor.java
@@ -21,6 +21,7 @@ import com.gemstone.gemfire.internal.cache.GemFireCacheImpl;
import com.gemstone.gemfire.internal.logging.LogService;
import com.gemstone.gemfire.management.ManagementService;
import com.gemstone.gemfire.management.internal.SystemManagementService;
+import com.gemstone.gemfire.management.internal.security.ManagementInterceptor;
import com.gemstone.gemfire.security.Authenticator;
import org.apache.logging.log4j.Logger;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
@@ -125,8 +126,11 @@ public class EnvironmentVariablesHandlerInterceptor extends HandlerInterceptorAd
if(instance != null){
SystemManagementService service = (SystemManagementService) ManagementService
.getExistingManagementService(instance);
- //service.getAuthManager().verifyCredentials(credentials);
- service.getManagementAgent().getManagementInterceptor().authenticate(credentials);
+
+ ManagementInterceptor interceptor = service.getManagementAgent().getManagementInterceptor();
+ if(interceptor!=null) {
+ interceptor.authenticate(credentials);
+ }
CREDENTIALS.set(credentials);
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/fbcaa51e/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpDunitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpDunitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpDunitTest.java
new file mode 100644
index 0000000..6baf19c
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpDunitTest.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.management.internal.cli.commands;
+
+import com.gemstone.gemfire.test.junit.categories.DistributedTest;
+import org.junit.ClassRule;
+import org.junit.contrib.java.lang.system.ProvideSystemProperty;
+import org.junit.experimental.categories.Category;
+import org.junit.runner.RunWith;
+import org.junit.runners.Suite;
+
+@Category(DistributedTest.class)
+
+@RunWith(Suite.class)
+@Suite.SuiteClasses({
+ ConfigCommandsDUnitTest.class,
+ DeployCommandsDUnitTest.class,
+ DiskStoreCommandsDUnitTest.class,
+ FunctionCommandsDUnitTest.class,
+ GemfireDataCommandsDUnitTest.class,
+ GetCommandOnRegionWithCacheLoaderDuringCacheMissDUnitTest.class,
+ IndexCommandsDUnitTest.class,
+ ListAndDescribeDiskStoreCommandsDUnitTest.class,
+ ListIndexCommandDUnitTest.class,
+ MemberCommandsDUnitTest.class,
+ MiscellaneousCommandsDUnitTest.class,
+ MiscellaneousCommandsExportLogsPart1DUnitTest.class,
+ MiscellaneousCommandsExportLogsPart2DUnitTest.class,
+ MiscellaneousCommandsExportLogsPart3DUnitTest.class,
+ MiscellaneousCommandsExportLogsPart4DUnitTest.class,
+ QueueCommandsDUnitTest.class,
+ SharedConfigurationCommandsDUnitTest.class,
+ ShellCommandsDUnitTest.class,
+ ShowDeadlockDUnitTest.class,
+ ShowMetricsDUnitTest.class,
+ ShowStackTraceDUnitTest.class,
+ UserCommandsDUnitTest.class
+})
+public class CommandOverHttpDunitTest {
+ @ClassRule
+ public static ProvideSystemProperty provideSystemProperty = new ProvideSystemProperty(CliCommandTestBase.USE_HTTP_SYSTEM_PROPERTY, "true");
+}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/fbcaa51e/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpSecurityDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpSecurityDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpSecurityDUnitTest.java
new file mode 100644
index 0000000..b3de388
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpSecurityDUnitTest.java
@@ -0,0 +1,60 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.management.internal.cli.commands;
+
+import com.gemstone.gemfire.test.junit.categories.DistributedTest;
+import org.junit.ClassRule;
+import org.junit.contrib.java.lang.system.ProvideSystemProperty;
+import org.junit.experimental.categories.Category;
+import org.junit.runner.RunWith;
+import org.junit.runners.Suite;
+
+@Category(DistributedTest.class)
+
+@RunWith(Suite.class)
+@Suite.SuiteClasses({
+ ConfigCommandsDUnitTest.class,
+ DeployCommandsDUnitTest.class,
+ DiskStoreCommandsDUnitTest.class,
+ FunctionCommandsDUnitTest.class,
+ GemfireDataCommandsDUnitTest.class,
+ GetCommandOnRegionWithCacheLoaderDuringCacheMissDUnitTest.class,
+ IndexCommandsDUnitTest.class,
+ ListAndDescribeDiskStoreCommandsDUnitTest.class,
+ ListIndexCommandDUnitTest.class,
+ MemberCommandsDUnitTest.class,
+ MiscellaneousCommandsDUnitTest.class,
+ MiscellaneousCommandsExportLogsPart1DUnitTest.class,
+ MiscellaneousCommandsExportLogsPart2DUnitTest.class,
+ MiscellaneousCommandsExportLogsPart3DUnitTest.class,
+ MiscellaneousCommandsExportLogsPart4DUnitTest.class,
+ QueueCommandsDUnitTest.class,
+ SharedConfigurationCommandsDUnitTest.class,
+ ShellCommandsDUnitTest.class,
+ ShowDeadlockDUnitTest.class,
+ ShowMetricsDUnitTest.class,
+ ShowStackTraceDUnitTest.class,
+ UserCommandsDUnitTest.class
+})
+public class CommandOverHttpSecurityDUnitTest {
+ @ClassRule
+ public static ProvideSystemProperty systemProperty = new ProvideSystemProperty(CliCommandTestBase.USE_HTTP_SYSTEM_PROPERTY, "true");
+
+ @ClassRule
+ public static ProvideSystemProperty securityRule = new ProvideSystemProperty(CliCommandTestBase.JSON_AUTHORIZATION_SYSTEM_PROPERTY, "cacheServer.json");
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/fbcaa51e/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpSecurityTests.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpSecurityTests.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpSecurityTests.java
deleted file mode 100644
index 7c67065..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpSecurityTests.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.management.internal.cli.commands;
-
-import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
-import org.junit.ClassRule;
-import org.junit.contrib.java.lang.system.ProvideSystemProperty;
-import org.junit.experimental.categories.Category;
-import org.junit.runner.RunWith;
-import org.junit.runners.Suite;
-
-@Category(IntegrationTest.class)
-
-@RunWith(Suite.class)
-@Suite.SuiteClasses({
- ConfigCommandsDUnitTest.class,
- DeployCommandsDUnitTest.class,
- DiskStoreCommandsDUnitTest.class,
- FunctionCommandsDUnitTest.class,
- GemfireDataCommandsDUnitTest.class,
- GetCommandOnRegionWithCacheLoaderDuringCacheMissDUnitTest.class,
- IndexCommandsDUnitTest.class,
- ListAndDescribeDiskStoreCommandsDUnitTest.class,
- ListIndexCommandDUnitTest.class,
- MemberCommandsDUnitTest.class,
- MiscellaneousCommandsDUnitTest.class,
- MiscellaneousCommandsExportLogsPart1DUnitTest.class,
- MiscellaneousCommandsExportLogsPart2DUnitTest.class,
- MiscellaneousCommandsExportLogsPart3DUnitTest.class,
- MiscellaneousCommandsExportLogsPart4DUnitTest.class,
- QueueCommandsDUnitTest.class,
- SharedConfigurationCommandsDUnitTest.class,
- ShellCommandsDUnitTest.class,
- ShowDeadlockDUnitTest.class,
- ShowMetricsDUnitTest.class,
- ShowStackTraceDUnitTest.class,
- UserCommandsDUnitTest.class
-})
-public class CommandOverHttpSecurityTests {
- @ClassRule
- public static ProvideSystemProperty systemProperty = new ProvideSystemProperty(CliCommandTestBase.USE_HTTP_SYSTEM_PROPERTY, "true")
- .and("jsonAuthorization", "cacheServer.json");
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/fbcaa51e/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpTests.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpTests.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpTests.java
deleted file mode 100644
index 9b3e2f8..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpTests.java
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.management.internal.cli.commands;
-
-import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
-import org.junit.ClassRule;
-import org.junit.contrib.java.lang.system.ProvideSystemProperty;
-import org.junit.experimental.categories.Category;
-import org.junit.runner.RunWith;
-import org.junit.runners.Suite;
-
-@Category(IntegrationTest.class)
-
-@RunWith(Suite.class)
-@Suite.SuiteClasses({
- ConfigCommandsDUnitTest.class,
- DeployCommandsDUnitTest.class,
- DiskStoreCommandsDUnitTest.class,
- FunctionCommandsDUnitTest.class,
- GemfireDataCommandsDUnitTest.class,
- GetCommandOnRegionWithCacheLoaderDuringCacheMissDUnitTest.class,
- IndexCommandsDUnitTest.class,
- ListAndDescribeDiskStoreCommandsDUnitTest.class,
- ListIndexCommandDUnitTest.class,
- MemberCommandsDUnitTest.class,
- MiscellaneousCommandsDUnitTest.class,
- MiscellaneousCommandsExportLogsPart1DUnitTest.class,
- MiscellaneousCommandsExportLogsPart2DUnitTest.class,
- MiscellaneousCommandsExportLogsPart3DUnitTest.class,
- MiscellaneousCommandsExportLogsPart4DUnitTest.class,
- QueueCommandsDUnitTest.class,
- SharedConfigurationCommandsDUnitTest.class,
- ShellCommandsDUnitTest.class,
- ShowDeadlockDUnitTest.class,
- ShowMetricsDUnitTest.class,
- ShowStackTraceDUnitTest.class,
- UserCommandsDUnitTest.class
-})
-public class CommandOverHttpTests {
- @ClassRule
- public static ProvideSystemProperty provideSystemProperty = new ProvideSystemProperty(CliCommandTestBase.USE_HTTP_SYSTEM_PROPERTY, "true");
-}