You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by ji...@apache.org on 2016/04/29 21:23:18 UTC
[08/50] [abbrv] incubator-geode git commit: GEODE-17: enable authentication/authorization of rest admin API and add a test suite to test it.

GEODE-17: enable authentication/authorization of rest admin API and add a test suite to test it.


Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/fbcaa51e
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/fbcaa51e
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/fbcaa51e

Branch: refs/heads/develop
Commit: fbcaa51ed47f6c807f321518bc4bcbe1446da0cc
Parents: e45a247
Author: Jinmei Liao <ji...@pivotal.io>
Authored: Wed Apr 13 14:08:19 2016 -0700
Committer: Jinmei Liao <ji...@pivotal.io>
Committed: Wed Apr 13 14:08:19 2016 -0700

----------------------------------------------------------------------
 .../controllers/AbstractCommandsController.java | 54 ------------------
 .../EnvironmentVariablesHandlerInterceptor.java |  8 ++-
 .../cli/commands/CommandOverHttpDunitTest.java  | 56 ++++++++++++++++++
 .../CommandOverHttpSecurityDUnitTest.java       | 60 ++++++++++++++++++++
 .../commands/CommandOverHttpSecurityTests.java  | 58 -------------------
 .../cli/commands/CommandOverHttpTests.java      | 56 ------------------
 6 files changed, 122 insertions(+), 170 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/fbcaa51e/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java
index fc90c79..d641956 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java
@@ -17,21 +17,16 @@
 
 package com.gemstone.gemfire.management.internal.web.controllers;
 
-import com.gemstone.gemfire.cache.CacheFactory;
 import com.gemstone.gemfire.internal.lang.StringUtils;
 import com.gemstone.gemfire.internal.logging.LogService;
 import com.gemstone.gemfire.internal.logging.log4j.LogMarker;
 import com.gemstone.gemfire.internal.util.ArrayUtils;
 import com.gemstone.gemfire.management.DistributedSystemMXBean;
-import com.gemstone.gemfire.management.ManagementService;
 import com.gemstone.gemfire.management.MemberMXBean;
 import com.gemstone.gemfire.management.internal.MBeanJMXAdapter;
 import com.gemstone.gemfire.management.internal.ManagementConstants;
-import com.gemstone.gemfire.management.internal.SystemManagementService;
 import com.gemstone.gemfire.management.internal.cli.shell.Gfsh;
 import com.gemstone.gemfire.management.internal.cli.util.CommandStringBuilder;
-import com.gemstone.gemfire.management.internal.security.CLIOperationContext;
-import com.gemstone.gemfire.management.internal.security.ResourceOperationContext;
 import com.gemstone.gemfire.management.internal.web.controllers.support.EnvironmentVariablesHandlerInterceptor;
 import com.gemstone.gemfire.management.internal.web.controllers.support.MemberMXBeanAdapter;
 import com.gemstone.gemfire.management.internal.web.util.UriUtils;
@@ -617,60 +612,11 @@ public abstract class AbstractCommandsController {
   protected String processCommand(final String command, final Map<String, String> environment, final byte[][] fileData) {
     logger.info(LogMarker.CONFIG, "Processing Command ({}) with Environment ({}) having File Data ({})...", command,
         environment, (fileData != null));
-//    // create the jmx connection
-//    // con.getMemberMXBean then call the processCommand on that bean
-//    Map<String, String[]> env = new HashMap<>();
-//    GemFireCacheImpl cache = GemFireCacheImpl.getInstance();
-//    int jmxPort = cache.getDistributedSystem().getConfig().getJmxManagerPort();
-//    Properties credentials = EnvironmentVariablesHandlerInterceptor.CREDENTIALS.get();
-//    if(credentials!=null) {
-//      env.put(JMXConnector.CREDENTIALS, new String[] { credentials.getProperty("security-username"), credentials.getProperty("security-password") });
-//    }
-//
-//    String result = null;
-//    try {
-//      JMXServiceURL url = new JMXServiceURL("service:jmx:rmi:///jndi/rmi://:" + jmxPort + "/jmxrmi");
-//      JMXConnector jmxConnector = JMXConnectorFactory.connect(url, env);
-//      MBeanServerConnection con = jmxConnector.getMBeanServerConnection();
-//
-//      MemberMXBean memberMXBean = JMX.newMXBeanProxy(con, ObjectName.getInstance("GemFire:type=Member,member=Manager"), MemberMXBean.class);
-//      result = memberMXBean.processCommand(command, environment, ArrayUtils.toByteArray(fileData));
-//    }
-//    catch(Exception e){
-//      e.printStackTrace();
-//    }
-
-    ResourceOperationContext ctx = authorize(command);
     String result =  getManagingMemberMXBean().processCommand(command, environment, ArrayUtils.toByteArray(fileData));
-    ctx = postAuthorize(command, ctx, result);
 
     return result;
   }
 
-  protected ResourceOperationContext authorize(final String command) {
-
-
-    SystemManagementService service = (SystemManagementService) ManagementService
-        .getExistingManagementService(CacheFactory.getAnyInstance());
-    Properties credentials = EnvironmentVariablesHandlerInterceptor.CREDENTIALS.get();
-    CLIOperationContext context = CLIOperationContext.getOperationContext(command);
-    service.getAuthManager().authorize(credentials, context);
-    return context;
-  }
-
-  protected ResourceOperationContext postAuthorize(final String command, ResourceOperationContext context, Object result) {
-
-    context.setPostOperationResult(result);
-    SystemManagementService service = (SystemManagementService) ManagementService
-        .getExistingManagementService(CacheFactory.getAnyInstance());
-    Properties credentials = EnvironmentVariablesHandlerInterceptor.CREDENTIALS.get();
-
-    service.getAuthManager().postAuthorize(credentials, context);
-    return context;
-  }
-
-
-
 
   /**
    * The MemberMXBeanProxy class is a proxy for the MemberMXBean interface transforming an operation on the member

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/fbcaa51e/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptor.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptor.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptor.java
index 29a3005..569440d 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptor.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptor.java
@@ -21,6 +21,7 @@ import com.gemstone.gemfire.internal.cache.GemFireCacheImpl;
 import com.gemstone.gemfire.internal.logging.LogService;
 import com.gemstone.gemfire.management.ManagementService;
 import com.gemstone.gemfire.management.internal.SystemManagementService;
+import com.gemstone.gemfire.management.internal.security.ManagementInterceptor;
 import com.gemstone.gemfire.security.Authenticator;
 import org.apache.logging.log4j.Logger;
 import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
@@ -125,8 +126,11 @@ public class EnvironmentVariablesHandlerInterceptor extends HandlerInterceptorAd
     if(instance != null){
       SystemManagementService service = (SystemManagementService) ManagementService
           .getExistingManagementService(instance);
-      //service.getAuthManager().verifyCredentials(credentials);
-      service.getManagementAgent().getManagementInterceptor().authenticate(credentials);
+
+      ManagementInterceptor interceptor = service.getManagementAgent().getManagementInterceptor();
+      if(interceptor!=null) {
+        interceptor.authenticate(credentials);
+      }
       CREDENTIALS.set(credentials);
     }
 

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/fbcaa51e/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpDunitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpDunitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpDunitTest.java
new file mode 100644
index 0000000..6baf19c
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpDunitTest.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.management.internal.cli.commands;
+
+import com.gemstone.gemfire.test.junit.categories.DistributedTest;
+import org.junit.ClassRule;
+import org.junit.contrib.java.lang.system.ProvideSystemProperty;
+import org.junit.experimental.categories.Category;
+import org.junit.runner.RunWith;
+import org.junit.runners.Suite;
+
+@Category(DistributedTest.class)
+
+@RunWith(Suite.class)
+@Suite.SuiteClasses({
+    ConfigCommandsDUnitTest.class,
+    DeployCommandsDUnitTest.class,
+    DiskStoreCommandsDUnitTest.class,
+    FunctionCommandsDUnitTest.class,
+    GemfireDataCommandsDUnitTest.class,
+    GetCommandOnRegionWithCacheLoaderDuringCacheMissDUnitTest.class,
+    IndexCommandsDUnitTest.class,
+    ListAndDescribeDiskStoreCommandsDUnitTest.class,
+    ListIndexCommandDUnitTest.class,
+    MemberCommandsDUnitTest.class,
+    MiscellaneousCommandsDUnitTest.class,
+    MiscellaneousCommandsExportLogsPart1DUnitTest.class,
+    MiscellaneousCommandsExportLogsPart2DUnitTest.class,
+    MiscellaneousCommandsExportLogsPart3DUnitTest.class,
+    MiscellaneousCommandsExportLogsPart4DUnitTest.class,
+    QueueCommandsDUnitTest.class,
+    SharedConfigurationCommandsDUnitTest.class,
+    ShellCommandsDUnitTest.class,
+    ShowDeadlockDUnitTest.class,
+    ShowMetricsDUnitTest.class,
+    ShowStackTraceDUnitTest.class,
+    UserCommandsDUnitTest.class
+})
+public class CommandOverHttpDunitTest {
+  @ClassRule
+  public static ProvideSystemProperty provideSystemProperty = new ProvideSystemProperty(CliCommandTestBase.USE_HTTP_SYSTEM_PROPERTY, "true");
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/fbcaa51e/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpSecurityDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpSecurityDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpSecurityDUnitTest.java
new file mode 100644
index 0000000..b3de388
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpSecurityDUnitTest.java
@@ -0,0 +1,60 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.management.internal.cli.commands;
+
+import com.gemstone.gemfire.test.junit.categories.DistributedTest;
+import org.junit.ClassRule;
+import org.junit.contrib.java.lang.system.ProvideSystemProperty;
+import org.junit.experimental.categories.Category;
+import org.junit.runner.RunWith;
+import org.junit.runners.Suite;
+
+@Category(DistributedTest.class)
+
+@RunWith(Suite.class)
+@Suite.SuiteClasses({
+    ConfigCommandsDUnitTest.class,
+    DeployCommandsDUnitTest.class,
+    DiskStoreCommandsDUnitTest.class,
+    FunctionCommandsDUnitTest.class,
+    GemfireDataCommandsDUnitTest.class,
+    GetCommandOnRegionWithCacheLoaderDuringCacheMissDUnitTest.class,
+    IndexCommandsDUnitTest.class,
+    ListAndDescribeDiskStoreCommandsDUnitTest.class,
+    ListIndexCommandDUnitTest.class,
+    MemberCommandsDUnitTest.class,
+    MiscellaneousCommandsDUnitTest.class,
+    MiscellaneousCommandsExportLogsPart1DUnitTest.class,
+    MiscellaneousCommandsExportLogsPart2DUnitTest.class,
+    MiscellaneousCommandsExportLogsPart3DUnitTest.class,
+    MiscellaneousCommandsExportLogsPart4DUnitTest.class,
+    QueueCommandsDUnitTest.class,
+    SharedConfigurationCommandsDUnitTest.class,
+    ShellCommandsDUnitTest.class,
+    ShowDeadlockDUnitTest.class,
+    ShowMetricsDUnitTest.class,
+    ShowStackTraceDUnitTest.class,
+    UserCommandsDUnitTest.class
+})
+public class CommandOverHttpSecurityDUnitTest {
+  @ClassRule
+  public static ProvideSystemProperty systemProperty = new ProvideSystemProperty(CliCommandTestBase.USE_HTTP_SYSTEM_PROPERTY, "true");
+
+  @ClassRule
+  public static ProvideSystemProperty securityRule = new ProvideSystemProperty(CliCommandTestBase.JSON_AUTHORIZATION_SYSTEM_PROPERTY, "cacheServer.json");
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/fbcaa51e/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpSecurityTests.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpSecurityTests.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpSecurityTests.java
deleted file mode 100644
index 7c67065..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpSecurityTests.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.management.internal.cli.commands;
-
-import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
-import org.junit.ClassRule;
-import org.junit.contrib.java.lang.system.ProvideSystemProperty;
-import org.junit.experimental.categories.Category;
-import org.junit.runner.RunWith;
-import org.junit.runners.Suite;
-
-@Category(IntegrationTest.class)
-
-@RunWith(Suite.class)
-@Suite.SuiteClasses({
-    ConfigCommandsDUnitTest.class,
-    DeployCommandsDUnitTest.class,
-    DiskStoreCommandsDUnitTest.class,
-    FunctionCommandsDUnitTest.class,
-    GemfireDataCommandsDUnitTest.class,
-    GetCommandOnRegionWithCacheLoaderDuringCacheMissDUnitTest.class,
-    IndexCommandsDUnitTest.class,
-    ListAndDescribeDiskStoreCommandsDUnitTest.class,
-    ListIndexCommandDUnitTest.class,
-    MemberCommandsDUnitTest.class,
-    MiscellaneousCommandsDUnitTest.class,
-    MiscellaneousCommandsExportLogsPart1DUnitTest.class,
-    MiscellaneousCommandsExportLogsPart2DUnitTest.class,
-    MiscellaneousCommandsExportLogsPart3DUnitTest.class,
-    MiscellaneousCommandsExportLogsPart4DUnitTest.class,
-    QueueCommandsDUnitTest.class,
-    SharedConfigurationCommandsDUnitTest.class,
-    ShellCommandsDUnitTest.class,
-    ShowDeadlockDUnitTest.class,
-    ShowMetricsDUnitTest.class,
-    ShowStackTraceDUnitTest.class,
-    UserCommandsDUnitTest.class
-})
-public class CommandOverHttpSecurityTests {
-  @ClassRule
-  public static ProvideSystemProperty systemProperty = new ProvideSystemProperty(CliCommandTestBase.USE_HTTP_SYSTEM_PROPERTY, "true")
-        .and("jsonAuthorization", "cacheServer.json");
-
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/fbcaa51e/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpTests.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpTests.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpTests.java
deleted file mode 100644
index 9b3e2f8..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpTests.java
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.management.internal.cli.commands;
-
-import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
-import org.junit.ClassRule;
-import org.junit.contrib.java.lang.system.ProvideSystemProperty;
-import org.junit.experimental.categories.Category;
-import org.junit.runner.RunWith;
-import org.junit.runners.Suite;
-
-@Category(IntegrationTest.class)
-
-@RunWith(Suite.class)
-@Suite.SuiteClasses({
-    ConfigCommandsDUnitTest.class,
-    DeployCommandsDUnitTest.class,
-    DiskStoreCommandsDUnitTest.class,
-    FunctionCommandsDUnitTest.class,
-    GemfireDataCommandsDUnitTest.class,
-    GetCommandOnRegionWithCacheLoaderDuringCacheMissDUnitTest.class,
-    IndexCommandsDUnitTest.class,
-    ListAndDescribeDiskStoreCommandsDUnitTest.class,
-    ListIndexCommandDUnitTest.class,
-    MemberCommandsDUnitTest.class,
-    MiscellaneousCommandsDUnitTest.class,
-    MiscellaneousCommandsExportLogsPart1DUnitTest.class,
-    MiscellaneousCommandsExportLogsPart2DUnitTest.class,
-    MiscellaneousCommandsExportLogsPart3DUnitTest.class,
-    MiscellaneousCommandsExportLogsPart4DUnitTest.class,
-    QueueCommandsDUnitTest.class,
-    SharedConfigurationCommandsDUnitTest.class,
-    ShellCommandsDUnitTest.class,
-    ShowDeadlockDUnitTest.class,
-    ShowMetricsDUnitTest.class,
-    ShowStackTraceDUnitTest.class,
-    UserCommandsDUnitTest.class
-})
-public class CommandOverHttpTests {
-  @ClassRule
-  public static ProvideSystemProperty provideSystemProperty = new ProvideSystemProperty(CliCommandTestBase.USE_HTTP_SYSTEM_PROPERTY, "true");
-}