You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by da...@apache.org on 2018/12/15 10:04:03 UTC
[11/34] lucene-solr:jira/http2: SOLR-13067: Harden
BasicAuthIntegrationTest.
SOLR-13067: Harden BasicAuthIntegrationTest.
Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo
Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/44b51cd0
Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/44b51cd0
Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/44b51cd0
Branch: refs/heads/jira/http2
Commit: 44b51cd041371051d0b73b54afebc99fc0fa4862
Parents: 7de72c9
Author: markrmiller <ma...@apache.org>
Authored: Wed Dec 12 16:00:08 2018 -0600
Committer: markrmiller <ma...@apache.org>
Committed: Wed Dec 12 18:50:23 2018 -0600
----------------------------------------------------------------------
.../solr/security/BasicAuthIntegrationTest.java | 46 +++++++++++++-------
.../solr/cloud/SolrCloudAuthTestCase.java | 2 +
2 files changed, 32 insertions(+), 16 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/44b51cd0/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
----------------------------------------------------------------------
diff --git a/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java b/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
index f704cdf..8c04933 100644
--- a/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
+++ b/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
@@ -16,6 +16,9 @@
*/
package org.apache.solr.security;
+import static java.nio.charset.StandardCharsets.UTF_8;
+import static java.util.Collections.singletonMap;
+
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
@@ -28,6 +31,7 @@ import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Random;
+import java.util.concurrent.TimeUnit;
import java.util.function.Predicate;
import com.codahale.metrics.MetricRegistry;
@@ -62,22 +66,20 @@ import org.apache.solr.common.util.NamedList;
import org.apache.solr.common.util.StrUtils;
import org.apache.solr.common.util.Utils;
import org.apache.solr.util.SolrCLI;
-import org.junit.BeforeClass;
+import org.junit.After;
+import org.junit.Before;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import static java.nio.charset.StandardCharsets.UTF_8;
-import static java.util.Collections.singletonMap;
-
public class BasicAuthIntegrationTest extends SolrCloudAuthTestCase {
private static final Logger log = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
private static final String COLLECTION = "authCollection";
- @BeforeClass
- public static void setupCluster() throws Exception {
+ @Before
+ public void setupCluster() throws Exception {
configureCluster(3)
.addConfig("conf", configset("cloud-minimal"))
.configure();
@@ -86,6 +88,11 @@ public class BasicAuthIntegrationTest extends SolrCloudAuthTestCase {
cluster.waitForActiveCollection(COLLECTION, 3, 3);
}
+
+ @After
+ public void tearDownCluster() throws Exception {
+ shutdownCluster();
+ }
@Test
//commented 9-Aug-2018 @BadApple(bugUrl="https://issues.apache.org/jira/browse/SOLR-12028") // 21-May-2018
@@ -113,10 +120,12 @@ public class BasicAuthIntegrationTest extends SolrCloudAuthTestCase {
cluster.waitForJettyToStop(randomJetty);
- randomJetty.start(false);
+ randomJetty.start();
cluster.waitForAllNodes(30);
+ cluster.waitForActiveCollection(COLLECTION, 3, 3);
+
baseUrl = randomJetty.getBaseUrl().toString();
verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/class", "solr.BasicAuthPlugin", 20);
assertNumberOfMetrics(16); // Basic auth metrics available
@@ -135,7 +144,10 @@ public class BasicAuthIntegrationTest extends SolrCloudAuthTestCase {
((GenericSolrRequest)genericReq).setContentWriter(new StringPayloadContentWriter(command, CommonParams.JSON_MIME));
}
-
+ // avoid bad connection races due to shutdown
+ cluster.getSolrClient().getHttpClient().getConnectionManager().closeExpiredConnections();
+ cluster.getSolrClient().getHttpClient().getConnectionManager().closeIdleConnections(1, TimeUnit.MILLISECONDS);
+
HttpSolrClient.RemoteSolrException exp = expectThrows(HttpSolrClient.RemoteSolrException.class, () -> {
cluster.getSolrClient().request(genericReq);
});
@@ -167,8 +179,10 @@ public class BasicAuthIntegrationTest extends SolrCloudAuthTestCase {
"}";
executeCommand(baseUrl + authzPrefix, cl,command, "solr", "SolrRocks");
- assertAuthMetricsMinimums(6, 2, 4, 0, 0, 0);
+ assertAuthMetricsMinimums(5, 2, 3, 0, 0, 0);
+ Thread.sleep(2000); // sad little wait to try and avoid other clients from hitting http noresponse after jetty restart
+
baseUrl = cluster.getRandomJetty(random()).getBaseUrl().toString();
verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/user-role/harry", NOT_NULL_PREDICATE, 20);
@@ -178,12 +192,12 @@ public class BasicAuthIntegrationTest extends SolrCloudAuthTestCase {
"role", "dev"))), "harry", "HarryIsUberCool" );
verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/permissions[1]/collection", "x", 20);
- assertAuthMetricsMinimums(9, 3, 6, 0, 0, 0);
+ assertAuthMetricsMinimums(8, 3, 5, 0, 0, 0);
executeCommand(baseUrl + authzPrefix, cl,Utils.toJSONString(singletonMap("set-permission", Utils.makeMap
("name", "collection-admin-edit", "role", "admin"))), "harry", "HarryIsUberCool" );
verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/permissions[2]/name", "collection-admin-edit", 20);
- assertAuthMetricsMinimums(11, 4, 7, 0, 0, 0);
+ assertAuthMetricsMinimums(10, 4, 6, 0, 0, 0);
CollectionAdminRequest.Reload reload = CollectionAdminRequest.reloadCollection(COLLECTION);
@@ -210,7 +224,7 @@ public class BasicAuthIntegrationTest extends SolrCloudAuthTestCase {
.setBasicAuthCredentials("harry", "Cool12345"));
fail("This should not succeed");
} catch (HttpSolrClient.RemoteSolrException e) {
- assertAuthMetricsMinimums(15, 5, 9, 1, 0, 0);
+ assertAuthMetricsMinimums(14, 5, 8, 1, 0, 0);
}
executeCommand(baseUrl + authzPrefix, cl,"{set-permission : { name : update , role : admin}}", "harry", "HarryIsUberCool");
@@ -227,7 +241,7 @@ public class BasicAuthIntegrationTest extends SolrCloudAuthTestCase {
executeCommand(baseUrl + authcPrefix, cl, "{set-property : { blockUnknown: true}}", "harry", "HarryIsUberCool");
verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/blockUnknown", "true", 20, "harry", "HarryIsUberCool");
verifySecurityStatus(cl, baseUrl + "/admin/info/key", "key", NOT_NULL_PREDICATE, 20);
- assertAuthMetricsMinimums(18, 8, 9, 1, 0, 0);
+ assertAuthMetricsMinimums(17, 8, 8, 1, 0, 0);
String[] toolArgs = new String[]{
"status", "-solr", baseUrl};
@@ -253,7 +267,7 @@ public class BasicAuthIntegrationTest extends SolrCloudAuthTestCase {
cluster.getSolrClient().query(COLLECTION, params);
});
assertEquals(401, exp.code());
- assertAuthMetricsMinimums(20, 8, 9, 1, 2, 0);
+ assertAuthMetricsMinimums(19, 8, 8, 1, 2, 0);
assertPkiAuthMetricsMinimums(3, 3, 0, 0, 0, 0);
// Query that succeeds
@@ -261,8 +275,8 @@ public class BasicAuthIntegrationTest extends SolrCloudAuthTestCase {
req.setBasicAuthCredentials("harry", "HarryIsUberCool");
cluster.getSolrClient().request(req, COLLECTION);
- assertAuthMetricsMinimums(21, 9, 9, 1, 2, 0);
- assertPkiAuthMetricsMinimums(6, 6, 0, 0, 0, 0);
+ assertAuthMetricsMinimums(20, 8, 8, 1, 2, 0);
+ assertPkiAuthMetricsMinimums(5, 5, 0, 0, 0, 0);
executeCommand(baseUrl + authcPrefix, cl, "{set-property : { blockUnknown: false}}", "harry", "HarryIsUberCool");
} finally {
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/44b51cd0/solr/test-framework/src/java/org/apache/solr/cloud/SolrCloudAuthTestCase.java
----------------------------------------------------------------------
diff --git a/solr/test-framework/src/java/org/apache/solr/cloud/SolrCloudAuthTestCase.java b/solr/test-framework/src/java/org/apache/solr/cloud/SolrCloudAuthTestCase.java
index 3966426..c68526e 100644
--- a/solr/test-framework/src/java/org/apache/solr/cloud/SolrCloudAuthTestCase.java
+++ b/solr/test-framework/src/java/org/apache/solr/cloud/SolrCloudAuthTestCase.java
@@ -56,6 +56,8 @@ public class SolrCloudAuthTestCase extends SolrCloudTestCase {
/**
* Used to check metric counts for the AuthPlugin in use (except PKI)
+ *
+ * TODO: many of these params have to be under specified - this should wait a bit to see the desired params and timeout
*/
protected void assertAuthMetricsMinimums(int requests, int authenticated, int passThrough, int failWrongCredentials, int failMissingCredentials, int errors) {
assertAuthMetricsMinimums(METRICS_PREFIX, requests, authenticated, passThrough, failWrongCredentials, failMissingCredentials, errors);