You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by tu...@apache.org on 2013/08/20 01:02:25 UTC
svn commit: r1515657 - in /hadoop/common/trunk/hadoop-common-project:
hadoop-auth/
hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/
hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/
hadoop-auth/src/test/jav...
Author: tucu
Date: Mon Aug 19 23:02:24 2013
New Revision: 1515657
URL: http://svn.apache.org/r1515657
Log:
HADOOP-9866. convert hadoop-auth testcases requiring kerberos to use minikdc. (ywskycn via tucu)
Removed:
hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/resources/krb5.conf
Modified:
hadoop/common/trunk/hadoop-common-project/hadoop-auth/pom.xml
hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/KerberosTestUtils.java
hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/AuthenticatorTestCase.java
hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestAuthenticatedURL.java
hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestKerberosAuthenticator.java
hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestPseudoAuthenticator.java
hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAltKerberosAuthenticationHandler.java
hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationToken.java
hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestPseudoAuthenticationHandler.java
hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestKerberosName.java
hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestKerberosUtil.java
hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestSigner.java
hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-auth/pom.xml
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-auth/pom.xml?rev=1515657&r1=1515656&r2=1515657&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-auth/pom.xml (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-auth/pom.xml Mon Aug 19 23:02:24 2013
@@ -33,7 +33,6 @@
<properties>
<maven.build.timestamp.format>yyyyMMdd</maven.build.timestamp.format>
- <kerberos.realm>LOCALHOST</kerberos.realm>
</properties>
<dependencies>
@@ -83,40 +82,17 @@
<artifactId>slf4j-log4j12</artifactId>
<scope>runtime</scope>
</dependency>
+ <dependency>
+ <groupId>org.apache.hadoop</groupId>
+ <artifactId>hadoop-minikdc</artifactId>
+ <scope>test</scope>
+ </dependency>
</dependencies>
<build>
- <testResources>
- <testResource>
- <directory>${basedir}/src/test/resources</directory>
- <filtering>true</filtering>
- <includes>
- <include>krb5.conf</include>
- </includes>
- </testResource>
- </testResources>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-surefire-plugin</artifactId>
- <configuration>
- <forkMode>always</forkMode>
- <forkedProcessTimeoutInSeconds>600</forkedProcessTimeoutInSeconds>
- <systemPropertyVariables>
- <java.security.krb5.conf>${project.build.directory}/test-classes/krb5.conf</java.security.krb5.conf>
- <kerberos.realm>${kerberos.realm}</kerberos.realm>
- </systemPropertyVariables>
- <excludes>
- <exclude>**/${test.exclude}.java</exclude>
- <exclude>${test.exclude.pattern}</exclude>
- <exclude>**/TestKerberosAuth*.java</exclude>
- <exclude>**/TestAltKerberosAuth*.java</exclude>
- <exclude>**/Test*$*.java</exclude>
- </excludes>
- </configuration>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<executions>
<execution>
@@ -135,33 +111,6 @@
<profiles>
<profile>
- <id>testKerberos</id>
- <activation>
- <activeByDefault>false</activeByDefault>
- </activation>
- <build>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-surefire-plugin</artifactId>
- <configuration>
- <forkMode>always</forkMode>
- <forkedProcessTimeoutInSeconds>600</forkedProcessTimeoutInSeconds>
- <systemPropertyVariables>
- <java.security.krb5.conf>${project.build.directory}/test-classes/krb5.conf</java.security.krb5.conf>
- <kerberos.realm>${kerberos.realm}</kerberos.realm>
- </systemPropertyVariables>
- <excludes>
- <exclude>**/${test.exclude}.java</exclude>
- <exclude>${test.exclude.pattern}</exclude>
- <exclude>**/Test*$*.java</exclude>
- </excludes>
- </configuration>
- </plugin>
- </plugins>
- </build>
- </profile>
- <profile>
<id>docs</id>
<activation>
<activeByDefault>false</activeByDefault>
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/KerberosTestUtils.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/KerberosTestUtils.java?rev=1515657&r1=1515656&r2=1515657&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/KerberosTestUtils.java (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/KerberosTestUtils.java Mon Aug 19 23:02:24 2013
@@ -13,7 +13,6 @@
*/
package org.apache.hadoop.security.authentication;
-
import javax.security.auth.Subject;
import javax.security.auth.kerberos.KerberosPrincipal;
import javax.security.auth.login.AppConfigurationEntry;
@@ -26,6 +25,7 @@ import java.io.File;
import java.security.Principal;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
+import java.util.UUID;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
@@ -36,32 +36,23 @@ import java.util.concurrent.Callable;
* Test helper class for Java Kerberos setup.
*/
public class KerberosTestUtils {
- private static final String PREFIX = "hadoop-auth.test.";
-
- public static final String REALM = PREFIX + "kerberos.realm";
-
- public static final String CLIENT_PRINCIPAL = PREFIX + "kerberos.client.principal";
-
- public static final String SERVER_PRINCIPAL = PREFIX + "kerberos.server.principal";
-
- public static final String KEYTAB_FILE = PREFIX + "kerberos.keytab.file";
+ private static String keytabFile = new File(System.getProperty("test.dir", "target"),
+ UUID.randomUUID().toString()).toString();
public static String getRealm() {
- return System.getProperty(REALM, "LOCALHOST");
+ return "EXAMPLE.COM";
}
public static String getClientPrincipal() {
- return System.getProperty(CLIENT_PRINCIPAL, "client") + "@" + getRealm();
+ return "client@EXAMPLE.COM";
}
public static String getServerPrincipal() {
- return System.getProperty(SERVER_PRINCIPAL, "HTTP/localhost") + "@" + getRealm();
+ return "HTTP/localhost@EXAMPLE.COM";
}
public static String getKeytabFile() {
- String keytabFile =
- new File(System.getProperty("user.home"), System.getProperty("user.name") + ".keytab").toString();
- return System.getProperty(KEYTAB_FILE, keytabFile);
+ return keytabFile;
}
private static class KerberosConfiguration extends Configuration {
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/AuthenticatorTestCase.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/AuthenticatorTestCase.java?rev=1515657&r1=1515656&r2=1515657&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/AuthenticatorTestCase.java (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/AuthenticatorTestCase.java Mon Aug 19 23:02:24 2013
@@ -2,9 +2,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -13,10 +13,7 @@
*/
package org.apache.hadoop.security.authentication.client;
-import junit.framework.Assert;
import org.apache.hadoop.security.authentication.server.AuthenticationFilter;
-import junit.framework.TestCase;
-import org.mockito.Mockito;
import org.mortbay.jetty.Server;
import org.mortbay.jetty.servlet.Context;
import org.mortbay.jetty.servlet.FilterHolder;
@@ -27,19 +24,20 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
-import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
+import java.io.BufferedReader;
+import java.io.InputStreamReader;
import java.io.Writer;
import java.net.HttpURLConnection;
import java.net.ServerSocket;
import java.net.URL;
import java.util.Properties;
+import org.junit.Assert;
-public abstract class AuthenticatorTestCase extends TestCase {
+public class AuthenticatorTestCase {
private Server server;
private String host = null;
private int port = -1;
@@ -151,18 +149,18 @@ public abstract class AuthenticatorTestC
writer.write(POST);
writer.close();
}
- assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
+ Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
if (doPost) {
BufferedReader reader = new BufferedReader(new InputStreamReader(conn.getInputStream()));
String echo = reader.readLine();
- assertEquals(POST, echo);
- assertNull(reader.readLine());
+ Assert.assertEquals(POST, echo);
+ Assert.assertNull(reader.readLine());
}
aUrl = new AuthenticatedURL();
conn = aUrl.openConnection(url, token);
conn.connect();
- assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
- assertEquals(tokenStr, token.toString());
+ Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
+ Assert.assertEquals(tokenStr, token.toString());
} finally {
stop();
}
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestAuthenticatedURL.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestAuthenticatedURL.java?rev=1515657&r1=1515656&r2=1515657&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestAuthenticatedURL.java (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestAuthenticatedURL.java Mon Aug 19 23:02:24 2013
@@ -13,8 +13,8 @@
*/
package org.apache.hadoop.security.authentication.client;
-import junit.framework.Assert;
-import junit.framework.TestCase;
+import org.junit.Assert;
+import org.junit.Test;
import org.mockito.Mockito;
import java.net.HttpURLConnection;
@@ -24,46 +24,48 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
-public class TestAuthenticatedURL extends TestCase {
+public class TestAuthenticatedURL {
+ @Test
public void testToken() throws Exception {
AuthenticatedURL.Token token = new AuthenticatedURL.Token();
- assertFalse(token.isSet());
+ Assert.assertFalse(token.isSet());
token = new AuthenticatedURL.Token("foo");
- assertTrue(token.isSet());
- assertEquals("foo", token.toString());
+ Assert.assertTrue(token.isSet());
+ Assert.assertEquals("foo", token.toString());
AuthenticatedURL.Token token1 = new AuthenticatedURL.Token();
AuthenticatedURL.Token token2 = new AuthenticatedURL.Token();
- assertEquals(token1.hashCode(), token2.hashCode());
- assertTrue(token1.equals(token2));
+ Assert.assertEquals(token1.hashCode(), token2.hashCode());
+ Assert.assertTrue(token1.equals(token2));
token1 = new AuthenticatedURL.Token();
token2 = new AuthenticatedURL.Token("foo");
- assertNotSame(token1.hashCode(), token2.hashCode());
- assertFalse(token1.equals(token2));
+ Assert.assertNotSame(token1.hashCode(), token2.hashCode());
+ Assert.assertFalse(token1.equals(token2));
token1 = new AuthenticatedURL.Token("foo");
token2 = new AuthenticatedURL.Token();
- assertNotSame(token1.hashCode(), token2.hashCode());
- assertFalse(token1.equals(token2));
+ Assert.assertNotSame(token1.hashCode(), token2.hashCode());
+ Assert.assertFalse(token1.equals(token2));
token1 = new AuthenticatedURL.Token("foo");
token2 = new AuthenticatedURL.Token("foo");
- assertEquals(token1.hashCode(), token2.hashCode());
- assertTrue(token1.equals(token2));
+ Assert.assertEquals(token1.hashCode(), token2.hashCode());
+ Assert.assertTrue(token1.equals(token2));
token1 = new AuthenticatedURL.Token("bar");
token2 = new AuthenticatedURL.Token("foo");
- assertNotSame(token1.hashCode(), token2.hashCode());
- assertFalse(token1.equals(token2));
+ Assert.assertNotSame(token1.hashCode(), token2.hashCode());
+ Assert.assertFalse(token1.equals(token2));
token1 = new AuthenticatedURL.Token("foo");
token2 = new AuthenticatedURL.Token("bar");
- assertNotSame(token1.hashCode(), token2.hashCode());
- assertFalse(token1.equals(token2));
+ Assert.assertNotSame(token1.hashCode(), token2.hashCode());
+ Assert.assertFalse(token1.equals(token2));
}
+ @Test
public void testInjectToken() throws Exception {
HttpURLConnection conn = Mockito.mock(HttpURLConnection.class);
AuthenticatedURL.Token token = new AuthenticatedURL.Token();
@@ -72,6 +74,7 @@ public class TestAuthenticatedURL extend
Mockito.verify(conn).addRequestProperty(Mockito.eq("Cookie"), Mockito.anyString());
}
+ @Test
public void testExtractTokenOK() throws Exception {
HttpURLConnection conn = Mockito.mock(HttpURLConnection.class);
@@ -87,9 +90,10 @@ public class TestAuthenticatedURL extend
AuthenticatedURL.Token token = new AuthenticatedURL.Token();
AuthenticatedURL.extractToken(conn, token);
- assertEquals(tokenStr, token.toString());
+ Assert.assertEquals(tokenStr, token.toString());
}
+ @Test
public void testExtractTokenFail() throws Exception {
HttpURLConnection conn = Mockito.mock(HttpURLConnection.class);
@@ -106,15 +110,16 @@ public class TestAuthenticatedURL extend
token.set("bar");
try {
AuthenticatedURL.extractToken(conn, token);
- fail();
+ Assert.fail();
} catch (AuthenticationException ex) {
// Expected
Assert.assertFalse(token.isSet());
} catch (Exception ex) {
- fail();
+ Assert.fail();
}
}
+ @Test
public void testConnectionConfigurator() throws Exception {
HttpURLConnection conn = Mockito.mock(HttpURLConnection.class);
Mockito.when(conn.getResponseCode()).
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestKerberosAuthenticator.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestKerberosAuthenticator.java?rev=1515657&r1=1515656&r2=1515657&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestKerberosAuthenticator.java (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestKerberosAuthenticator.java Mon Aug 19 23:02:24 2013
@@ -13,17 +13,33 @@
*/
package org.apache.hadoop.security.authentication.client;
+import org.apache.hadoop.minikdc.KerberosSecurityTestcase;
import org.apache.hadoop.security.authentication.KerberosTestUtils;
import org.apache.hadoop.security.authentication.server.AuthenticationFilter;
import org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler;
import org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import java.io.File;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.Properties;
import java.util.concurrent.Callable;
-public class TestKerberosAuthenticator extends AuthenticatorTestCase {
+public class TestKerberosAuthenticator extends KerberosSecurityTestcase {
+
+ @Before
+ public void setup() throws Exception {
+ // create keytab
+ File keytabFile = new File(KerberosTestUtils.getKeytabFile());
+ String clientPrincipal = KerberosTestUtils.getClientPrincipal();
+ String serverPrincipal = KerberosTestUtils.getServerPrincipal();
+ clientPrincipal = clientPrincipal.substring(0, clientPrincipal.lastIndexOf("@"));
+ serverPrincipal = serverPrincipal.substring(0, serverPrincipal.lastIndexOf("@"));
+ getKdc().createPrincipal(keytabFile, clientPrincipal, serverPrincipal);
+ }
private Properties getAuthenticationHandlerConfiguration() {
Properties props = new Properties();
@@ -35,57 +51,67 @@ public class TestKerberosAuthenticator e
return props;
}
+ @Test(timeout=60000)
public void testFallbacktoPseudoAuthenticator() throws Exception {
+ AuthenticatorTestCase auth = new AuthenticatorTestCase();
Properties props = new Properties();
props.setProperty(AuthenticationFilter.AUTH_TYPE, "simple");
props.setProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "false");
- setAuthenticationHandlerConfig(props);
- _testAuthentication(new KerberosAuthenticator(), false);
+ auth.setAuthenticationHandlerConfig(props);
+ auth._testAuthentication(new KerberosAuthenticator(), false);
}
+ @Test(timeout=60000)
public void testFallbacktoPseudoAuthenticatorAnonymous() throws Exception {
+ AuthenticatorTestCase auth = new AuthenticatorTestCase();
Properties props = new Properties();
props.setProperty(AuthenticationFilter.AUTH_TYPE, "simple");
props.setProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "true");
- setAuthenticationHandlerConfig(props);
- _testAuthentication(new KerberosAuthenticator(), false);
+ auth.setAuthenticationHandlerConfig(props);
+ auth._testAuthentication(new KerberosAuthenticator(), false);
}
+ @Test(timeout=60000)
public void testNotAuthenticated() throws Exception {
- setAuthenticationHandlerConfig(getAuthenticationHandlerConfiguration());
- start();
+ AuthenticatorTestCase auth = new AuthenticatorTestCase();
+ auth.setAuthenticationHandlerConfig(getAuthenticationHandlerConfiguration());
+ auth.start();
try {
- URL url = new URL(getBaseURL());
+ URL url = new URL(auth.getBaseURL());
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.connect();
- assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, conn.getResponseCode());
- assertTrue(conn.getHeaderField(KerberosAuthenticator.WWW_AUTHENTICATE) != null);
+ Assert.assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, conn.getResponseCode());
+ Assert.assertTrue(conn.getHeaderField(KerberosAuthenticator.WWW_AUTHENTICATE) != null);
} finally {
- stop();
+ auth.stop();
}
}
-
+ @Test(timeout=60000)
public void testAuthentication() throws Exception {
- setAuthenticationHandlerConfig(getAuthenticationHandlerConfiguration());
+ final AuthenticatorTestCase auth = new AuthenticatorTestCase();
+ auth.setAuthenticationHandlerConfig(
+ getAuthenticationHandlerConfiguration());
KerberosTestUtils.doAsClient(new Callable<Void>() {
@Override
public Void call() throws Exception {
- _testAuthentication(new KerberosAuthenticator(), false);
+ auth._testAuthentication(new KerberosAuthenticator(), false);
return null;
}
});
}
+ @Test(timeout=60000)
public void testAuthenticationPost() throws Exception {
- setAuthenticationHandlerConfig(getAuthenticationHandlerConfiguration());
+ final AuthenticatorTestCase auth = new AuthenticatorTestCase();
+ auth.setAuthenticationHandlerConfig(
+ getAuthenticationHandlerConfiguration());
KerberosTestUtils.doAsClient(new Callable<Void>() {
@Override
public Void call() throws Exception {
- _testAuthentication(new KerberosAuthenticator(), true);
+ auth._testAuthentication(new KerberosAuthenticator(), true);
return null;
}
});
}
-
}
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestPseudoAuthenticator.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestPseudoAuthenticator.java?rev=1515657&r1=1515656&r2=1515657&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestPseudoAuthenticator.java (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/client/TestPseudoAuthenticator.java Mon Aug 19 23:02:24 2013
@@ -15,12 +15,14 @@ package org.apache.hadoop.security.authe
import org.apache.hadoop.security.authentication.server.AuthenticationFilter;
import org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler;
+import org.junit.Assert;
+import org.junit.Test;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.Properties;
-public class TestPseudoAuthenticator extends AuthenticatorTestCase {
+public class TestPseudoAuthenticator {
private Properties getAuthenticationHandlerConfiguration(boolean anonymousAllowed) {
Properties props = new Properties();
@@ -29,55 +31,74 @@ public class TestPseudoAuthenticator ext
return props;
}
+ @Test
public void testGetUserName() throws Exception {
PseudoAuthenticator authenticator = new PseudoAuthenticator();
- assertEquals(System.getProperty("user.name"), authenticator.getUserName());
+ Assert.assertEquals(System.getProperty("user.name"), authenticator.getUserName());
}
+ @Test
public void testAnonymousAllowed() throws Exception {
- setAuthenticationHandlerConfig(getAuthenticationHandlerConfiguration(true));
- start();
+ AuthenticatorTestCase auth = new AuthenticatorTestCase();
+ auth.setAuthenticationHandlerConfig(
+ getAuthenticationHandlerConfiguration(true));
+ auth.start();
try {
- URL url = new URL(getBaseURL());
+ URL url = new URL(auth.getBaseURL());
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.connect();
- assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
+ Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
} finally {
- stop();
+ auth.stop();
}
}
+ @Test
public void testAnonymousDisallowed() throws Exception {
- setAuthenticationHandlerConfig(getAuthenticationHandlerConfiguration(false));
- start();
+ AuthenticatorTestCase auth = new AuthenticatorTestCase();
+ auth.setAuthenticationHandlerConfig(
+ getAuthenticationHandlerConfiguration(false));
+ auth.start();
try {
- URL url = new URL(getBaseURL());
+ URL url = new URL(auth.getBaseURL());
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.connect();
- assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, conn.getResponseCode());
+ Assert.assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, conn.getResponseCode());
} finally {
- stop();
+ auth.stop();
}
}
+ @Test
public void testAuthenticationAnonymousAllowed() throws Exception {
- setAuthenticationHandlerConfig(getAuthenticationHandlerConfiguration(true));
- _testAuthentication(new PseudoAuthenticator(), false);
+ AuthenticatorTestCase auth = new AuthenticatorTestCase();
+ auth.setAuthenticationHandlerConfig(
+ getAuthenticationHandlerConfiguration(true));
+ auth._testAuthentication(new PseudoAuthenticator(), false);
}
+ @Test
public void testAuthenticationAnonymousDisallowed() throws Exception {
- setAuthenticationHandlerConfig(getAuthenticationHandlerConfiguration(false));
- _testAuthentication(new PseudoAuthenticator(), false);
+ AuthenticatorTestCase auth = new AuthenticatorTestCase();
+ auth.setAuthenticationHandlerConfig(
+ getAuthenticationHandlerConfiguration(false));
+ auth._testAuthentication(new PseudoAuthenticator(), false);
}
+ @Test
public void testAuthenticationAnonymousAllowedWithPost() throws Exception {
- setAuthenticationHandlerConfig(getAuthenticationHandlerConfiguration(true));
- _testAuthentication(new PseudoAuthenticator(), true);
+ AuthenticatorTestCase auth = new AuthenticatorTestCase();
+ auth.setAuthenticationHandlerConfig(
+ getAuthenticationHandlerConfiguration(true));
+ auth._testAuthentication(new PseudoAuthenticator(), true);
}
+ @Test
public void testAuthenticationAnonymousDisallowedWithPost() throws Exception {
- setAuthenticationHandlerConfig(getAuthenticationHandlerConfiguration(false));
- _testAuthentication(new PseudoAuthenticator(), true);
+ AuthenticatorTestCase auth = new AuthenticatorTestCase();
+ auth.setAuthenticationHandlerConfig(
+ getAuthenticationHandlerConfiguration(false));
+ auth._testAuthentication(new PseudoAuthenticator(), true);
}
}
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAltKerberosAuthenticationHandler.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAltKerberosAuthenticationHandler.java?rev=1515657&r1=1515656&r2=1515657&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAltKerberosAuthenticationHandler.java (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAltKerberosAuthenticationHandler.java Mon Aug 19 23:02:24 2013
@@ -18,6 +18,8 @@ import java.util.Properties;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.hadoop.security.authentication.client.AuthenticationException;
+import org.junit.Assert;
+import org.junit.Test;
import org.mockito.Mockito;
public class TestAltKerberosAuthenticationHandler
@@ -45,6 +47,7 @@ public class TestAltKerberosAuthenticati
return AltKerberosAuthenticationHandler.TYPE;
}
+ @Test(timeout=60000)
public void testAlternateAuthenticationAsBrowser() throws Exception {
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
@@ -54,11 +57,12 @@ public class TestAltKerberosAuthenticati
Mockito.when(request.getHeader("User-Agent")).thenReturn("Some Browser");
AuthenticationToken token = handler.authenticate(request, response);
- assertEquals("A", token.getUserName());
- assertEquals("B", token.getName());
- assertEquals(getExpectedType(), token.getType());
+ Assert.assertEquals("A", token.getUserName());
+ Assert.assertEquals("B", token.getName());
+ Assert.assertEquals(getExpectedType(), token.getType());
}
+ @Test(timeout=60000)
public void testNonDefaultNonBrowserUserAgentAsBrowser() throws Exception {
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
@@ -81,11 +85,12 @@ public class TestAltKerberosAuthenticati
Mockito.when(request.getHeader("User-Agent")).thenReturn("blah");
// Should use alt authentication
AuthenticationToken token = handler.authenticate(request, response);
- assertEquals("A", token.getUserName());
- assertEquals("B", token.getName());
- assertEquals(getExpectedType(), token.getType());
+ Assert.assertEquals("A", token.getUserName());
+ Assert.assertEquals("B", token.getName());
+ Assert.assertEquals(getExpectedType(), token.getType());
}
+ @Test(timeout=60000)
public void testNonDefaultNonBrowserUserAgentAsNonBrowser() throws Exception {
if (handler != null) {
handler.destroy();
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java?rev=1515657&r1=1515656&r2=1515657&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java Mon Aug 19 23:02:24 2013
@@ -16,7 +16,8 @@ package org.apache.hadoop.security.authe
import org.apache.hadoop.security.authentication.client.AuthenticatedURL;
import org.apache.hadoop.security.authentication.client.AuthenticationException;
import org.apache.hadoop.security.authentication.util.Signer;
-import junit.framework.TestCase;
+import org.junit.Assert;
+import org.junit.Test;
import org.mockito.Mockito;
import org.mockito.invocation.InvocationOnMock;
import org.mockito.stubbing.Answer;
@@ -34,8 +35,9 @@ import java.util.Arrays;
import java.util.Properties;
import java.util.Vector;
-public class TestAuthenticationFilter extends TestCase {
+public class TestAuthenticationFilter {
+ @Test
public void testGetConfiguration() throws Exception {
AuthenticationFilter filter = new AuthenticationFilter();
FilterConfig config = Mockito.mock(FilterConfig.class);
@@ -43,27 +45,28 @@ public class TestAuthenticationFilter ex
Mockito.when(config.getInitParameter("a")).thenReturn("A");
Mockito.when(config.getInitParameterNames()).thenReturn(new Vector<String>(Arrays.asList("a")).elements());
Properties props = filter.getConfiguration("", config);
- assertEquals("A", props.getProperty("a"));
+ Assert.assertEquals("A", props.getProperty("a"));
config = Mockito.mock(FilterConfig.class);
Mockito.when(config.getInitParameter(AuthenticationFilter.CONFIG_PREFIX)).thenReturn("foo");
Mockito.when(config.getInitParameter("foo.a")).thenReturn("A");
Mockito.when(config.getInitParameterNames()).thenReturn(new Vector<String>(Arrays.asList("foo.a")).elements());
props = filter.getConfiguration("foo.", config);
- assertEquals("A", props.getProperty("a"));
+ Assert.assertEquals("A", props.getProperty("a"));
}
+ @Test
public void testInitEmpty() throws Exception {
AuthenticationFilter filter = new AuthenticationFilter();
try {
FilterConfig config = Mockito.mock(FilterConfig.class);
Mockito.when(config.getInitParameterNames()).thenReturn(new Vector<String>().elements());
filter.init(config);
- fail();
+ Assert.fail();
} catch (ServletException ex) {
// Expected
} catch (Exception ex) {
- fail();
+ Assert.fail();
} finally {
filter.destroy();
}
@@ -126,6 +129,7 @@ public class TestAuthenticationFilter ex
}
}
+ @Test
public void testInit() throws Exception {
// minimal configuration & simple auth handler (Pseudo)
@@ -138,11 +142,11 @@ public class TestAuthenticationFilter ex
new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
AuthenticationFilter.AUTH_TOKEN_VALIDITY)).elements());
filter.init(config);
- assertEquals(PseudoAuthenticationHandler.class, filter.getAuthenticationHandler().getClass());
- assertTrue(filter.isRandomSecret());
- assertNull(filter.getCookieDomain());
- assertNull(filter.getCookiePath());
- assertEquals(1000, filter.getValidity());
+ Assert.assertEquals(PseudoAuthenticationHandler.class, filter.getAuthenticationHandler().getClass());
+ Assert.assertTrue(filter.isRandomSecret());
+ Assert.assertNull(filter.getCookieDomain());
+ Assert.assertNull(filter.getCookiePath());
+ Assert.assertEquals(1000, filter.getValidity());
} finally {
filter.destroy();
}
@@ -157,7 +161,7 @@ public class TestAuthenticationFilter ex
new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE,
AuthenticationFilter.SIGNATURE_SECRET)).elements());
filter.init(config);
- assertFalse(filter.isRandomSecret());
+ Assert.assertFalse(filter.isRandomSecret());
} finally {
filter.destroy();
}
@@ -174,13 +178,12 @@ public class TestAuthenticationFilter ex
AuthenticationFilter.COOKIE_DOMAIN,
AuthenticationFilter.COOKIE_PATH)).elements());
filter.init(config);
- assertEquals(".foo.com", filter.getCookieDomain());
- assertEquals("/bar", filter.getCookiePath());
+ Assert.assertEquals(".foo.com", filter.getCookieDomain());
+ Assert.assertEquals("/bar", filter.getCookiePath());
} finally {
filter.destroy();
}
-
// authentication handler lifecycle, and custom impl
DummyAuthenticationHandler.reset();
filter = new AuthenticationFilter();
@@ -195,10 +198,10 @@ public class TestAuthenticationFilter ex
Arrays.asList(AuthenticationFilter.AUTH_TYPE,
"management.operation.return")).elements());
filter.init(config);
- assertTrue(DummyAuthenticationHandler.init);
+ Assert.assertTrue(DummyAuthenticationHandler.init);
} finally {
filter.destroy();
- assertTrue(DummyAuthenticationHandler.destroy);
+ Assert.assertTrue(DummyAuthenticationHandler.destroy);
}
// kerberos auth handler
@@ -212,11 +215,12 @@ public class TestAuthenticationFilter ex
} catch (ServletException ex) {
// Expected
} finally {
- assertEquals(KerberosAuthenticationHandler.class, filter.getAuthenticationHandler().getClass());
+ Assert.assertEquals(KerberosAuthenticationHandler.class, filter.getAuthenticationHandler().getClass());
filter.destroy();
}
}
+ @Test
public void testGetRequestURL() throws Exception {
AuthenticationFilter filter = new AuthenticationFilter();
try {
@@ -235,12 +239,13 @@ public class TestAuthenticationFilter ex
Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));
Mockito.when(request.getQueryString()).thenReturn("a=A&b=B");
- assertEquals("http://foo:8080/bar?a=A&b=B", filter.getRequestURL(request));
+ Assert.assertEquals("http://foo:8080/bar?a=A&b=B", filter.getRequestURL(request));
} finally {
filter.destroy();
}
}
+ @Test
public void testGetToken() throws Exception {
AuthenticationFilter filter = new AuthenticationFilter();
try {
@@ -268,12 +273,13 @@ public class TestAuthenticationFilter ex
AuthenticationToken newToken = filter.getToken(request);
- assertEquals(token.toString(), newToken.toString());
+ Assert.assertEquals(token.toString(), newToken.toString());
} finally {
filter.destroy();
}
}
+ @Test
public void testGetTokenExpired() throws Exception {
AuthenticationFilter filter = new AuthenticationFilter();
try {
@@ -300,17 +306,18 @@ public class TestAuthenticationFilter ex
try {
filter.getToken(request);
- fail();
+ Assert.fail();
} catch (AuthenticationException ex) {
// Expected
} catch (Exception ex) {
- fail();
+ Assert.fail();
}
} finally {
filter.destroy();
}
}
+ @Test
public void testGetTokenInvalidType() throws Exception {
AuthenticationFilter filter = new AuthenticationFilter();
try {
@@ -338,17 +345,18 @@ public class TestAuthenticationFilter ex
try {
filter.getToken(request);
- fail();
+ Assert.fail();
} catch (AuthenticationException ex) {
// Expected
} catch (Exception ex) {
- fail();
+ Assert.fail();
}
} finally {
filter.destroy();
}
}
+ @Test
public void testDoFilterNotAuthenticated() throws Exception {
AuthenticationFilter filter = new AuthenticationFilter();
try {
@@ -374,7 +382,7 @@ public class TestAuthenticationFilter ex
new Answer<Object>() {
@Override
public Object answer(InvocationOnMock invocation) throws Throwable {
- fail();
+ Assert.fail();
return null;
}
}
@@ -468,27 +476,27 @@ public class TestAuthenticationFilter ex
Mockito.verify(response, Mockito.never()).
addCookie(Mockito.any(Cookie.class));
} else {
- assertNotNull(setCookie[0]);
- assertEquals(AuthenticatedURL.AUTH_COOKIE, setCookie[0].getName());
- assertTrue(setCookie[0].getValue().contains("u="));
- assertTrue(setCookie[0].getValue().contains("p="));
- assertTrue(setCookie[0].getValue().contains("t="));
- assertTrue(setCookie[0].getValue().contains("e="));
- assertTrue(setCookie[0].getValue().contains("s="));
- assertTrue(calledDoFilter[0]);
+ Assert.assertNotNull(setCookie[0]);
+ Assert.assertEquals(AuthenticatedURL.AUTH_COOKIE, setCookie[0].getName());
+ Assert.assertTrue(setCookie[0].getValue().contains("u="));
+ Assert.assertTrue(setCookie[0].getValue().contains("p="));
+ Assert.assertTrue(setCookie[0].getValue().contains("t="));
+ Assert.assertTrue(setCookie[0].getValue().contains("e="));
+ Assert.assertTrue(setCookie[0].getValue().contains("s="));
+ Assert.assertTrue(calledDoFilter[0]);
Signer signer = new Signer("secret".getBytes());
String value = signer.verifyAndExtract(setCookie[0].getValue());
AuthenticationToken token = AuthenticationToken.parse(value);
- assertEquals(System.currentTimeMillis() + 1000 * 1000,
+ Assert.assertEquals(System.currentTimeMillis() + 1000 * 1000,
token.getExpires(), 100);
if (withDomainPath) {
- assertEquals(".foo.com", setCookie[0].getDomain());
- assertEquals("/bar", setCookie[0].getPath());
+ Assert.assertEquals(".foo.com", setCookie[0].getDomain());
+ Assert.assertEquals("/bar", setCookie[0].getPath());
} else {
- assertNull(setCookie[0].getDomain());
- assertNull(setCookie[0].getPath());
+ Assert.assertNull(setCookie[0].getDomain());
+ Assert.assertNull(setCookie[0].getPath());
}
}
} finally {
@@ -496,22 +504,27 @@ public class TestAuthenticationFilter ex
}
}
+ @Test
public void testDoFilterAuthentication() throws Exception {
_testDoFilterAuthentication(false, false, false);
}
+ @Test
public void testDoFilterAuthenticationImmediateExpiration() throws Exception {
_testDoFilterAuthentication(false, false, true);
}
+ @Test
public void testDoFilterAuthenticationWithInvalidToken() throws Exception {
_testDoFilterAuthentication(false, true, false);
}
+ @Test
public void testDoFilterAuthenticationWithDomainPath() throws Exception {
_testDoFilterAuthentication(true, false, false);
}
+ @Test
public void testDoFilterAuthenticated() throws Exception {
AuthenticationFilter filter = new AuthenticationFilter();
try {
@@ -547,8 +560,8 @@ public class TestAuthenticationFilter ex
public Object answer(InvocationOnMock invocation) throws Throwable {
Object[] args = invocation.getArguments();
HttpServletRequest request = (HttpServletRequest) args[0];
- assertEquals("u", request.getRemoteUser());
- assertEquals("p", request.getUserPrincipal().getName());
+ Assert.assertEquals("u", request.getRemoteUser());
+ Assert.assertEquals("p", request.getUserPrincipal().getName());
return null;
}
}
@@ -561,6 +574,7 @@ public class TestAuthenticationFilter ex
}
}
+ @Test
public void testDoFilterAuthenticatedExpired() throws Exception {
AuthenticationFilter filter = new AuthenticationFilter();
try {
@@ -594,7 +608,7 @@ public class TestAuthenticationFilter ex
new Answer<Object>() {
@Override
public Object answer(InvocationOnMock invocation) throws Throwable {
- fail();
+ Assert.fail();
return null;
}
}
@@ -616,15 +630,15 @@ public class TestAuthenticationFilter ex
Mockito.verify(response).sendError(Mockito.eq(HttpServletResponse.SC_UNAUTHORIZED), Mockito.anyString());
- assertNotNull(setCookie[0]);
- assertEquals(AuthenticatedURL.AUTH_COOKIE, setCookie[0].getName());
- assertEquals("", setCookie[0].getValue());
+ Assert.assertNotNull(setCookie[0]);
+ Assert.assertEquals(AuthenticatedURL.AUTH_COOKIE, setCookie[0].getName());
+ Assert.assertEquals("", setCookie[0].getValue());
} finally {
filter.destroy();
}
}
-
+ @Test
public void testDoFilterAuthenticatedInvalidType() throws Exception {
AuthenticationFilter filter = new AuthenticationFilter();
try {
@@ -658,7 +672,7 @@ public class TestAuthenticationFilter ex
new Answer<Object>() {
@Override
public Object answer(InvocationOnMock invocation) throws Throwable {
- fail();
+ Assert.fail();
return null;
}
}
@@ -680,14 +694,15 @@ public class TestAuthenticationFilter ex
Mockito.verify(response).sendError(Mockito.eq(HttpServletResponse.SC_UNAUTHORIZED), Mockito.anyString());
- assertNotNull(setCookie[0]);
- assertEquals(AuthenticatedURL.AUTH_COOKIE, setCookie[0].getName());
- assertEquals("", setCookie[0].getValue());
+ Assert.assertNotNull(setCookie[0]);
+ Assert.assertEquals(AuthenticatedURL.AUTH_COOKIE, setCookie[0].getName());
+ Assert.assertEquals("", setCookie[0].getValue());
} finally {
filter.destroy();
}
}
+ @Test
public void testManagementOperation() throws Exception {
AuthenticationFilter filter = new AuthenticationFilter();
try {
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationToken.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationToken.java?rev=1515657&r1=1515656&r2=1515657&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationToken.java (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationToken.java Mon Aug 19 23:02:24 2013
@@ -14,98 +14,104 @@
package org.apache.hadoop.security.authentication.server;
import org.apache.hadoop.security.authentication.client.AuthenticationException;
-import junit.framework.TestCase;
+import org.junit.Assert;
+import org.junit.Test;
-public class TestAuthenticationToken extends TestCase {
+public class TestAuthenticationToken {
+ @Test
public void testAnonymous() {
- assertNotNull(AuthenticationToken.ANONYMOUS);
- assertEquals(null, AuthenticationToken.ANONYMOUS.getUserName());
- assertEquals(null, AuthenticationToken.ANONYMOUS.getName());
- assertEquals(null, AuthenticationToken.ANONYMOUS.getType());
- assertEquals(-1, AuthenticationToken.ANONYMOUS.getExpires());
- assertFalse(AuthenticationToken.ANONYMOUS.isExpired());
+ Assert.assertNotNull(AuthenticationToken.ANONYMOUS);
+ Assert.assertEquals(null, AuthenticationToken.ANONYMOUS.getUserName());
+ Assert.assertEquals(null, AuthenticationToken.ANONYMOUS.getName());
+ Assert.assertEquals(null, AuthenticationToken.ANONYMOUS.getType());
+ Assert.assertEquals(-1, AuthenticationToken.ANONYMOUS.getExpires());
+ Assert.assertFalse(AuthenticationToken.ANONYMOUS.isExpired());
}
+ @Test
public void testConstructor() throws Exception {
try {
new AuthenticationToken(null, "p", "t");
- fail();
+ Assert.fail();
} catch (IllegalArgumentException ex) {
// Expected
} catch (Throwable ex) {
- fail();
+ Assert.fail();
}
try {
new AuthenticationToken("", "p", "t");
- fail();
+ Assert.fail();
} catch (IllegalArgumentException ex) {
// Expected
} catch (Throwable ex) {
- fail();
+ Assert.fail();
}
try {
new AuthenticationToken("u", null, "t");
- fail();
+ Assert.fail();
} catch (IllegalArgumentException ex) {
// Expected
} catch (Throwable ex) {
- fail();
+ Assert.fail();
}
try {
new AuthenticationToken("u", "", "t");
- fail();
+ Assert.fail();
} catch (IllegalArgumentException ex) {
// Expected
} catch (Throwable ex) {
- fail();
+ Assert.fail();
}
try {
new AuthenticationToken("u", "p", null);
- fail();
+ Assert.fail();
} catch (IllegalArgumentException ex) {
// Expected
} catch (Throwable ex) {
- fail();
+ Assert.fail();
}
try {
new AuthenticationToken("u", "p", "");
- fail();
+ Assert.fail();
} catch (IllegalArgumentException ex) {
// Expected
} catch (Throwable ex) {
- fail();
+ Assert.fail();
}
new AuthenticationToken("u", "p", "t");
}
+ @Test
public void testGetters() throws Exception {
long expires = System.currentTimeMillis() + 50;
AuthenticationToken token = new AuthenticationToken("u", "p", "t");
token.setExpires(expires);
- assertEquals("u", token.getUserName());
- assertEquals("p", token.getName());
- assertEquals("t", token.getType());
- assertEquals(expires, token.getExpires());
- assertFalse(token.isExpired());
+ Assert.assertEquals("u", token.getUserName());
+ Assert.assertEquals("p", token.getName());
+ Assert.assertEquals("t", token.getType());
+ Assert.assertEquals(expires, token.getExpires());
+ Assert.assertFalse(token.isExpired());
Thread.sleep(70); // +20 msec fuzz for timer granularity.
- assertTrue(token.isExpired());
+ Assert.assertTrue(token.isExpired());
}
+ @Test
public void testToStringAndParse() throws Exception {
long expires = System.currentTimeMillis() + 50;
AuthenticationToken token = new AuthenticationToken("u", "p", "t");
token.setExpires(expires);
String str = token.toString();
token = AuthenticationToken.parse(str);
- assertEquals("p", token.getName());
- assertEquals("t", token.getType());
- assertEquals(expires, token.getExpires());
- assertFalse(token.isExpired());
+ Assert.assertEquals("p", token.getName());
+ Assert.assertEquals("t", token.getType());
+ Assert.assertEquals(expires, token.getExpires());
+ Assert.assertFalse(token.isExpired());
Thread.sleep(70); // +20 msec fuzz for timer granularity.
- assertTrue(token.isExpired());
+ Assert.assertTrue(token.isExpired());
}
+ @Test
public void testParseInvalid() throws Exception {
long expires = System.currentTimeMillis() + 50;
AuthenticationToken token = new AuthenticationToken("u", "p", "t");
@@ -114,11 +120,11 @@ public class TestAuthenticationToken ext
str = str.substring(0, str.indexOf("e="));
try {
AuthenticationToken.parse(str);
- fail();
+ Assert.fail();
} catch (AuthenticationException ex) {
// Expected
} catch (Exception ex) {
- fail();
+ Assert.fail();
}
}
}
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java?rev=1515657&r1=1515656&r2=1515657&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java Mon Aug 19 23:02:24 2013
@@ -13,25 +13,31 @@
*/
package org.apache.hadoop.security.authentication.server;
+import org.apache.hadoop.minikdc.KerberosSecurityTestcase;
import org.apache.hadoop.security.authentication.KerberosTestUtils;
import org.apache.hadoop.security.authentication.client.AuthenticationException;
import org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
-import junit.framework.TestCase;
import org.apache.commons.codec.binary.Base64;
import org.apache.hadoop.security.authentication.util.KerberosName;
import org.apache.hadoop.security.authentication.util.KerberosUtil;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
+import org.junit.After;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
import org.mockito.Mockito;
import org.ietf.jgss.Oid;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import java.io.File;
import java.util.Properties;
import java.util.concurrent.Callable;
-public class TestKerberosAuthenticationHandler extends TestCase {
+public class TestKerberosAuthenticationHandler
+ extends KerberosSecurityTestcase {
protected KerberosAuthenticationHandler handler;
@@ -54,9 +60,16 @@ public class TestKerberosAuthenticationH
return props;
}
- @Override
- protected void setUp() throws Exception {
- super.setUp();
+ @Before
+ public void setup() throws Exception {
+ // create keytab
+ File keytabFile = new File(KerberosTestUtils.getKeytabFile());
+ String clientPrincipal = KerberosTestUtils.getClientPrincipal();
+ String serverPrincipal = KerberosTestUtils.getServerPrincipal();
+ clientPrincipal = clientPrincipal.substring(0, clientPrincipal.lastIndexOf("@"));
+ serverPrincipal = serverPrincipal.substring(0, serverPrincipal.lastIndexOf("@"));
+ getKdc().createPrincipal(keytabFile, clientPrincipal, serverPrincipal);
+ // handler
handler = getNewAuthenticationHandler();
Properties props = getDefaultProperties();
try {
@@ -67,18 +80,10 @@ public class TestKerberosAuthenticationH
}
}
- @Override
- protected void tearDown() throws Exception {
- if (handler != null) {
- handler.destroy();
- handler = null;
- }
- super.tearDown();
- }
-
+ @Test(timeout=60000)
public void testNameRules() throws Exception {
KerberosName kn = new KerberosName(KerberosTestUtils.getServerPrincipal());
- assertEquals(KerberosTestUtils.getRealm(), kn.getRealm());
+ Assert.assertEquals(KerberosTestUtils.getRealm(), kn.getRealm());
//destroy handler created in setUp()
handler.destroy();
@@ -93,30 +98,32 @@ public class TestKerberosAuthenticationH
} catch (Exception ex) {
}
kn = new KerberosName("bar@BAR");
- assertEquals("bar", kn.getShortName());
+ Assert.assertEquals("bar", kn.getShortName());
kn = new KerberosName("bar@FOO");
try {
kn.getShortName();
- fail();
+ Assert.fail();
}
catch (Exception ex) {
}
}
-
+
+ @Test(timeout=60000)
public void testInit() throws Exception {
- assertEquals(KerberosTestUtils.getServerPrincipal(), handler.getPrincipal());
- assertEquals(KerberosTestUtils.getKeytabFile(), handler.getKeytab());
+ Assert.assertEquals(KerberosTestUtils.getServerPrincipal(), handler.getPrincipal());
+ Assert.assertEquals(KerberosTestUtils.getKeytabFile(), handler.getKeytab());
}
+ @Test(timeout=60000)
public void testType() throws Exception {
- assertEquals(getExpectedType(), handler.getType());
+ Assert.assertEquals(getExpectedType(), handler.getType());
}
public void testRequestWithoutAuthorization() throws Exception {
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
- assertNull(handler.authenticate(request, response));
+ Assert.assertNull(handler.authenticate(request, response));
Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}
@@ -126,11 +133,12 @@ public class TestKerberosAuthenticationH
HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION)).thenReturn("invalid");
- assertNull(handler.authenticate(request, response));
+ Assert.assertNull(handler.authenticate(request, response));
Mockito.verify(response).setHeader(KerberosAuthenticator.WWW_AUTHENTICATE, KerberosAuthenticator.NEGOTIATE);
Mockito.verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}
+ @Test(timeout=60000)
public void testRequestWithIncompleteAuthorization() throws Exception {
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
@@ -139,15 +147,14 @@ public class TestKerberosAuthenticationH
.thenReturn(KerberosAuthenticator.NEGOTIATE);
try {
handler.authenticate(request, response);
- fail();
+ Assert.fail();
} catch (AuthenticationException ex) {
// Expected
} catch (Exception ex) {
- fail();
+ Assert.fail();
}
}
-
public void testRequestWithAuthorization() throws Exception {
String token = KerberosTestUtils.doAsClient(new Callable<String>() {
@Override
@@ -191,9 +198,9 @@ public class TestKerberosAuthenticationH
Mockito.matches(KerberosAuthenticator.NEGOTIATE + " .*"));
Mockito.verify(response).setStatus(HttpServletResponse.SC_OK);
- assertEquals(KerberosTestUtils.getClientPrincipal(), authToken.getName());
- assertTrue(KerberosTestUtils.getClientPrincipal().startsWith(authToken.getUserName()));
- assertEquals(getExpectedType(), authToken.getType());
+ Assert.assertEquals(KerberosTestUtils.getClientPrincipal(), authToken.getName());
+ Assert.assertTrue(KerberosTestUtils.getClientPrincipal().startsWith(authToken.getUserName()));
+ Assert.assertEquals(getExpectedType(), authToken.getType());
} else {
Mockito.verify(response).setHeader(Mockito.eq(KerberosAuthenticator.WWW_AUTHENTICATE),
Mockito.matches(KerberosAuthenticator.NEGOTIATE + " .*"));
@@ -213,12 +220,19 @@ public class TestKerberosAuthenticationH
try {
handler.authenticate(request, response);
- fail();
+ Assert.fail();
} catch (AuthenticationException ex) {
// Expected
} catch (Exception ex) {
- fail();
+ Assert.fail();
}
}
+ @After
+ public void tearDown() throws Exception {
+ if (handler != null) {
+ handler.destroy();
+ handler = null;
+ }
+ }
}
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestPseudoAuthenticationHandler.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestPseudoAuthenticationHandler.java?rev=1515657&r1=1515656&r2=1515657&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestPseudoAuthenticationHandler.java (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestPseudoAuthenticationHandler.java Mon Aug 19 23:02:24 2013
@@ -14,33 +14,37 @@
package org.apache.hadoop.security.authentication.server;
import org.apache.hadoop.security.authentication.client.AuthenticationException;
-import junit.framework.TestCase;
import org.apache.hadoop.security.authentication.client.PseudoAuthenticator;
+import org.junit.Assert;
+import org.junit.Test;
import org.mockito.Mockito;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Properties;
-public class TestPseudoAuthenticationHandler extends TestCase {
+public class TestPseudoAuthenticationHandler {
+ @Test
public void testInit() throws Exception {
PseudoAuthenticationHandler handler = new PseudoAuthenticationHandler();
try {
Properties props = new Properties();
props.setProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "false");
handler.init(props);
- assertEquals(false, handler.getAcceptAnonymous());
+ Assert.assertEquals(false, handler.getAcceptAnonymous());
} finally {
handler.destroy();
}
}
+ @Test
public void testType() throws Exception {
PseudoAuthenticationHandler handler = new PseudoAuthenticationHandler();
- assertEquals(PseudoAuthenticationHandler.TYPE, handler.getType());
+ Assert.assertEquals(PseudoAuthenticationHandler.TYPE, handler.getType());
}
+ @Test
public void testAnonymousOn() throws Exception {
PseudoAuthenticationHandler handler = new PseudoAuthenticationHandler();
try {
@@ -53,12 +57,13 @@ public class TestPseudoAuthenticationHan
AuthenticationToken token = handler.authenticate(request, response);
- assertEquals(AuthenticationToken.ANONYMOUS, token);
+ Assert.assertEquals(AuthenticationToken.ANONYMOUS, token);
} finally {
handler.destroy();
}
}
+ @Test
public void testAnonymousOff() throws Exception {
PseudoAuthenticationHandler handler = new PseudoAuthenticationHandler();
try {
@@ -70,11 +75,11 @@ public class TestPseudoAuthenticationHan
HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
handler.authenticate(request, response);
- fail();
+ Assert.fail();
} catch (AuthenticationException ex) {
// Expected
} catch (Exception ex) {
- fail();
+ Assert.fail();
} finally {
handler.destroy();
}
@@ -93,19 +98,21 @@ public class TestPseudoAuthenticationHan
AuthenticationToken token = handler.authenticate(request, response);
- assertNotNull(token);
- assertEquals("user", token.getUserName());
- assertEquals("user", token.getName());
- assertEquals(PseudoAuthenticationHandler.TYPE, token.getType());
+ Assert.assertNotNull(token);
+ Assert.assertEquals("user", token.getUserName());
+ Assert.assertEquals("user", token.getName());
+ Assert.assertEquals(PseudoAuthenticationHandler.TYPE, token.getType());
} finally {
handler.destroy();
}
}
+ @Test
public void testUserNameAnonymousOff() throws Exception {
_testUserName(false);
}
+ @Test
public void testUserNameAnonymousOn() throws Exception {
_testUserName(true);
}
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestKerberosName.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestKerberosName.java?rev=1515657&r1=1515656&r2=1515657&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestKerberosName.java (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestKerberosName.java Mon Aug 19 23:02:24 2013
@@ -21,14 +21,19 @@ package org.apache.hadoop.security.authe
import java.io.IOException;
import org.apache.hadoop.security.authentication.KerberosTestUtils;
+import org.junit.After;
import org.junit.Before;
import org.junit.Test;
-import static org.junit.Assert.*;
+
+import org.junit.Assert;
public class TestKerberosName {
@Before
public void setUp() throws Exception {
+ System.setProperty("java.security.krb5.realm", KerberosTestUtils.getRealm());
+ System.setProperty("java.security.krb5.kdc", "localhost:88");
+
String rules =
"RULE:[1:$1@$0](.*@YAHOO\\.COM)s/@.*//\n" +
"RULE:[2:$1](johndoe)s/^.*$/guest/\n" +
@@ -44,7 +49,7 @@ public class TestKerberosName {
KerberosName nm = new KerberosName(from);
String simple = nm.getShortName();
System.out.println("to " + simple);
- assertEquals("short name incorrect", to, simple);
+ Assert.assertEquals("short name incorrect", to, simple);
}
@Test
@@ -61,7 +66,7 @@ public class TestKerberosName {
System.out.println("Checking " + name + " to ensure it is bad.");
try {
new KerberosName(name);
- fail("didn't get exception for " + name);
+ Assert.fail("didn't get exception for " + name);
} catch (IllegalArgumentException iae) {
// PASS
}
@@ -72,7 +77,7 @@ public class TestKerberosName {
KerberosName nm = new KerberosName(from);
try {
nm.getShortName();
- fail("didn't get exception for " + from);
+ Assert.fail("didn't get exception for " + from);
} catch (IOException ie) {
// PASS
}
@@ -85,4 +90,10 @@ public class TestKerberosName {
checkBadTranslation("foo@ACME.COM");
checkBadTranslation("root/joe@FOO.COM");
}
+
+ @After
+ public void clear() {
+ System.clearProperty("java.security.krb5.realm");
+ System.clearProperty("java.security.krb5.kdc");
+ }
}
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestKerberosUtil.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestKerberosUtil.java?rev=1515657&r1=1515656&r2=1515657&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestKerberosUtil.java (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestKerberosUtil.java Mon Aug 19 23:02:24 2013
@@ -16,11 +16,10 @@
*/
package org.apache.hadoop.security.authentication.util;
-import static org.junit.Assert.*;
+import org.junit.Assert;
import java.io.IOException;
-import org.apache.hadoop.security.authentication.util.KerberosUtil;
import org.junit.Test;
public class TestKerberosUtil {
@@ -32,23 +31,23 @@ public class TestKerberosUtil {
String testHost = "FooBar";
// send null hostname
- assertEquals("When no hostname is sent",
+ Assert.assertEquals("When no hostname is sent",
service + "/" + localHostname.toLowerCase(),
KerberosUtil.getServicePrincipal(service, null));
// send empty hostname
- assertEquals("When empty hostname is sent",
+ Assert.assertEquals("When empty hostname is sent",
service + "/" + localHostname.toLowerCase(),
KerberosUtil.getServicePrincipal(service, ""));
// send 0.0.0.0 hostname
- assertEquals("When 0.0.0.0 hostname is sent",
+ Assert.assertEquals("When 0.0.0.0 hostname is sent",
service + "/" + localHostname.toLowerCase(),
KerberosUtil.getServicePrincipal(service, "0.0.0.0"));
// send uppercase hostname
- assertEquals("When uppercase hostname is sent",
+ Assert.assertEquals("When uppercase hostname is sent",
service + "/" + testHost.toLowerCase(),
KerberosUtil.getServicePrincipal(service, testHost));
// send lowercase hostname
- assertEquals("When lowercase hostname is sent",
+ Assert.assertEquals("When lowercase hostname is sent",
service + "/" + testHost.toLowerCase(),
KerberosUtil.getServicePrincipal(service, testHost.toLowerCase()));
}
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestSigner.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestSigner.java?rev=1515657&r1=1515656&r2=1515657&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestSigner.java (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestSigner.java Mon Aug 19 23:02:24 2013
@@ -13,68 +13,75 @@
*/
package org.apache.hadoop.security.authentication.util;
-import junit.framework.TestCase;
+import org.junit.Assert;
+import org.junit.Test;
-public class TestSigner extends TestCase {
+public class TestSigner {
+ @Test
public void testNoSecret() throws Exception {
try {
new Signer(null);
- fail();
+ Assert.fail();
}
catch (IllegalArgumentException ex) {
}
}
+ @Test
public void testNullAndEmptyString() throws Exception {
Signer signer = new Signer("secret".getBytes());
try {
signer.sign(null);
- fail();
+ Assert.fail();
} catch (IllegalArgumentException ex) {
// Expected
} catch (Throwable ex) {
- fail();
+ Assert.fail();
}
try {
signer.sign("");
- fail();
+ Assert.fail();
} catch (IllegalArgumentException ex) {
// Expected
} catch (Throwable ex) {
- fail();
+ Assert.fail();
}
}
+ @Test
public void testSignature() throws Exception {
Signer signer = new Signer("secret".getBytes());
String s1 = signer.sign("ok");
String s2 = signer.sign("ok");
String s3 = signer.sign("wrong");
- assertEquals(s1, s2);
- assertNotSame(s1, s3);
+ Assert.assertEquals(s1, s2);
+ Assert.assertNotSame(s1, s3);
}
+ @Test
public void testVerify() throws Exception {
Signer signer = new Signer("secret".getBytes());
String t = "test";
String s = signer.sign(t);
String e = signer.verifyAndExtract(s);
- assertEquals(t, e);
+ Assert.assertEquals(t, e);
}
+ @Test
public void testInvalidSignedText() throws Exception {
Signer signer = new Signer("secret".getBytes());
try {
signer.verifyAndExtract("test");
- fail();
+ Assert.fail();
} catch (SignerException ex) {
// Expected
} catch (Throwable ex) {
- fail();
+ Assert.fail();
}
}
+ @Test
public void testTampering() throws Exception {
Signer signer = new Signer("secret".getBytes());
String t = "test";
@@ -82,12 +89,11 @@ public class TestSigner extends TestCase
s += "x";
try {
signer.verifyAndExtract(s);
- fail();
+ Assert.fail();
} catch (SignerException ex) {
// Expected
} catch (Throwable ex) {
- fail();
+ Assert.fail();
}
}
-
}
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt?rev=1515657&r1=1515656&r2=1515657&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt Mon Aug 19 23:02:24 2013
@@ -319,6 +319,9 @@ Release 2.3.0 - UNRELEASED
HADOOP-9860. Remove class HackedKeytab and HackedKeytabEncoder from
hadoop-minikdc once jira DIRSERVER-1882 solved. (ywskycn via tucu)
+ HADOOP-9866. convert hadoop-auth testcases requiring kerberos to
+ use minikdc. (ywskycn via tucu)
+
OPTIMIZATIONS
HADOOP-9748. Reduce blocking on UGI.ensureInitialized (daryn)