You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by kl...@apache.org on 2016/03/29 00:48:42 UTC
[8/8] incubator-geode git commit: Tests are passing
Tests are passing
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/4f6a5311
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/4f6a5311
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/4f6a5311
Branch: refs/heads/feature/GEODE-693
Commit: 4f6a5311f17b6014532fd9743d59e45ce0c0c7af
Parents: 5a321ff
Author: Kirk Lund <kl...@apache.org>
Authored: Mon Mar 28 15:48:20 2016 -0700
Committer: Kirk Lund <kl...@apache.org>
Committed: Mon Mar 28 15:48:20 2016 -0700
----------------------------------------------------------------------
.../controllers/RestAPIsWithSSLDUnitTest.java | 1 +
.../security/ClientAuthenticationDUnitTest.java | 888 +-------
.../ClientAuthenticationPart2DUnitTest.java | 96 +-
.../security/ClientAuthenticationTestCase.java | 574 +++++
.../security/ClientAuthenticationUtils.java | 94 +
.../security/ClientAuthorizationDUnitTest.java | 34 +-
.../security/ClientAuthorizationTestBase.java | 759 +++----
.../security/ClientMultiUserAuthzDUnitTest.java | 180 +-
.../DeltaClientAuthorizationDUnitTest.java | 295 +--
.../DeltaClientPostAuthorizationDUnitTest.java | 625 ++----
.../security/P2PAuthenticationDUnitTest.java | 657 +++---
.../gemfire/security/SecurityTestUtil.java | 2011 +++++++++---------
.../ClientAuthorizationTwoDUnitTest.java | 25 +-
.../security/ClientAuthzObjectModDUnitTest.java | 38 +-
.../ClientCQPostAuthorizationDUnitTest.java | 183 +-
.../ClientPostAuthorizationDUnitTest.java | 218 +-
.../gemfire/security/MultiuserAPIDUnitTest.java | 38 +-
.../MultiuserDurableCQAuthzDUnitTest.java | 77 +-
18 files changed, 2875 insertions(+), 3918 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4f6a5311/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java b/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
index 852591f..2217ecc 100644
--- a/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
+++ b/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
@@ -92,6 +92,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
@Override
public final void preSetUp() throws Exception {
disconnectAllFromDS();
+ // add ignoredexception
}
@Override
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4f6a5311/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationDUnitTest.java
index 456a6ed..1744c15 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationDUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationDUnitTest.java
@@ -18,885 +18,77 @@
*/
package com.gemstone.gemfire.security;
-import java.io.IOException;
-import java.util.Properties;
-
-import javax.net.ssl.SSLException;
-import javax.net.ssl.SSLHandshakeException;
+import static com.gemstone.gemfire.security.SecurityTestUtil.*;
+import static com.gemstone.gemfire.test.dunit.Assert.*;
-import com.gemstone.gemfire.security.generator.CredentialGenerator;
-import com.gemstone.gemfire.security.generator.CredentialGenerator.ClassCode;
+import java.util.Properties;
import com.gemstone.gemfire.cache.Region;
import com.gemstone.gemfire.distributed.internal.DistributionConfig;
-import com.gemstone.gemfire.internal.AvailablePort;
-import com.gemstone.gemfire.security.generator.DummyCredentialGenerator;
-import com.gemstone.gemfire.test.dunit.DistributedTestCase;
-import com.gemstone.gemfire.test.dunit.Host;
-import com.gemstone.gemfire.test.dunit.IgnoredException;
-import com.gemstone.gemfire.test.dunit.LogWriterUtils;
-import com.gemstone.gemfire.test.dunit.VM;
-import com.gemstone.gemfire.test.dunit.Wait;
+import com.gemstone.gemfire.test.junit.categories.DistributedTest;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
/**
* Test for authentication from client to server. This tests for both valid and
* invalid credentials/modules. It also checks for authentication
* success/failure in case of failover and for the notification channel.
*
- * @author sumedh
* @since 5.5
*/
-public class ClientAuthenticationDUnitTest extends DistributedTestCase {
-
- /** constructor */
- public ClientAuthenticationDUnitTest(String name) {
- super(name);
- }
-
- private VM server1 = null;
-
- private VM server2 = null;
-
- private VM client1 = null;
-
- private VM client2 = null;
-
- private static final String[] serverExpectedExceptions = {
- AuthenticationRequiredException.class.getName(),
- AuthenticationFailedException.class.getName(),
- GemFireSecurityException.class.getName(),
- ClassNotFoundException.class.getName(), IOException.class.getName(),
- SSLException.class.getName(), SSLHandshakeException.class.getName() };
-
- private static final String[] clientExpectedExceptions = {
- AuthenticationRequiredException.class.getName(),
- AuthenticationFailedException.class.getName(),
- SSLHandshakeException.class.getName() };
-
- @Override
- public final void postSetUp() throws Exception {
- final Host host = Host.getHost(0);
- server1 = host.getVM(0);
- server2 = host.getVM(1);
- client1 = host.getVM(2);
- client2 = host.getVM(3);
-
- IgnoredException.addIgnoredException("Connection refused: connect");
-
- server1.invoke(() -> SecurityTestUtil.registerExpectedExceptions( serverExpectedExceptions ));
- server2.invoke(() -> SecurityTestUtil.registerExpectedExceptions( serverExpectedExceptions ));
- client1.invoke(() -> SecurityTestUtil.registerExpectedExceptions( clientExpectedExceptions ));
- client2.invoke(() -> SecurityTestUtil.registerExpectedExceptions( clientExpectedExceptions ));
- }
-
- // Region: Utility and static functions invoked by the tests
-
- public static Integer createCacheServer(Object dsPort, Object locatorString,
- Object authenticator, Object extraProps, Object javaProps) {
-
- Properties authProps;
- if (extraProps == null) {
- authProps = new Properties();
- }
- else {
- authProps = (Properties)extraProps;
- }
- if (authenticator != null) {
- authProps.setProperty(
- DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME, authenticator
- .toString());
- }
- return SecurityTestUtil.createCacheServer(authProps, javaProps,
- (Integer)dsPort, (String)locatorString, null, new Integer(
- SecurityTestUtil.NO_EXCEPTION));
- }
-
- public static void createCacheServer(Object dsPort, Object locatorString,
- Integer serverPort, Object authenticator, Object extraProps,
- Object javaProps) {
-
- Properties authProps;
- if (extraProps == null) {
- authProps = new Properties();
- }
- else {
- authProps = (Properties)extraProps;
- }
- if (authenticator != null) {
- authProps.setProperty(
- DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME, authenticator
- .toString());
- }
- SecurityTestUtil.createCacheServer(authProps, javaProps, (Integer)dsPort,
- (String)locatorString, serverPort, new Integer(
- SecurityTestUtil.NO_EXCEPTION));
- }
-
- private static void createCacheClient(Object authInit, Properties authProps,
- Properties javaProps, Integer[] ports, Object numConnections,
- Boolean multiUserMode, Boolean subscriptionEnabled, Integer expectedResult) {
-
- String authInitStr = (authInit == null ? null : authInit.toString());
- SecurityTestUtil.createCacheClient(authInitStr, authProps, javaProps,
- ports, (Integer)numConnections, Boolean.FALSE,
- multiUserMode.toString(), subscriptionEnabled, expectedResult);
- }
-
- public static void createCacheClient(Object authInit, Object authProps,
- Object javaProps, Integer[] ports, Object numConnections,
- Boolean multiUserMode, Integer expectedResult) {
-
- createCacheClient(authInit, (Properties)authProps, (Properties)javaProps,
- ports, numConnections, multiUserMode, Boolean.TRUE, expectedResult);
- }
-
- public static void createCacheClient(Object authInit, Object authProps,
- Object javaProps, Integer port1, Object numConnections,
- Integer expectedResult) {
-
- createCacheClient(authInit, (Properties)authProps, (Properties)javaProps,
- new Integer[] { port1 }, numConnections, Boolean.FALSE, Boolean.TRUE,
- expectedResult);
- }
-
- public static void createCacheClient(Object authInit, Object authProps,
- Object javaProps, Integer port1, Integer port2, Object numConnections,
- Integer expectedResult) {
- createCacheClient(authInit, authProps, javaProps, port1, port2,
- numConnections, Boolean.FALSE, expectedResult);
- }
-
- public static void createCacheClient(Object authInit, Object authProps,
- Object javaProps, Integer port1, Integer port2, Object numConnections,
- Boolean multiUserMode, Integer expectedResult) {
-
- createCacheClient(authInit, authProps, javaProps,
- port1, port2, numConnections, multiUserMode, Boolean.TRUE,
- expectedResult);
- }
-
- public static void createCacheClient(Object authInit, Object authProps,
- Object javaProps, Integer port1, Integer port2, Object numConnections,
- Boolean multiUserMode, Boolean subscriptionEnabled,
- Integer expectedResult) {
-
- createCacheClient(authInit, (Properties)authProps, (Properties)javaProps,
- new Integer[] { port1, port2 }, numConnections, multiUserMode,
- subscriptionEnabled, expectedResult);
- }
-
- public static void registerAllInterest() {
-
- Region region = SecurityTestUtil.getCache().getRegion(
- SecurityTestUtil.regionName);
- assertNotNull(region);
- region.registerInterestRegex(".*");
- }
-
- // End Region: Utility and static functions invoked by the tests
-
- // Region: Tests
-
- public void testValidCredentials() {
- itestValidCredentials(Boolean.FALSE);
- }
-
- public void itestValidCredentials(Boolean multiUser) {
- CredentialGenerator gen = new DummyCredentialGenerator();
- Properties extraProps = gen.getSystemProperties();
- Properties javaProps = gen.getJavaProperties();
- String authenticator = gen.getAuthenticator();
- String authInit = gen.getAuthInit();
-
- LogWriterUtils.getLogWriter().info(
- "testValidCredentials: Using scheme: " + gen.classCode());
- LogWriterUtils.getLogWriter().info(
- "testValidCredentials: Using authenticator: " + authenticator);
- LogWriterUtils.getLogWriter().info("testValidCredentials: Using authinit: " + authInit);
-
- // Start the servers
- Integer locPort1 = SecurityTestUtil.getLocatorPort();
- Integer locPort2 = SecurityTestUtil.getLocatorPort();
- String locString = SecurityTestUtil.getLocatorString();
- Integer port1 = (Integer)server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, authenticator, extraProps,
- javaProps ));
- Integer port2 = (Integer)server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, authenticator, extraProps,
- javaProps ));
-
- // Start the clients with valid credentials
- Properties credentials1 = gen.getValidCredentials(1);
- Properties javaProps1 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testValidCredentials: For first client credentials: " + credentials1
- + " : " + javaProps1);
- Properties credentials2 = gen.getValidCredentials(2);
- Properties javaProps2 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testValidCredentials: For second client credentials: "
- + credentials2 + " : " + javaProps2);
- createClientsNoException(multiUser, authInit, port1, port2, credentials1,
- javaProps1, credentials2, javaProps2);
-
- // Perform some put operations from client1
- client1.invoke(() -> SecurityTestUtil.doPuts( new Integer(2) ));
-
- // Verify that the puts succeeded
- client2.invoke(() -> SecurityTestUtil.doGets( new Integer(2) ));
-
- if (multiUser) {
- client1.invoke(() -> SecurityTestUtil.doProxyCacheClose());
- client2.invoke(() -> SecurityTestUtil.doProxyCacheClose());
- client1.invoke(() -> SecurityTestUtil.doSimplePut("CacheClosedException"));
- client2.invoke(() -> SecurityTestUtil.doSimpleGet("CacheClosedException"));
- }
- }
-
- public void testNoCredentials() {
- itestNoCredentials(Boolean.FALSE);
- }
-
- public void itestNoCredentials(Boolean multiUser) {
- CredentialGenerator gen = new DummyCredentialGenerator();
- Properties extraProps = gen.getSystemProperties();
- Properties javaProps = gen.getJavaProperties();
- String authenticator = gen.getAuthenticator();
- String authInit = gen.getAuthInit();
-
- LogWriterUtils.getLogWriter()
- .info("testNoCredentials: Using scheme: " + gen.classCode());
- LogWriterUtils.getLogWriter().info(
- "testNoCredentials: Using authenticator: " + authenticator);
- LogWriterUtils.getLogWriter().info("testNoCredentials: Using authinit: " + authInit);
-
- // Start the servers
- Integer locPort1 = SecurityTestUtil.getLocatorPort();
- Integer locPort2 = SecurityTestUtil.getLocatorPort();
- String locString = SecurityTestUtil.getLocatorString();
- Integer port1 = createServer1(extraProps, javaProps, authenticator,
- locPort1, locString);
- Integer port2 = ((Integer)server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, authenticator, extraProps,
- javaProps )));
-
- // Start first client with valid credentials
- Properties credentials1 = gen.getValidCredentials(1);
- Properties javaProps1 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testNoCredentials: For first client credentials: " + credentials1
- + " : " + javaProps1);
- createClient1NoException(multiUser, authInit, port1, port2, credentials1,
- javaProps1);
-
- // Perform some put operations from client1
- client1.invoke(() -> SecurityTestUtil.doPuts( new Integer(2) ));
-
- // Trying to create the region on client2
- if (gen.classCode().equals(ClassCode.SSL)) {
- // For SSL the exception may not come since the server can close socket
- // before handshake message is sent from client. However exception
- // should come in any region operations.
- client2
- .invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, null, null, port1, port2, null, multiUser,
- new Integer(SecurityTestUtil.NO_EXCEPTION) ));
- client2.invoke(() -> SecurityTestUtil.doPuts(
- new Integer(2), new Integer(SecurityTestUtil.OTHER_EXCEPTION) ));
- }
- else {
- client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, null, null, port1, port2,
- null, multiUser, new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
- }
- }
-
- public void testInvalidCredentials() {
- itestInvalidCredentials(Boolean.FALSE);
- }
-
- public void itestInvalidCredentials(Boolean multiUser) {
-
-
- CredentialGenerator gen = new DummyCredentialGenerator();
- Properties extraProps = gen.getSystemProperties();
- Properties javaProps = gen.getJavaProperties();
- String authenticator = gen.getAuthenticator();
- String authInit = gen.getAuthInit();
-
- LogWriterUtils.getLogWriter().info(
- "testInvalidCredentials: Using scheme: " + gen.classCode());
- LogWriterUtils.getLogWriter().info(
- "testInvalidCredentials: Using authenticator: " + authenticator);
- LogWriterUtils.getLogWriter()
- .info("testInvalidCredentials: Using authinit: " + authInit);
-
- // Start the servers
- Integer locPort1 = SecurityTestUtil.getLocatorPort();
- Integer locPort2 = SecurityTestUtil.getLocatorPort();
- String locString = SecurityTestUtil.getLocatorString();
- Integer port1 = createServer1(extraProps, javaProps, authenticator,
- locPort1, locString);
- Integer port2 = ((Integer)server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, authenticator, extraProps,
- javaProps )));
-
- // Start first client with valid credentials
- Properties credentials1 = gen.getValidCredentials(1);
- Properties javaProps1 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testInvalidCredentials: For first client credentials: "
- + credentials1 + " : " + javaProps1);
- createClient1NoException(multiUser, authInit, port1, port2, credentials1,
- javaProps1);
-
- // Perform some put operations from client1
- client1.invoke(() -> SecurityTestUtil.doPuts( new Integer(2) ));
-
- // Start second client with invalid credentials
- // Trying to create the region on client2 should throw a security
- // exception
- Properties credentials2 = gen.getInvalidCredentials(1);
- Properties javaProps2 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testInvalidCredentials: For second client credentials: "
- + credentials2 + " : " + javaProps2);
- client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials2, javaProps2, port1, port2,
- null, multiUser, new Integer(SecurityTestUtil.AUTHFAIL_EXCEPTION) ));
- }
-
- public void testInvalidAuthInit() {
- itestInvalidAuthInit(Boolean.FALSE);
- }
+@Category(DistributedTest.class)
+public class ClientAuthenticationDUnitTest extends ClientAuthenticationTestCase {
- public void itestInvalidAuthInit(Boolean multiUser) {
-
- CredentialGenerator gen = new DummyCredentialGenerator();
- Properties extraProps = gen.getSystemProperties();
- Properties javaProps = gen.getJavaProperties();
- String authenticator = gen.getAuthenticator();
-
- LogWriterUtils.getLogWriter().info(
- "testInvalidAuthInit: Using scheme: " + gen.classCode());
- LogWriterUtils.getLogWriter().info(
- "testInvalidAuthInit: Using authenticator: " + authenticator);
-
- // Start the server
- Integer locPort1 = SecurityTestUtil.getLocatorPort();
- String locString = SecurityTestUtil.getLocatorString();
- Integer port1 = createServer1(extraProps, javaProps, authenticator,
- locPort1, locString);
-
- Properties credentials = gen.getValidCredentials(1);
- javaProps = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testInvalidAuthInit: For first client credentials: " + credentials
- + " : " + javaProps);
- client1.invoke(ClientAuthenticationDUnitTest.class, "createCacheClient",
- new Object[] { "com.gemstone.none", credentials, javaProps,
- new Integer[] { port1 }, null, multiUser,
- Integer.valueOf(SecurityTestUtil.AUTHREQ_EXCEPTION) });
- }
-
- protected Integer createServer1(Properties extraProps, Properties javaProps,
- String authenticator, Integer locPort1, String locString) {
- Integer port1 = ((Integer)server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, authenticator, extraProps,
- javaProps )));
- return port1;
- }
-
- public void testNoAuthInitWithCredentials() {
- itestNoAuthInitWithCredentials(Boolean.FALSE);
- }
-
- public void itestNoAuthInitWithCredentials(Boolean multiUser) {
-
- CredentialGenerator gen = new DummyCredentialGenerator();
- Properties extraProps = gen.getSystemProperties();
- Properties javaProps = gen.getJavaProperties();
- String authenticator = gen.getAuthenticator();
-
-
- LogWriterUtils.getLogWriter().info(
- "testNoAuthInitWithCredentials: Using scheme: " + gen.classCode());
- LogWriterUtils.getLogWriter().info(
- "testNoAuthInitWithCredentials: Using authenticator: "
- + authenticator);
-
- // Start the servers
- Integer locPort1 = SecurityTestUtil.getLocatorPort();
- Integer locPort2 = SecurityTestUtil.getLocatorPort();
- String locString = SecurityTestUtil.getLocatorString();
- Integer port1 = createServer1(extraProps, javaProps, authenticator,
- locPort1, locString);
- Integer port2 = ((Integer)server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, authenticator, extraProps,
- javaProps )));
-
- // Start the clients with valid credentials
- Properties credentials1 = gen.getValidCredentials(1);
- Properties javaProps1 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testNoAuthInitWithCredentials: For first client credentials: "
- + credentials1 + " : " + javaProps1);
- Properties credentials2 = gen.getValidCredentials(2);
- Properties javaProps2 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testNoAuthInitWithCredentials: For second client credentials: "
- + credentials2 + " : " + javaProps2);
- client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, credentials1, javaProps1, port1, port2, null,
- multiUser, new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
- client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, credentials2, javaProps2, port1, port2, null,
- multiUser, new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
- client2.invoke(() -> SecurityTestUtil.closeCache());
-
-
- // Now also try with invalid credentials
- Properties credentials3 = gen.getInvalidCredentials(5);
- Properties javaProps3 = gen.getJavaProperties();
- client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, credentials3, javaProps3, port1, port2, null,
- multiUser, new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
- }
-
- public void testInvalidAuthenticator() {
- itestInvalidAuthenticator(Boolean.FALSE);
- }
-
- public void itestInvalidAuthenticator(Boolean multiUser) {
-
- CredentialGenerator gen = new DummyCredentialGenerator();
- Properties extraProps = gen.getSystemProperties();
- Properties javaProps = gen.getJavaProperties();
- String authInit = gen.getAuthInit();
-
- LogWriterUtils.getLogWriter().info(
- "testInvalidAuthenticator: Using scheme: " + gen.classCode());
- LogWriterUtils.getLogWriter().info(
- "testInvalidAuthenticator: Using authinit: " + authInit);
-
- // Start the server with invalid authenticator
- Integer locPort1 = SecurityTestUtil.getLocatorPort();
- String locString = SecurityTestUtil.getLocatorString();
- Integer port1 = (Integer)server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, "com.gemstone.gemfire.none",
- extraProps, javaProps ));
-
- // Trying to create the region on client should throw a security exception
- Properties credentials2 = gen.getValidCredentials(1);
- Properties javaProps2 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testInvalidAuthenticator: For first client credentials: "
- + credentials2 + " : " + javaProps2);
- client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials2, javaProps2, port1, null,
- new Integer(SecurityTestUtil.AUTHFAIL_EXCEPTION) ));
- client1.invoke(() -> SecurityTestUtil.closeCache());
-
-
- // Also test with invalid credentials
- Properties credentials3 = gen.getInvalidCredentials(1);
- Properties javaProps3 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testInvalidAuthenticator: For first client credentials: "
- + credentials3 + " : " + javaProps3);
- client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials3, javaProps3, port1, null,
- new Integer(SecurityTestUtil.AUTHFAIL_EXCEPTION) ));
- }
-
- public void testNoAuthenticatorWithCredentials() {
- itestNoAuthenticatorWithCredentials(Boolean.FALSE);
- }
-
- public void itestNoAuthenticatorWithCredentials(Boolean multiUser) {
-
- CredentialGenerator gen = new DummyCredentialGenerator();
- Properties extraProps = gen.getSystemProperties();
- Properties javaProps = gen.getJavaProperties();
- String authenticator = gen.getAuthenticator();
- String authInit = gen.getAuthInit();
-
- LogWriterUtils.getLogWriter().info(
- "testNoAuthenticatorWithCredentials: Using scheme: "
- + gen.classCode());
- LogWriterUtils.getLogWriter().info(
- "testNoAuthenticatorWithCredentials: Using authinit: " + authInit);
-
- // Start the servers with no authenticator
- Integer locPort1 = SecurityTestUtil.getLocatorPort();
- Integer locPort2 = SecurityTestUtil.getLocatorPort();
- String locString = SecurityTestUtil.getLocatorString();
- Integer port1 = (Integer)server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, null, extraProps, javaProps ));
- Integer port2 = (Integer)server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, null, extraProps, javaProps ));
-
- // Clients should connect successfully and work properly with
- // valid/invalid credentials when none are required on the server side
- Properties credentials1 = gen.getValidCredentials(3);
- Properties javaProps1 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testNoAuthenticatorWithCredentials: For first client credentials: "
- + credentials1 + " : " + javaProps1);
- Properties credentials2 = gen.getInvalidCredentials(5);
- Properties javaProps2 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testNoAuthenticatorWithCredentials: For second client credentials: "
- + credentials2 + " : " + javaProps2);
- createClientsNoException(multiUser, authInit, port1, port2, credentials1,
- javaProps1, credentials2, javaProps2);
-
- // Perform some put operations from client1
- client1.invoke(() -> SecurityTestUtil.doPuts( new Integer(2) ));
-
- // Verify that the puts succeeded
- client2.invoke(() -> SecurityTestUtil.doGets( new Integer(2) ));
- }
-
- public void testCredentialsWithFailover() {
- itestCredentialsWithFailover(Boolean.FALSE);
+ @Test
+ public void testValidCredentials() throws Exception {
+ doTestValidCredentials(Boolean.FALSE);
}
- public void itestCredentialsWithFailover(Boolean multiUser) {
- CredentialGenerator gen = new DummyCredentialGenerator();
- Properties extraProps = gen.getSystemProperties();
- Properties javaProps = gen.getJavaProperties();
- String authenticator = gen.getAuthenticator();
- String authInit = gen.getAuthInit();
-
- LogWriterUtils.getLogWriter().info(
- "testCredentialsWithFailover: Using scheme: " + gen.classCode());
- LogWriterUtils.getLogWriter().info(
- "testCredentialsWithFailover: Using authenticator: " + authenticator);
- LogWriterUtils.getLogWriter().info(
- "testCredentialsWithFailover: Using authinit: " + authInit);
-
- // Start the first server
- Integer locPort1 = SecurityTestUtil.getLocatorPort();
- Integer locPort2 = SecurityTestUtil.getLocatorPort();
- String locString = SecurityTestUtil.getLocatorString();
- Integer port1 = (Integer)server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, authenticator, extraProps,
- javaProps ));
- // Get a port for second server but do not start it
- // This forces the clients to connect to the first server
- Integer port2 = new Integer(AvailablePort
- .getRandomAvailablePort(AvailablePort.SOCKET));
-
- // Start the clients with valid credentials
- Properties credentials1 = gen.getValidCredentials(5);
- Properties javaProps1 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testCredentialsWithFailover: For first client credentials: "
- + credentials1 + " : " + javaProps1);
- Properties credentials2 = gen.getValidCredentials(6);
- Properties javaProps2 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testCredentialsWithFailover: For second client credentials: "
- + credentials2 + " : " + javaProps2);
- createClientsNoException(multiUser, authInit, port1, port2, credentials1,
- javaProps1, credentials2, javaProps2);
-
- // Perform some put operations from client1
- client1.invoke(() -> SecurityTestUtil.doPuts( new Integer(2) ));
- // Verify that the puts succeeded
- client2.invoke(() -> SecurityTestUtil.doGets( new Integer(2) ));
-
- // start the second one and stop the first server to force a failover
- server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, port2, authenticator, extraProps,
- javaProps ));
- server1.invoke(() -> SecurityTestUtil.closeCache());
-
- // Perform some create/update operations from client1
- client1.invoke(() -> SecurityTestUtil.doNPuts( new Integer(4) ));
- // Verify that the creates/updates succeeded
- client2.invoke(() -> SecurityTestUtil.doNGets( new Integer(4) ));
-
- // Try to connect client2 with no credentials
- // Verify that the creation of region throws security exception
- if (gen.classCode().equals(ClassCode.SSL)) {
- // For SSL the exception may not come since the server can close socket
- // before handshake message is sent from client. However exception
- // should come in any region operations.
- client2
- .invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, null, null, port1, port2, null, multiUser,
- new Integer(SecurityTestUtil.NOFORCE_AUTHREQ_EXCEPTION) ));
- client2.invoke(() -> SecurityTestUtil.doPuts(
- new Integer(2), new Integer(SecurityTestUtil.OTHER_EXCEPTION) ));
- }
- else {
- client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, null, null, port1, port2,
- null, multiUser, new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
- }
-
- // Now try to connect client1 with invalid credentials
- // Verify that the creation of region throws security exception
- Properties credentials3 = gen.getInvalidCredentials(7);
- Properties javaProps3 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testCredentialsWithFailover: For first client invalid credentials: "
- + credentials3 + " : " + javaProps3);
- client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials3, javaProps3, port1, port2,
- null, multiUser, new Integer(SecurityTestUtil.AUTHFAIL_EXCEPTION) ));
-
- if (multiUser) {
- client1.invoke(() -> SecurityTestUtil.doProxyCacheClose());
- client2.invoke(() -> SecurityTestUtil.doProxyCacheClose());
- client1.invoke(() -> SecurityTestUtil.doSimplePut("CacheClosedException"));
- client2.invoke(() -> SecurityTestUtil.doSimpleGet("CacheClosedException"));
- }
+ @Test
+ public void testNoCredentials() throws Exception {
+ doTestNoCredentials(Boolean.FALSE);
}
- protected void createClientsNoException(Boolean multiUser, String authInit,
- Integer port1, Integer port2, Properties credentials1,
- Properties javaProps1, Properties credentials2, Properties javaProps2) {
- createClient1NoException(multiUser, authInit, port1, port2, credentials1,
- javaProps1);
- client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials2, javaProps2, port1, port2,
- null, multiUser, new Integer(SecurityTestUtil.NO_EXCEPTION) ));
+ @Test
+ public void testInvalidCredentials() throws Exception {
+ doTestInvalidCredentials(Boolean.FALSE);
}
- public void testCredentialsForNotifications() {
- itestCredentialsForNotifications(Boolean.FALSE);
+ @Test
+ public void testInvalidAuthInit() throws Exception {
+ doTestInvalidAuthInit(Boolean.FALSE);
}
- public void itestCredentialsForNotifications(Boolean multiUser) {
- CredentialGenerator gen = new DummyCredentialGenerator();
- Properties extraProps = gen.getSystemProperties();
- Properties javaProps = gen.getJavaProperties();
- String authenticator = gen.getAuthenticator();
- String authInit = gen.getAuthInit();
-
- LogWriterUtils.getLogWriter().info(
- "testCredentialsForNotifications: Using scheme: " + gen.classCode());
- LogWriterUtils.getLogWriter().info(
- "testCredentialsForNotifications: Using authenticator: "
- + authenticator);
- LogWriterUtils.getLogWriter().info(
- "testCredentialsForNotifications: Using authinit: " + authInit);
-
- // Start the first server
- Integer locPort1 = SecurityTestUtil.getLocatorPort();
- Integer locPort2 = SecurityTestUtil.getLocatorPort();
- String locString = SecurityTestUtil.getLocatorString();
- Integer port1 = (Integer)server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, authenticator, extraProps,
- javaProps ));
- // Get a port for second server but do not start it
- // This forces the clients to connect to the first server
- Integer port2 = new Integer(AvailablePort
- .getRandomAvailablePort(AvailablePort.SOCKET));
-
- // Start the clients with valid credentials
- Properties credentials1 = gen.getValidCredentials(3);
- Properties javaProps1 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testCredentialsForNotifications: For first client credentials: "
- + credentials1 + " : " + javaProps1);
- Properties credentials2 = gen.getValidCredentials(4);
- Properties javaProps2 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testCredentialsForNotifications: For second client credentials: "
- + credentials2 + " : " + javaProps2);
- createClient1NoException(multiUser, authInit, port1, port2, credentials1,
- javaProps1);
- // Set up zero forward connections to check notification handshake only
- Object zeroConns = new Integer(0);
- createClient2NoException(multiUser, authInit, port1, port2, credentials2,
- javaProps2, zeroConns);
-
- // Register interest on all keys on second client
- client2
- .invoke(() -> ClientAuthenticationDUnitTest.registerAllInterest());
-
- // Perform some put operations from client1
- client1.invoke(() -> SecurityTestUtil.doPuts( new Integer(2) ));
-
- // Verify that the puts succeeded
- client2.invoke(() -> SecurityTestUtil.doLocalGets( new Integer(2) ));
-
- // start the second one and stop the first server to force a failover
- server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, port2, authenticator, extraProps,
- javaProps ));
- server1.invoke(() -> SecurityTestUtil.closeCache());
-
- // Wait for failover to complete
- Wait.pause(500);
-
- // Perform some create/update operations from client1
- client1.invoke(() -> SecurityTestUtil.doNPuts( new Integer(4) ));
- // Verify that the creates/updates succeeded
- client2.invoke(() -> SecurityTestUtil.doNLocalGets( new Integer(4) ));
-
- // Try to connect client1 with no credentials
- // Verify that the creation of region throws security exception
- server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, port1, authenticator, extraProps,
- javaProps ));
- if (gen.classCode().equals(ClassCode.SSL)) {
- // For SSL the exception may not come since the server can close socket
- // before handshake message is sent from client. However exception
- // should come in any region operations.
- client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, null, null, port1, port2,
- zeroConns, multiUser,
- new Integer(SecurityTestUtil.NOFORCE_AUTHREQ_EXCEPTION) ));
- client1.invoke(() -> SecurityTestUtil.doPuts(
- new Integer(2), new Integer(SecurityTestUtil.OTHER_EXCEPTION) ));
- }
- else {
- client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, null, null, port1, port2,
- zeroConns, multiUser, new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
- }
-
- // Now try to connect client2 with invalid credentials
- // Verify that the creation of region throws security exception
- credentials2 = gen.getInvalidCredentials(3);
- javaProps2 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testCredentialsForNotifications: For second client invalid credentials: "
- + credentials2 + " : " + javaProps2);
- createClient2WithException(multiUser, authInit, port1, port2,
- credentials2, javaProps2, zeroConns);
-
- // Now try to connect client2 with invalid auth-init method
- // Trying to create the region on client with valid credentials should
- // throw a security exception
- client2
- .invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( "com.gemstone.none", credentials1, javaProps1,
- port1, port2, zeroConns, multiUser,
- new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
-
- // Now start the servers with invalid authenticator method.
- // Skip this test for a scheme which does not have an authInit in the
- // first place (e.g. SSL) since that will fail with AuthReqEx before
- // authenticator is even invoked.
- if (authInit != null && authInit.length() > 0) {
- server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, port1,
- "com.gemstone.gemfire.none", extraProps, javaProps ));
- server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, port2,
- "com.gemstone.gemfire.none", extraProps, javaProps ));
-
- createClient2WithException(multiUser, authInit, port1, port2,
- credentials1, javaProps1, zeroConns);
- createClient1WithException(multiUser, authInit, port1, port2,
- credentials2, javaProps2, zeroConns);
- }
- else {
- LogWriterUtils.getLogWriter().info(
- "testCredentialsForNotifications: Skipping invalid authenticator for scheme ["
- + gen.classCode() + "] which has no authInit");
- }
-
- // Try connection with null auth-init on clients.
- // Skip this test for a scheme which does not have an authInit in the
- // first place (e.g. SSL).
- if (authInit != null && authInit.length() > 0) {
- server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, port1,
- authenticator, extraProps, javaProps ));
- server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, port2,
- authenticator, extraProps, javaProps ));
- client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, credentials1, javaProps1,
- port1, port2, null, multiUser,
- new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
- createClient2AuthReqException(multiUser, port1, port2, credentials2,
- javaProps2, zeroConns);
-
- createClient2AuthReqException(multiUser, port1, port2, credentials2,
- javaProps2, zeroConns);
- }
- else {
- LogWriterUtils.getLogWriter().info(
- "testCredentialsForNotifications: Skipping null authInit for scheme ["
- + gen.classCode() + "] which has no authInit");
- }
-
- // Try connection with null authenticator on server and sending
- // valid/invalid credentials.
- // If the scheme does not have an authenticator in the first place (e.g.
- // SSL) then skip it since this test is useless.
- if (authenticator != null && authenticator.length() > 0) {
- server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, port1,
- null, extraProps, javaProps ));
- server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, port2,
- null, extraProps, javaProps ));
- createClient1NoException(multiUser, authInit, port1, port2,
- credentials1, javaProps1);
- createClient2NoException(multiUser, authInit, port1, port2,
- credentials2, javaProps2, zeroConns);
-
- // Register interest on all keys on second client
- client2.invoke(() -> ClientAuthenticationDUnitTest.registerAllInterest());
-
- // Perform some put operations from client1
- client1.invoke(() -> SecurityTestUtil.doPuts( new Integer(4) ));
-
- // Verify that the puts succeeded
- client2.invoke(() -> SecurityTestUtil.doLocalGets( new Integer(4) ));
-
- // Now also try with valid credentials on client2
- createClient1NoException(multiUser, authInit, port1, port2,
- credentials2, javaProps2);
- createClient2NoException(multiUser, authInit, port1, port2,
- credentials1, javaProps1, zeroConns);
-
- // Register interest on all keys on second client
- client2.invoke(() -> ClientAuthenticationDUnitTest.registerAllInterest());
-
- // Perform some put operations from client1
- client1.invoke(() -> SecurityTestUtil.doNPuts( new Integer(4) ));
-
- // Verify that the puts succeeded
- client2.invoke(() -> SecurityTestUtil.doNLocalGets( new Integer(4) ));
- }
- else {
- LogWriterUtils.getLogWriter().info(
- "testCredentialsForNotifications: Skipping scheme ["
- + gen.classCode() + "] which has no authenticator");
- }
+ @Test
+ public void testNoAuthInitWithCredentials() throws Exception {
+ doTestNoAuthInitWithCredentials(Boolean.FALSE);
}
- protected void createClient1NoException(Boolean multiUser, String authInit,
- Integer port1, Integer port2, Properties credentials2,
- Properties javaProps2) {
- client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials2,
- javaProps2, port1, port2, null, multiUser,
- new Integer(SecurityTestUtil.NO_EXCEPTION) ));
+ @Test
+ public void testInvalidAuthenticator() throws Exception {
+ doTestInvalidAuthenticator(Boolean.FALSE);
}
- protected void createClient2AuthReqException(Boolean multiUser, Integer port1,
- Integer port2, Properties credentials2, Properties javaProps2,
- Object zeroConns) {
- client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, credentials2, javaProps2,
- port1, port2, zeroConns, multiUser,
- new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
+ @Test
+ public void testNoAuthenticatorWithCredentials() throws Exception {
+ doTestNoAuthenticatorWithCredentials(Boolean.FALSE);
}
- protected void createClient1WithException(Boolean multiUser, String authInit,
- Integer port1, Integer port2, Properties credentials2,
- Properties javaProps2, Object zeroConns) {
- client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials2,
- javaProps2, port1, port2, zeroConns, multiUser,
- new Integer(SecurityTestUtil.AUTHFAIL_EXCEPTION) ));
+ @Test
+ public void testCredentialsWithFailover() throws Exception {
+ doTestCredentialsWithFailover(Boolean.FALSE);
}
- protected void createClient2WithException(Boolean multiUser, String authInit,
- Integer port1, Integer port2, Properties credentials2,
- Properties javaProps2, Object zeroConns) {
- client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials2, javaProps2, port1, port2,
- zeroConns, multiUser, new Integer(SecurityTestUtil.AUTHFAIL_EXCEPTION) ));
+ @Test
+ public void testCredentialsForNotifications() throws Exception {
+ doTestCredentialsForNotifications(Boolean.FALSE);
}
- protected void createClient2NoException(Boolean multiUser, String authInit,
- Integer port1, Integer port2, Properties credentials2,
- Properties javaProps2, Object zeroConns) {
- client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials2, javaProps2, port1, port2,
- zeroConns, multiUser, new Integer(SecurityTestUtil.NO_EXCEPTION) ));
+ @Ignore("Disabled for unknown reason")
+ @Test
+ public void testValidCredentialsForMultipleUsers() throws Exception {
+ doTestValidCredentials(Boolean.TRUE);
}
- //////////////////////////////////////////////////////////////////////////////
- // Tests for MULTI_USER_MODE start here
- //////////////////////////////////////////////////////////////////////////////
-
- public void xtestValidCredentialsForMultipleUsers() {
- itestValidCredentials(Boolean.TRUE);
- }
-
- //////////////////////////////////////////////////////////////////////////////
- // Tests for MULTI_USER_MODE end here
- //////////////////////////////////////////////////////////////////////////////
-
- @Override
- public final void preTearDown() throws Exception {
- // close the clients first
- client1.invoke(() -> SecurityTestUtil.closeCache());
- client2.invoke(() -> SecurityTestUtil.closeCache());
- // then close the servers
- server1.invoke(() -> SecurityTestUtil.closeCache());
- server2.invoke(() -> SecurityTestUtil.closeCache());
- }
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4f6a5311/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationPart2DUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationPart2DUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationPart2DUnitTest.java
index 138114a..540632a 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationPart2DUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationPart2DUnitTest.java
@@ -1,6 +1,3 @@
-
-package com.gemstone.gemfire.security;
-
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
@@ -9,9 +6,9 @@ package com.gemstone.gemfire.security;
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -19,70 +16,59 @@ package com.gemstone.gemfire.security;
* specific language governing permissions and limitations
* under the License.
*/
+package com.gemstone.gemfire.security;
+import com.gemstone.gemfire.test.junit.categories.DistributedTest;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
/**
* this class contains test methods that used to be in its superclass but
* that test started taking too long and caused dunit runs to hang
*/
-public class ClientAuthenticationPart2DUnitTest extends
- ClientAuthenticationDUnitTest {
+@Category(DistributedTest.class)
+public class ClientAuthenticationPart2DUnitTest extends ClientAuthenticationTestCase {
- /** constructor */
- public ClientAuthenticationPart2DUnitTest(String name) {
- super(name);
+ @Test
+ public void testNoCredentialsForMultipleUsers() throws Exception {
+ doTestNoCredentials(Boolean.TRUE);
}
- // override inherited tests so they aren't executed again
-
- @Override
- public void testValidCredentials() { }
- @Override
- public void testNoCredentials() { }
- @Override
- public void testInvalidCredentials() { }
- @Override
- public void testInvalidAuthInit() { }
- @Override
- public void testNoAuthInitWithCredentials() { }
- @Override
- public void testInvalidAuthenticator() { }
- @Override
- public void testNoAuthenticatorWithCredentials() { }
- @Override
- public void testCredentialsWithFailover() { }
- @Override
- public void testCredentialsForNotifications() { }
- //@Override
- public void testValidCredentialsForMultipleUsers() { }
-
-
-
-
-
- public void testNoCredentialsForMultipleUsers() {
- itestNoCredentials(Boolean.TRUE);
- }
- public void testInvalidCredentialsForMultipleUsers() {
- itestInvalidCredentials(Boolean.TRUE);
+ @Test
+ public void testInvalidCredentialsForMultipleUsers() throws Exception {
+ doTestInvalidCredentials(Boolean.TRUE);
}
- public void testInvalidAuthInitForMultipleUsers() {
- itestInvalidAuthInit(Boolean.TRUE);
- }
- public void testNoAuthInitWithCredentialsForMultipleUsers() {
- itestNoAuthInitWithCredentials(Boolean.TRUE);
+
+ @Test
+ public void testInvalidAuthInitForMultipleUsers() throws Exception {
+ doTestInvalidAuthInit(Boolean.TRUE);
}
- public void testInvalidAuthenitcatorForMultipleUsers() {
- itestInvalidAuthenticator(Boolean.TRUE);
+
+ @Test
+ public void testNoAuthInitWithCredentialsForMultipleUsers() throws Exception {
+ doTestNoAuthInitWithCredentials(Boolean.TRUE);
}
- public void testNoAuthenticatorWithCredentialsForMultipleUsers() {
- itestNoAuthenticatorWithCredentials(Boolean.TRUE);
+
+ @Test
+ public void testInvalidAuthenitcatorForMultipleUsers() throws Exception {
+ doTestInvalidAuthenticator(Boolean.TRUE);
}
- public void disabled_testCredentialsWithFailoverForMultipleUsers() {
- itestCredentialsWithFailover(Boolean.TRUE);
+
+ @Test
+ public void testNoAuthenticatorWithCredentialsForMultipleUsers() throws Exception {
+ doTestNoAuthenticatorWithCredentials(Boolean.TRUE);
}
- public void __testCredentialsForNotificationsForMultipleUsers() {
- itestCredentialsForNotifications(Boolean.TRUE);
+
+ @Ignore("Disabled for unknown reason")
+ @Test
+ public void testCredentialsWithFailoverForMultipleUsers() throws Exception {
+ doTestCredentialsWithFailover(Boolean.TRUE);
}
+ @Ignore("Disabled for unknown reason")
+ @Test
+ public void testCredentialsForNotificationsForMultipleUsers() throws Exception {
+ doTestCredentialsForNotifications(Boolean.TRUE);
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4f6a5311/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestCase.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestCase.java b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestCase.java
new file mode 100644
index 0000000..d308769
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestCase.java
@@ -0,0 +1,574 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.security;
+
+import static com.gemstone.gemfire.security.SecurityTestUtil.*;
+import static com.gemstone.gemfire.test.dunit.IgnoredException.*;
+import static com.gemstone.gemfire.test.dunit.LogWriterUtils.*;
+import static com.gemstone.gemfire.test.dunit.Wait.*;
+
+import java.io.IOException;
+import java.util.Properties;
+import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLHandshakeException;
+
+import com.gemstone.gemfire.internal.AvailablePort;
+import com.gemstone.gemfire.security.generator.CredentialGenerator;
+import com.gemstone.gemfire.security.generator.DummyCredentialGenerator;
+import com.gemstone.gemfire.test.dunit.Host;
+import com.gemstone.gemfire.test.dunit.VM;
+import com.gemstone.gemfire.test.dunit.internal.JUnit4DistributedTestCase;
+
+public abstract class ClientAuthenticationTestCase extends JUnit4DistributedTestCase {
+
+ private VM server1 = null;
+ private VM server2 = null;
+ private VM client1 = null;
+ private VM client2 = null;
+
+ private static final String[] serverIgnoredExceptions = {
+ AuthenticationRequiredException.class.getName(),
+ AuthenticationFailedException.class.getName(),
+ GemFireSecurityException.class.getName(),
+ ClassNotFoundException.class.getName(),
+ IOException.class.getName(),
+ SSLException.class.getName(),
+ SSLHandshakeException.class.getName()
+ };
+
+ private static final String[] clientIgnoredExceptions = {
+ AuthenticationRequiredException.class.getName(),
+ AuthenticationFailedException.class.getName(),
+ SSLHandshakeException.class.getName()
+ };
+
+ @Override
+ public final void postSetUp() throws Exception {
+ final Host host = Host.getHost(0);
+ server1 = host.getVM(0);
+ server2 = host.getVM(1);
+ client1 = host.getVM(2);
+ client2 = host.getVM(3);
+
+ addIgnoredException("Connection refused: connect");
+
+ server1.invoke(() -> registerExpectedExceptions(serverIgnoredExceptions));
+ server2.invoke(() -> registerExpectedExceptions(serverIgnoredExceptions));
+ client1.invoke(() -> registerExpectedExceptions(clientIgnoredExceptions));
+ client2.invoke(() -> registerExpectedExceptions(clientIgnoredExceptions));
+ }
+
+ protected void doTestValidCredentials(boolean multiUser) throws Exception {
+ CredentialGenerator gen = new DummyCredentialGenerator();
+ Properties extraProps = gen.getSystemProperties();
+ Properties javaProps = gen.getJavaProperties();
+ String authenticator = gen.getAuthenticator();
+ String authInit = gen.getAuthInit();
+
+ getLogWriter().info("testValidCredentials: Using scheme: " + gen.classCode());
+ getLogWriter().info("testValidCredentials: Using authenticator: " + authenticator);
+ getLogWriter().info("testValidCredentials: Using authinit: " + authInit);
+
+ // Start the servers
+ Integer locPort1 = getLocatorPort();
+ Integer locPort2 = getLocatorPort();
+ String locString = getLocatorString();
+ Integer port1 = server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, authenticator, extraProps, javaProps));
+ Integer port2 = server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, authenticator, extraProps, javaProps));
+
+ // Start the clients with valid credentials
+ Properties credentials1 = gen.getValidCredentials(1);
+ Properties javaProps1 = gen.getJavaProperties();
+
+ getLogWriter().info("testValidCredentials: For first client credentials: " + credentials1 + " : " + javaProps1);
+
+ Properties credentials2 = gen.getValidCredentials(2);
+ Properties javaProps2 = gen.getJavaProperties();
+
+ getLogWriter().info("testValidCredentials: For second client credentials: " + credentials2 + " : " + javaProps2);
+
+ createClientsNoException(multiUser, authInit, port1, port2, credentials1, javaProps1, credentials2, javaProps2);
+
+ // Perform some put operations from client1
+ client1.invoke(() -> doPuts(2));
+
+ // Verify that the puts succeeded
+ client2.invoke(() -> doGets(2));
+
+ if (multiUser) {
+ client1.invoke(() -> doProxyCacheClose());
+ client2.invoke(() -> doProxyCacheClose());
+ client1.invoke(() -> doSimplePut("CacheClosedException"));
+ client2.invoke(() -> doSimpleGet("CacheClosedException"));
+ }
+ }
+
+ protected void doTestNoCredentials(boolean multiUser) throws Exception {
+ CredentialGenerator gen = new DummyCredentialGenerator();
+ Properties extraProps = gen.getSystemProperties();
+ Properties javaProps = gen.getJavaProperties();
+ String authenticator = gen.getAuthenticator();
+ String authInit = gen.getAuthInit();
+
+ getLogWriter().info("testNoCredentials: Using scheme: " + gen.classCode());
+ getLogWriter().info("testNoCredentials: Using authenticator: " + authenticator);
+ getLogWriter().info("testNoCredentials: Using authinit: " + authInit);
+
+ // Start the servers
+ Integer locPort1 = getLocatorPort();
+ Integer locPort2 = getLocatorPort();
+ String locString = getLocatorString();
+ Integer port1 = createServer1(extraProps, javaProps, authenticator, locPort1, locString);
+ Integer port2 = server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, authenticator, extraProps, javaProps));
+
+ // Start first client with valid credentials
+ Properties credentials1 = gen.getValidCredentials(1);
+ Properties javaProps1 = gen.getJavaProperties();
+
+ getLogWriter().info("testNoCredentials: For first client credentials: " + credentials1 + " : " + javaProps1);
+
+ createClient1NoException(multiUser, authInit, port1, port2, credentials1, javaProps1);
+
+ // Perform some put operations from client1
+ client1.invoke(() -> doPuts(2));
+
+ // Trying to create the region on client2
+ if (gen.classCode().equals(CredentialGenerator.ClassCode.SSL)) {
+ // For SSL the exception may not come since the server can close socket
+ // before handshake message is sent from client. However exception
+ // should come in any region operations.
+ client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, null, null, port1, port2, 0, multiUser, NO_EXCEPTION));
+ client2.invoke(() -> doPuts(2, OTHER_EXCEPTION));
+
+ } else {
+ client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, null, null, port1, port2, 0, multiUser, AUTHREQ_EXCEPTION));
+ }
+ }
+
+ protected void doTestInvalidCredentials(boolean multiUser) throws Exception {
+ CredentialGenerator gen = new DummyCredentialGenerator();
+ Properties extraProps = gen.getSystemProperties();
+ Properties javaProps = gen.getJavaProperties();
+ String authenticator = gen.getAuthenticator();
+ String authInit = gen.getAuthInit();
+
+ getLogWriter().info("testInvalidCredentials: Using scheme: " + gen.classCode());
+ getLogWriter().info("testInvalidCredentials: Using authenticator: " + authenticator);
+ getLogWriter().info("testInvalidCredentials: Using authinit: " + authInit);
+
+ // Start the servers
+ Integer locPort1 = getLocatorPort();
+ Integer locPort2 = getLocatorPort();
+ String locString = getLocatorString();
+ Integer port1 = createServer1(extraProps, javaProps, authenticator, locPort1, locString);
+ Integer port2 = server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, authenticator, extraProps, javaProps));
+
+ // Start first client with valid credentials
+ Properties credentials1 = gen.getValidCredentials(1);
+ Properties javaProps1 = gen.getJavaProperties();
+ getLogWriter().info("testInvalidCredentials: For first client credentials: " + credentials1 + " : " + javaProps1);
+
+ createClient1NoException(multiUser, authInit, port1, port2, credentials1, javaProps1);
+
+ // Perform some put operations from client1
+ client1.invoke(() -> doPuts(2));
+
+ // Start second client with invalid credentials
+ // Trying to create the region on client2 should throw a security
+ // exception
+ Properties credentials2 = gen.getInvalidCredentials(1);
+ Properties javaProps2 = gen.getJavaProperties();
+ getLogWriter().info("testInvalidCredentials: For second client credentials: " + credentials2 + " : " + javaProps2);
+
+ client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials2, javaProps2, port1, port2, 0, multiUser, AUTHFAIL_EXCEPTION));
+ }
+
+ protected void doTestInvalidAuthInit(boolean multiUser) throws Exception {
+ CredentialGenerator gen = new DummyCredentialGenerator();
+ Properties extraProps = gen.getSystemProperties();
+ final Properties javaProps = gen.getJavaProperties();
+ String authenticator = gen.getAuthenticator();
+
+ getLogWriter().info("testInvalidAuthInit: Using scheme: " + gen.classCode());
+ getLogWriter().info("testInvalidAuthInit: Using authenticator: " + authenticator);
+
+ // Start the server
+ Integer locPort1 = getLocatorPort();
+ String locString = getLocatorString();
+ Integer port1 = createServer1(extraProps, javaProps, authenticator, locPort1, locString);
+
+ Properties credentials = gen.getValidCredentials(1);
+
+ getLogWriter().info("testInvalidAuthInit: For first client credentials: " + credentials + " : " + javaProps);
+ client1.invoke(() -> ClientAuthenticationUtils.createCacheClient("com.gemstone.none", credentials, javaProps, new int[] { port1 }, 0, multiUser, AUTHREQ_EXCEPTION));
+ }
+
+ protected void doTestNoAuthInitWithCredentials(boolean multiUser) throws Exception {
+ CredentialGenerator gen = new DummyCredentialGenerator();
+ Properties extraProps = gen.getSystemProperties();
+ Properties javaProps = gen.getJavaProperties();
+ String authenticator = gen.getAuthenticator();
+
+ getLogWriter().info("testNoAuthInitWithCredentials: Using scheme: " + gen.classCode());
+ getLogWriter().info("testNoAuthInitWithCredentials: Using authenticator: " + authenticator);
+
+ // Start the servers
+ Integer locPort1 = getLocatorPort();
+ Integer locPort2 = getLocatorPort();
+ String locString = getLocatorString();
+ Integer port1 = createServer1(extraProps, javaProps, authenticator, locPort1, locString);
+ Integer port2 = server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, authenticator, extraProps, javaProps));
+
+ // Start the clients with valid credentials
+ Properties credentials1 = gen.getValidCredentials(1);
+ Properties javaProps1 = gen.getJavaProperties();
+ getLogWriter().info("testNoAuthInitWithCredentials: For first client credentials: " + credentials1 + " : " + javaProps1);
+
+ Properties credentials2 = gen.getValidCredentials(2);
+ Properties javaProps2 = gen.getJavaProperties();
+ getLogWriter().info("testNoAuthInitWithCredentials: For second client credentials: " + credentials2 + " : " + javaProps2);
+
+ client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, credentials1, javaProps1, port1, port2, 0, multiUser, AUTHREQ_EXCEPTION));
+ client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, credentials2, javaProps2, port1, port2, 0, multiUser, AUTHREQ_EXCEPTION));
+ client2.invoke(() -> closeCache());
+
+ // Now also try with invalid credentials
+ Properties credentials3 = gen.getInvalidCredentials(5);
+ Properties javaProps3 = gen.getJavaProperties();
+ client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, credentials3, javaProps3, port1, port2, 0, multiUser, AUTHREQ_EXCEPTION));
+ }
+
+ protected void doTestInvalidAuthenticator(boolean multiUser) throws Exception {
+ CredentialGenerator gen = new DummyCredentialGenerator();
+ Properties extraProps = gen.getSystemProperties();
+ Properties javaProps = gen.getJavaProperties();
+ String authInit = gen.getAuthInit();
+
+ getLogWriter().info("testInvalidAuthenticator: Using scheme: " + gen.classCode());
+ getLogWriter().info("testInvalidAuthenticator: Using authinit: " + authInit);
+
+ // Start the server with invalid authenticator
+ Integer locPort1 = getLocatorPort();
+ String locString = getLocatorString();
+ Integer port1 = server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, "com.gemstone.gemfire.none", extraProps, javaProps));
+
+ // Trying to create the region on client should throw a security exception
+ Properties credentials2 = gen.getValidCredentials(1);
+ Properties javaProps2 = gen.getJavaProperties();
+ getLogWriter().info("testInvalidAuthenticator: For first client credentials: " + credentials2 + " : " + javaProps2);
+
+ client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials2, javaProps2, port1, 0, AUTHFAIL_EXCEPTION));
+ client1.invoke(() -> closeCache());
+
+ // Also test with invalid credentials
+ Properties credentials3 = gen.getInvalidCredentials(1);
+ Properties javaProps3 = gen.getJavaProperties();
+ getLogWriter().info("testInvalidAuthenticator: For first client credentials: " + credentials3 + " : " + javaProps3);
+ client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials3, javaProps3, port1, 0, AUTHFAIL_EXCEPTION));
+ }
+
+ protected void doTestNoAuthenticatorWithCredentials(boolean multiUser) throws Exception {
+ CredentialGenerator gen = new DummyCredentialGenerator();
+ Properties extraProps = gen.getSystemProperties();
+ Properties javaProps = gen.getJavaProperties();
+ String authenticator = gen.getAuthenticator();
+ String authInit = gen.getAuthInit();
+
+ getLogWriter().info("testNoAuthenticatorWithCredentials: Using scheme: " + gen.classCode());
+ getLogWriter().info("testNoAuthenticatorWithCredentials: Using authinit: " + authInit);
+
+ // Start the servers with no authenticator
+ Integer locPort1 = getLocatorPort();
+ Integer locPort2 = getLocatorPort();
+ String locString = getLocatorString();
+ Integer port1 = server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, null, extraProps, javaProps));
+ Integer port2 = server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, null, extraProps, javaProps));
+
+ // Clients should connect successfully and work properly with
+ // valid/invalid credentials when none are required on the server side
+ Properties credentials1 = gen.getValidCredentials(3);
+ Properties javaProps1 = gen.getJavaProperties();
+ getLogWriter().info("testNoAuthenticatorWithCredentials: For first client credentials: " + credentials1 + " : " + javaProps1);
+
+ Properties credentials2 = gen.getInvalidCredentials(5);
+ Properties javaProps2 = gen.getJavaProperties();
+ getLogWriter().info("testNoAuthenticatorWithCredentials: For second client credentials: " + credentials2 + " : " + javaProps2);
+
+ createClientsNoException(multiUser, authInit, port1, port2, credentials1, javaProps1, credentials2, javaProps2);
+
+ // Perform some put operations from client1
+ client1.invoke(() -> doPuts(2));
+
+ // Verify that the puts succeeded
+ client2.invoke(() -> doGets(2));
+ }
+
+ protected void doTestCredentialsWithFailover(boolean multiUser) throws Exception {
+ CredentialGenerator gen = new DummyCredentialGenerator();
+ Properties extraProps = gen.getSystemProperties();
+ Properties javaProps = gen.getJavaProperties();
+ String authenticator = gen.getAuthenticator();
+ String authInit = gen.getAuthInit();
+
+ getLogWriter().info("testCredentialsWithFailover: Using scheme: " + gen.classCode());
+ getLogWriter().info("testCredentialsWithFailover: Using authenticator: " + authenticator);
+ getLogWriter().info("testCredentialsWithFailover: Using authinit: " + authInit);
+
+ // Start the first server
+ Integer locPort1 = getLocatorPort();
+ Integer locPort2 = getLocatorPort();
+ String locString = getLocatorString();
+ Integer port1 = server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, authenticator, extraProps, javaProps));
+ // Get a port for second server but do not start it
+ // This forces the clients to connect to the first server
+ Integer port2 = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
+
+ // Start the clients with valid credentials
+ Properties credentials1 = gen.getValidCredentials(5);
+ Properties javaProps1 = gen.getJavaProperties();
+ getLogWriter().info("testCredentialsWithFailover: For first client credentials: " + credentials1 + " : " + javaProps1);
+
+ Properties credentials2 = gen.getValidCredentials(6);
+ Properties javaProps2 = gen.getJavaProperties();
+ getLogWriter().info("testCredentialsWithFailover: For second client credentials: " + credentials2 + " : " + javaProps2);
+
+ createClientsNoException(multiUser, authInit, port1, port2, credentials1, javaProps1, credentials2, javaProps2);
+
+ // Perform some put operations from client1
+ client1.invoke(() -> doPuts(2));
+ // Verify that the puts succeeded
+ client2.invoke(() -> doGets(2));
+
+ // start the second one and stop the first server to force a failover
+ server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, port2, authenticator, extraProps, javaProps));
+ server1.invoke(() -> closeCache());
+
+ // Perform some create/update operations from client1
+ client1.invoke(() -> doNPuts(4));
+ // Verify that the creates/updates succeeded
+ client2.invoke(() -> doNGets(4));
+
+ // Try to connect client2 with no credentials
+ // Verify that the creation of region throws security exception
+ if (gen.classCode().equals(CredentialGenerator.ClassCode.SSL)) {
+ // For SSL the exception may not come since the server can close socket
+ // before handshake message is sent from client. However exception
+ // should come in any region operations.
+ client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, null, null, port1, port2, 0, multiUser, NOFORCE_AUTHREQ_EXCEPTION));
+ client2.invoke(() -> doPuts(2, OTHER_EXCEPTION));
+
+ } else {
+ client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, null, null, port1, port2, 0, multiUser, AUTHREQ_EXCEPTION));
+ }
+
+ // Now try to connect client1 with invalid credentials
+ // Verify that the creation of region throws security exception
+ Properties credentials3 = gen.getInvalidCredentials(7);
+ Properties javaProps3 = gen.getJavaProperties();
+ getLogWriter().info("testCredentialsWithFailover: For first client invalid credentials: " + credentials3 + " : " + javaProps3);
+
+ client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials3, javaProps3, port1, port2, 0, multiUser, AUTHFAIL_EXCEPTION));
+
+ if (multiUser) {
+ client1.invoke(() -> doProxyCacheClose());
+ client2.invoke(() -> doProxyCacheClose());
+ client1.invoke(() -> doSimplePut("CacheClosedException"));
+ client2.invoke(() -> doSimpleGet("CacheClosedException"));
+ }
+ }
+
+ protected void doTestCredentialsForNotifications(boolean multiUser) throws Exception {
+ CredentialGenerator gen = new DummyCredentialGenerator();
+ Properties extraProps = gen.getSystemProperties();
+ Properties javaProps = gen.getJavaProperties();
+ String authenticator = gen.getAuthenticator();
+ String authInit = gen.getAuthInit();
+
+ getLogWriter().info("testCredentialsForNotifications: Using scheme: " + gen.classCode());
+ getLogWriter().info("testCredentialsForNotifications: Using authenticator: " + authenticator);
+ getLogWriter().info("testCredentialsForNotifications: Using authinit: " + authInit);
+
+ // Start the first server
+ Integer locPort1 = getLocatorPort();
+ Integer locPort2 = getLocatorPort();
+ String locString = getLocatorString();
+ Integer port1 = server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, authenticator, extraProps, javaProps));
+ // Get a port for second server but do not start it
+ // This forces the clients to connect to the first server
+ Integer port2 = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
+
+ // Start the clients with valid credentials
+ Properties credentials1 = gen.getValidCredentials(3);
+ Properties javaProps1 = gen.getJavaProperties();
+ getLogWriter().info("testCredentialsForNotifications: For first client credentials: " + credentials1 + " : " + javaProps1);
+
+ Properties credentials2 = gen.getValidCredentials(4);
+ Properties javaProps2 = gen.getJavaProperties();
+ getLogWriter().info("testCredentialsForNotifications: For second client credentials: " + credentials2 + " : " + javaProps2);
+
+ createClient1NoException(multiUser, authInit, port1, port2, credentials1, javaProps1);
+
+ // Set up zero forward connections to check notification handshake only
+ int zeroConns = 0;
+ createClient2NoException(multiUser, authInit, port1, port2, credentials2, javaProps2, zeroConns);
+
+ // Register interest on all keys on second client
+ client2.invoke(() -> ClientAuthenticationUtils.registerAllInterest());
+
+ // Perform some put operations from client1
+ client1.invoke(() -> doPuts(2));
+
+ // Verify that the puts succeeded
+ client2.invoke(() -> doLocalGets(2));
+
+ // start the second one and stop the first server to force a failover
+ server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, port2, authenticator, extraProps, javaProps));
+ server1.invoke(() -> closeCache());
+
+ // Wait for failover to complete
+ pause(500);
+
+ // Perform some create/update operations from client1
+ client1.invoke(() -> doNPuts(4));
+ // Verify that the creates/updates succeeded
+ client2.invoke(() -> doNLocalGets(4));
+
+ // Try to connect client1 with no credentials
+ // Verify that the creation of region throws security exception
+ server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, port1, authenticator, extraProps, javaProps));
+
+ if (gen.classCode().equals(CredentialGenerator.ClassCode.SSL)) {
+ // For SSL the exception may not come since the server can close socket
+ // before handshake message is sent from client. However exception
+ // should come in any region operations.
+ client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, null, null, port1, port2, zeroConns, multiUser, NOFORCE_AUTHREQ_EXCEPTION));
+ client1.invoke(() -> doPuts(2, OTHER_EXCEPTION));
+
+ } else {
+ client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, null, null, port1, port2, zeroConns, multiUser, AUTHREQ_EXCEPTION));
+ }
+
+ // Now try to connect client2 with invalid credentials
+ // Verify that the creation of region throws security exception
+ credentials2 = gen.getInvalidCredentials(3);
+ javaProps2 = gen.getJavaProperties();
+ getLogWriter().info("testCredentialsForNotifications: For second client invalid credentials: " + credentials2 + " : " + javaProps2);
+
+ createClient2WithException(multiUser, authInit, port1, port2, credentials2, javaProps2, zeroConns);
+
+ // Now try to connect client2 with invalid auth-init method
+ // Trying to create the region on client with valid credentials should
+ // throw a security exception
+ client2.invoke(() -> ClientAuthenticationUtils.createCacheClient("com.gemstone.none", credentials1, javaProps1, port1, port2, zeroConns, multiUser, AUTHREQ_EXCEPTION));
+
+ // Now start the servers with invalid authenticator method.
+ // Skip this test for a scheme which does not have an authInit in the
+ // first place (e.g. SSL) since that will fail with AuthReqEx before
+ // authenticator is even invoked.
+ if (authInit != null && authInit.length() > 0) {
+ server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, port1, "com.gemstone.gemfire.none", extraProps, javaProps));
+ server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, port2, "com.gemstone.gemfire.none", extraProps, javaProps));
+
+ createClient2WithException(multiUser, authInit, port1, port2, credentials1, javaProps1, zeroConns);
+ createClient1WithException(multiUser, authInit, port1, port2, credentials2, javaProps2, zeroConns);
+
+ } else {
+ getLogWriter().info("testCredentialsForNotifications: Skipping invalid authenticator for scheme [" + gen.classCode() + "] which has no authInit");
+ }
+
+ // Try connection with null auth-init on clients.
+ // Skip this test for a scheme which does not have an authInit in the
+ // first place (e.g. SSL).
+ if (authInit != null && authInit.length() > 0) {
+ server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, port1, authenticator, extraProps, javaProps));
+ server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, port2, authenticator, extraProps, javaProps));
+ client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, credentials1, javaProps1, port1, port2, 0, multiUser, AUTHREQ_EXCEPTION));
+
+ createClient2AuthReqException(multiUser, port1, port2, credentials2, javaProps2, zeroConns);
+ createClient2AuthReqException(multiUser, port1, port2, credentials2, javaProps2, zeroConns);
+
+ } else {
+ getLogWriter().info("testCredentialsForNotifications: Skipping null authInit for scheme [" + gen.classCode() + "] which has no authInit");
+ }
+
+ // Try connection with null authenticator on server and sending
+ // valid/invalid credentials.
+ // If the scheme does not have an authenticator in the first place (e.g.
+ // SSL) then skip it since this test is useless.
+ if (authenticator != null && authenticator.length() > 0) {
+ server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, port1, null, extraProps, javaProps));
+ server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, port2, null, extraProps, javaProps));
+
+ createClient1NoException(multiUser, authInit, port1, port2, credentials1, javaProps1);
+ createClient2NoException(multiUser, authInit, port1, port2, credentials2, javaProps2, zeroConns);
+
+ // Register interest on all keys on second client
+ client2.invoke(() -> ClientAuthenticationUtils.registerAllInterest());
+
+ // Perform some put operations from client1
+ client1.invoke(() -> doPuts(4));
+
+ // Verify that the puts succeeded
+ client2.invoke(() -> doLocalGets(4));
+
+ // Now also try with valid credentials on client2
+ createClient1NoException(multiUser, authInit, port1, port2, credentials2, javaProps2);
+ createClient2NoException(multiUser, authInit, port1, port2, credentials1, javaProps1, zeroConns);
+
+ // Register interest on all keys on second client
+ client2.invoke(() -> ClientAuthenticationUtils.registerAllInterest());
+
+ // Perform some put operations from client1
+ client1.invoke(() -> doNPuts(4));
+
+ // Verify that the puts succeeded
+ client2.invoke(() -> doNLocalGets(4));
+
+ } else {
+ getLogWriter().info("testCredentialsForNotifications: Skipping scheme [" + gen.classCode() + "] which has no authenticator");
+ }
+ }
+
+ private Integer createServer1(Properties extraProps, Properties javaProps, String authenticator, int locPort1, String locString) {
+ return server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, authenticator, extraProps, javaProps));
+ }
+
+ private void createClient1NoException(boolean multiUser, String authInit, int port1, int port2, Properties credentials2, Properties javaProps2) {
+ client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials2, javaProps2, port1, port2, 0, multiUser, NO_EXCEPTION));
+ }
+
+ private void createClient2AuthReqException(boolean multiUser, int port1, int port2, Properties credentials2, Properties javaProps2, int zeroConns) {
+ client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, credentials2, javaProps2, port1, port2, zeroConns, multiUser, AUTHREQ_EXCEPTION));
+ }
+
+ private void createClient1WithException(boolean multiUser, String authInit, int port1, int port2, Properties credentials2, Properties javaProps2, int zeroConns) {
+ client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials2, javaProps2, port1, port2, zeroConns, multiUser, AUTHFAIL_EXCEPTION));
+ }
+
+ private void createClient2WithException(boolean multiUser, String authInit, int port1, int port2, Properties credentials2, Properties javaProps2, int zeroConns) {
+ client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials2, javaProps2, port1, port2, zeroConns, multiUser, AUTHFAIL_EXCEPTION));
+ }
+
+ private void createClient2NoException(boolean multiUser, String authInit, int port1, int port2, Properties credentials2, Properties javaProps2, int zeroConns) {
+ client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials2, javaProps2, port1, port2, zeroConns, multiUser, NO_EXCEPTION));
+ }
+
+ private void createClientsNoException(boolean multiUser, String authInit, int port1, int port2, Properties credentials1, Properties javaProps1, Properties credentials2, Properties javaProps2) {
+ createClient1NoException(multiUser, authInit, port1, port2, credentials1, javaProps1);
+ client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials2, javaProps2, port1, port2, 0, multiUser, NO_EXCEPTION));
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4f6a5311/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationUtils.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationUtils.java b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationUtils.java
new file mode 100644
index 0000000..09cc2d5
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationUtils.java
@@ -0,0 +1,94 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.security;
+
+import static com.gemstone.gemfire.security.SecurityTestUtil.*;
+import static org.junit.Assert.*;
+
+import java.util.Properties;
+
+import com.gemstone.gemfire.cache.Region;
+import com.gemstone.gemfire.distributed.internal.DistributionConfig;
+
+/**
+ * Extracted from ClientAuthenticationDUnitTest
+ */
+public class ClientAuthenticationUtils {
+
+ protected ClientAuthenticationUtils() {
+ }
+
+ public static Integer createCacheServer(int dsPort, String locatorString, String authenticator, Properties extraProps, Properties javaProps) {
+ Properties authProps;
+ if (extraProps == null) {
+ authProps = new Properties();
+ } else {
+ authProps = (Properties)extraProps;
+ }
+
+ if (authenticator != null) {
+ authProps.setProperty(DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME, authenticator.toString());
+ }
+
+ return SecurityTestUtil.createCacheServer(authProps, javaProps, dsPort, (String)locatorString, 0, NO_EXCEPTION);
+ }
+
+ public static void createCacheServer(int dsPort, String locatorString, int serverPort, String authenticator, Properties extraProps, Properties javaProps) {
+ Properties authProps;
+ if (extraProps == null) {
+ authProps = new Properties();
+ } else {
+ authProps = (Properties)extraProps;
+ }
+
+ if (authenticator != null) {
+ authProps.setProperty(DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME, authenticator.toString());
+ }
+ SecurityTestUtil.createCacheServer(authProps, javaProps, dsPort, locatorString, serverPort, NO_EXCEPTION);
+ }
+
+ public static void createCacheClient(String authInit, Properties authProps, Properties javaProps, int[] ports, int numConnections, boolean multiUserMode, boolean subscriptionEnabled, int expectedResult) {
+
+ SecurityTestUtil.createCacheClient(authInit, authProps, javaProps, ports, numConnections, false, multiUserMode, subscriptionEnabled, expectedResult);
+ }
+
+ public static void createCacheClient(String authInit, Properties authProps, Properties javaProps, int[] ports, int numConnections, boolean multiUserMode, int expectedResult) {
+ createCacheClient(authInit, (Properties)authProps, (Properties)javaProps, ports, numConnections, multiUserMode, true, expectedResult);
+ }
+
+ public static void createCacheClient(String authInit, Properties authProps, Properties javaProps, int port1, int numConnections, int expectedResult) {
+ createCacheClient(authInit, authProps, javaProps, new int[] { port1 }, numConnections, Boolean.FALSE, Boolean.TRUE, expectedResult);
+ }
+
+ public static void createCacheClient(String authInit, Properties authProps, Properties javaProps, int port1, int port2, int numConnections, int expectedResult) {
+ createCacheClient(authInit, authProps, javaProps, port1, port2, numConnections, Boolean.FALSE, expectedResult);
+ }
+
+ public static void createCacheClient(String authInit, Properties authProps, Properties javaProps, Integer port1, Integer port2, int numConnections, boolean multiUserMode, int expectedResult) {
+ createCacheClient(authInit, authProps, javaProps, port1, port2, numConnections, multiUserMode, Boolean.TRUE, expectedResult);
+ }
+
+ public static void createCacheClient(String authInit, Properties authProps, Properties javaProps, int port1, int port2, int numConnections, boolean multiUserMode, boolean subscriptionEnabled, int expectedResult) {
+ createCacheClient(authInit, authProps, javaProps, new int[] { port1, port2 }, numConnections, multiUserMode, subscriptionEnabled, expectedResult);
+ }
+
+ public static void registerAllInterest() {
+ Region region = SecurityTestUtil.getCache().getRegion(SecurityTestUtil.REGION_NAME);
+ assertNotNull(region);
+ region.registerInterestRegex(".*");
+ }
+}