You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by ji...@apache.org on 2016/04/29 17:40:14 UTC
[1/5] incubator-geode git commit: GEODE-1176 Added some more ops to
trigger client to fetch PR meta data.
Repository: incubator-geode
Updated Branches:
refs/heads/feature/GEODE-17-2 f446bbe89 -> 7c38f0d88
GEODE-1176 Added some more ops to trigger client to fetch PR meta data.
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/a254c428
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/a254c428
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/a254c428
Branch: refs/heads/feature/GEODE-17-2
Commit: a254c428cd9a805384bbf39d7bde64649cf56624
Parents: 7e2ca6c
Author: Hitesh Khamesra <hi...@yahoo.com>
Authored: Thu Apr 28 10:43:46 2016 -0700
Committer: Hitesh Khamesra <hi...@yahoo.com>
Committed: Thu Apr 28 10:44:48 2016 -0700
----------------------------------------------------------------------
.../internal/cache/FixedPRSinglehopDUnitTest.java | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a254c428/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/FixedPRSinglehopDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/FixedPRSinglehopDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/FixedPRSinglehopDUnitTest.java
index 61ea97a..8f3fc2d 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/FixedPRSinglehopDUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/FixedPRSinglehopDUnitTest.java
@@ -635,6 +635,22 @@ public class FixedPRSinglehopDUnitTest extends CacheTestCase {
region.put(q3dateSep1, "update1010");
region.put(q4dateDec1, "update1111");
+ region.put(q1dateJan1, "update000");
+ region.put(q1dateFeb1, "update444");
+ region.put(q1dateMar1, "update888");
+ region.put(q2dateApr1, "update111");
+ region.put(q2dateMay1, "update555");
+ region.put(q2dateJun1, "update999");
+ region.put(q1dateJan1, "update0000");
+ region.put(q3dateJuly1, "update222");
+ region.put(q3dateAug1, "update666");
+ region.put(q3dateSep1, "update101010");
+ region.put(q1dateJan1, "update00000");
+ region.put(q4dateOct1, "update333");
+ region.put(q4dateNov1, "update777");
+ region.put(q4dateDec1, "update111111");
+ region.put(q1dateJan1, "update000000");
+
}
public static void putIntoPartitionedRegionsThreeQs() {
[3/5] incubator-geode git commit: GEODE-17: enhance the
GeodeSecurityUtil and review changes
Posted by ji...@apache.org.
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/PulseAbstractTest.java
----------------------------------------------------------------------
diff --git a/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/PulseAbstractTest.java b/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/PulseAbstractTest.java
index 392de4c..09bb7d7 100644
--- a/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/PulseAbstractTest.java
+++ b/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/PulseAbstractTest.java
@@ -16,11 +16,24 @@
* limitations under the License.
*
*/
+
package com.vmware.gemfire.tools.pulse.tests;
+import java.io.BufferedReader;
+import java.io.FileReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.text.DecimalFormat;
+import java.util.List;
+import java.util.Properties;
+import java.util.concurrent.TimeUnit;
+
+import junit.framework.Assert;
+
import com.gemstone.gemfire.management.internal.JettyHelper;
+import com.jayway.awaitility.Awaitility;
import com.vmware.gemfire.tools.pulse.internal.data.PulseConstants;
-import junit.framework.Assert;
+
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.Ignore;
@@ -35,16 +48,8 @@ import org.openqa.selenium.support.ui.ExpectedCondition;
import org.openqa.selenium.support.ui.ExpectedConditions;
import org.openqa.selenium.support.ui.WebDriverWait;
-import java.io.BufferedReader;
-import java.io.FileReader;
-import java.io.IOException;
-import java.io.InputStream;
-import java.text.DecimalFormat;
-import java.util.List;
-import java.util.Properties;
-import java.util.concurrent.TimeUnit;
-
public abstract class PulseAbstractTest extends PulseBaseTest {
+
private static String jmxPropertiesFile;
private static String path;
@@ -107,7 +112,7 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
private static final String REGION_PERSISTENCE_LABEL = "regionPersistence";
private static final String DATA_VIEW_USEDMEMORY = "memoryUsed";
private static final String DATA_VIEW_TOTALMEMORY = "totalMemory";
-
+
private static final String DATA_BROWSER_LABEL = "Data Browser";
private static final String DATA_BROWSER_REGIONName1 = "treeDemo_1_span";
private static final String DATA_BROWSER_REGIONName2 = "treeDemo_2_span";
@@ -132,11 +137,12 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
public static void setUpServer(String username, String password, String jsonAuthFile) throws Exception {
ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
+
jmxPropertiesFile = classLoader.getResource("test.properties").getPath();
path = getPulseWarPath();
server = Server.createServer(9999, jmxPropertiesFile, jsonAuthFile);
- String host = "localhost";// InetAddress.getLocalHost().getHostAddress();
+ String host = "localhost";
int port = 8080;
String context = "/pulse";
@@ -146,7 +152,7 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
pulseURL = "http://" + host + ":" + port + context;
- Thread.sleep(5000); // wait till the container settles down
+ Awaitility.await().until(()->jetty.isStarted());
driver = new FirefoxDriver();
driver.manage().window().maximize();
@@ -160,12 +166,12 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
Thread.sleep(3000);
WebElement userNameOnPulsePage = (new WebDriverWait(driver, 10))
- .until(new ExpectedCondition<WebElement>() {
- @Override
- public WebElement apply(WebDriver d) {
- return d.findElement(By.id("userName"));
- }
- });
+ .until(new ExpectedCondition<WebElement>() {
+ @Override
+ public WebElement apply(WebDriver d) {
+ return d.findElement(By.id("userName"));
+ }
+ });
Assert.assertNotNull(userNameOnPulsePage);
driver.navigate().refresh();
Thread.sleep(7000);
@@ -215,44 +221,42 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
}
protected void searchByXPathAndClick(String xpath) {
- WebElement element = driver.findElement(By.xpath(xpath));
- Assert.assertNotNull(element);
+ WebElement element = driver.findElement(By.xpath(xpath));
+ Assert.assertNotNull(element);
element.click();
}
protected void waitForElementByClassName(final String className, int seconds) {
WebElement linkTextOnPulsePage1 = (new WebDriverWait(driver, seconds))
- .until(new ExpectedCondition<WebElement>() {
- @Override
- public WebElement apply(WebDriver d) {
- return d.findElement(By.className(className));
- }
- });
+ .until(new ExpectedCondition<WebElement>() {
+ @Override
+ public WebElement apply(WebDriver d) {
+ return d.findElement(By.className(className));
+ }
+ });
Assert.assertNotNull(linkTextOnPulsePage1);
}
protected void waitForElementById(final String id, int seconds) {
WebElement element = (new WebDriverWait(driver, 10))
- .until(new ExpectedCondition<WebElement>() {
- @Override
- public WebElement apply(WebDriver d) {
- return d.findElement(By.id(id));
- }
- });
+ .until(new ExpectedCondition<WebElement>() {
+ @Override
+ public WebElement apply(WebDriver d) {
+ return d.findElement(By.id(id));
+ }
+ });
Assert.assertNotNull(element);
}
-
+
protected void scrollbarVerticalDownScroll() {
JavascriptExecutor js = (JavascriptExecutor) driver;
js.executeScript("javascript:window.scrollBy(250,700)");
WebElement pickerScroll = driver.findElement(By.className("jspDrag"));
WebElement pickerScrollCorner = driver.findElement(By
- .className("jspCorner"));
+ .className("jspCorner"));
Actions builder = new Actions(driver);
- Actions movePicker = builder.dragAndDrop(pickerScroll, pickerScrollCorner); // pickerscroll
- // is
- // the
- // webelement
+ Actions movePicker = builder.dragAndDrop(pickerScroll, pickerScrollCorner);
+ // pickerscroll is the web element
movePicker.perform();
}
@@ -260,147 +264,144 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
JavascriptExecutor js = (JavascriptExecutor) driver;
js.executeScript("javascript:window.scrollBy(250,700)");
WebElement pickerScroll = driver
- .findElement(By
- .xpath("//div[@id='gview_queryStatisticsList']/div[3]/div/div[3]/div[2]/div"));
+ .findElement(By
+ .xpath("//div[@id='gview_queryStatisticsList']/div[3]/div/div[3]/div[2]/div"));
WebElement pickerScrollCorner = driver.findElement(By
- .className("jspCorner"));
+ .className("jspCorner"));
Actions builder = new Actions(driver);
- Actions movePicker = builder.dragAndDrop(pickerScroll, pickerScrollCorner); // pickerscroll
- // is
- // the
- // webelement
+ Actions movePicker = builder.dragAndDrop(pickerScroll, pickerScrollCorner);
+ // pickerscroll is the web element
movePicker.perform();
}
-
-
+
@Test
public void testClusterLocatorCount() throws IOException {
String clusterLocators = driver
- .findElement(By.id(CLUSTER_VIEW_LOCATORS_ID)).getText();
-
- String totallocators = JMXProperties.getInstance().getProperty("server.S1.locatorCount");
+ .findElement(By.id(CLUSTER_VIEW_LOCATORS_ID)).getText();
+
+ String totallocators = JMXProperties.getInstance().getProperty("server.S1.locatorCount");
Assert.assertEquals(totallocators, clusterLocators);
}
- @Test
+ @Test
public void testClusterRegionCount() {
String clusterRegions = driver.findElement(By.id(CLUSTER_VIEW_REGIONS_ID))
- .getText();
+ .getText();
String totalregions = JMXProperties.getInstance().getProperty(
- "server.S1.totalRegionCount");
+ "server.S1.totalRegionCount");
Assert.assertEquals(totalregions, clusterRegions);
}
- @Test
+ @Test
public void testClusterMemberCount() {
- String clusterMembers = driver.findElement(By.id(CLUSTER_VIEW_MEMBERS_ID)).getText();
- String totalMembers = JMXProperties.getInstance().getProperty("server.S1.memberCount");
- Assert.assertEquals(totalMembers, clusterMembers);
- }
+ String clusterMembers = driver.findElement(By.id(CLUSTER_VIEW_MEMBERS_ID)).getText();
+ String totalMembers = JMXProperties.getInstance().getProperty("server.S1.memberCount");
+ Assert.assertEquals(totalMembers, clusterMembers);
+ }
- @Test
+ @Test
public void testClusterNumClient() {
String clusterClients = driver.findElement(By.id(CLUSTER_CLIENTS_ID))
- .getText();
+ .getText();
String totalclients = JMXProperties.getInstance().getProperty(
- "server.S1.numClients");
+ "server.S1.numClients");
Assert.assertEquals(totalclients, clusterClients);
}
@Test
public void testClusterNumRunningFunction() {
String clusterFunctions = driver.findElement(By.id(CLUSTER_FUNCTIONS_ID))
- .getText();
+ .getText();
String totalfunctions = JMXProperties.getInstance().getProperty(
- "server.S1.numRunningFunctions");
+ "server.S1.numRunningFunctions");
Assert.assertEquals(totalfunctions, clusterFunctions);
}
@Test
public void testClusterRegisteredCQCount() {
String clusterUniqueCQs = driver.findElement(By.id(CLUSTER_UNIQUECQS_ID))
- .getText();
+ .getText();
String totaluniqueCQs = JMXProperties.getInstance().getProperty(
- "server.S1.registeredCQCount");
+ "server.S1.registeredCQCount");
Assert.assertEquals(totaluniqueCQs, clusterUniqueCQs);
}
- @Test
+ @Test
public void testClusterNumSubscriptions() {
String clusterSubscriptions = driver.findElement(
- By.id(CLUSTER_SUBSCRIPTION_ID)).getText();
+ By.id(CLUSTER_SUBSCRIPTION_ID)).getText();
String totalSubscriptions = JMXProperties.getInstance().getProperty(
- "server.S1.numSubscriptions");
+ "server.S1.numSubscriptions");
Assert.assertEquals(totalSubscriptions, clusterSubscriptions);
}
- @Test
+ @Test
public void testClusterJVMPausesWidget() {
String clusterJVMPauses = driver.findElement(By.id(CLUSTER_GCPAUSES_ID))
- .getText();
+ .getText();
String totalgcpauses = JMXProperties.getInstance().getProperty(
- "server.S1.jvmPauses");
+ "server.S1.jvmPauses");
Assert.assertEquals(totalgcpauses, clusterJVMPauses);
}
@Test
public void testClusterAverageWritesWidget() {
String clusterWritePerSec = driver.findElement(
- By.id(CLUSTER_WRITEPERSEC_ID)).getText();
+ By.id(CLUSTER_WRITEPERSEC_ID)).getText();
String totalwritepersec = JMXProperties.getInstance().getProperty(
- "server.S1.averageWrites");
+ "server.S1.averageWrites");
Assert.assertEquals(totalwritepersec, clusterWritePerSec);
}
@Test
public void testClusterAverageReadsWidget() {
String clusterReadPerSec = driver.findElement(By.id(CLUSTER_READPERSEC_ID))
- .getText();
+ .getText();
String totalreadpersec = JMXProperties.getInstance().getProperty(
- "server.S1.averageReads");
+ "server.S1.averageReads");
Assert.assertEquals(totalreadpersec, clusterReadPerSec);
}
@Test
public void testClusterQuerRequestRateWidget() {
String clusterQueriesPerSec = driver.findElement(
- By.id(CLUSTER_QUERIESPERSEC_ID)).getText();
+ By.id(CLUSTER_QUERIESPERSEC_ID)).getText();
String totalqueriespersec = JMXProperties.getInstance().getProperty(
- "server.S1.queryRequestRate");
+ "server.S1.queryRequestRate");
Assert.assertEquals(totalqueriespersec, clusterQueriesPerSec);
}
-
+
@Test
public void testClusterGridViewMemberID() throws InterruptedException {
- searchByIdAndClick("default_grid_button");
- List<WebElement> elements = driver.findElements(By.xpath("//table[@id='memberList']/tbody/tr")); //gives me 11 rows
-
- for(int memberCount = 1; memberCount<elements.size(); memberCount++){
- String memberId = driver.findElement(By.xpath("//table[@id='memberList']/tbody/tr[" + (memberCount + 1) + "]/td")).getText();
- String propertMemeberId= JMXProperties.getInstance().getProperty("member.M" + memberCount + ".id");
- Assert.assertEquals(memberId, propertMemeberId);
- }
+ searchByIdAndClick("default_grid_button");
+ List<WebElement> elements = driver.findElements(By.xpath("//table[@id='memberList']/tbody/tr")); //gives me 11 rows
+
+ for (int memberCount = 1; memberCount < elements.size(); memberCount++) {
+ String memberId = driver.findElement(By.xpath("//table[@id='memberList']/tbody/tr[" + (memberCount + 1) + "]/td")).getText();
+ String propertMemeberId = JMXProperties.getInstance().getProperty("member.M" + memberCount + ".id");
+ Assert.assertEquals(memberId, propertMemeberId);
+ }
}
@Test
public void testClusterGridViewMemberName() {
- searchByIdAndClick("default_grid_button");
- List<WebElement> elements = driver.findElements(By.xpath("//table[@id='memberList']/tbody/tr"));
- for (int memberNameCount = 1; memberNameCount < elements.size(); memberNameCount++) {
- String gridMemberName = driver.findElement(By.xpath("//table[@id='memberList']/tbody/tr[" + (memberNameCount + 1) + "]/td[2]")).getText();
- String memberName = JMXProperties.getInstance().getProperty("member.M" + memberNameCount + ".member");
- Assert.assertEquals(gridMemberName, memberName);
+ searchByIdAndClick("default_grid_button");
+ List<WebElement> elements = driver.findElements(By.xpath("//table[@id='memberList']/tbody/tr"));
+ for (int memberNameCount = 1; memberNameCount < elements.size(); memberNameCount++) {
+ String gridMemberName = driver.findElement(By.xpath("//table[@id='memberList']/tbody/tr[" + (memberNameCount + 1) + "]/td[2]")).getText();
+ String memberName = JMXProperties.getInstance().getProperty("member.M" + memberNameCount + ".member");
+ Assert.assertEquals(gridMemberName, memberName);
}
}
-
+
@Test
public void testClusterGridViewMemberHost() {
- searchByIdAndClick("default_grid_button");
- List<WebElement> elements = driver.findElements(By.xpath("//table[@id='memberList']/tbody/tr"));
+ searchByIdAndClick("default_grid_button");
+ List<WebElement> elements = driver.findElements(By.xpath("//table[@id='memberList']/tbody/tr"));
for (int memberHostCount = 1; memberHostCount < elements.size(); memberHostCount++) {
- String MemberHost = driver.findElement(By.xpath("//table[@id='memberList']/tbody/tr[" + (memberHostCount + 1) + "]/td[3]")).getText();
+ String MemberHost = driver.findElement(By.xpath("//table[@id='memberList']/tbody/tr[" + (memberHostCount + 1) + "]/td[3]")).getText();
String gridMemberHost = JMXProperties.getInstance().getProperty("member.M" + memberHostCount + ".host");
Assert.assertEquals(gridMemberHost, MemberHost);
}
@@ -408,14 +409,14 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
@Test
public void testClusterGridViewHeapUsage() {
- searchByIdAndClick("default_grid_button");
+ searchByIdAndClick("default_grid_button");
for (int i = 1; i <= 3; i++) {
Float HeapUsage = Float.parseFloat(driver
- .findElement(
- By.xpath("//table[@id='memberList']/tbody/tr[" + (i + 1) + "]/td[5]")).getText());
+ .findElement(
+ By.xpath("//table[@id='memberList']/tbody/tr[" + (i + 1) + "]/td[5]")).getText());
Float gridHeapUsagestring = Float.parseFloat(JMXProperties.getInstance()
- .getProperty("member.M" + i + ".UsedMemory"));
- Assert.assertEquals(gridHeapUsagestring, HeapUsage);
+ .getProperty("member.M" + i + ".UsedMemory"));
+ Assert.assertEquals(gridHeapUsagestring, HeapUsage);
}
}
@@ -424,7 +425,7 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
searchByIdAndClick("default_grid_button");
for (int i = 1; i <= 3; i++) {
String CPUUsage = driver.findElement(By.xpath("//table[@id='memberList']/tbody/tr[" + (i + 1) + "]/td[6]"))
- .getText();
+ .getText();
String gridCPUUsage = JMXProperties.getInstance().getProperty("member.M" + i + ".cpuUsage");
gridCPUUsage = gridCPUUsage.trim();
Assert.assertEquals(gridCPUUsage, CPUUsage);
@@ -439,19 +440,19 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
}
@Test // region count in properties file is 2 and UI is 1
- public void testMemberTotalRegionCount() throws InterruptedException{
- testRgraphWidget();
- String RegionCount = driver.findElement(By.id(MEMBER_VIEW_REGION_ID)).getText();
+ public void testMemberTotalRegionCount() throws InterruptedException {
+ testRgraphWidget();
+ String RegionCount = driver.findElement(By.id(MEMBER_VIEW_REGION_ID)).getText();
String memberRegionCount = JMXProperties.getInstance().getProperty("member.M1.totalRegionCount");
Assert.assertEquals(memberRegionCount, RegionCount);
}
@Test
- public void testMemberNumThread()throws InterruptedException {
+ public void testMemberNumThread() throws InterruptedException {
searchByIdAndClick("default_grid_button");
searchByIdAndClick("M1&M1");
String ThreadCount = driver.findElement(By.id(MEMBER_VIEW_THREAD_ID)).getText();
- String memberThreadCount = JMXProperties.getInstance().getProperty("member.M1.numThreads");
+ String memberThreadCount = JMXProperties.getInstance().getProperty("member.M1.numThreads");
Assert.assertEquals(memberThreadCount, ThreadCount);
}
@@ -460,69 +461,73 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
searchByIdAndClick("default_grid_button");
searchByIdAndClick("M1&M1");
String SocketCount = driver.findElement(By.id(MEMBER_VIEW_SOCKETS_ID))
- .getText();
+ .getText();
String memberSocketCount = JMXProperties.getInstance().getProperty(
- "member.M1.totalFileDescriptorOpen");
+ "member.M1.totalFileDescriptorOpen");
Assert.assertEquals(memberSocketCount, SocketCount);
}
- @Test
+ @Test
public void testMemberLoadAverage() throws InterruptedException {
searchByIdAndClick("default_grid_button");
searchByIdAndClick("M1&M1");
String LoadAvg = driver.findElement(By.id(MEMBER_VIEW_LOADAVG_ID))
- .getText();
+ .getText();
String memberLoadAvg = JMXProperties.getInstance().getProperty(
- "member.M1.loadAverage");
+ "member.M1.loadAverage");
Assert.assertEquals(df2.format(Double.valueOf(memberLoadAvg)), LoadAvg);
}
@Ignore("WIP") // May be useful in near future
@Test
- public void testOffHeapFreeSize(){
-
+ public void testOffHeapFreeSize() {
+
String OffHeapFreeSizeString = driver.findElement(
- By.id(MEMBER_VIEW_OFFHEAPFREESIZE_ID)).getText();
+ By.id(MEMBER_VIEW_OFFHEAPFREESIZE_ID)).getText();
String OffHeapFreeSizetemp = OffHeapFreeSizeString.replaceAll("[a-zA-Z]",
- "");
+ "");
float OffHeapFreeSize = Float.parseFloat(OffHeapFreeSizetemp);
float memberOffHeapFreeSize = Float.parseFloat(JMXProperties.getInstance()
- .getProperty("member.M1.OffHeapFreeSize"));
+ .getProperty("member.M1.OffHeapFreeSize"));
if (memberOffHeapFreeSize < 1048576) {
memberOffHeapFreeSize = memberOffHeapFreeSize / 1024;
- } else if (memberOffHeapFreeSize < 1073741824) {
+ }
+ else if (memberOffHeapFreeSize < 1073741824) {
memberOffHeapFreeSize = memberOffHeapFreeSize / 1024 / 1024;
- } else {
+ }
+ else {
memberOffHeapFreeSize = memberOffHeapFreeSize / 1024 / 1024 / 1024;
}
memberOffHeapFreeSize = Float.parseFloat(new DecimalFormat("##.##")
- .format(memberOffHeapFreeSize));
- Assert.assertEquals(memberOffHeapFreeSize, OffHeapFreeSize);
-
+ .format(memberOffHeapFreeSize));
+ Assert.assertEquals(memberOffHeapFreeSize, OffHeapFreeSize);
+
}
@Ignore("WIP") // May be useful in near future
@Test
public void testOffHeapUsedSize() throws InterruptedException {
-
+
String OffHeapUsedSizeString = driver.findElement(
- By.id(MEMBER_VIEW_OFFHEAPUSEDSIZE_ID)).getText();
+ By.id(MEMBER_VIEW_OFFHEAPUSEDSIZE_ID)).getText();
String OffHeapUsedSizetemp = OffHeapUsedSizeString.replaceAll("[a-zA-Z]",
- "");
+ "");
float OffHeapUsedSize = Float.parseFloat(OffHeapUsedSizetemp);
float memberOffHeapUsedSize = Float.parseFloat(JMXProperties.getInstance()
- .getProperty("member.M1.OffHeapUsedSize"));
+ .getProperty("member.M1.OffHeapUsedSize"));
if (memberOffHeapUsedSize < 1048576) {
memberOffHeapUsedSize = memberOffHeapUsedSize / 1024;
- } else if (memberOffHeapUsedSize < 1073741824) {
+ }
+ else if (memberOffHeapUsedSize < 1073741824) {
memberOffHeapUsedSize = memberOffHeapUsedSize / 1024 / 1024;
- } else {
+ }
+ else {
memberOffHeapUsedSize = memberOffHeapUsedSize / 1024 / 1024 / 1024;
}
memberOffHeapUsedSize = Float.parseFloat(new DecimalFormat("##.##")
- .format(memberOffHeapUsedSize));
+ .format(memberOffHeapUsedSize));
Assert.assertEquals(memberOffHeapUsedSize, OffHeapUsedSize);
}
@@ -531,9 +536,9 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
searchByIdAndClick("default_grid_button");
searchByIdAndClick("M1&M1");
String JVMPauses = driver.findElement(By.id(MEMBER_VIEW_JVMPAUSES_ID))
- .getText();
+ .getText();
String memberGcPausesAvg = JMXProperties.getInstance().getProperty(
- "member.M1.JVMPauses");
+ "member.M1.JVMPauses");
Assert.assertEquals(memberGcPausesAvg, JVMPauses);
}
@@ -542,9 +547,9 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
searchByIdAndClick("default_grid_button");
searchByIdAndClick("M1&M1");
String CPUUsagevalue = driver.findElement(By.id(MEMBER_VIEW_CPUUSAGE_ID))
- .getText();
+ .getText();
String memberCPUUsage = JMXProperties.getInstance().getProperty(
- "member.M1.cpuUsage");
+ "member.M1.cpuUsage");
Assert.assertEquals(memberCPUUsage, CPUUsagevalue);
}
@@ -555,27 +560,27 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
float ReadPerSec = Float.parseFloat(driver.findElement(By.id(MEMBER_VIEW_READPERSEC_ID)).getText());
float memberReadPerSec = Float.parseFloat(JMXProperties.getInstance().getProperty("member.M1.averageReads"));
memberReadPerSec = Float.parseFloat(new DecimalFormat("##.##")
- .format(memberReadPerSec));
+ .format(memberReadPerSec));
Assert.assertEquals(memberReadPerSec, ReadPerSec);
}
- @Test
+ @Test
public void testMemberAverageWrites() throws InterruptedException {
testRgraphWidget();
String WritePerSec = driver.findElement(By.id(MEMBER_VIEW_WRITEPERSEC_ID))
- .getText();
+ .getText();
String memberWritePerSec = JMXProperties.getInstance().getProperty(
- "member.M1.averageWrites");
+ "member.M1.averageWrites");
Assert.assertEquals(memberWritePerSec, WritePerSec);
}
-
+
@Test
public void testMemberGridViewData() throws InterruptedException {
testRgraphWidget();
searchByXPathAndClick(PulseTestLocators.MemberDetailsView.gridButtonXpath);
// get the number of rows on the grid
- List<WebElement> noOfRows = driver.findElements(By.xpath("//table[@id='memberRegionsList']/tbody/tr"));
+ List<WebElement> noOfRows = driver.findElements(By.xpath("//table[@id='memberRegionsList']/tbody/tr"));
String MemberRegionName = driver.findElement(By.xpath("//table[@id='memberRegionsList']/tbody/tr[2]/td[1]")).getText();
String memberRegionName = JMXProperties.getInstance().getProperty("region.R1.name");
Assert.assertEquals(memberRegionName, MemberRegionName);
@@ -583,7 +588,7 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
String MemberRegionType = driver.findElement(By.xpath("//table[@id='memberRegionsList']/tbody/tr[2]/td[2]")).getText();
String memberRegionType = JMXProperties.getInstance().getProperty("region.R1.regionType");
Assert.assertEquals(memberRegionType, MemberRegionType);
-
+
String MemberRegionEntryCount = driver.findElement(By.xpath("//table[@id='memberRegionsList']/tbody/tr[2]/td[3]")).getText();
String memberRegionEntryCount = JMXProperties.getInstance().getProperty("regionOnMember./R1.M1.entryCount");
Assert.assertEquals(memberRegionEntryCount, MemberRegionEntryCount);
@@ -593,7 +598,7 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
public void testDropDownList() throws InterruptedException {
searchByIdAndClick("default_grid_button");
searchByIdAndClick("M1&M1");
- searchByIdAndClick("memberName");
+ searchByIdAndClick("memberName");
searchByLinkAndClick("M3");
searchByIdAndClick("memberName");
searchByLinkAndClick("M2");
@@ -615,7 +620,7 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
public void testDataViewRegionPath() {
String regionPath = driver.findElement(By.id(REGION_PATH_LABEL)).getText();
String dataviewregionpath = JMXProperties.getInstance().getProperty(
- "region.R1.fullPath");
+ "region.R1.fullPath");
Assert.assertEquals(dataviewregionpath, regionPath);
}
@@ -624,7 +629,7 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
public void testDataViewRegionType() {
String regionType = driver.findElement(By.id(REGION_TYPE_LABEL)).getText();
String dataviewregiontype = JMXProperties.getInstance().getProperty(
- "region.R1.regionType");
+ "region.R1.regionType");
Assert.assertEquals(dataviewregiontype, regionType);
}
@@ -632,9 +637,9 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
@Test
public void testDataViewEmptyNodes() {
String regionEmptyNodes = driver.findElement(By.id(DATA_VIEW_EMPTYNODES))
- .getText();
+ .getText();
String dataviewEmptyNodes = JMXProperties.getInstance().getProperty(
- "region.R1.emptyNodes");
+ "region.R1.emptyNodes");
Assert.assertEquals(dataviewEmptyNodes, regionEmptyNodes);
}
@@ -642,9 +647,9 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
@Test
public void testDataViewSystemRegionEntryCount() {
String regionEntryCount = driver.findElement(By.id(DATA_VIEW_ENTRYCOUNT))
- .getText();
+ .getText();
String dataviewEntryCount = JMXProperties.getInstance().getProperty(
- "region.R1.systemRegionEntryCount");
+ "region.R1.systemRegionEntryCount");
Assert.assertEquals(dataviewEntryCount, regionEntryCount);
}
@@ -652,9 +657,9 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
@Test
public void testDataViewPersistentEnabled() {
String regionPersistence = driver.findElement(
- By.id(REGION_PERSISTENCE_LABEL)).getText();
+ By.id(REGION_PERSISTENCE_LABEL)).getText();
String dataviewregionpersistence = JMXProperties.getInstance().getProperty(
- "region.R1.persistentEnabled");
+ "region.R1.persistentEnabled");
Assert.assertEquals(dataviewregionpersistence, regionPersistence);
}
@@ -662,9 +667,9 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
@Test
public void testDataViewDiskWritesRate() {
String regionWrites = driver.findElement(By.id(DATA_VIEW_WRITEPERSEC))
- .getText();
+ .getText();
String dataviewRegionWrites = JMXProperties.getInstance().getProperty(
- "region.R1.diskWritesRate");
+ "region.R1.diskWritesRate");
Assert.assertEquals(dataviewRegionWrites, regionWrites);
}
@@ -672,9 +677,9 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
@Test
public void testDataViewDiskReadsRate() {
String regionReads = driver.findElement(By.id(DATA_VIEW_READPERSEC))
- .getText();
+ .getText();
String dataviewRegionReads = JMXProperties.getInstance().getProperty(
- "region.R1.diskReadsRate");
+ "region.R1.diskReadsRate");
Assert.assertEquals(dataviewRegionReads, regionReads);
}
@@ -682,9 +687,9 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
@Test
public void testDataViewDiskUsage() {
String regionMemoryUsed = driver.findElement(By.id(DATA_VIEW_USEDMEMORY))
- .getText();
+ .getText();
String dataviewMemoryUsed = JMXProperties.getInstance().getProperty(
- "region.R1.diskUsage");
+ "region.R1.diskUsage");
Assert.assertEquals(dataviewMemoryUsed, regionMemoryUsed);
searchByLinkAndClick(QUERY_STATISTICS_LABEL);
}
@@ -693,351 +698,350 @@ public abstract class PulseAbstractTest extends PulseBaseTest {
@Test
public void testDataViewGridValue() {
String DataViewRegionName = driver.findElement(
- By.xpath("//*[id('6')/x:td[1]]")).getText();
+ By.xpath("//*[id('6')/x:td[1]]")).getText();
String dataViewRegionName = JMXProperties.getInstance().getProperty(
- "region.R1.name");
+ "region.R1.name");
Assert.assertEquals(dataViewRegionName, DataViewRegionName);
String DataViewRegionType = driver.findElement(
- By.xpath("//*[id('6')/x:td[2]")).getText();
+ By.xpath("//*[id('6')/x:td[2]")).getText();
String dataViewRegionType = JMXProperties.getInstance().getProperty(
- "region.R2.regionType");
+ "region.R2.regionType");
Assert.assertEquals(dataViewRegionType, DataViewRegionType);
String DataViewEntryCount = driver.findElement(
- By.xpath("//*[id('6')/x:td[3]")).getText();
+ By.xpath("//*[id('6')/x:td[3]")).getText();
String dataViewEntryCount = JMXProperties.getInstance().getProperty(
- "region.R2.systemRegionEntryCount");
+ "region.R2.systemRegionEntryCount");
Assert.assertEquals(dataViewEntryCount, DataViewEntryCount);
String DataViewEntrySize = driver.findElement(
- By.xpath("//*[id('6')/x:td[4]")).getText();
+ By.xpath("//*[id('6')/x:td[4]")).getText();
String dataViewEntrySize = JMXProperties.getInstance().getProperty(
- "region.R2.entrySize");
+ "region.R2.entrySize");
Assert.assertEquals(dataViewEntrySize, DataViewEntrySize);
}
-
-
+
+
public void loadDataBrowserpage() {
- searchByLinkAndClick(DATA_BROWSER_LABEL);
- //Thread.sleep(7000);
+ searchByLinkAndClick(DATA_BROWSER_LABEL);
+ //Thread.sleep(7000);
}
-
+
@Test
public void testDataBrowserRegionName() throws InterruptedException {
- loadDataBrowserpage();
- String DataBrowserRegionName1 = driver.findElement(By.id(DATA_BROWSER_REGIONName1))
- .getText();
- String databrowserRegionNametemp1 = JMXProperties.getInstance().getProperty(
- "region.R1.name");
- String databrowserRegionName1 = databrowserRegionNametemp1.replaceAll("[\\/]", "");
- Assert.assertEquals(databrowserRegionName1, DataBrowserRegionName1);
-
- String DataBrowserRegionName2 = driver.findElement(By.id(DATA_BROWSER_REGIONName2))
- .getText();
- String databrowserRegionNametemp2 = JMXProperties.getInstance().getProperty(
- "region.R2.name");
- String databrowserRegionName2 = databrowserRegionNametemp2.replaceAll("[\\/]", "");
- Assert.assertEquals(databrowserRegionName2, DataBrowserRegionName2);
-
- String DataBrowserRegionName3 = driver.findElement(By.id(DATA_BROWSER_REGIONName3))
- .getText();
- String databrowserRegionNametemp3 = JMXProperties.getInstance().getProperty(
- "region.R3.name");
- String databrowserRegionName3 = databrowserRegionNametemp3.replaceAll("[\\/]", "");
- Assert.assertEquals(databrowserRegionName3, DataBrowserRegionName3);
-
+ loadDataBrowserpage();
+ String DataBrowserRegionName1 = driver.findElement(By.id(DATA_BROWSER_REGIONName1))
+ .getText();
+ String databrowserRegionNametemp1 = JMXProperties.getInstance().getProperty(
+ "region.R1.name");
+ String databrowserRegionName1 = databrowserRegionNametemp1.replaceAll("[\\/]", "");
+ Assert.assertEquals(databrowserRegionName1, DataBrowserRegionName1);
+
+ String DataBrowserRegionName2 = driver.findElement(By.id(DATA_BROWSER_REGIONName2))
+ .getText();
+ String databrowserRegionNametemp2 = JMXProperties.getInstance().getProperty(
+ "region.R2.name");
+ String databrowserRegionName2 = databrowserRegionNametemp2.replaceAll("[\\/]", "");
+ Assert.assertEquals(databrowserRegionName2, DataBrowserRegionName2);
+
+ String DataBrowserRegionName3 = driver.findElement(By.id(DATA_BROWSER_REGIONName3))
+ .getText();
+ String databrowserRegionNametemp3 = JMXProperties.getInstance().getProperty(
+ "region.R3.name");
+ String databrowserRegionName3 = databrowserRegionNametemp3.replaceAll("[\\/]", "");
+ Assert.assertEquals(databrowserRegionName3, DataBrowserRegionName3);
+
}
-
+
@Test
public void testDataBrowserRegionMembersVerificaition() throws InterruptedException {
- loadDataBrowserpage();
- searchByIdAndClick(DATA_BROWSER_REGION1_CHECKBOX);
- String DataBrowserMember1Name1 = driver.findElement(By.xpath("//label[@for='Member0']"))
- .getText();
- String DataBrowserMember1Name2 = driver.findElement(By.xpath("//label[@for='Member1']"))
- .getText();
- String DataBrowserMember1Name3 = driver.findElement(By.xpath("//label[@for='Member2']"))
- .getText();
- String databrowserMember1Names = JMXProperties.getInstance().getProperty(
- "region.R1.members");
-
- String databrowserMember1Names1 = databrowserMember1Names.substring(0, 2);
- Assert.assertEquals(databrowserMember1Names1, DataBrowserMember1Name1);
-
- String databrowserMember1Names2 = databrowserMember1Names.substring(3, 5);
- Assert.assertEquals(databrowserMember1Names2, DataBrowserMember1Name2);
-
- String databrowserMember1Names3 = databrowserMember1Names.substring(6, 8);
- Assert.assertEquals(databrowserMember1Names3, DataBrowserMember1Name3);
- searchByIdAndClick(DATA_BROWSER_REGION1_CHECKBOX);
-
- searchByIdAndClick(DATA_BROWSER_REGION2_CHECKBOX);
- String DataBrowserMember2Name1 = driver.findElement(By.xpath("//label[@for='Member0']"))
- .getText();
- String DataBrowserMember2Name2 = driver.findElement(By.xpath("//label[@for='Member1']"))
- .getText();
- String databrowserMember2Names = JMXProperties.getInstance().getProperty(
- "region.R2.members");
-
- String databrowserMember2Names1 = databrowserMember2Names.substring(0, 2);
- Assert.assertEquals(databrowserMember2Names1, DataBrowserMember2Name1);
-
- String databrowserMember2Names2 = databrowserMember2Names.substring(3, 5);
- Assert.assertEquals(databrowserMember2Names2, DataBrowserMember2Name2);
- searchByIdAndClick(DATA_BROWSER_REGION2_CHECKBOX);
-
- searchByIdAndClick(DATA_BROWSER_REGION3_CHECKBOX);
- String DataBrowserMember3Name1 = driver.findElement(By.xpath("//label[@for='Member0']"))
- .getText();
- String DataBrowserMember3Name2 = driver.findElement(By.xpath("//label[@for='Member1']"))
- .getText();
- String databrowserMember3Names = JMXProperties.getInstance().getProperty(
- "region.R3.members");
-
- String databrowserMember3Names1 = databrowserMember3Names.substring(0, 2);
- Assert.assertEquals(databrowserMember3Names1, DataBrowserMember3Name1);
-
- String databrowserMember3Names2 = databrowserMember3Names.substring(3, 5);
- Assert.assertEquals(databrowserMember3Names2, DataBrowserMember3Name2);
- searchByIdAndClick(DATA_BROWSER_REGION3_CHECKBOX);
+ loadDataBrowserpage();
+ searchByIdAndClick(DATA_BROWSER_REGION1_CHECKBOX);
+ String DataBrowserMember1Name1 = driver.findElement(By.xpath("//label[@for='Member0']"))
+ .getText();
+ String DataBrowserMember1Name2 = driver.findElement(By.xpath("//label[@for='Member1']"))
+ .getText();
+ String DataBrowserMember1Name3 = driver.findElement(By.xpath("//label[@for='Member2']"))
+ .getText();
+ String databrowserMember1Names = JMXProperties.getInstance().getProperty(
+ "region.R1.members");
+
+ String databrowserMember1Names1 = databrowserMember1Names.substring(0, 2);
+ Assert.assertEquals(databrowserMember1Names1, DataBrowserMember1Name1);
+
+ String databrowserMember1Names2 = databrowserMember1Names.substring(3, 5);
+ Assert.assertEquals(databrowserMember1Names2, DataBrowserMember1Name2);
+
+ String databrowserMember1Names3 = databrowserMember1Names.substring(6, 8);
+ Assert.assertEquals(databrowserMember1Names3, DataBrowserMember1Name3);
+ searchByIdAndClick(DATA_BROWSER_REGION1_CHECKBOX);
+
+ searchByIdAndClick(DATA_BROWSER_REGION2_CHECKBOX);
+ String DataBrowserMember2Name1 = driver.findElement(By.xpath("//label[@for='Member0']"))
+ .getText();
+ String DataBrowserMember2Name2 = driver.findElement(By.xpath("//label[@for='Member1']"))
+ .getText();
+ String databrowserMember2Names = JMXProperties.getInstance().getProperty(
+ "region.R2.members");
+
+ String databrowserMember2Names1 = databrowserMember2Names.substring(0, 2);
+ Assert.assertEquals(databrowserMember2Names1, DataBrowserMember2Name1);
+
+ String databrowserMember2Names2 = databrowserMember2Names.substring(3, 5);
+ Assert.assertEquals(databrowserMember2Names2, DataBrowserMember2Name2);
+ searchByIdAndClick(DATA_BROWSER_REGION2_CHECKBOX);
+
+ searchByIdAndClick(DATA_BROWSER_REGION3_CHECKBOX);
+ String DataBrowserMember3Name1 = driver.findElement(By.xpath("//label[@for='Member0']"))
+ .getText();
+ String DataBrowserMember3Name2 = driver.findElement(By.xpath("//label[@for='Member1']"))
+ .getText();
+ String databrowserMember3Names = JMXProperties.getInstance().getProperty(
+ "region.R3.members");
+
+ String databrowserMember3Names1 = databrowserMember3Names.substring(0, 2);
+ Assert.assertEquals(databrowserMember3Names1, DataBrowserMember3Name1);
+
+ String databrowserMember3Names2 = databrowserMember3Names.substring(3, 5);
+ Assert.assertEquals(databrowserMember3Names2, DataBrowserMember3Name2);
+ searchByIdAndClick(DATA_BROWSER_REGION3_CHECKBOX);
}
-
+
@Test
public void testDataBrowserColocatedRegions() throws InterruptedException {
- loadDataBrowserpage();
- String databrowserMemberNames1 = JMXProperties.getInstance().getProperty(
- "region.R1.members");
- String databrowserMemberNames2 = JMXProperties.getInstance().getProperty(
- "region.R2.members");
- String databrowserMemberNames3 = JMXProperties.getInstance().getProperty(
- "region.R3.members");
-
- if((databrowserMemberNames1.matches(databrowserMemberNames2+"(.*)"))) {
- if((databrowserMemberNames1.matches(databrowserMemberNames3+"(.*)"))) {
- if((databrowserMemberNames2.matches(databrowserMemberNames3+"(.*)"))) {
- System.out.println("R1, R2 and R3 are colocated regions");
- }
- }
- }
- searchByIdAndClick(DATA_BROWSER_REGION1_CHECKBOX);
- searchByLinkAndClick(DATA_BROWSER_COLOCATED_REGION);
- String DataBrowserColocatedRegion1 = driver.findElement(By.id(DATA_BROWSER_COLOCATED_REGION_NAME1))
- .getText();
- String DataBrowserColocatedRegion2 = driver.findElement(By.id(DATA_BROWSER_COLOCATED_REGION_NAME2))
- .getText();
- String DataBrowserColocatedRegion3 = driver.findElement(By.id(DATA_BROWSER_COLOCATED_REGION_NAME3))
- .getText();
-
- String databrowserColocatedRegiontemp1 = JMXProperties.getInstance().getProperty(
- "region.R1.name");
- String databrowserColocatedRegion1 = databrowserColocatedRegiontemp1.replaceAll("[\\/]", "");
-
- String databrowserColocatedRegiontemp2 = JMXProperties.getInstance().getProperty(
- "region.R2.name");
- String databrowserColocatedRegion2 = databrowserColocatedRegiontemp2.replaceAll("[\\/]", "");
-
- String databrowserColocatedRegiontemp3 = JMXProperties.getInstance().getProperty(
- "region.R3.name");
- String databrowserColocatedRegion3 = databrowserColocatedRegiontemp3.replaceAll("[\\/]", "");
-
- Assert.assertEquals(databrowserColocatedRegion1, DataBrowserColocatedRegion1);
- Assert.assertEquals(databrowserColocatedRegion2, DataBrowserColocatedRegion2);
- Assert.assertEquals(databrowserColocatedRegion3, DataBrowserColocatedRegion3);
-
+ loadDataBrowserpage();
+ String databrowserMemberNames1 = JMXProperties.getInstance().getProperty(
+ "region.R1.members");
+ String databrowserMemberNames2 = JMXProperties.getInstance().getProperty(
+ "region.R2.members");
+ String databrowserMemberNames3 = JMXProperties.getInstance().getProperty(
+ "region.R3.members");
+
+ if ((databrowserMemberNames1.matches(databrowserMemberNames2 + "(.*)"))) {
+ if ((databrowserMemberNames1.matches(databrowserMemberNames3 + "(.*)"))) {
+ if ((databrowserMemberNames2.matches(databrowserMemberNames3 + "(.*)"))) {
+ System.out.println("R1, R2 and R3 are colocated regions");
+ }
+ }
+ }
+ searchByIdAndClick(DATA_BROWSER_REGION1_CHECKBOX);
+ searchByLinkAndClick(DATA_BROWSER_COLOCATED_REGION);
+ String DataBrowserColocatedRegion1 = driver.findElement(By.id(DATA_BROWSER_COLOCATED_REGION_NAME1))
+ .getText();
+ String DataBrowserColocatedRegion2 = driver.findElement(By.id(DATA_BROWSER_COLOCATED_REGION_NAME2))
+ .getText();
+ String DataBrowserColocatedRegion3 = driver.findElement(By.id(DATA_BROWSER_COLOCATED_REGION_NAME3))
+ .getText();
+
+ String databrowserColocatedRegiontemp1 = JMXProperties.getInstance().getProperty(
+ "region.R1.name");
+ String databrowserColocatedRegion1 = databrowserColocatedRegiontemp1.replaceAll("[\\/]", "");
+
+ String databrowserColocatedRegiontemp2 = JMXProperties.getInstance().getProperty(
+ "region.R2.name");
+ String databrowserColocatedRegion2 = databrowserColocatedRegiontemp2.replaceAll("[\\/]", "");
+
+ String databrowserColocatedRegiontemp3 = JMXProperties.getInstance().getProperty(
+ "region.R3.name");
+ String databrowserColocatedRegion3 = databrowserColocatedRegiontemp3.replaceAll("[\\/]", "");
+
+ Assert.assertEquals(databrowserColocatedRegion1, DataBrowserColocatedRegion1);
+ Assert.assertEquals(databrowserColocatedRegion2, DataBrowserColocatedRegion2);
+ Assert.assertEquals(databrowserColocatedRegion3, DataBrowserColocatedRegion3);
+
}
@Ignore("WIP") // clusterDetails element not found on Data Browser page. No assertions in test
@Test
public void testDataBrowserQueryValidation() throws IOException, InterruptedException {
- loadDataBrowserpage();
- WebElement textArea = driver.findElement(By.id("dataBrowserQueryText"));
- textArea.sendKeys("query1");
- WebElement executeButton = driver.findElement(By.id("btnExecuteQuery"));
- executeButton.click();
- String QueryResultHeader1 = driver.findElement(By.xpath("//div[@id='clusterDetails']/div/div/span[@class='n-title']")).getText();
- double count = 0,countBuffer=0,countLine=0;
- String lineNumber = "";
- String filePath = "E:\\springsource\\springsourceWS\\Pulse-Cedar\\src\\main\\resources\\testQueryResultSmall.txt";
- BufferedReader br;
- String line = "";
- br = new BufferedReader(new FileReader(filePath));
- while((line = br.readLine()) != null)
- {
- countLine++;
- String[] words = line.split(" ");
-
- for (String word : words) {
- if (word.equals(QueryResultHeader1)) {
- count++;
- countBuffer++;
- }
- }
- }
+ loadDataBrowserpage();
+ WebElement textArea = driver.findElement(By.id("dataBrowserQueryText"));
+ textArea.sendKeys("query1");
+ WebElement executeButton = driver.findElement(By.id("btnExecuteQuery"));
+ executeButton.click();
+ String QueryResultHeader1 = driver.findElement(By.xpath("//div[@id='clusterDetails']/div/div/span[@class='n-title']")).getText();
+ double count = 0, countBuffer = 0, countLine = 0;
+ String lineNumber = "";
+ String filePath = "E:\\springsource\\springsourceWS\\Pulse-Cedar\\src\\main\\resources\\testQueryResultSmall.txt";
+ BufferedReader br;
+ String line = "";
+ br = new BufferedReader(new FileReader(filePath));
+ while ((line = br.readLine()) != null) {
+ countLine++;
+ String[] words = line.split(" ");
+
+ for (String word : words) {
+ if (word.equals(QueryResultHeader1)) {
+ count++;
+ countBuffer++;
+ }
+ }
+ }
}
-
- public void testTreeMapPopUpData(String S1, String gridIcon) {
- for (int i = 1; i <=3; i++) {
- searchByLinkAndClick(CLUSTER_VIEW_LABEL);
- if (gridIcon.equals(SERVER_GROUP_GRID_ID)) {
- WebElement ServerGroupRadio = driver.findElement(By.xpath("//label[@for='radio-servergroups']"));
- ServerGroupRadio.click();
- }
- if (gridIcon.equals(REDUNDANCY_GRID_ID)) {
- WebElement ServerGroupRadio = driver.findElement(By.xpath("//label[@for='radio-redundancyzones']"));
- ServerGroupRadio.click();
- }
- searchByIdAndClick(gridIcon);
- WebElement TreeMapMember = driver.findElement(By.xpath("//div[@id='" + S1 + "M"+ (i) + "']/div"));
- Actions builder = new Actions(driver);
- builder.clickAndHold(TreeMapMember).perform();
- int j = 1;
- String CPUUsageM1temp = driver.findElement(By.xpath("//div[@id='_tooltip']/div/div/div[2]/div/div[2]/div"))
- .getText();
- String CPUUsageM1 = CPUUsageM1temp.replaceAll("[\\%]", "");
- String cpuUsageM1 = JMXProperties.getInstance().getProperty(
- "member.M" + (i) + ".cpuUsage");
- Assert.assertEquals(cpuUsageM1, CPUUsageM1);
-
- String MemoryUsageM1temp = driver.findElement(By.xpath("//div[@id='_tooltip']/div/div/div[2]/div[" + (j + 1) + "]/div[2]/div"))
- .getText();
- String MemoryUsageM1 = MemoryUsageM1temp.replaceAll("MB", "");
- String memoryUsageM1 = JMXProperties.getInstance().getProperty(
- "member.M" + (i) + ".UsedMemory");
- Assert.assertEquals(memoryUsageM1, MemoryUsageM1);
-
- String LoadAvgM1 = driver.findElement(By.xpath("//div[@id='_tooltip']/div/div/div[2]/div[" + (j + 2) + "]/div[2]/div"))
- .getText();
- String loadAvgM1 = JMXProperties.getInstance().getProperty(
- "member.M" + (i) + ".loadAverage");
- Assert.assertEquals(df2.format(Double.valueOf(loadAvgM1)), LoadAvgM1);
-
-
- String ThreadsM1 = driver.findElement(By.xpath("//div[@id='_tooltip']/div/div/div[2]/div[" + (j + 3) + "]/div[2]/div"))
- .getText();
- String threadsM1 = JMXProperties.getInstance().getProperty(
- "member.M" + (i) + ".numThreads");
- Assert.assertEquals(threadsM1, ThreadsM1);
-
- String SocketsM1 = driver.findElement(By.xpath("//div[@id='_tooltip']/div/div/div[2]/div[" + (j + 4) + "]/div[2]/div"))
- .getText();
- String socketsM1 = JMXProperties.getInstance().getProperty(
- "member.M" + (i) + ".totalFileDescriptorOpen");
- Assert.assertEquals(socketsM1, SocketsM1);
- builder.moveToElement(TreeMapMember).release().perform();
- }
- }
-
+
+ public void testTreeMapPopUpData(String S1, String gridIcon) {
+ for (int i = 1; i <= 3; i++) {
+ searchByLinkAndClick(CLUSTER_VIEW_LABEL);
+ if (gridIcon.equals(SERVER_GROUP_GRID_ID)) {
+ WebElement ServerGroupRadio = driver.findElement(By.xpath("//label[@for='radio-servergroups']"));
+ ServerGroupRadio.click();
+ }
+ if (gridIcon.equals(REDUNDANCY_GRID_ID)) {
+ WebElement ServerGroupRadio = driver.findElement(By.xpath("//label[@for='radio-redundancyzones']"));
+ ServerGroupRadio.click();
+ }
+ searchByIdAndClick(gridIcon);
+ WebElement TreeMapMember = driver.findElement(By.xpath("//div[@id='" + S1 + "M" + (i) + "']/div"));
+ Actions builder = new Actions(driver);
+ builder.clickAndHold(TreeMapMember).perform();
+ int j = 1;
+ String CPUUsageM1temp = driver.findElement(By.xpath("//div[@id='_tooltip']/div/div/div[2]/div/div[2]/div"))
+ .getText();
+ String CPUUsageM1 = CPUUsageM1temp.replaceAll("[\\%]", "");
+ String cpuUsageM1 = JMXProperties.getInstance().getProperty(
+ "member.M" + (i) + ".cpuUsage");
+ Assert.assertEquals(cpuUsageM1, CPUUsageM1);
+
+ String MemoryUsageM1temp = driver.findElement(By.xpath("//div[@id='_tooltip']/div/div/div[2]/div[" + (j + 1) + "]/div[2]/div"))
+ .getText();
+ String MemoryUsageM1 = MemoryUsageM1temp.replaceAll("MB", "");
+ String memoryUsageM1 = JMXProperties.getInstance().getProperty(
+ "member.M" + (i) + ".UsedMemory");
+ Assert.assertEquals(memoryUsageM1, MemoryUsageM1);
+
+ String LoadAvgM1 = driver.findElement(By.xpath("//div[@id='_tooltip']/div/div/div[2]/div[" + (j + 2) + "]/div[2]/div"))
+ .getText();
+ String loadAvgM1 = JMXProperties.getInstance().getProperty(
+ "member.M" + (i) + ".loadAverage");
+ Assert.assertEquals(df2.format(Double.valueOf(loadAvgM1)), LoadAvgM1);
+
+
+ String ThreadsM1 = driver.findElement(By.xpath("//div[@id='_tooltip']/div/div/div[2]/div[" + (j + 3) + "]/div[2]/div"))
+ .getText();
+ String threadsM1 = JMXProperties.getInstance().getProperty(
+ "member.M" + (i) + ".numThreads");
+ Assert.assertEquals(threadsM1, ThreadsM1);
+
+ String SocketsM1 = driver.findElement(By.xpath("//div[@id='_tooltip']/div/div/div[2]/div[" + (j + 4) + "]/div[2]/div"))
+ .getText();
+ String socketsM1 = JMXProperties.getInstance().getProperty(
+ "member.M" + (i) + ".totalFileDescriptorOpen");
+ Assert.assertEquals(socketsM1, SocketsM1);
+ builder.moveToElement(TreeMapMember).release().perform();
+ }
+ }
+
@Test
public void testTopologyPopUpData() {
- testTreeMapPopUpData("", CLUSTER_VIEW_GRID_ID);
+ testTreeMapPopUpData("", CLUSTER_VIEW_GRID_ID);
}
-
+
@Test
public void testServerGroupTreeMapPopUpData() {
- testTreeMapPopUpData("SG1(!)", SERVER_GROUP_GRID_ID);
+ testTreeMapPopUpData("SG1(!)", SERVER_GROUP_GRID_ID);
}
-
+
@Test
public void testDataViewTreeMapPopUpData() {
- searchByLinkAndClick(CLUSTER_VIEW_LABEL);
- searchByLinkAndClick(DATA_DROPDOWN_ID);
- WebElement TreeMapMember = driver.findElement(By.id("GraphTreeMapClusterData-canvas"));
- Actions builder = new Actions(driver);
- builder.clickAndHold(TreeMapMember).perform();
- String RegionType = driver.findElement(By.xpath("//div[@id='_tooltip']/div/div/div[2]/div/div[2]/div"))
- .getText();
- String regionType = JMXProperties.getInstance().getProperty(
- "region.R2.regionType");
- Assert.assertEquals(regionType, RegionType);
-
- String EntryCount = driver.findElement(By.xpath("//div[@id='_tooltip']/div/div/div[2]/div[2]/div[2]/div"))
- .getText();
- String entryCount = JMXProperties.getInstance().getProperty(
- "region.R2.systemRegionEntryCount");
- Assert.assertEquals(entryCount, EntryCount);
-
- String EntrySizetemp = driver.findElement(By.xpath("//div[@id='_tooltip']/div/div/div[2]/div[3]/div[2]/div"))
- .getText();
- float EntrySize = Float.parseFloat(EntrySizetemp);
- float entrySize = Float.parseFloat(JMXProperties.getInstance().getProperty(
- "region.R2.entrySize"));
- entrySize = entrySize / 1024 / 1024;
- entrySize = Float.parseFloat(new DecimalFormat("##.####")
+ searchByLinkAndClick(CLUSTER_VIEW_LABEL);
+ searchByLinkAndClick(DATA_DROPDOWN_ID);
+ WebElement TreeMapMember = driver.findElement(By.id("GraphTreeMapClusterData-canvas"));
+ Actions builder = new Actions(driver);
+ builder.clickAndHold(TreeMapMember).perform();
+ String RegionType = driver.findElement(By.xpath("//div[@id='_tooltip']/div/div/div[2]/div/div[2]/div"))
+ .getText();
+ String regionType = JMXProperties.getInstance().getProperty(
+ "region.R2.regionType");
+ Assert.assertEquals(regionType, RegionType);
+
+ String EntryCount = driver.findElement(By.xpath("//div[@id='_tooltip']/div/div/div[2]/div[2]/div[2]/div"))
+ .getText();
+ String entryCount = JMXProperties.getInstance().getProperty(
+ "region.R2.systemRegionEntryCount");
+ Assert.assertEquals(entryCount, EntryCount);
+
+ String EntrySizetemp = driver.findElement(By.xpath("//div[@id='_tooltip']/div/div/div[2]/div[3]/div[2]/div"))
+ .getText();
+ float EntrySize = Float.parseFloat(EntrySizetemp);
+ float entrySize = Float.parseFloat(JMXProperties.getInstance().getProperty(
+ "region.R2.entrySize"));
+ entrySize = entrySize / 1024 / 1024;
+ entrySize = Float.parseFloat(new DecimalFormat("##.####")
.format(entrySize));
- Assert.assertEquals(entrySize, EntrySize);
- builder.moveToElement(TreeMapMember).release().perform();
+ Assert.assertEquals(entrySize, EntrySize);
+ builder.moveToElement(TreeMapMember).release().perform();
}
-
+
@Test
public void testRegionViewTreeMapPopUpData() {
- searchByLinkAndClick(CLUSTER_VIEW_LABEL);
- searchByLinkAndClick(DATA_DROPDOWN_ID);
- WebElement TreeMapMember = driver.findElement(By.id("GraphTreeMapClusterData-canvas"));
- TreeMapMember.click();
+ searchByLinkAndClick(CLUSTER_VIEW_LABEL);
+ searchByLinkAndClick(DATA_DROPDOWN_ID);
+ WebElement TreeMapMember = driver.findElement(By.id("GraphTreeMapClusterData-canvas"));
+ TreeMapMember.click();
}
@Ignore("WIP")
@Test
- public void testNumberOfRegions() throws InterruptedException{
-
- driver.findElement(By.xpath("//a[text()='Data Browser']")).click();
-
- Thread.sleep(1000);
- List<WebElement> regionList = driver.findElements(By.xpath("//ul[@id='treeDemo']/li"));
- String regions = JMXProperties.getInstance().getProperty("regions");
- String []regionName = regions.split(" ");
- for (String string : regionName) {
- }
- //JMXProperties.getInstance().getProperty("region.R1.regionType");
- int i=1;
- for (WebElement webElement : regionList) {
- //webElement.getAttribute(arg0)
- i++;
- }
-
- driver.findElement(By.id("treeDemo_1_check")).click();
-
- List<WebElement> memeberList = driver.findElements(By.xpath("//ul[@id='membersList']/li"));
- int j=0;
- for (WebElement webElement : memeberList) {
- j++;
- }
+ public void testNumberOfRegions() throws InterruptedException {
+
+ driver.findElement(By.xpath("//a[text()='Data Browser']")).click();
+
+ Thread.sleep(1000);
+ List<WebElement> regionList = driver.findElements(By.xpath("//ul[@id='treeDemo']/li"));
+ String regions = JMXProperties.getInstance().getProperty("regions");
+ String[] regionName = regions.split(" ");
+ for (String string : regionName) {
+ }
+ //JMXProperties.getInstance().getProperty("region.R1.regionType");
+ int i = 1;
+ for (WebElement webElement : regionList) {
+ //webElement.getAttribute(arg0)
+ i++;
+ }
+
+ driver.findElement(By.id("treeDemo_1_check")).click();
+
+ List<WebElement> memeberList = driver.findElements(By.xpath("//ul[@id='membersList']/li"));
+ int j = 0;
+ for (WebElement webElement : memeberList) {
+ j++;
+ }
}
@Ignore("WIP")
@Test
- public void testDataBrowser(){
-
- driver.findElement(By.linkText("Data Browser")).click();
- // WebElement dataBrowserLabel = driver.findElement(By.xpath(""));
- WebDriverWait wait = new WebDriverWait(driver, 20);
- wait.until(ExpectedConditions.visibilityOf(driver.findElement(By.xpath("//label[text()='Data Browser']"))));
-
-
- // Verify all elements must be displayed on data browser screen
- Assert.assertTrue(driver.findElement(By.xpath("//a[text()='Data Regions']")).isDisplayed());
- Assert.assertTrue(driver.findElement(By.id("linkColocatedRegions")).isDisplayed());
- Assert.assertTrue(driver.findElement(By.linkText("All Regions")).isDisplayed());
-
- Assert.assertTrue(driver.findElement(By.xpath("//a[text()='Region Members']")).isDisplayed());
-
- Assert.assertTrue(driver.findElement(By.xpath("//a[text()='Queries']")).isDisplayed());
- Assert.assertTrue(driver.findElement(By.xpath("//label[text()='Query Editor']")).isDisplayed());
- Assert.assertTrue(driver.findElement(By.xpath("//label[text()='Result']")).isDisplayed());
- Assert.assertTrue(driver.findElement(By.xpath("//input[@value='Export Result']")).isDisplayed());
- Assert.assertTrue(driver.findElement(By.id("btnExecuteQuery")).isDisplayed());
- Assert.assertTrue(driver.findElement(By.xpath("//input[@value='Clear']")).isDisplayed());
- Assert.assertTrue(driver.findElement(By.id("dataBrowserQueryText")).isDisplayed());
-
- Assert.assertTrue(driver.findElement(By.id("historyIcon")).isDisplayed());
-
- //Actual query execution
-
- driver.findElement(By.id("dataBrowserQueryText")).sendKeys("Query1");
-
- // Assert data regions are displayed
- Assert.assertTrue(driver.findElement(By.id("treeDemo_1")).isDisplayed());
+ public void testDataBrowser() {
+
+ driver.findElement(By.linkText("Data Browser")).click();
+ // WebElement dataBrowserLabel = driver.findElement(By.xpath(""));
+ WebDriverWait wait = new WebDriverWait(driver, 20);
+ wait.until(ExpectedConditions.visibilityOf(driver.findElement(By.xpath("//label[text()='Data Browser']"))));
+
+
+ // Verify all elements must be displayed on data browser screen
+ Assert.assertTrue(driver.findElement(By.xpath("//a[text()='Data Regions']")).isDisplayed());
+ Assert.assertTrue(driver.findElement(By.id("linkColocatedRegions")).isDisplayed());
+ Assert.assertTrue(driver.findElement(By.linkText("All Regions")).isDisplayed());
+
+ Assert.assertTrue(driver.findElement(By.xpath("//a[text()='Region Members']")).isDisplayed());
+
+ Assert.assertTrue(driver.findElement(By.xpath("//a[text()='Queries']")).isDisplayed());
+ Assert.assertTrue(driver.findElement(By.xpath("//label[text()='Query Editor']")).isDisplayed());
+ Assert.assertTrue(driver.findElement(By.xpath("//label[text()='Result']")).isDisplayed());
+ Assert.assertTrue(driver.findElement(By.xpath("//input[@value='Export Result']")).isDisplayed());
+ Assert.assertTrue(driver.findElement(By.id("btnExecuteQuery")).isDisplayed());
+ Assert.assertTrue(driver.findElement(By.xpath("//input[@value='Clear']")).isDisplayed());
+ Assert.assertTrue(driver.findElement(By.id("dataBrowserQueryText")).isDisplayed());
+
+ Assert.assertTrue(driver.findElement(By.id("historyIcon")).isDisplayed());
+
+ //Actual query execution
+
+ driver.findElement(By.id("dataBrowserQueryText")).sendKeys("Query1");
+
+ // Assert data regions are displayed
+ Assert.assertTrue(driver.findElement(By.id("treeDemo_1")).isDisplayed());
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Region.java
----------------------------------------------------------------------
diff --git a/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Region.java b/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Region.java
index 1770dd5..ae8cc92 100644
--- a/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Region.java
+++ b/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Region.java
@@ -38,7 +38,7 @@ public class Region extends JMXBaseBean implements RegionMBean {
"enableOffHeapMemory", "scope", "diskStoreName",
"diskSynchronous" };
private static OpenType[] regAttItemTypes = { SimpleType.STRING,
- SimpleType.BOOLEAN, SimpleType.BOOLEAN, SimpleType.STRING,
+ SimpleType.BOOLEAN, SimpleType.STRING,
SimpleType.STRING, SimpleType.BOOLEAN };
private static CompositeType listRegionAttributesCompData = null;
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-web/src/main/webapp/WEB-INF/gemfire-servlet.xml
----------------------------------------------------------------------
diff --git a/geode-web/src/main/webapp/WEB-INF/gemfire-servlet.xml b/geode-web/src/main/webapp/WEB-INF/gemfire-servlet.xml
index eb1a533..ce65933 100644
--- a/geode-web/src/main/webapp/WEB-INF/gemfire-servlet.xml
+++ b/geode-web/src/main/webapp/WEB-INF/gemfire-servlet.xml
@@ -53,7 +53,7 @@ limitations under the License.
</mvc:annotation-driven>
<mvc:interceptors>
- <bean class="com.gemstone.gemfire.management.internal.web.controllers.support.EnvironmentVariablesHandlerInterceptor"/>
+ <bean class="com.gemstone.gemfire.management.internal.web.controllers.support.LoginHandlerInterceptor"/>
</mvc:interceptors>
</beans>
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-web/src/test/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptorJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-web/src/test/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptorJUnitTest.java b/geode-web/src/test/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptorJUnitTest.java
deleted file mode 100644
index 4b9e303..0000000
--- a/geode-web/src/test/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptorJUnitTest.java
+++ /dev/null
@@ -1,272 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.management.internal.web.controllers.support;
-
-import com.gemstone.gemfire.test.junit.categories.UnitTest;
-import edu.umd.cs.mtc.MultithreadedTestCase;
-import edu.umd.cs.mtc.TestFramework;
-import org.jmock.Expectations;
-import org.jmock.Mockery;
-import org.jmock.lib.concurrent.Synchroniser;
-import org.jmock.lib.legacy.ClassImposteriser;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import javax.servlet.http.HttpServletRequest;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
-
-import static org.junit.Assert.*;
-
-/**
- * The EnvironmentVariablesHandlerInterceptorJUnitTest class is a test suite of test cases to test the contract
- * and functionality of the Spring HandlerInterceptor, EnvironmentVariablesHandlerInterceptor class.
- *
- * @see org.jmock.Mockery
- * @see org.junit.Assert
- * @see org.junit.Test
- * @since 8.0
- */
-@Category(UnitTest.class)
-public class EnvironmentVariablesHandlerInterceptorJUnitTest {
-
- private Mockery mockContext;
-
- @Before
- public void setUp() {
- mockContext = new Mockery();
- mockContext.setImposteriser(ClassImposteriser.INSTANCE);
- mockContext.setThreadingPolicy(new Synchroniser());
- }
-
- @After
- public void tearDown() {
- mockContext.assertIsSatisfied();
- mockContext = null;
- }
-
- protected String createEnvironmentVariable(final String name) {
- return (EnvironmentVariablesHandlerInterceptor.ENVIRONMENT_VARIABLE_REQUEST_PARAMETER_PREFIX + name);
- }
-
- protected <T> Enumeration<T> enumeration(final Iterator<T> iterator) {
- return new Enumeration<T>() {
- public boolean hasMoreElements() {
- return iterator.hasNext();
- }
- public T nextElement() {
- return iterator.next();
- }
- };
- }
-
- @Test
- public void testPreHandleAfterCompletion() throws Exception {
- final Map<String, String> requestParameters = new HashMap<>(2);
- final Map<String, String> requestHeaders = new HashMap<>();
-
- requestParameters.put("parameter", "one");
- requestParameters.put(createEnvironmentVariable("variable"), "two");
-
- final HttpServletRequest mockHttpRequest = mockContext.mock(HttpServletRequest.class, "testPreHandleAfterCompletion.HttpServletRequest");
-
- mockContext.checking(new Expectations() {{
- oneOf(mockHttpRequest).getParameterNames();
- will(returnValue(enumeration(requestParameters.keySet().iterator())));
- oneOf(mockHttpRequest).getHeaderNames();
- will(returnValue(enumeration(requestHeaders.keySet().iterator())));
- oneOf(mockHttpRequest).getParameter(with(equal(createEnvironmentVariable("variable"))));
- will(returnValue(requestParameters.get(createEnvironmentVariable("variable"))));
- }});
-
- EnvironmentVariablesHandlerInterceptor handlerInterceptor = new EnvironmentVariablesHandlerInterceptor();
-
- Map<String, String> envBefore = EnvironmentVariablesHandlerInterceptor.getEnvironment();
-
- assertNotNull(envBefore);
- assertTrue(envBefore.isEmpty());
- assertTrue(handlerInterceptor.preHandle(mockHttpRequest, null, null));
-
- Map<String, String> envSet = EnvironmentVariablesHandlerInterceptor.getEnvironment();
-
- assertNotNull(envSet);
- assertNotSame(envBefore, envSet);
- assertEquals(1, envSet.size());
- assertTrue(envSet.containsKey("variable"));
- assertEquals("two", envSet.get("variable"));
-
- handlerInterceptor.afterCompletion(mockHttpRequest, null, null, null);
-
- Map<String, String> envAfter = EnvironmentVariablesHandlerInterceptor.getEnvironment();
-
- assertNotNull(envAfter);
- assertTrue(envAfter.isEmpty());
- }
-
- @Test
- public void testHandlerInterceptorThreadSafety() throws Throwable {
- TestFramework.runOnce(new HandlerInterceptorThreadSafetyMultiThreadedTestCase());
- }
-
- protected final class HandlerInterceptorThreadSafetyMultiThreadedTestCase extends MultithreadedTestCase {
-
- private EnvironmentVariablesHandlerInterceptor handlerInterceptor;
-
- private HttpServletRequest mockHttpRequestOne;
- private HttpServletRequest mockHttpRequestTwo;
-
- @Override
- public void initialize() {
- super.initialize();
-
- final Map<String, String> requestParametersOne = new HashMap<>(3);
- final Map<String, String> requestHeaders = new HashMap<>();
-
- requestParametersOne.put("param", "one");
- requestParametersOne.put(createEnvironmentVariable("STAGE"), "test");
- requestParametersOne.put(createEnvironmentVariable("GEMFIRE"), "/path/to/gemfire/700");
-
- mockHttpRequestOne = mockContext.mock(HttpServletRequest.class, "testHandlerInterceptorThreadSafety.HttpServletRequest.1");
-
- mockContext.checking(new Expectations() {{
- oneOf(mockHttpRequestOne).getParameterNames();
- will(returnValue(enumeration(requestParametersOne.keySet().iterator())));
- oneOf(mockHttpRequestOne).getHeaderNames();
- will(returnValue(enumeration(requestHeaders.keySet().iterator())));
- oneOf(mockHttpRequestOne).getParameter(with(equal(createEnvironmentVariable("STAGE"))));
- will(returnValue(requestParametersOne.get(createEnvironmentVariable("STAGE"))));
- oneOf(mockHttpRequestOne).getParameter(with(equal(createEnvironmentVariable("GEMFIRE"))));
- will(returnValue(requestParametersOne.get(createEnvironmentVariable("GEMFIRE"))));
- }});
-
- mockHttpRequestTwo = mockContext.mock(HttpServletRequest.class, "testHandlerInterceptorThreadSafety.HttpServletRequest.2");
-
- final Map<String, String> requestParametersTwo = new HashMap<>(3);
-
- requestParametersTwo.put("parameter", "two");
- requestParametersTwo.put(createEnvironmentVariable("HOST"), "localhost");
- requestParametersTwo.put(createEnvironmentVariable("GEMFIRE"), "/path/to/gemfire/75");
-
- mockContext.checking(new Expectations() {{
- oneOf(mockHttpRequestTwo).getParameterNames();
- will(returnValue(enumeration(requestParametersTwo.keySet().iterator())));
- oneOf(mockHttpRequestTwo).getHeaderNames();
- will(returnValue(enumeration(requestHeaders.keySet().iterator())));
- oneOf(mockHttpRequestTwo).getParameter(with(equal(createEnvironmentVariable("HOST"))));
- will(returnValue(requestParametersTwo.get(createEnvironmentVariable("HOST"))));
- oneOf(mockHttpRequestTwo).getParameter(with(equal(createEnvironmentVariable("GEMFIRE"))));
- will(returnValue(requestParametersTwo.get(createEnvironmentVariable("GEMFIRE"))));
- }});
-
- handlerInterceptor = new EnvironmentVariablesHandlerInterceptor();
- }
-
- public void thread1() throws Exception {
- assertTick(0);
- Thread.currentThread().setName("HTTP Request Processing Thread 1");
-
- Map<String, String> env = EnvironmentVariablesHandlerInterceptor.getEnvironment();
-
- assertNotNull(env);
- assertTrue(env.isEmpty());
- assertTrue(handlerInterceptor.preHandle(mockHttpRequestOne, null, null));
-
- env = EnvironmentVariablesHandlerInterceptor.getEnvironment();
-
- assertNotNull(env);
- assertEquals(2, env.size());
- assertFalse(env.containsKey("param"));
- assertFalse(env.containsKey("parameter"));
- assertFalse(env.containsKey("HOST"));
- assertEquals("test", env.get("STAGE"));
- assertEquals("/path/to/gemfire/700", env.get("GEMFIRE"));
-
- waitForTick(2);
-
- env = EnvironmentVariablesHandlerInterceptor.getEnvironment();
-
- assertNotNull(env);
- assertEquals(2, env.size());
- assertFalse(env.containsKey("param"));
- assertFalse(env.containsKey("parameter"));
- assertFalse(env.containsKey("HOST"));
- assertEquals("test", env.get("STAGE"));
- assertEquals("/path/to/gemfire/700", env.get("GEMFIRE"));
-
- waitForTick(4);
-
- env = EnvironmentVariablesHandlerInterceptor.getEnvironment();
-
- assertNotNull(env);
- assertEquals(2, env.size());
- assertFalse(env.containsKey("param"));
- assertFalse(env.containsKey("parameter"));
- assertFalse(env.containsKey("HOST"));
- assertEquals("test", env.get("STAGE"));
- assertEquals("/path/to/gemfire/700", env.get("GEMFIRE"));
-
- handlerInterceptor.afterCompletion(mockHttpRequestOne, null, null, null);
-
- env = EnvironmentVariablesHandlerInterceptor.getEnvironment();
-
- assertNotNull(env);
- assertTrue(env.isEmpty());
- }
-
- public void thread2() throws Exception {
- assertTick(0);
- Thread.currentThread().setName("HTTP Request Processing Thread 2");
- waitForTick(1);
-
- Map<String, String> env = EnvironmentVariablesHandlerInterceptor.getEnvironment();
-
- assertNotNull(env);
- assertTrue(env.isEmpty());
- assertTrue(handlerInterceptor.preHandle(mockHttpRequestTwo, null, null));
-
- env = EnvironmentVariablesHandlerInterceptor.getEnvironment();
-
- assertNotNull(env);
- assertEquals(2, env.size());
- assertFalse(env.containsKey("parameter"));
- assertFalse(env.containsKey("param"));
- assertFalse(env.containsKey("STAGE"));
- assertEquals("localhost", env.get("HOST"));
- assertEquals("/path/to/gemfire/75", env.get("GEMFIRE"));
-
- waitForTick(3);
-
- handlerInterceptor.afterCompletion(mockHttpRequestTwo, null, null, null);
-
- env = EnvironmentVariablesHandlerInterceptor.getEnvironment();
-
- assertNotNull(env);
- assertTrue(env.isEmpty());
- }
-
- @Override
- public void finish() {
- super.finish();
- handlerInterceptor = null;
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-web/src/test/java/com/gemstone/gemfire/management/internal/web/controllers/support/LoginHandlerInterceptorJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-web/src/test/java/com/gemstone/gemfire/management/internal/web/controllers/support/LoginHandlerInterceptorJUnitTest.java b/geode-web/src/test/java/com/gemstone/gemfire/management/internal/web/controllers/support/LoginHandlerInterceptorJUnitTest.java
new file mode 100644
index 0000000..ef405db
--- /dev/null
+++ b/geode-web/src/test/java/com/gemstone/gemfire/management/internal/web/controllers/support/LoginHandlerInterceptorJUnitTest.java
@@ -0,0 +1,274 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.management.internal.web.controllers.support;
+
+import static org.junit.Assert.*;
+
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+import javax.servlet.http.HttpServletRequest;
+
+import com.gemstone.gemfire.test.junit.categories.UnitTest;
+
+import edu.umd.cs.mtc.MultithreadedTestCase;
+import edu.umd.cs.mtc.TestFramework;
+
+import org.jmock.Expectations;
+import org.jmock.Mockery;
+import org.jmock.lib.concurrent.Synchroniser;
+import org.jmock.lib.legacy.ClassImposteriser;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+/**
+ * The LoginHandlerInterceptorJUnitTest class is a test suite of test cases to test the contract
+ * and functionality of the Spring HandlerInterceptor, LoginHandlerInterceptor class.
+ *
+ * @see org.jmock.Mockery
+ * @see org.junit.Assert
+ * @see org.junit.Test
+ * @since 8.0
+ */
+@Category(UnitTest.class)
+public class LoginHandlerInterceptorJUnitTest {
+
+ private Mockery mockContext;
+
+ @Before
+ public void setUp() {
+ mockContext = new Mockery();
+ mockContext.setImposteriser(ClassImposteriser.INSTANCE);
+ mockContext.setThreadingPolicy(new Synchroniser());
+ }
+
+ @After
+ public void tearDown() {
+ mockContext.assertIsSatisfied();
+ mockContext = null;
+ }
+
+ protected String createEnvironmentVariable(final String name) {
+ return (LoginHandlerInterceptor.ENVIRONMENT_VARIABLE_REQUEST_PARAMETER_PREFIX + name);
+ }
+
+ protected <T> Enumeration<T> enumeration(final Iterator<T> iterator) {
+ return new Enumeration<T>() {
+ public boolean hasMoreElements() {
+ return iterator.hasNext();
+ }
+ public T nextElement() {
+ return iterator.next();
+ }
+ };
+ }
+
+ @Test
+ public void testPreHandleAfterCompletion() throws Exception {
+ final Map<String, String> requestParameters = new HashMap<>(2);
+ final Map<String, String> requestHeaders = new HashMap<>();
+
+ requestParameters.put("parameter", "one");
+ requestParameters.put(createEnvironmentVariable("variable"), "two");
+
+ final HttpServletRequest mockHttpRequest = mockContext.mock(HttpServletRequest.class, "testPreHandleAfterCompletion.HttpServletRequest");
+
+ mockContext.checking(new Expectations() {{
+ oneOf(mockHttpRequest).getParameterNames();
+ will(returnValue(enumeration(requestParameters.keySet().iterator())));
+ oneOf(mockHttpRequest).getHeaderNames();
+ will(returnValue(enumeration(requestHeaders.keySet().iterator())));
+ oneOf(mockHttpRequest).getParameter(with(equal(createEnvironmentVariable("variable"))));
+ will(returnValue(requestParameters.get(createEnvironmentVariable("variable"))));
+ }});
+
+ LoginHandlerInterceptor handlerInterceptor = new LoginHandlerInterceptor();
+
+ Map<String, String> envBefore = LoginHandlerInterceptor.getEnvironment();
+
+ assertNotNull(envBefore);
+ assertTrue(envBefore.isEmpty());
+ assertTrue(handlerInterceptor.preHandle(mockHttpRequest, null, null));
+
+ Map<String, String> envSet = LoginHandlerInterceptor.getEnvironment();
+
+ assertNotNull(envSet);
+ assertNotSame(envBefore, envSet);
+ assertEquals(1, envSet.size());
+ assertTrue(envSet.containsKey("variable"));
+ assertEquals("two", envSet.get("variable"));
+
+ handlerInterceptor.afterCompletion(mockHttpRequest, null, null, null);
+
+ Map<String, String> envAfter = LoginHandlerInterceptor.getEnvironment();
+
+ assertNotNull(envAfter);
+ assertTrue(envAfter.isEmpty());
+ }
+
+ @Test
+ public void testHandlerInterceptorThreadSafety() throws Throwable {
+ TestFramework.runOnce(new HandlerInterceptorThreadSafetyMultiThreadedTestCase());
+ }
+
+ protected final class HandlerInterceptorThreadSafetyMultiThreadedTestCase extends MultithreadedTestCase {
+
+ private LoginHandlerInterceptor handlerInterceptor;
+
+ private HttpServletRequest mockHttpRequestOne;
+ private HttpServletRequest mockHttpRequestTwo;
+
+ @Override
+ public void initialize() {
+ super.initialize();
+
+ final Map<String, String> requestParametersOne = new HashMap<>(3);
+ final Map<String, String> requestHeaders = new HashMap<>();
+
+ requestParametersOne.put("param", "one");
+ requestParametersOne.put(createEnvironmentVariable("STAGE"), "test");
+ requestParametersOne.put(createEnvironmentVariable("GEMFIRE"), "/path/to/gemfire/700");
+
+ mockHttpRequestOne = mockContext.mock(HttpServletRequest.class, "testHandlerInterceptorThreadSafety.HttpServletRequest.1");
+
+ mockContext.checking(new Expectations() {{
+ oneOf(mockHttpRequestOne).getParameterNames();
+ will(returnValue(enumeration(requestParametersOne.keySet().iterator())));
+ oneOf(mockHttpRequestOne).getHeaderNames();
+ will(returnValue(enumeration(requestHeaders.keySet().iterator())));
+ oneOf(mockHttpRequestOne).getParameter(with(equal(createEnvironmentVariable("STAGE"))));
+ will(returnValue(requestParametersOne.get(createEnvironmentVariable("STAGE"))));
+ oneOf(mockHttpRequestOne).getParameter(with(equal(createEnvironmentVariable("GEMFIRE"))));
+ will(returnValue(requestParametersOne.get(createEnvironmentVariable("GEMFIRE"))));
+ }});
+
+ mockHttpRequestTwo = mockContext.mock(HttpServletRequest.class, "testHandlerInterceptorThreadSafety.HttpServletRequest.2");
+
+ final Map<String, String> requestParametersTwo = new HashMap<>(3);
+
+ requestParametersTwo.put("parameter", "two");
+ requestParametersTwo.put(createEnvironmentVariable("HOST"), "localhost");
+ requestParametersTwo.put(createEnvironmentVariable("GEMFIRE"), "/path/to/gemfire/75");
+
+ mockContext.checking(new Expectations() {{
+ oneOf(mockHttpRequestTwo).getParameterNames();
+ will(returnValue(enumeration(requestParametersTwo.keySet().iterator())));
+ oneOf(mockHttpRequestTwo).getHeaderNames();
+ will(returnValue(enumeration(requestHeaders.keySet().iterator())));
+ oneOf(mockHttpRequestTwo).getParameter(with(equal(createEnvironmentVariable("HOST"))));
+ will(returnValue(requestParametersTwo.get(createEnvironmentVariable("HOST"))));
+ oneOf(mockHttpRequestTwo).getParameter(with(equal(createEnvironmentVariable("GEMFIRE"))));
+ will(returnValue(requestParametersTwo.get(createEnvironmentVariable("GEMFIRE"))));
+ }});
+
+ handlerInterceptor = new LoginHandlerInterceptor();
+ }
+
+ public void thread1() throws Exception {
+ assertTick(0);
+ Thread.currentThread().setName("HTTP Request Processing Thread 1");
+
+ Map<String, String> env = LoginHandlerInterceptor.getEnvironment();
+
+ assertNotNull(env);
+ assertTrue(env.isEmpty());
+ assertTrue(handlerInterceptor.preHandle(mockHttpRequestOne, null, null));
+
+ env = LoginHandlerInterceptor.getEnvironment();
+
+ assertNotNull(env);
+ assertEquals(2, env.size());
+ assertFalse(env.containsKey("param"));
+ assertFalse(env.containsKey("parameter"));
+ assertFalse(env.containsKey("HOST"));
+ assertEquals("test", env.get("STAGE"));
+ assertEquals("/path/to/gemfire/700", env.get("GEMFIRE"));
+
+ waitForTick(2);
+
+ env = LoginHandlerInterceptor.getEnvironment();
+
+ assertNotNull(env);
+ assertEquals(2, env.size());
+ assertFalse(env.containsKey("param"));
+ assertFalse(env.containsKey("parameter"));
+ assertFalse(env.containsKey("HOST"));
+ assertEquals("test", env.get("STAGE"));
+ assertEquals("/path/to/gemfire/700", env.get("GEMFIRE"));
+
+ waitForTick(4);
+
+ env = LoginHandlerInterceptor.getEnvironment();
+
+ assertNotNull(env);
+ assertEquals(2, env.size());
+ assertFalse(env.containsKey("param"));
+ assertFalse(env.containsKey("parameter"));
+ assertFalse(env.containsKey("HOST"));
+ assertEquals("test", env.get("STAGE"));
+ assertEquals("/path/to/gemfire/700", env.get("GEMFIRE"));
+
+ handlerInterceptor.afterCompletion(mockHttpRequestOne, null, null, null);
+
+ env = LoginHandlerInterceptor.getEnvironment();
+
+ assertNotNull(env);
+ assertTrue(env.isEmpty());
+ }
+
+ public void thread2() throws Exception {
+ assertTick(0);
+ Thread.currentThread().setName("HTTP Request Processing Thread 2");
+ waitForTick(1);
+
+ Map<String, String> env = LoginHandlerInterceptor.getEnvironment();
+
+ assertNotNull(env);
+ assertTrue(env.isEmpty());
+ assertTrue(handlerInterceptor.preHandle(mockHttpRequestTwo, null, null));
+
+ env = LoginHandlerInterceptor.getEnvironment();
+
+ assertNotNull(env);
+ assertEquals(2, env.size());
+ assertFalse(env.containsKey("parameter"));
+ assertFalse(env.containsKey("param"));
+ assertFalse(env.containsKey("STAGE"));
+ assertEquals("localhost", env.get("HOST"));
+ assertEquals("/path/to/gemfire/75", env.get("GEMFIRE"));
+
+ waitForTick(3);
+
+ handlerInterceptor.afterCompletion(mockHttpRequestTwo, null, null, null);
+
+ env = LoginHandlerInterceptor.getEnvironment();
+
+ assertNotNull(env);
+ assertTrue(env.isEmpty());
+ }
+
+ @Override
+ public void finish() {
+ super.finish();
+ handlerInterceptor = null;
+ }
+ }
+
+}
[2/5] incubator-geode git commit: Merge branch 'develop' into
feature/GEODE-17-2
Posted by ji...@apache.org.
Merge branch 'develop' into feature/GEODE-17-2
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/0c0825af
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/0c0825af
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/0c0825af
Branch: refs/heads/feature/GEODE-17-2
Commit: 0c0825afc2ca492d17b6b1332ee7e5278282bb7f
Parents: f446bbe a254c42
Author: Jinmei Liao <ji...@pivotal.io>
Authored: Fri Apr 29 08:22:01 2016 -0700
Committer: Jinmei Liao <ji...@pivotal.io>
Committed: Fri Apr 29 08:22:01 2016 -0700
----------------------------------------------------------------------
.../internal/cache/FixedPRSinglehopDUnitTest.java | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
----------------------------------------------------------------------
[5/5] incubator-geode git commit: GEODE-17: enhance the
GeodeSecurityUtil and review changes
Posted by ji...@apache.org.
GEODE-17: enhance the GeodeSecurityUtil and review changes
* allow operations that does not require any authorizations
* put/get, import/export and locate entry will check region access
* rename EnvronmentVariablesHandlerInterceptor
* rename ShiroUtil to GeodeSecurityUtil
* reformat code and review changes
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/7c38f0d8
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/7c38f0d8
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/7c38f0d8
Branch: refs/heads/feature/GEODE-17-2
Commit: 7c38f0d8811874509ae93dbd9a4a9f7b05ce0d01
Parents: 0c0825a
Author: Jinmei Liao <ji...@pivotal.io>
Authored: Tue Apr 26 07:30:27 2016 -0700
Committer: Jinmei Liao <ji...@pivotal.io>
Committed: Fri Apr 29 08:29:28 2016 -0700
----------------------------------------------------------------------
.../cache/operations/OperationContext.java | 13 +-
.../management/DistributedSystemMXBean.java | 6 +-
.../gemfire/management/MemberMXBean.java | 10 +-
.../CreateAlterDestroyRegionCommands.java | 12 +-
.../internal/cli/commands/DataCommands.java | 22 +-
.../internal/cli/commands/RegionCommands.java | 3 +-
.../internal/cli/remote/CommandProcessor.java | 7 +-
.../internal/security/AccessControlMBean.java | 4 +-
.../internal/security/MBeanServerWrapper.java | 23 +-
.../internal/security/ResourceOperation.java | 13 +-
.../security/ResourceOperationContext.java | 45 +-
.../controllers/AbstractCommandsController.java | 17 +-
.../EnvironmentVariablesHandlerInterceptor.java | 121 ---
.../support/LoginHandlerInterceptor.java | 122 +++
.../web/shell/RestHttpOperationInvoker.java | 4 -
.../gemfire/security/CustomAuthRealm.java | 7 +-
.../gemfire/security/GeodeSecurityUtil.java | 163 ++++
.../gemfire/security/JMXShiroAuthenticator.java | 4 +-
.../gemstone/gemfire/security/ShiroUtil.java | 116 ---
.../CacheServerMBeanAuthorizationJUnitTest.java | 26 +-
.../CacheServerMBeanShiroJUnitTest.java | 36 +-
.../security/CliCommandsSecurityTest.java | 17 +-
.../security/DataCommandsSecurityTest.java | 7 +-
.../DiskStoreMXBeanSecurityJUnitTest.java | 20 +-
.../GatewayReceiverMBeanSecurityTest.java | 17 +-
.../GatewaySenderMBeanSecurityTest.java | 24 +-
.../GeodeSecurityUtilCustomRealmJUnitTest.java | 52 ++
.../GeodeSecurityUtilWithIniFileJUnitTest.java | 147 +++
.../security/GfshCommandsSecurityTest.java | 6 +-
.../internal/security/JSONAuthorization.java | 77 +-
.../LockServiceMBeanAuthorizationJUnitTest.java | 10 +-
.../ManagerMBeanAuthorizationJUnitTest.java | 4 +-
.../security/MemberMBeanSecurityJUnitTest.java | 30 +-
.../ResourceOperationContextJUnitTest.java | 88 ++
.../internal/security/TestCommand.java | 178 ++--
.../management/internal/security/auth3.json | 2 +-
.../internal/security/cacheServer.json | 10 +-
.../management/internal/security/shiro-ini.json | 87 ++
.../internal/security/testInheritRole.json | 40 -
.../security/testSimpleUserAndRole.json | 18 -
.../testUserAndRoleRegionServerGroup.json | 20 -
.../internal/security/testUserMultipleRole.json | 26 -
geode-core/src/test/resources/shiro.ini | 13 +-
.../junit/rules/DescribedExternalResource.java | 11 +-
.../security/GemFireAuthentication.java | 114 +--
.../security/GemFireAuthenticationProvider.java | 9 +-
.../pulse/internal/security/LogoutHandler.java | 12 +-
.../tools/pulse/tests/PulseAbstractTest.java | 904 ++++++++++---------
.../gemfire/tools/pulse/tests/Region.java | 2 +-
.../src/main/webapp/WEB-INF/gemfire-servlet.xml | 2 +-
...entVariablesHandlerInterceptorJUnitTest.java | 272 ------
.../LoginHandlerInterceptorJUnitTest.java | 274 ++++++
52 files changed, 1758 insertions(+), 1509 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java b/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
index dd290c5..b632edb 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
@@ -33,6 +33,7 @@ import org.apache.shiro.authz.permission.WildcardPermission;
public abstract class OperationContext extends WildcardPermission{
public enum Resource {
+ NULL,
CLUSTER,
DATA
};
@@ -76,6 +77,7 @@ public abstract class OperationContext extends WildcardPermission{
EXECUTE_FUNCTION,
@Deprecated
GET_DURABLE_CQS,
+ NULL,
MANAGE,
WRITE,
READ;
@@ -298,11 +300,15 @@ public abstract class OperationContext extends WildcardPermission{
public abstract OperationCode getOperationCode();
public Resource getResource(){
- return Resource.DATA;
+ return Resource.NULL;
}
+ /**
+ *
+ * @return
+ */
public String getRegionName(){
- return null;
+ return "NULL";
}
/**
@@ -356,7 +362,4 @@ public abstract class OperationContext extends WildcardPermission{
|| opCode.isRegionDestroy() || opCode.isRegionClear());
}
- public String toString(){
- return getResource() + ":"+ getOperationCode();
- }
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/management/DistributedSystemMXBean.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/DistributedSystemMXBean.java b/geode-core/src/main/java/com/gemstone/gemfire/management/DistributedSystemMXBean.java
index a27d92f..6dac6af 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/DistributedSystemMXBean.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/DistributedSystemMXBean.java
@@ -72,14 +72,16 @@ import com.gemstone.gemfire.management.internal.security.ResourceOperation;
* @since 7.0
*
*/
-//@ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
+@ResourceOperation(resource = Resource.CLUSTER, operation = OperationCode.READ)
public interface DistributedSystemMXBean {
/**
* Returns the ID of thie DistributedSystem.
+ * allow anyone to access this method
*
* @return The DistributedSystem ID or -1 if not set.
*/
+ @ResourceOperation()
public int getDistributedSystemId();
/**
@@ -351,7 +353,9 @@ public interface DistributedSystemMXBean {
/**
* Returns the object name for a {@link MemberMXBean} used to access
* this distributed member.
+ * allow anyone to access this method
*/
+ @ResourceOperation()
public ObjectName getMemberObjectName();
/**
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/management/MemberMXBean.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/MemberMXBean.java b/geode-core/src/main/java/com/gemstone/gemfire/management/MemberMXBean.java
index 5f656a9..c5d9933 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/MemberMXBean.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/MemberMXBean.java
@@ -16,13 +16,12 @@
*/
package com.gemstone.gemfire.management;
-import com.gemstone.gemfire.distributed.DistributedMember;
-import com.gemstone.gemfire.management.internal.security.ResourceOperation;
+import static com.gemstone.gemfire.cache.operations.OperationContext.*;
import java.util.Map;
-import static com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import static com.gemstone.gemfire.cache.operations.OperationContext.Resource;
+import com.gemstone.gemfire.distributed.DistributedMember;
+import com.gemstone.gemfire.management.internal.security.ResourceOperation;
/**
* MBean that provides access to information and management functionality for a
@@ -199,6 +198,7 @@ public interface MemberMXBean {
*
* @return Result of the execution in JSON format.
*/
+ @ResourceOperation()
String processCommand(String commandString);
/**
@@ -210,6 +210,7 @@ public interface MemberMXBean {
* Environmental properties to use during command execution.
* @return Result of the execution in JSON format.
*/
+ @ResourceOperation()
String processCommand(String commandString, Map<String, String> env);
/**
@@ -223,6 +224,7 @@ public interface MemberMXBean {
* Binary data specific to the command being executed.
* @return Result of the execution in JSON format.
*/
+ @ResourceOperation()
String processCommand(String commandString, Map<String, String> env, Byte[][] binaryData);
/**
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/CreateAlterDestroyRegionCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/CreateAlterDestroyRegionCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/CreateAlterDestroyRegionCommands.java
index cdbd3db..06c096f 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/CreateAlterDestroyRegionCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/CreateAlterDestroyRegionCommands.java
@@ -79,7 +79,7 @@ import com.gemstone.gemfire.management.internal.cli.util.RegionPath;
import com.gemstone.gemfire.management.internal.configuration.SharedConfigurationWriter;
import com.gemstone.gemfire.management.internal.configuration.domain.XmlEntity;
import com.gemstone.gemfire.management.internal.security.ResourceOperation;
-import com.gemstone.gemfire.security.ShiroUtil;
+
import org.springframework.shell.core.annotation.CliAvailabilityIndicator;
import org.springframework.shell.core.annotation.CliCommand;
import org.springframework.shell.core.annotation.CliOption;
@@ -437,7 +437,7 @@ public class CreateAlterDestroyRegionCommands extends AbstractCommandsSupport {
@CliCommand (value = CliStrings.ALTER_REGION, help = CliStrings.ALTER_REGION__HELP)
@CliMetaData (relatedTopic = CliStrings.TOPIC_GEMFIRE_REGION, writesToSharedConfiguration = true)
- @ResourceOperation(resource = Resource.DATA, operation = OperationCode.MANAGE)
+ @ResourceOperation(resource=Resource.DATA, operation = OperationCode.MANAGE)
public Result alterRegion(
@CliOption (key = CliStrings.ALTER_REGION__REGION,
mandatory = true,
@@ -528,9 +528,6 @@ public class CreateAlterDestroyRegionCommands extends AbstractCommandsSupport {
specifiedDefaultValue = "0",
help = CliStrings.ALTER_REGION__EVICTIONMAX__HELP)
Integer evictionMax) {
-
- ShiroUtil.authorize("DATA", "MANAGE", regionPath);
-
Result result = null;
XmlEntity xmlEntity = null;
@@ -999,16 +996,13 @@ public class CreateAlterDestroyRegionCommands extends AbstractCommandsSupport {
@CliCommand(value = { CliStrings.DESTROY_REGION }, help = CliStrings.DESTROY_REGION__HELP)
@CliMetaData(shellOnly = false, relatedTopic = CliStrings.TOPIC_GEMFIRE_REGION, writesToSharedConfiguration = true)
- @ResourceOperation(resource = Resource.DATA, operation = OperationCode.MANAGE)
+ @ResourceOperation(resource=Resource.DATA, operation = OperationCode.MANAGE)
public Result destroyRegion(
@CliOption(key = CliStrings.DESTROY_REGION__REGION,
optionContext = ConverterHint.REGIONPATH,
mandatory = true,
help = CliStrings.DESTROY_REGION__REGION__HELP)
String regionPath) {
-
- ShiroUtil.authorize("DATA", "MANAGE", regionPath);
-
if (regionPath == null) {
return ResultBuilder.createInfoResult(CliStrings.DESTROY_REGION__MSG__SPECIFY_REGIONPATH_TO_DESTROY);
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DataCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DataCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DataCommands.java
index c1c04a3..61803fe 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DataCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DataCommands.java
@@ -73,7 +73,8 @@ import com.gemstone.gemfire.management.internal.cli.result.ResultBuilder;
import com.gemstone.gemfire.management.internal.cli.result.TabularResultData;
import com.gemstone.gemfire.management.internal.cli.shell.Gfsh;
import com.gemstone.gemfire.management.internal.security.ResourceOperation;
-import com.gemstone.gemfire.security.ShiroUtil;
+import com.gemstone.gemfire.security.GeodeSecurityUtil;
+
import org.springframework.shell.core.CommandMarker;
import org.springframework.shell.core.annotation.CliAvailabilityIndicator;
import org.springframework.shell.core.annotation.CliCommand;
@@ -834,13 +835,12 @@ public class DataCommands implements CommandMarker {
@CliCommand(value = CliStrings.EXPORT_DATA, help = CliStrings.EXPORT_DATA__HELP)
@CliMetaData(relatedTopic = { CliStrings.TOPIC_GEMFIRE_DATA,
CliStrings.TOPIC_GEMFIRE_REGION })
- @ResourceOperation(resource = Resource.DATA, operation = OperationCode.READ)
public Result exportData(
@CliOption(key = CliStrings.EXPORT_DATA__REGION, mandatory = true, optionContext = ConverterHint.REGIONPATH, help = CliStrings.EXPORT_DATA__REGION__HELP) String regionName,
@CliOption(key = CliStrings.EXPORT_DATA__FILE, unspecifiedDefaultValue = CliMetaData.ANNOTATION_NULL_VALUE, mandatory = true, help = CliStrings.EXPORT_DATA__FILE__HELP) String filePath,
@CliOption(key = CliStrings.EXPORT_DATA__MEMBER, unspecifiedDefaultValue = CliMetaData.ANNOTATION_NULL_VALUE, optionContext = ConverterHint.MEMBERIDNAME, mandatory = true, help = CliStrings.EXPORT_DATA__MEMBER__HELP) String memberNameOrId) {
- ShiroUtil.authorize("DATA", "READ", regionName);
+ GeodeSecurityUtil.authorizeRegionRead(regionName);
final Cache cache = CacheFactory.getAnyInstance();
final DistributedMember targetMember = CliUtil
.getDistributedMemberByNameOrId(memberNameOrId);
@@ -891,13 +891,12 @@ public class DataCommands implements CommandMarker {
@CliCommand(value = CliStrings.IMPORT_DATA, help = CliStrings.IMPORT_DATA__HELP)
@CliMetaData(relatedTopic = { CliStrings.TOPIC_GEMFIRE_DATA,
CliStrings.TOPIC_GEMFIRE_REGION })
- @ResourceOperation(resource = Resource.DATA, operation = OperationCode.WRITE)
public Result importData(
@CliOption(key = CliStrings.IMPORT_DATA__REGION, optionContext = ConverterHint.REGIONPATH, mandatory = true, help = CliStrings.IMPORT_DATA__REGION__HELP) String regionName,
@CliOption(key = CliStrings.IMPORT_DATA__FILE, mandatory = true, unspecifiedDefaultValue = CliMetaData.ANNOTATION_NULL_VALUE, help = CliStrings.IMPORT_DATA__FILE__HELP) String filePath,
@CliOption(key = CliStrings.IMPORT_DATA__MEMBER, mandatory = true, unspecifiedDefaultValue = CliMetaData.ANNOTATION_NULL_VALUE, optionContext = ConverterHint.MEMBERIDNAME, help = CliStrings.IMPORT_DATA__MEMBER__HELP) String memberNameOrId) {
- ShiroUtil.authorize("DATA", "WRITE", regionName);
+ GeodeSecurityUtil.authorizeRegionWrite(regionName);
Result result = null;
@@ -949,7 +948,6 @@ public class DataCommands implements CommandMarker {
@CliMetaData(shellOnly = false, relatedTopic = {
CliStrings.TOPIC_GEMFIRE_DATA, CliStrings.TOPIC_GEMFIRE_REGION })
@CliCommand(value = { CliStrings.PUT }, help = CliStrings.PUT__HELP)
- @ResourceOperation(resource = Resource.DATA, operation = OperationCode.WRITE)
public Result put(
@CliOption(key = { CliStrings.PUT__KEY }, mandatory = true, help = CliStrings.PUT__KEY__HELP) String key,
@CliOption(key = { CliStrings.PUT__VALUE }, mandatory = true, help = CliStrings.PUT__VALUE__HELP) String value,
@@ -958,7 +956,7 @@ public class DataCommands implements CommandMarker {
@CliOption(key = { CliStrings.PUT__VALUEKLASS }, help = CliStrings.PUT__VALUEKLASS__HELP) String valueClass,
@CliOption(key = { CliStrings.PUT__PUTIFABSENT }, help = CliStrings.PUT__PUTIFABSENT__HELP, unspecifiedDefaultValue = "false") boolean putIfAbsent) {
- ShiroUtil.authorize("DATA", "WRITE", regionPath);
+ GeodeSecurityUtil.authorizeRegionWrite(regionPath);
Cache cache = CacheFactory.getAnyInstance();
DataCommandResult dataResult = null;
if (regionPath == null || regionPath.isEmpty()) {
@@ -1018,7 +1016,6 @@ public class DataCommands implements CommandMarker {
@CliMetaData(shellOnly = false, relatedTopic = {
CliStrings.TOPIC_GEMFIRE_DATA, CliStrings.TOPIC_GEMFIRE_REGION })
@CliCommand(value = { CliStrings.GET }, help = CliStrings.GET__HELP)
- @ResourceOperation(resource = Resource.DATA, operation= OperationCode.READ)
public Result get(
@CliOption(key = { CliStrings.GET__KEY }, mandatory = true, help = CliStrings.GET__KEY__HELP) String key,
@CliOption(key = { CliStrings.GET__REGIONNAME }, mandatory = true, help = CliStrings.GET__REGIONNAME__HELP, optionContext = ConverterHint.REGIONPATH) String regionPath,
@@ -1026,7 +1023,7 @@ public class DataCommands implements CommandMarker {
@CliOption(key = { CliStrings.GET__VALUEKLASS }, help = CliStrings.GET__VALUEKLASS__HELP) String valueClass,
@CliOption(key = CliStrings.GET__LOAD, unspecifiedDefaultValue = "true", specifiedDefaultValue = "true", help = CliStrings.GET__LOAD__HELP) Boolean loadOnCacheMiss)
{
- ShiroUtil.authorize("DATA", "READ", regionPath);
+ GeodeSecurityUtil.authorizeRegionRead(regionPath);
Cache cache = CacheFactory.getAnyInstance();
DataCommandResult dataResult = null;
@@ -1074,14 +1071,14 @@ public class DataCommands implements CommandMarker {
@CliMetaData(shellOnly = false, relatedTopic = {
CliStrings.TOPIC_GEMFIRE_DATA, CliStrings.TOPIC_GEMFIRE_REGION })
@CliCommand(value = { CliStrings.LOCATE_ENTRY }, help = CliStrings.LOCATE_ENTRY__HELP)
- @ResourceOperation(resource = Resource.DATA, operation = OperationCode.READ)
public Result locateEntry(
@CliOption(key = { CliStrings.LOCATE_ENTRY__KEY }, mandatory = true, help = CliStrings.LOCATE_ENTRY__KEY__HELP) String key,
@CliOption(key = { CliStrings.LOCATE_ENTRY__REGIONNAME }, mandatory = true, help = CliStrings.LOCATE_ENTRY__REGIONNAME__HELP, optionContext = ConverterHint.REGIONPATH) String regionPath,
@CliOption(key = { CliStrings.LOCATE_ENTRY__KEYCLASS }, help = CliStrings.LOCATE_ENTRY__KEYCLASS__HELP) String keyClass,
@CliOption(key = { CliStrings.LOCATE_ENTRY__VALUEKLASS }, help = CliStrings.LOCATE_ENTRY__VALUEKLASS__HELP) String valueClass,
@CliOption(key = { CliStrings.LOCATE_ENTRY__RECURSIVE }, help = CliStrings.LOCATE_ENTRY__RECURSIVE__HELP, unspecifiedDefaultValue = "false") boolean recursive) {
- ShiroUtil.authorize("DATA", "READ", regionPath);
+
+ GeodeSecurityUtil.authorizeRegionRead(regionPath);
// Cache cache = CacheFactory.getAnyInstance();
DataCommandResult dataResult = null;
@@ -1122,13 +1119,12 @@ public class DataCommands implements CommandMarker {
@CliMetaData(shellOnly = false, relatedTopic = {
CliStrings.TOPIC_GEMFIRE_DATA, CliStrings.TOPIC_GEMFIRE_REGION })
@CliCommand(value = { CliStrings.REMOVE }, help = CliStrings.REMOVE__HELP)
- @ResourceOperation(resource = Resource.DATA, operation = OperationCode.MANAGE)
+ @ResourceOperation(resource=Resource.DATA, operation = OperationCode.MANAGE)
public Result remove(
@CliOption(key = { CliStrings.REMOVE__KEY }, help = CliStrings.REMOVE__KEY__HELP) String key,
@CliOption(key = { CliStrings.REMOVE__REGION }, mandatory = true, help = CliStrings.REMOVE__REGION__HELP, optionContext = ConverterHint.REGIONPATH) String regionPath,
@CliOption(key = CliStrings.REMOVE__ALL, help = CliStrings.REMOVE__ALL__HELP, specifiedDefaultValue = "true", unspecifiedDefaultValue = "false") boolean removeAllKeys,
@CliOption(key = { CliStrings.REMOVE__KEYCLASS }, help = CliStrings.REMOVE__KEYCLASS__HELP) String keyClass) {
-
Cache cache = CacheFactory.getAnyInstance();
DataCommandResult dataResult = null;
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/RegionCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/RegionCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/RegionCommands.java
index ac69d32..0408675 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/RegionCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/RegionCommands.java
@@ -52,7 +52,7 @@ import com.gemstone.gemfire.management.internal.cli.result.TabularResultData;
import com.gemstone.gemfire.management.internal.cli.shell.Gfsh;
import com.gemstone.gemfire.management.internal.cli.util.RegionAttributesNames;
import com.gemstone.gemfire.management.internal.security.ResourceOperation;
-import com.gemstone.gemfire.security.ShiroUtil;
+
import org.springframework.shell.core.CommandMarker;
import org.springframework.shell.core.annotation.CliAvailabilityIndicator;
import org.springframework.shell.core.annotation.CliCommand;
@@ -163,7 +163,6 @@ public class RegionCommands implements CommandMarker {
mandatory = true)
String regionName) {
- ShiroUtil.authorize("CLUSTER", "READ", regionName);
Result result = null;
try {
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/remote/CommandProcessor.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/remote/CommandProcessor.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/remote/CommandProcessor.java
index 87053cc..c3b0b7f 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/remote/CommandProcessor.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/remote/CommandProcessor.java
@@ -31,7 +31,8 @@ import com.gemstone.gemfire.management.internal.cli.result.ResultBuilder;
import com.gemstone.gemfire.management.internal.cli.util.CommentSkipHelper;
import com.gemstone.gemfire.management.internal.security.ResourceOperation;
import com.gemstone.gemfire.security.GemFireSecurityException;
-import com.gemstone.gemfire.security.ShiroUtil;
+import com.gemstone.gemfire.security.GeodeSecurityUtil;
+
import org.springframework.shell.core.Parser;
import org.springframework.shell.event.ParseResult;
@@ -108,9 +109,7 @@ public class CommandProcessor {
//do general authorization check here
Method method = parseResult.getMethod();
ResourceOperation resourceOperation = method.getAnnotation(ResourceOperation.class);
- if(resourceOperation!=null){
- ShiroUtil.authorize(resourceOperation);
- }
+ GeodeSecurityUtil.authorize(resourceOperation);
result = executionStrategy.execute(parseResult);
if (result instanceof Result) {
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/AccessControlMBean.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/AccessControlMBean.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/AccessControlMBean.java
index 9921538..33b80e2 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/AccessControlMBean.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/AccessControlMBean.java
@@ -17,7 +17,7 @@
package com.gemstone.gemfire.management.internal.security;
import com.gemstone.gemfire.security.GemFireSecurityException;
-import com.gemstone.gemfire.security.ShiroUtil;
+import com.gemstone.gemfire.security.GeodeSecurityUtil;
/**
* AccessControlMBean Implementation. This retrieves JMXPrincipal from AccessController
@@ -30,7 +30,7 @@ public class AccessControlMBean implements AccessControlMXBean {
@Override
public boolean authorize(String resource, String permission) {
try {
- ShiroUtil.authorize(resource, permission);
+ GeodeSecurityUtil.authorize(resource, permission);
return true;
}
catch (GemFireSecurityException e){
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
index bbc0442..8d1031a 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
@@ -46,7 +46,7 @@ import javax.management.remote.MBeanServerForwarder;
import com.gemstone.gemfire.management.internal.ManagementConstants;
import com.gemstone.gemfire.security.GemFireSecurityException;
-import com.gemstone.gemfire.security.ShiroUtil;
+import com.gemstone.gemfire.security.GeodeSecurityUtil;
/**
* This class intercepts all MBean requests for GemFire MBeans and passed it to
@@ -60,14 +60,6 @@ public class MBeanServerWrapper implements MBeanServerForwarder {
public MBeanServerWrapper(){
}
- private void doAuthorization(ResourceOperationContext context){
- // allow operations which requires no permissions
- if(context == null)
- return;
-
- ShiroUtil.authorize(context);
- }
-
private void doAuthorizationPost(ResourceOperationContext context){
if(context == null)
return;
@@ -161,7 +153,7 @@ public class MBeanServerWrapper implements MBeanServerForwarder {
public Object getAttribute(ObjectName name, String attribute) throws MBeanException, InstanceNotFoundException,
ReflectionException {
ResourceOperationContext ctx = getOperationContext(name, attribute, false);
- doAuthorization(ctx);
+ GeodeSecurityUtil.authorize(ctx);
Object result;
try {
result = mbs.getAttribute(name, attribute);
@@ -195,7 +187,7 @@ public class MBeanServerWrapper implements MBeanServerForwarder {
public void setAttribute(ObjectName name, Attribute attribute) throws InstanceNotFoundException,
AttributeNotFoundException, InvalidAttributeValueException, MBeanException, ReflectionException {
ResourceOperationContext ctx = getOperationContext(name, attribute.getName(), false);
- doAuthorization(ctx);
+ GeodeSecurityUtil.authorize(ctx);
mbs.setAttribute(name, attribute);
}
@@ -216,12 +208,9 @@ public class MBeanServerWrapper implements MBeanServerForwarder {
@Override
public Object invoke(ObjectName name, String operationName, Object[] params, String[] signature)
throws InstanceNotFoundException, MBeanException, ReflectionException {
- // skip authorization check if operation is "processCommand" since we will check authorization in the command itself
- ResourceOperationContext ctx = null;
- if(!"processCommand".equals(operationName)) {
- ctx = getOperationContext(name, operationName, true);
- doAuthorization(ctx);
- }
+
+ ResourceOperationContext ctx = getOperationContext(name, operationName, true);
+ GeodeSecurityUtil.authorize(ctx);
Object result = mbs.invoke(name, operationName, params, signature);
if(ctx!=null)
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperation.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperation.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperation.java
index f72a835..8b50183 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperation.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperation.java
@@ -16,25 +16,22 @@
*/
package com.gemstone.gemfire.management.internal.security;
-import javax.management.DescriptorKey;
+import static com.gemstone.gemfire.cache.operations.OperationContext.*;
+
import java.lang.annotation.ElementType;
import java.lang.annotation.Inherited;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
-
-import static com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import static com.gemstone.gemfire.cache.operations.OperationContext.Resource;
+import javax.management.DescriptorKey;
@Target({ElementType.METHOD, ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
@Inherited
public @interface ResourceOperation {
@DescriptorKey("resource")
- Resource resource();
-
- String label() default ResourceConstants.DEFAULT_LABEL;
+ Resource resource() default Resource.NULL;
@DescriptorKey("operation")
- OperationCode operation();
+ OperationCode operation() default OperationCode.NULL;
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContext.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContext.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContext.java
index 396cdac..50f9b78 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContext.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContext.java
@@ -18,6 +18,8 @@ package com.gemstone.gemfire.management.internal.security;
import com.gemstone.gemfire.cache.operations.OperationContext;
+import org.apache.shiro.authz.Permission;
+
/**
* This is base class for OperationContext for resource (JMX and CLI) operations
*/
@@ -25,32 +27,25 @@ public class ResourceOperationContext extends OperationContext {
private boolean isPostOperation = false;
private Object opResult = null;
- private Resource resource = null;
- private OperationCode operation = null;
- private String regionName = null;
+ private Resource resource = Resource.NULL;
+ private OperationCode operation = OperationCode.NULL;
+
+ private String regionName = "NULL";
public ResourceOperationContext() {
+ this(null, null, null);
}
- public ResourceOperationContext(Resource resource, OperationCode operation) {
- setParts(resource.name()+":"+operation.name(), false);
- this.resource = resource;
- this.operation = operation;
+ public ResourceOperationContext(String resource, String operation) {
+ this(resource, operation, null);
}
public ResourceOperationContext(String resource, String operation, String regionName) {
- setParts(resource+":"+operation+":"+regionName, false);
if (resource != null) this.resource = Resource.valueOf(resource);
if (operation != null) this.operation = OperationCode.valueOf(operation);
- this.regionName = regionName;
- }
+ if (regionName !=null ) this.regionName = regionName;
- public void setResourceOperation(ResourceOperation op) {
- if (op != null) {
- resource = op.resource();
- operation = op.operation();
- setParts(resource.name()+":"+operation.name(), false);
- }
+ setParts(this.resource.name()+":"+this.operation.name()+":"+regionName);
}
@Override
@@ -87,20 +82,8 @@ public class ResourceOperationContext extends OperationContext {
return this.opResult;
}
- public String toString(){
- if(this.regionName==null)
- return getResource() + ":"+ getOperationCode();
- else
- return getResource() + ":"+ getOperationCode()+ ":" +this.regionName;
- }
-
- public boolean equals(Object o){
- if(! (o instanceof ResourceOperationContext))
- return false;
-
- ResourceOperationContext other = (ResourceOperationContext)o;
- return (this.resource==other.getResource() && this.operation==other.getOperationCode());
+ @Override
+ public boolean implies(Permission p){
+ return super.implies(p);
}
-
-
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java
index 211d0b1..08865b4 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java
@@ -47,10 +47,11 @@ import com.gemstone.gemfire.management.internal.ManagementConstants;
import com.gemstone.gemfire.management.internal.SystemManagementService;
import com.gemstone.gemfire.management.internal.cli.shell.Gfsh;
import com.gemstone.gemfire.management.internal.cli.util.CommandStringBuilder;
-import com.gemstone.gemfire.management.internal.web.controllers.support.EnvironmentVariablesHandlerInterceptor;
+import com.gemstone.gemfire.management.internal.web.controllers.support.LoginHandlerInterceptor;
import com.gemstone.gemfire.management.internal.web.controllers.support.MemberMXBeanAdapter;
import com.gemstone.gemfire.management.internal.web.util.UriUtils;
-import com.gemstone.gemfire.security.ShiroUtil;
+import com.gemstone.gemfire.security.GeodeSecurityUtil;
+
import org.apache.logging.log4j.Logger;
import org.springframework.beans.propertyeditors.StringArrayPropertyEditor;
import org.springframework.http.HttpStatus;
@@ -488,12 +489,12 @@ public abstract class AbstractCommandsController {
* Gets the environment setup during this HTTP/command request for the current command process execution.
*
* @return a mapping of environment variables to values.
- * @see com.gemstone.gemfire.management.internal.web.controllers.support.EnvironmentVariablesHandlerInterceptor#getEnvironment()
+ * @see LoginHandlerInterceptor#getEnvironment()
*/
protected Map<String, String> getEnvironment() {
final Map<String, String> environment = new HashMap<String, String>();
- environment.putAll(EnvironmentVariablesHandlerInterceptor.getEnvironment());
+ environment.putAll(LoginHandlerInterceptor.getEnvironment());
environment.put(Gfsh.ENV_APP_NAME, Gfsh.GFSH_APP_NAME);
return environment;
@@ -541,7 +542,7 @@ public abstract class AbstractCommandsController {
* @param command a String value containing a valid command String as would be entered by the user in Gfsh.
* @return a result of the command execution as a String, typically marshalled in JSON to be serialized back to Gfsh.
* @see com.gemstone.gemfire.management.internal.cli.shell.Gfsh
- * @see com.gemstone.gemfire.management.internal.web.controllers.support.EnvironmentVariablesHandlerInterceptor#getEnvironment()
+ * @see LoginHandlerInterceptor#getEnvironment()
* @see #getEnvironment()
* @see #processCommand(String, java.util.Map, byte[][])
*/
@@ -558,7 +559,7 @@ public abstract class AbstractCommandsController {
return new ResponseEntity<String>(processCommand(command, fileData), HttpStatus.OK);
}
};
- return ShiroUtil.associateWith(callable);
+ return GeodeSecurityUtil.associateWith(callable);
}
@@ -571,7 +572,7 @@ public abstract class AbstractCommandsController {
* the Manager, usually for the 'deploy' Gfsh command.
* @return a result of the command execution as a String, typically marshalled in JSON to be serialized back to Gfsh.
* @see com.gemstone.gemfire.management.internal.cli.shell.Gfsh
- * @see com.gemstone.gemfire.management.internal.web.controllers.support.EnvironmentVariablesHandlerInterceptor#getEnvironment()
+ * @see LoginHandlerInterceptor#getEnvironment()
* @see #getEnvironment()
* @see #processCommand(String, java.util.Map, byte[][])
*/
@@ -590,7 +591,7 @@ public abstract class AbstractCommandsController {
* between Gfsh and the Manager, and thus need to specify this key/value pair mapping.
* @return a result of the command execution as a String, typically marshalled in JSON to be serialized back to Gfsh.
* @see com.gemstone.gemfire.management.internal.cli.shell.Gfsh
- * @see com.gemstone.gemfire.management.internal.web.controllers.support.EnvironmentVariablesHandlerInterceptor#getEnvironment()
+ * @see LoginHandlerInterceptor#getEnvironment()
* @see #processCommand(String, java.util.Map, byte[][])
*/
protected String processCommand(final String command, final Map<String, String> environment) {
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptor.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptor.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptor.java
deleted file mode 100644
index bb7a27d..0000000
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptor.java
+++ /dev/null
@@ -1,121 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.management.internal.web.controllers.support;
-
-import java.util.Collections;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.Map;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import com.gemstone.gemfire.cache.Cache;
-import com.gemstone.gemfire.internal.logging.LogService;
-import com.gemstone.gemfire.management.internal.security.ResourceConstants;
-import com.gemstone.gemfire.security.Authenticator;
-import com.gemstone.gemfire.security.ShiroUtil;
-import org.apache.logging.log4j.Logger;
-import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
-
-/**
- * The GetEnvironmentHandlerInterceptor class handles extracting Gfsh environment variables encoded in the HTTP request
- * message as request parameters.
- * <p/>
- * @see javax.servlet.http.HttpServletRequest
- * @see javax.servlet.http.HttpServletResponse
- * @see org.springframework.web.servlet.handler.HandlerInterceptorAdapter
- * @since 8.0
- */
-@SuppressWarnings("unused")
-public class EnvironmentVariablesHandlerInterceptor extends HandlerInterceptorAdapter {
-
- private static final Logger logger = LogService.getLogger();
-
- private Cache cache;
-
- private Authenticator auth = null;
-
- private static final ThreadLocal<Map<String, String>> ENV = new ThreadLocal<Map<String, String>>() {
- @Override
- protected Map<String, String> initialValue() {
- return Collections.emptyMap();
- }
- };
-
- protected static final String ENVIRONMENT_VARIABLE_REQUEST_PARAMETER_PREFIX = "vf.gf.env.";
-
- protected static final String SECURITY_VARIABLE_REQUEST_HEADER_PREFIX = "security-";
-
- public static Map<String, String> getEnvironment() {
- return ENV.get();
- }
-
- @Override
- public boolean preHandle(final HttpServletRequest request, final HttpServletResponse response, final Object handler)
- throws Exception
- {
- final Map<String, String> requestParameterValues = new HashMap<String, String>();
-
- for (Enumeration<String> requestParameters = request.getParameterNames(); requestParameters.hasMoreElements(); ) {
- final String requestParameter = requestParameters.nextElement();
-
- if (requestParameter.startsWith(ENVIRONMENT_VARIABLE_REQUEST_PARAMETER_PREFIX)) {
- requestParameterValues.put(requestParameter.substring(ENVIRONMENT_VARIABLE_REQUEST_PARAMETER_PREFIX.length()),
- request.getParameter(requestParameter));
- }
- }
-
-
-
- for (Enumeration<String> requestHeaders = request.getHeaderNames(); requestHeaders.hasMoreElements();) {
-
- final String requestHeader = requestHeaders.nextElement();
-
- if (requestHeader.startsWith(SECURITY_VARIABLE_REQUEST_HEADER_PREFIX)) {
- requestParameterValues.put(requestHeader, request.getHeader(requestHeader));
- }
-
- }
-
- String username = requestParameterValues.get(ResourceConstants.USER_NAME);
- String password = requestParameterValues.get(ResourceConstants.PASSWORD);
- ShiroUtil.login(username, password);
-
- ENV.set(requestParameterValues);
-
- return true;
- }
-
-
- @Override
- public void afterCompletion(final HttpServletRequest request,
- final HttpServletResponse response,
- final Object handler,
- final Exception ex)
- throws Exception
- {
- afterConcurrentHandlingStarted(request, response, handler);
- ShiroUtil.logout();
- }
-
- @Override
- public void afterConcurrentHandlingStarted(
- HttpServletRequest request, HttpServletResponse response, Object handler)
- throws Exception {
- ENV.remove();
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/LoginHandlerInterceptor.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/LoginHandlerInterceptor.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/LoginHandlerInterceptor.java
new file mode 100644
index 0000000..5465ea3
--- /dev/null
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/LoginHandlerInterceptor.java
@@ -0,0 +1,122 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.management.internal.web.controllers.support;
+
+import java.util.Collections;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import com.gemstone.gemfire.cache.Cache;
+import com.gemstone.gemfire.internal.logging.LogService;
+import com.gemstone.gemfire.management.internal.security.ResourceConstants;
+import com.gemstone.gemfire.security.Authenticator;
+import com.gemstone.gemfire.security.GeodeSecurityUtil;
+
+import org.apache.logging.log4j.Logger;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+
+/**
+ * The GetEnvironmentHandlerInterceptor class handles extracting Gfsh environment variables encoded in the HTTP request
+ * message as request parameters.
+ * <p/>
+ * @see javax.servlet.http.HttpServletRequest
+ * @see javax.servlet.http.HttpServletResponse
+ * @see org.springframework.web.servlet.handler.HandlerInterceptorAdapter
+ * @since 8.0
+ */
+@SuppressWarnings("unused")
+public class LoginHandlerInterceptor extends HandlerInterceptorAdapter {
+
+ private static final Logger logger = LogService.getLogger();
+
+ private Cache cache;
+
+ private Authenticator auth = null;
+
+ private static final ThreadLocal<Map<String, String>> ENV = new ThreadLocal<Map<String, String>>() {
+ @Override
+ protected Map<String, String> initialValue() {
+ return Collections.emptyMap();
+ }
+ };
+
+ protected static final String ENVIRONMENT_VARIABLE_REQUEST_PARAMETER_PREFIX = "vf.gf.env.";
+
+ protected static final String SECURITY_VARIABLE_REQUEST_HEADER_PREFIX = "security-";
+
+ public static Map<String, String> getEnvironment() {
+ return ENV.get();
+ }
+
+ @Override
+ public boolean preHandle(final HttpServletRequest request, final HttpServletResponse response, final Object handler)
+ throws Exception
+ {
+ final Map<String, String> requestParameterValues = new HashMap<String, String>();
+
+ for (Enumeration<String> requestParameters = request.getParameterNames(); requestParameters.hasMoreElements(); ) {
+ final String requestParameter = requestParameters.nextElement();
+
+ if (requestParameter.startsWith(ENVIRONMENT_VARIABLE_REQUEST_PARAMETER_PREFIX)) {
+ requestParameterValues.put(requestParameter.substring(ENVIRONMENT_VARIABLE_REQUEST_PARAMETER_PREFIX.length()),
+ request.getParameter(requestParameter));
+ }
+ }
+
+
+
+ for (Enumeration<String> requestHeaders = request.getHeaderNames(); requestHeaders.hasMoreElements();) {
+
+ final String requestHeader = requestHeaders.nextElement();
+
+ if (requestHeader.startsWith(SECURITY_VARIABLE_REQUEST_HEADER_PREFIX)) {
+ requestParameterValues.put(requestHeader, request.getHeader(requestHeader));
+ }
+
+ }
+
+ String username = requestParameterValues.get(ResourceConstants.USER_NAME);
+ String password = requestParameterValues.get(ResourceConstants.PASSWORD);
+ GeodeSecurityUtil.login(username, password);
+
+ ENV.set(requestParameterValues);
+
+ return true;
+ }
+
+
+ @Override
+ public void afterCompletion(final HttpServletRequest request,
+ final HttpServletResponse response,
+ final Object handler,
+ final Exception ex)
+ throws Exception
+ {
+ afterConcurrentHandlingStarted(request, response, handler);
+ GeodeSecurityUtil.logout();
+ }
+
+ @Override
+ public void afterConcurrentHandlingStarted(
+ HttpServletRequest request, HttpServletResponse response, Object handler)
+ throws Exception {
+ ENV.remove();
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/shell/RestHttpOperationInvoker.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/shell/RestHttpOperationInvoker.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/shell/RestHttpOperationInvoker.java
index 439e2b4..0ead2d7 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/shell/RestHttpOperationInvoker.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/shell/RestHttpOperationInvoker.java
@@ -33,7 +33,6 @@ import com.gemstone.gemfire.internal.util.CollectionUtils;
import com.gemstone.gemfire.management.internal.cli.CommandRequest;
import com.gemstone.gemfire.management.internal.cli.i18n.CliStrings;
import com.gemstone.gemfire.management.internal.cli.shell.Gfsh;
-import com.gemstone.gemfire.management.internal.security.ResourceConstants;
import com.gemstone.gemfire.management.internal.web.domain.Link;
import com.gemstone.gemfire.management.internal.web.domain.LinkIndex;
import com.gemstone.gemfire.management.internal.web.http.ClientHttpRequest;
@@ -230,9 +229,6 @@ public class RestHttpOperationInvoker extends AbstractHttpOperationInvoker imple
protected ClientHttpRequest createHttpRequest(final CommandRequest command) {
ClientHttpRequest request = createHttpRequest(findLink(command));
- //request.getParameters().setAll(new HashMap<String, Object>(CollectionUtils.removeKeys(
- // new HashMap<String, String>(command.getParameters()), ExcludeNoValueFilter.INSTANCE)));
-
Map<String, String> commandParameters = command.getParameters();
for (Map.Entry<String, String> entry : commandParameters.entrySet()) {
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/security/CustomAuthRealm.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/security/CustomAuthRealm.java b/geode-core/src/main/java/com/gemstone/gemfire/security/CustomAuthRealm.java
index 76fc852..706a7cc 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/security/CustomAuthRealm.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/security/CustomAuthRealm.java
@@ -35,7 +35,7 @@ import com.gemstone.gemfire.internal.ClassLoadUtil;
import com.gemstone.gemfire.internal.i18n.LocalizedStrings;
import com.gemstone.gemfire.internal.lang.StringUtils;
import com.gemstone.gemfire.management.internal.security.ResourceConstants;
-import com.gemstone.gemfire.management.internal.security.ResourceOperationContext;
+
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.shiro.authc.AuthenticationException;
@@ -66,7 +66,6 @@ public class CustomAuthRealm extends AuthorizingRealm{
this.authenticatorFactoryName = securityProps.getProperty(DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME);
this.cachedAuthZCallback = new ConcurrentHashMap<>();
this.cachedPostAuthZCallback = new ConcurrentHashMap<>();
- logger.info("Started Management interceptor on JMX connector");
}
@Override
@@ -93,13 +92,13 @@ public class CustomAuthRealm extends AuthorizingRealm{
@Override
public boolean isPermitted(PrincipalCollection principals, Permission permission) {
- ResourceOperationContext context =(ResourceOperationContext)permission;
+ OperationContext context =(OperationContext)permission;
Principal principal = (Principal)principals.getPrimaryPrincipal();
// if no access control is specified, then we allow all
if(StringUtils.isBlank(authzFactoryName))
return true;
AccessControl accessControl = getAccessControl(principal, false);
- return accessControl.authorizeOperation(null, context);
+ return accessControl.authorizeOperation(context.getRegionName(), context);
}
public AccessControl getAccessControl(Principal principal, boolean isPost) {
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/security/GeodeSecurityUtil.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/security/GeodeSecurityUtil.java b/geode-core/src/main/java/com/gemstone/gemfire/security/GeodeSecurityUtil.java
new file mode 100644
index 0000000..148a963
--- /dev/null
+++ b/geode-core/src/main/java/com/gemstone/gemfire/security/GeodeSecurityUtil.java
@@ -0,0 +1,163 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.gemstone.gemfire.security;
+
+import java.util.concurrent.Callable;
+
+import com.gemstone.gemfire.cache.operations.OperationContext;
+import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
+import com.gemstone.gemfire.cache.operations.OperationContext.Resource;
+import com.gemstone.gemfire.internal.logging.LogService;
+import com.gemstone.gemfire.management.internal.security.ResourceOperation;
+import com.gemstone.gemfire.management.internal.security.ResourceOperationContext;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.logging.log4j.Logger;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.ShiroException;
+import org.apache.shiro.UnavailableSecurityManagerException;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.util.ThreadContext;
+
+public class GeodeSecurityUtil {
+
+ private static Logger logger = LogService.getLogger();
+
+ public static void login(String username, String password){
+ if(!isShiroConfigured())
+ return;
+
+ Subject currentUser = SecurityUtils.getSubject();
+
+ UsernamePasswordToken token =
+ new UsernamePasswordToken(username, password);
+ try {
+ logger.info("Logging in "+username+"/"+password);
+ currentUser.login(token);
+ } catch (ShiroException e) {
+ throw new AuthenticationFailedException(e.getMessage(), e);
+ }
+ }
+
+ public static void logout(){
+ if(!isShiroConfigured())
+ return;
+
+ Subject currentUser = SecurityUtils.getSubject();
+ try {
+ logger.info("Logging out "+currentUser.getPrincipal());
+ currentUser.logout();
+ }
+ catch(ShiroException e){
+ throw new AuthenticationFailedException(e.getMessage(), e);
+ }
+ // clean out Shiro's thread local content
+ ThreadContext.remove();
+ }
+
+ public static Callable associateWith(Callable callable){
+ if(!isShiroConfigured())
+ return callable;
+
+ Subject currentUser = SecurityUtils.getSubject();
+ return currentUser.associateWith(callable);
+ }
+
+ public static void authorize(ResourceOperation resourceOperation) {
+ if(resourceOperation==null)
+ return;
+
+ authorize(resourceOperation.resource().name(),
+ resourceOperation.operation().name(),
+ null);
+ }
+
+ public static void authorizeClusterManage(){
+ authorize("CLUSTER", "MANAGE");
+ }
+
+ public static void authorizeClusterWrite(){
+ authorize("CLUSTER", "WRITE");
+ }
+
+ public static void authorizeClusterRead(){
+ authorize("CLUSTER", "READ");
+ }
+
+ public static void authorizeDataManage(){
+ authorize("DATA", "MANAGE");
+ }
+
+ public static void authorizeDataWrite(){
+ authorize("DATA", "WRITE");
+ }
+
+ public static void authorizeDataRead(){
+ authorize("DATA", "READ");
+ }
+
+ public static void authorizeRegionWrite(String regionName){
+ authorize("DATA", "WRITE", regionName);
+ }
+
+ public static void authorizeRegionRead(String regionName){
+ authorize("DATA", "READ", regionName);
+ }
+
+ public static void authorize(String resource, String operation){
+ authorize(resource, operation, null);
+ }
+
+ private static void authorize(String resource, String operation, String regionName){
+ regionName = StringUtils.stripStart(regionName, "/");
+ authorize(new ResourceOperationContext(resource, operation, regionName));
+ }
+
+ public static void authorize(OperationContext context) {
+ if(context==null)
+ return;
+
+ if(context.getResource()== Resource.NULL && context.getOperationCode()== OperationCode.NULL)
+ return;
+
+ if(!isShiroConfigured())
+ return;
+
+
+ Subject currentUser = SecurityUtils.getSubject();
+ try {
+ currentUser.checkPermission(context);
+ }
+ catch(ShiroException e){
+ logger.info(currentUser.getPrincipal() + " not authorized for " + context);
+ throw new GemFireSecurityException(e.getMessage(), e);
+ }
+ }
+
+ private static boolean isShiroConfigured(){
+ try{
+ SecurityUtils.getSecurityManager();
+ }
+ catch(UnavailableSecurityManagerException e){
+ return false;
+ }
+ return true;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/security/JMXShiroAuthenticator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/security/JMXShiroAuthenticator.java b/geode-core/src/main/java/com/gemstone/gemfire/security/JMXShiroAuthenticator.java
index 8f86c38..c55e700 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/security/JMXShiroAuthenticator.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/security/JMXShiroAuthenticator.java
@@ -49,7 +49,7 @@ public class JMXShiroAuthenticator implements JMXAuthenticator, NotificationList
throw new SecurityException(WRONGE_CREDENTIALS_MESSAGE);
}
- ShiroUtil.login(username, password);
+ GeodeSecurityUtil.login(username, password);
return new Subject(true, Collections.singleton(new JMXPrincipal(username)), Collections.EMPTY_SET,
Collections.EMPTY_SET);
@@ -61,7 +61,7 @@ public class JMXShiroAuthenticator implements JMXAuthenticator, NotificationList
JMXConnectionNotification cxNotification = (JMXConnectionNotification) notification;
String type = cxNotification.getType();
if (JMXConnectionNotification.CLOSED.equals(type)) {
- ShiroUtil.logout();
+ GeodeSecurityUtil.logout();
}
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/main/java/com/gemstone/gemfire/security/ShiroUtil.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/security/ShiroUtil.java b/geode-core/src/main/java/com/gemstone/gemfire/security/ShiroUtil.java
deleted file mode 100644
index 01914e4..0000000
--- a/geode-core/src/main/java/com/gemstone/gemfire/security/ShiroUtil.java
+++ /dev/null
@@ -1,116 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.gemstone.gemfire.security;
-
-import java.util.concurrent.Callable;
-
-import com.gemstone.gemfire.internal.logging.LogService;
-import com.gemstone.gemfire.management.internal.security.ResourceOperation;
-import com.gemstone.gemfire.management.internal.security.ResourceOperationContext;
-
-import org.apache.logging.log4j.Logger;
-import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.ShiroException;
-import org.apache.shiro.UnavailableSecurityManagerException;
-import org.apache.shiro.authc.UsernamePasswordToken;
-import org.apache.shiro.subject.Subject;
-import org.apache.shiro.util.ThreadContext;
-
-public class ShiroUtil {
-
- private static Logger logger = LogService.getLogger();
-
- public static void login(String username, String password){
- if(!isShiroConfigured())
- return;
-
- Subject currentUser = SecurityUtils.getSubject();
-
- UsernamePasswordToken token =
- new UsernamePasswordToken(username, password);
- try {
- logger.info("Logging in "+username+"/"+password);
- currentUser.login(token);
- } catch (ShiroException e) {
- throw new AuthenticationFailedException(e.getMessage(), e);
- }
- }
-
- public static void logout(){
- if(!isShiroConfigured())
- return;
-
- Subject currentUser = SecurityUtils.getSubject();
- try {
- logger.info("Logging out "+currentUser.getPrincipal());
- currentUser.logout();
- }
- catch(ShiroException e){
- throw new AuthenticationFailedException(e.getMessage(), e);
- }
- // clean out Shiro's thread local content
- ThreadContext.remove();
- }
-
- public static Callable associateWith(Callable callable){
- if(!isShiroConfigured())
- return callable;
-
- Subject currentUser = SecurityUtils.getSubject();
- return currentUser.associateWith(callable);
- }
-
- public static void authorize(ResourceOperationContext context) {
- authorize(context.getResource().name(), context.getOperationCode().name(), context.getRegionName());
- }
-
- public static void authorize(ResourceOperation resourceOperation) {
- authorize(resourceOperation.resource().name(), resourceOperation.operation().name());
- }
-
- public static void authorize(String resource, String operation){
- authorize(resource, operation, null);
- }
-
- public static void authorize(String resource, String operation, String regionName){
- if(!isShiroConfigured())
- return;
-
- ResourceOperationContext permission = new ResourceOperationContext(resource, operation, regionName);
- Subject currentUser = SecurityUtils.getSubject();
- try {
- currentUser.checkPermission(permission);
- }
- catch(ShiroException e){
- logger.info(currentUser.getPrincipal() + " not authorized for "+resource+":"+operation+":"+regionName);
- throw new GemFireSecurityException(e.getMessage(), e);
- }
- }
-
- private static boolean isShiroConfigured(){
- try{
- SecurityUtils.getSecurityManager();
- }
- catch(UnavailableSecurityManagerException e){
- return false;
- }
- return true;
- }
-
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanAuthorizationJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanAuthorizationJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanAuthorizationJUnitTest.java
index baa8393..3ded1dc 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanAuthorizationJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanAuthorizationJUnitTest.java
@@ -49,7 +49,7 @@ public class CacheServerMBeanAuthorizationJUnitTest {
@JMXConnectionConfiguration(user = "data-admin", password = "1234567")
public void testDataAdmin() throws Exception {
bean.removeIndex("foo");
- assertThatThrownBy(() -> bean.executeContinuousQuery("bar")).hasMessageContaining("DATA:READ");
+ assertThatThrownBy(() -> bean.executeContinuousQuery("bar")).hasMessageContaining(TestCommand.dataRead.toString());
bean.fetchLoadProbe();
bean.getActiveCQCount();
bean.stopContinuousQuery("bar");
@@ -61,8 +61,8 @@ public class CacheServerMBeanAuthorizationJUnitTest {
@Test
@JMXConnectionConfiguration(user = "cluster-admin", password = "1234567")
public void testClusterAdmin() throws Exception {
- assertThatThrownBy(() -> bean.removeIndex("foo")).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.executeContinuousQuery("bar")).hasMessageContaining("DATA:READ");
+ assertThatThrownBy(() -> bean.removeIndex("foo")).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.executeContinuousQuery("bar")).hasMessageContaining(TestCommand.dataRead.toString());
bean.fetchLoadProbe();
}
@@ -70,21 +70,21 @@ public class CacheServerMBeanAuthorizationJUnitTest {
@Test
@JMXConnectionConfiguration(user = "data-user", password = "1234567")
public void testDataUser() throws Exception {
- assertThatThrownBy(() -> bean.removeIndex("foo")).hasMessageContaining("DATA:MANAGE");
+ assertThatThrownBy(() -> bean.removeIndex("foo")).hasMessageContaining(TestCommand.dataManage.toString());
bean.executeContinuousQuery("bar");
- assertThatThrownBy(() -> bean.fetchLoadProbe()).hasMessageContaining("CLUSTER:READ");
+ assertThatThrownBy(() -> bean.fetchLoadProbe()).hasMessageContaining(TestCommand.clusterRead.toString());
}
@Test
@JMXConnectionConfiguration(user = "stranger", password = "1234567")
public void testNoAccess() throws Exception {
- assertThatThrownBy(() -> bean.removeIndex("foo")).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.executeContinuousQuery("bar")).hasMessageContaining("DATA:READ");
- assertThatThrownBy(() -> bean.fetchLoadProbe()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.getActiveCQCount()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.stopContinuousQuery("bar")).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.closeAllContinuousQuery("bar")).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.isRunning()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.showClientQueueDetails("bar")).hasMessageContaining("CLUSTER:READ");
+ assertThatThrownBy(() -> bean.removeIndex("foo")).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.executeContinuousQuery("bar")).hasMessageContaining(TestCommand.dataRead.toString());
+ assertThatThrownBy(() -> bean.fetchLoadProbe()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.getActiveCQCount()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.stopContinuousQuery("bar")).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.closeAllContinuousQuery("bar")).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.isRunning()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.showClientQueueDetails("bar")).hasMessageContaining(TestCommand.clusterRead.toString());
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanShiroJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanShiroJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanShiroJUnitTest.java
index e55623d..85a55a7 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanShiroJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanShiroJUnitTest.java
@@ -61,13 +61,33 @@ public class CacheServerMBeanShiroJUnitTest {
@Test
@JMXConnectionConfiguration(user = "guest", password = "guest")
public void testNoAccess() throws Exception {
- assertThatThrownBy(() -> bean.removeIndex("foo")).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.executeContinuousQuery("bar")).hasMessageContaining("DATA:READ");
- assertThatThrownBy(() -> bean.fetchLoadProbe()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.getActiveCQCount()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.stopContinuousQuery("bar")).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.closeAllContinuousQuery("bar")).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.isRunning()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.showClientQueueDetails("bar")).hasMessageContaining("CLUSTER:READ");
+ assertThatThrownBy(() -> bean.removeIndex("foo")).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.executeContinuousQuery("bar")).hasMessageContaining(TestCommand.dataRead.toString());
+ assertThatThrownBy(() -> bean.fetchLoadProbe()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.getActiveCQCount()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.stopContinuousQuery("bar")).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.closeAllContinuousQuery("bar")).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.isRunning()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.showClientQueueDetails("bar")).hasMessageContaining(TestCommand.clusterRead.toString());
+ }
+
+ @Test
+ @JMXConnectionConfiguration(user = "regionAReader", password = "password")
+ public void testRegionAccess() throws Exception{
+ assertThatThrownBy(() -> bean.removeIndex("foo")).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.fetchLoadProbe()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.getActiveCQCount()).hasMessageContaining(TestCommand.clusterRead.toString());
+
+ assertThatThrownBy(() -> bean.executeContinuousQuery("bar")).hasMessageContaining(TestCommand.dataRead.toString());
+ }
+
+ @Test
+ @JMXConnectionConfiguration(user = "dataReader", password = "12345")
+ public void testDataRead() throws Exception{
+ assertThatThrownBy(() -> bean.removeIndex("foo")).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.fetchLoadProbe()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.getActiveCQCount()).hasMessageContaining(TestCommand.clusterRead.toString());
+
+ bean.executeContinuousQuery("bar");
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CliCommandsSecurityTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CliCommandsSecurityTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CliCommandsSecurityTest.java
index 5e49f92..0864e52 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CliCommandsSecurityTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CliCommandsSecurityTest.java
@@ -24,21 +24,17 @@ import com.gemstone.gemfire.internal.AvailablePort;
import com.gemstone.gemfire.internal.logging.LogService;
import com.gemstone.gemfire.management.MemberMXBean;
import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
+
import org.junit.Before;
import org.junit.ClassRule;
-import org.junit.FixMethodOrder;
import org.junit.Rule;
import org.junit.Test;
import org.junit.experimental.categories.Category;
-import org.junit.runners.MethodSorters;
/**
- * tests will be run alphabetically, in this test class, we run non-admin test first,
- * since we don't want to have the server stopped for the rest of the tests.
*/
@Category(IntegrationTest.class)
-@FixMethodOrder(MethodSorters.NAME_ASCENDING)
public class CliCommandsSecurityTest {
private static int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
@@ -60,11 +56,8 @@ public class CliCommandsSecurityTest {
@Test
@JMXConnectionConfiguration(user = "stranger", password = "1234567")
- // the tests are run in alphabetical order, so the naming of the tests do matter
- public void a_testNoAccess(){
-// List<TestCommand> clusterReads = new ArrayList<>();
-// clusterReads.add(new TestCommand("deploy --jar=group1_functions.jar --group=Group1", "CLUSTER:MANAGE"));
- for (TestCommand command:commands) {
+ public void testNoAccess(){
+ for (TestCommand command:commands) {
LogService.getLogger().info("processing: "+command.getCommand());
// for those commands that don't require any permission, any user can execute them
if(command.getPermission()==null){
@@ -72,14 +65,14 @@ public class CliCommandsSecurityTest {
}
else {
assertThatThrownBy(() -> bean.processCommand(command.getCommand()))
- .hasMessageContaining(command.getPermission());
+ .hasMessageContaining(command.getPermission().toString());
}
}
}
@Test
@JMXConnectionConfiguration(user = "super-user", password = "1234567")
- public void b_testAdminUser() throws Exception {
+ public void testAdminUser() throws Exception {
for (TestCommand command:commands) {
LogService.getLogger().info("processing: "+command.getCommand());
bean.processCommand(command.getCommand());
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/DataCommandsSecurityTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/DataCommandsSecurityTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/DataCommandsSecurityTest.java
index 7517f49..97260d8 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/DataCommandsSecurityTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/DataCommandsSecurityTest.java
@@ -68,15 +68,16 @@ public class DataCommandsSecurityTest {
@Test
public void testRegionAcess(){
assertThatThrownBy(() -> bean.processCommand("rebalance --include-region=region2")).isInstanceOf(GemFireSecurityException.class)
- .hasMessageContaining("DATA:MANAGE");
+ .hasMessageContaining(TestCommand.dataManage.toString());
assertThatThrownBy(() -> bean.processCommand("export data --region=region2 --file=foo.txt --member=value")).isInstanceOf(GemFireSecurityException.class);
assertThatThrownBy(() -> bean.processCommand("import data --region=region2 --file=foo.txt --member=value")).isInstanceOf(GemFireSecurityException.class);
assertThatThrownBy(() -> bean.processCommand("put --key=key1 --value=value1 --region=region2")).isInstanceOf(GemFireSecurityException.class)
- .hasMessageContaining("DATA:WRITE");
+ .hasMessageContaining("[data]:[write]:[region2]");
- assertThatThrownBy(() -> bean.processCommand("get --key=key1 --region=region2")).isInstanceOf(GemFireSecurityException.class);
+ assertThatThrownBy(() -> bean.processCommand("get --key=key1 --region=region2")).isInstanceOf(GemFireSecurityException.class)
+ .hasMessageContaining("[data]:[read]:[region2]");
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/DiskStoreMXBeanSecurityJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/DiskStoreMXBeanSecurityJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/DiskStoreMXBeanSecurityJUnitTest.java
index f248736..05d3e3d 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/DiskStoreMXBeanSecurityJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/DiskStoreMXBeanSecurityJUnitTest.java
@@ -69,15 +69,15 @@ public class DiskStoreMXBeanSecurityJUnitTest {
@Test
@JMXConnectionConfiguration(user = "data-user", password = "1234567")
public void testNoAccess() throws Exception {
- assertThatThrownBy(() -> bean.flush()).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.forceCompaction()).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.forceRoll()).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.getCompactionThreshold()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.getDiskDirectories()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.getDiskReadsRate()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.isAutoCompact()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.isForceCompactionAllowed()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.setDiskUsageCriticalPercentage(0.5f)).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.setDiskUsageWarningPercentage(0.5f)).hasMessageContaining("DATA:MANAGE");
+ assertThatThrownBy(() -> bean.flush()).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.forceCompaction()).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.forceRoll()).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.getCompactionThreshold()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.getDiskDirectories()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.getDiskReadsRate()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.isAutoCompact()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.isForceCompactionAllowed()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.setDiskUsageCriticalPercentage(0.5f)).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.setDiskUsageWarningPercentage(0.5f)).hasMessageContaining(TestCommand.dataManage.toString());
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewayReceiverMBeanSecurityTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewayReceiverMBeanSecurityTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewayReceiverMBeanSecurityTest.java
index b28069f..6c97694 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewayReceiverMBeanSecurityTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewayReceiverMBeanSecurityTest.java
@@ -16,10 +16,16 @@
*/
package com.gemstone.gemfire.management.internal.security;
+import static org.assertj.core.api.Assertions.*;
+import static org.mockito.Mockito.*;
+
+import javax.management.ObjectName;
+
import com.gemstone.gemfire.internal.AvailablePort;
import com.gemstone.gemfire.management.GatewayReceiverMXBean;
import com.gemstone.gemfire.management.ManagementService;
import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
+
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
@@ -28,11 +34,6 @@ import org.junit.Rule;
import org.junit.Test;
import org.junit.experimental.categories.Category;
-import javax.management.ObjectName;
-
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
-import static org.mockito.Mockito.mock;
-
@Category(IntegrationTest.class)
public class GatewayReceiverMBeanSecurityTest {
private static int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
@@ -81,9 +82,9 @@ public class GatewayReceiverMBeanSecurityTest {
@Test
@JMXConnectionConfiguration(user = "data-user", password = "1234567")
public void testNoAccess() throws Exception {
- assertThatThrownBy(() -> bean.getTotalConnectionsTimedOut()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.start()).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.stop()).hasMessageContaining("DATA:MANAGE");
+ assertThatThrownBy(() -> bean.getTotalConnectionsTimedOut()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.start()).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.stop()).hasMessageContaining(TestCommand.dataManage.toString());
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewaySenderMBeanSecurityTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewaySenderMBeanSecurityTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewaySenderMBeanSecurityTest.java
index 3a9412d..4806464 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewaySenderMBeanSecurityTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GatewaySenderMBeanSecurityTest.java
@@ -88,18 +88,18 @@ public class GatewaySenderMBeanSecurityTest {
@Test
@JMXConnectionConfiguration(user = "stranger", password = "1234567")
public void testNoAccess() throws Exception {
- assertThatThrownBy(() -> bean.getAlertThreshold()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.getAverageDistributionTimePerBatch()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.getBatchSize()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.getMaximumQueueMemory()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.getOrderPolicy()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.isBatchConflationEnabled()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.isManualStart()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.pause()).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.rebalance()).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.resume()).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.start()).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.stop()).hasMessageContaining("DATA:MANAGE");
+ assertThatThrownBy(() -> bean.getAlertThreshold()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.getAverageDistributionTimePerBatch()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.getBatchSize()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.getMaximumQueueMemory()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.getOrderPolicy()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.isBatchConflationEnabled()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.isManualStart()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.pause()).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.rebalance()).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.resume()).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.start()).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.stop()).hasMessageContaining(TestCommand.dataManage.toString());
}
}
[4/5] incubator-geode git commit: GEODE-17: enhance the
GeodeSecurityUtil and review changes
Posted by ji...@apache.org.
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilCustomRealmJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilCustomRealmJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilCustomRealmJUnitTest.java
new file mode 100644
index 0000000..cc6af0e
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilCustomRealmJUnitTest.java
@@ -0,0 +1,52 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.gemstone.gemfire.management.internal.security;
+
+import java.util.Properties;
+
+import com.gemstone.gemfire.distributed.internal.DistributionConfig;
+import com.gemstone.gemfire.security.CustomAuthRealm;
+import com.gemstone.gemfire.test.junit.categories.UnitTest;
+
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.mgt.DefaultSecurityManager;
+import org.apache.shiro.mgt.SecurityManager;
+import org.apache.shiro.realm.Realm;
+import org.junit.BeforeClass;
+import org.junit.experimental.categories.Category;
+
+/**
+ * this test and ShiroUtilWithIniFileJunitTest uses the same test body, but initialize the SecurityUtils differently.
+ * If you change shiro-ini.json, remmber to change the shiro.ini to match the changes as well.
+ */
+
+@Category(UnitTest.class)
+public class GeodeSecurityUtilCustomRealmJUnitTest extends GeodeSecurityUtilWithIniFileJUnitTest {
+ @BeforeClass
+ public static void beforeClass() throws Exception{
+ Properties properties = new Properties();
+ properties.put(DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME, JSONAuthorization.class.getName() + ".create");
+ properties.put(DistributionConfig.SECURITY_CLIENT_ACCESSOR_NAME, JSONAuthorization.class.getName() + ".create");
+ JSONAuthorization.setUpWithJsonFile("shiro-ini.json");
+
+ Realm realm = new CustomAuthRealm(properties);
+ SecurityManager securityManager = new DefaultSecurityManager(realm);
+ SecurityUtils.setSecurityManager(securityManager);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
new file mode 100644
index 0000000..4ad390d
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
@@ -0,0 +1,147 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.gemstone.gemfire.management.internal.security;
+
+import static org.assertj.core.api.Assertions.*;
+
+import com.gemstone.gemfire.cache.operations.OperationContext;
+import com.gemstone.gemfire.security.GemFireSecurityException;
+import com.gemstone.gemfire.security.GeodeSecurityUtil;
+import com.gemstone.gemfire.test.junit.categories.UnitTest;
+
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.config.IniSecurityManagerFactory;
+import org.apache.shiro.mgt.SecurityManager;
+import org.apache.shiro.util.ThreadContext;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+/**
+ * this test and ShiroUtilCustomRealmJUunitTest uses the same test body, but initialize the SecurityUtils differently.
+ * If you change shiro.ini, remmber to change the shiro-ini.json to match the changes as well.
+ */
+@Category(UnitTest.class)
+public class GeodeSecurityUtilWithIniFileJUnitTest {
+ @BeforeClass
+ public static void beforeClass() throws Exception{
+ ThreadContext.remove();
+ IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:shiro.ini");
+ SecurityManager securityManager = factory.getInstance();
+ SecurityUtils.setSecurityManager(securityManager);
+ }
+
+ @AfterClass
+ public static void afterClass(){
+ ThreadContext.remove();
+ }
+
+ @Test
+ public void testRoot(){
+ GeodeSecurityUtil.login("root", "secret");
+ GeodeSecurityUtil.authorize(TestCommand.none);
+ GeodeSecurityUtil.authorize(TestCommand.everyOneAllowed);
+ GeodeSecurityUtil.authorize(TestCommand.dataRead);
+ GeodeSecurityUtil.authorize(TestCommand.dataWrite);
+ GeodeSecurityUtil.authorize(TestCommand.regionARead);
+ GeodeSecurityUtil.authorize(TestCommand.regionAWrite);
+ GeodeSecurityUtil.authorize(TestCommand.clusterWrite);
+ GeodeSecurityUtil.authorize(TestCommand.clusterRead);
+ }
+
+ @Test
+ public void testGuest(){
+ GeodeSecurityUtil.login("guest", "guest");
+ GeodeSecurityUtil.authorize(TestCommand.none);
+ GeodeSecurityUtil.authorize(TestCommand.everyOneAllowed);
+
+ assertNotAuthorized(TestCommand.dataRead);
+ assertNotAuthorized(TestCommand.dataWrite);
+ assertNotAuthorized(TestCommand.regionARead);
+ assertNotAuthorized(TestCommand.regionAWrite);
+ assertNotAuthorized(TestCommand.clusterRead);
+ assertNotAuthorized(TestCommand.clusterWrite);
+ GeodeSecurityUtil.logout();
+ }
+
+ @Test
+ public void testRegionAReader(){
+ GeodeSecurityUtil.login("regionAReader", "password");
+ GeodeSecurityUtil.authorize(TestCommand.none);
+ GeodeSecurityUtil.authorize(TestCommand.everyOneAllowed);
+ GeodeSecurityUtil.authorize(TestCommand.regionARead);
+
+ assertNotAuthorized(TestCommand.regionAWrite);
+ assertNotAuthorized(TestCommand.dataRead);
+ assertNotAuthorized(TestCommand.dataWrite);
+ assertNotAuthorized(TestCommand.clusterRead);
+ assertNotAuthorized(TestCommand.clusterWrite);
+ GeodeSecurityUtil.logout();
+ }
+
+ @Test
+ public void testRegionAUser(){
+ GeodeSecurityUtil.login("regionAUser", "password");
+ GeodeSecurityUtil.authorize(TestCommand.none);
+ GeodeSecurityUtil.authorize(TestCommand.everyOneAllowed);
+ GeodeSecurityUtil.authorize(TestCommand.regionAWrite);
+ GeodeSecurityUtil.authorize(TestCommand.regionARead);
+
+ assertNotAuthorized(TestCommand.dataRead);
+ assertNotAuthorized(TestCommand.dataWrite);
+ assertNotAuthorized(TestCommand.clusterRead);
+ assertNotAuthorized(TestCommand.clusterWrite);
+ GeodeSecurityUtil.logout();
+ }
+
+ @Test
+ public void testDataReader(){
+ GeodeSecurityUtil.login("dataReader", "12345");
+ GeodeSecurityUtil.authorize(TestCommand.none);
+ GeodeSecurityUtil.authorize(TestCommand.everyOneAllowed);
+ GeodeSecurityUtil.authorize(TestCommand.regionARead);
+ GeodeSecurityUtil.authorize(TestCommand.dataRead);
+
+ assertNotAuthorized(TestCommand.regionAWrite);
+ assertNotAuthorized(TestCommand.dataWrite);
+ assertNotAuthorized(TestCommand.clusterRead);
+ assertNotAuthorized(TestCommand.clusterWrite);
+ GeodeSecurityUtil.logout();
+ }
+
+ @Test
+ public void testReader(){
+ GeodeSecurityUtil.login("reader", "12345");
+ GeodeSecurityUtil.authorize(TestCommand.none);
+ GeodeSecurityUtil.authorize(TestCommand.everyOneAllowed);
+ GeodeSecurityUtil.authorize(TestCommand.regionARead);
+ GeodeSecurityUtil.authorize(TestCommand.dataRead);
+ GeodeSecurityUtil.authorize(TestCommand.clusterRead);
+
+ assertNotAuthorized(TestCommand.regionAWrite);
+ assertNotAuthorized(TestCommand.dataWrite);
+ assertNotAuthorized(TestCommand.clusterWrite);
+ GeodeSecurityUtil.logout();
+ }
+
+ private void assertNotAuthorized(OperationContext context){
+ assertThatThrownBy(()-> GeodeSecurityUtil.authorize(context)).isInstanceOf(GemFireSecurityException.class).hasMessageContaining(context.toString());
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GfshCommandsSecurityTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GfshCommandsSecurityTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GfshCommandsSecurityTest.java
index 56d7030..b5ef0a6 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GfshCommandsSecurityTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GfshCommandsSecurityTest.java
@@ -31,6 +31,8 @@ import com.gemstone.gemfire.management.internal.cli.result.CommandResult;
import com.gemstone.gemfire.management.internal.cli.result.ErrorResultData;
import com.gemstone.gemfire.management.internal.cli.result.ResultBuilder;
import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
+
+import org.apache.shiro.authz.permission.WildcardPermission;
import org.junit.Before;
import org.junit.ClassRule;
import org.junit.Rule;
@@ -122,7 +124,7 @@ public class GfshCommandsSecurityTest {
private void runCommandsWithAndWithout(String permission) throws Exception{
- List<TestCommand> permitted = TestCommand.getCommandsOfPermission(permission);
+ List<TestCommand> permitted = TestCommand.getPermittedCommands(new WildcardPermission(permission));
for(TestCommand clusterRead:permitted) {
LogService.getLogger().info("Processing authorized command: "+clusterRead.getCommand());gfsh.executeCommand(clusterRead.getCommand());
CommandResult result = (CommandResult) gfsh.getResult();
@@ -155,7 +157,7 @@ public class GfshCommandsSecurityTest {
}
assertEquals(ResultBuilder.ERRORCODE_UNAUTHORIZED, ((ErrorResultData) result.getResultData()).getErrorCode());
- assertTrue(result.getContent().toString().contains(other.getPermission()));
+ assertTrue(result.getContent().toString().contains(other.getPermission().toString()));
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
index 48e0a39..83f4876 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
@@ -32,8 +32,6 @@ import javax.management.remote.JMXPrincipal;
import com.gemstone.gemfire.LogWriter;
import com.gemstone.gemfire.cache.Cache;
import com.gemstone.gemfire.cache.operations.OperationContext;
-import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import com.gemstone.gemfire.cache.operations.OperationContext.Resource;
import com.gemstone.gemfire.distributed.DistributedMember;
import com.gemstone.gemfire.internal.logging.LogService;
import com.gemstone.gemfire.security.AccessControl;
@@ -41,41 +39,16 @@ import com.gemstone.gemfire.security.AuthenticationFailedException;
import com.gemstone.gemfire.security.Authenticator;
import com.gemstone.gemfire.security.NotAuthorizedException;
import com.gemstone.gemfire.util.test.TestUtil;
+
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
public class JSONAuthorization implements AccessControl, Authenticator {
- static class Permission {
-
- private final Resource resource;
- private final OperationCode operationCode;
-
- Permission(Resource resource, OperationCode operationCode) {
- this.resource = resource;
- this.operationCode = operationCode;
- }
-
- public Resource getResource() {
- return resource;
- }
-
- public OperationCode getOperationCode() {
- return operationCode;
- }
-
- @Override
- public String toString() {
- String result = resource.toString() + ":" + operationCode.toString();
- return result;
- }
- }
-
public static class Role {
- List<Permission> permissions = new ArrayList<>();
+ List<OperationContext> permissions = new ArrayList<>();
String name;
- List<String> regionNames = null; // when checking, if regionNames is null, that means all regions are allowed.
String serverGroup;
}
@@ -139,29 +112,18 @@ public class JSONAuthorization implements AccessControl, Authenticator {
JSONObject obj = array.getJSONObject(i);
Role role = new Role();
role.name = obj.getString("name");
+ String regionNames = null;
+ if(obj.has("regions")) {
+ regionNames = obj.getString("regions");
+ }
JSONArray ops = obj.getJSONArray("operationsAllowed");
for (int j = 0; j < ops.length(); j++) {
String[] parts = ops.getString(j).split(":");
- Resource r = Resource.valueOf(parts[0]);
- OperationCode op = parts.length > 1 ? OperationCode.valueOf(parts[1]) : OperationCode.READ;
- role.permissions.add(new Permission(r, op));
- }
-
- if(obj.has("region")) {
- if (role.regionNames == null) {
- role.regionNames = new ArrayList<>();
- }
- role.regionNames.add(obj.getString("region"));
- }
-
- if(obj.has("regions")) {
- JSONArray regions = obj.getJSONArray("regions");
- if (role.regionNames == null) {
- role.regionNames = new ArrayList<>();
- }
- for (int j = 0; j < regions.length(); j++) {
- role.regionNames.add(regions.getString(j));
+ if(regionNames!=null) {
+ role.permissions.add(new ResourceOperationContext(parts[0], parts[1], regionNames));
}
+ else
+ role.permissions.add(new ResourceOperationContext(parts[0], parts[1], "*"));
}
roleMap.put(role.name, role);
@@ -194,28 +156,15 @@ public class JSONAuthorization implements AccessControl, Authenticator {
if(user == null)
return false; // this user is not authorized to do anything
- LogService.getLogger().info("Checking for permission " + context.getResource() + ":" + context.getOperationCode());
-
// check if the user has this permission defined in the context
for(Role role:acl.get(user.name).roles) {
- for (Permission perm : role.permissions) {
- if (context.getResource() == perm.getResource() && context.getOperationCode() == perm.getOperationCode()) {
- LogService.getLogger().info("Found permission " + perm);
-
- //no need to further check the rgionName
- if(context.getRegionName()==null){
- return true;
- }
-
- if(role.regionNames == null || role.regionNames.contains(context.getRegionName())){
- // if regionName is null, i.e. all regions are allowed
- return true;
- }
+ for (OperationContext permitted : role.permissions) {
+ if (permitted.implies(context)) {
+ return true;
}
}
}
- LogService.getLogger().info("Did not find code " + context);
return false;
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/LockServiceMBeanAuthorizationJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/LockServiceMBeanAuthorizationJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/LockServiceMBeanAuthorizationJUnitTest.java
index b4b3f72..f07358b 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/LockServiceMBeanAuthorizationJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/LockServiceMBeanAuthorizationJUnitTest.java
@@ -81,10 +81,10 @@ public class LockServiceMBeanAuthorizationJUnitTest {
@Test
@JMXConnectionConfiguration(user = "data-user", password = "1234567")
public void testNoAccess() throws Exception {
- assertThatThrownBy(() -> lockServiceMBean.becomeLockGrantor()).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> lockServiceMBean.fetchGrantorMember()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> lockServiceMBean.getMemberCount()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> lockServiceMBean.isDistributed()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> lockServiceMBean.listThreadsHoldingLock()).hasMessageContaining("CLUSTER:READ");
+ assertThatThrownBy(() -> lockServiceMBean.becomeLockGrantor()).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> lockServiceMBean.fetchGrantorMember()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> lockServiceMBean.getMemberCount()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> lockServiceMBean.isDistributed()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> lockServiceMBean.listThreadsHoldingLock()).hasMessageContaining(TestCommand.clusterRead.toString());
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ManagerMBeanAuthorizationJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ManagerMBeanAuthorizationJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ManagerMBeanAuthorizationJUnitTest.java
index 2548d21..425c467 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ManagerMBeanAuthorizationJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ManagerMBeanAuthorizationJUnitTest.java
@@ -71,8 +71,8 @@ public class ManagerMBeanAuthorizationJUnitTest {
@Test
@JMXConnectionConfiguration(user = "data-admin", password = "1234567")
public void testSomeAccess() throws Exception {
- assertThatThrownBy(() -> managerMXBean.start()).hasMessageContaining("CLUSTER:MANAGE");
- assertThatThrownBy(() -> managerMXBean.getPulseURL()).hasMessageContaining("CLUSTER:WRITE");
+ assertThatThrownBy(() -> managerMXBean.start()).hasMessageContaining(TestCommand.clusterManage.toString());
+ assertThatThrownBy(() -> managerMXBean.getPulseURL()).hasMessageContaining(TestCommand.clusterWrite.toString());
managerMXBean.isRunning();
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MemberMBeanSecurityJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MemberMBeanSecurityJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MemberMBeanSecurityJUnitTest.java
index c5ff369..8261d09 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MemberMBeanSecurityJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MemberMBeanSecurityJUnitTest.java
@@ -66,7 +66,7 @@ public class MemberMBeanSecurityJUnitTest {
@Test
@JMXConnectionConfiguration(user = "cluster-admin", password = "1234567")
public void testClusterAdmin() throws Exception {
- assertThatThrownBy(() -> bean.compactAllDiskStores()).hasMessageContaining("DATA:MANAGE");
+ assertThatThrownBy(() -> bean.compactAllDiskStores()).hasMessageContaining(TestCommand.dataManage.toString());
bean.shutDownMember();
bean.createManager();
bean.fetchJvmThreads();
@@ -84,8 +84,8 @@ public class MemberMBeanSecurityJUnitTest {
@JMXConnectionConfiguration(user = "data-admin", password = "1234567")
public void testDataAdmin() throws Exception {
bean.compactAllDiskStores();
- assertThatThrownBy(() -> bean.shutDownMember()).hasMessageContaining("CLUSTER:MANAGE");
- assertThatThrownBy(() -> bean.createManager()).hasMessageContaining("CLUSTER:MANAGE");
+ assertThatThrownBy(() -> bean.shutDownMember()).hasMessageContaining(TestCommand.clusterManage.toString());
+ assertThatThrownBy(() -> bean.createManager()).hasMessageContaining(TestCommand.clusterManage.toString());
bean.showJVMMetrics();
bean.status();
}
@@ -93,18 +93,18 @@ public class MemberMBeanSecurityJUnitTest {
@Test
@JMXConnectionConfiguration(user = "data-user", password = "1234567")
public void testDataUser() throws Exception {
- assertThatThrownBy(() -> bean.shutDownMember()).hasMessageContaining("CLUSTER:MANAGE");
- assertThatThrownBy(() -> bean.createManager()).hasMessageContaining("CLUSTER:MANAGE");
- assertThatThrownBy(() -> bean.compactAllDiskStores()).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.fetchJvmThreads()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.getName()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.getDiskStores()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.hasGatewayReceiver()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.isCacheServer()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.isServer()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.listConnectedGatewayReceivers()).hasMessageContaining("CLUSTER:READ");
+ assertThatThrownBy(() -> bean.shutDownMember()).hasMessageContaining(TestCommand.clusterManage.toString());
+ assertThatThrownBy(() -> bean.createManager()).hasMessageContaining(TestCommand.clusterManage.toString());
+ assertThatThrownBy(() -> bean.compactAllDiskStores()).hasMessageContaining(TestCommand.dataManage.toString());
+ assertThatThrownBy(() -> bean.fetchJvmThreads()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.getName()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.getDiskStores()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.hasGatewayReceiver()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.isCacheServer()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.isServer()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.listConnectedGatewayReceivers()).hasMessageContaining(TestCommand.clusterRead.toString());
//assertThatThrownBy(() -> bean.processCommand("create region --name=Region_A")).hasMessageContaining("DATA:MANAGE");
- assertThatThrownBy(() -> bean.showJVMMetrics()).hasMessageContaining("CLUSTER:READ");
- assertThatThrownBy(() -> bean.status()).hasMessageContaining("CLUSTER:READ");
+ assertThatThrownBy(() -> bean.showJVMMetrics()).hasMessageContaining(TestCommand.clusterRead.toString());
+ assertThatThrownBy(() -> bean.status()).hasMessageContaining(TestCommand.clusterRead.toString());
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContextJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContextJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContextJUnitTest.java
new file mode 100644
index 0000000..318d327
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContextJUnitTest.java
@@ -0,0 +1,88 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.gemstone.gemfire.management.internal.security;
+
+import static org.junit.Assert.*;
+
+import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
+import com.gemstone.gemfire.cache.operations.OperationContext.Resource;
+import com.gemstone.gemfire.test.junit.categories.UnitTest;
+
+import org.apache.shiro.authz.permission.WildcardPermission;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+@Category(UnitTest.class)
+public class ResourceOperationContextJUnitTest {
+
+ private ResourceOperationContext context;
+
+ @Test
+ public void testEmptyConstructor(){
+ context = new ResourceOperationContext();
+ assertEquals(Resource.NULL, context.getResource());
+ assertEquals(OperationCode.NULL, context.getOperationCode());
+ assertEquals("NULL", context.getRegionName());
+ }
+
+ @Test
+ public void testIsPermission(){
+ context = new ResourceOperationContext();
+ assertTrue(context instanceof WildcardPermission);
+ }
+
+ @Test
+ public void testConstructor(){
+ context = new ResourceOperationContext(null, null, null);
+ assertEquals(Resource.NULL, context.getResource());
+ assertEquals(OperationCode.NULL, context.getOperationCode());
+ assertEquals("NULL", context.getRegionName());
+
+ context = new ResourceOperationContext(null, null);
+ assertEquals(Resource.NULL, context.getResource());
+ assertEquals(OperationCode.NULL, context.getOperationCode());
+ assertEquals("NULL", context.getRegionName());
+
+ context = new ResourceOperationContext("DATA", null, null);
+ assertEquals(Resource.DATA, context.getResource());
+ assertEquals(OperationCode.NULL, context.getOperationCode());
+ assertEquals("NULL", context.getRegionName());
+
+ context = new ResourceOperationContext(null, "MANAGE", "REGIONA");
+ assertEquals(Resource.NULL, context.getResource());
+ assertEquals(OperationCode.MANAGE, context.getOperationCode());
+ assertEquals("REGIONA", context.getRegionName());
+
+ context = new ResourceOperationContext("DATA", "MANAGE", "REGIONA");
+ assertEquals(Resource.DATA, context.getResource());
+ assertEquals(OperationCode.MANAGE, context.getOperationCode());
+ assertEquals("REGIONA", context.getRegionName());
+ }
+
+ @Test
+ public void testToString(){
+ context = new ResourceOperationContext();
+ assertEquals("[null]:[null]:[null]", context.toString());
+
+ context = new ResourceOperationContext("DATA", "MANAGE");
+ assertEquals("[data]:[manage]:[null]", context.toString());
+
+ context = new ResourceOperationContext("DATA", "MANAGE", "REGIONA");
+ assertEquals("[data]:[manage]:[regiona]", context.toString());
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java
index c25044d..56eeeec 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java
@@ -20,8 +20,24 @@ package com.gemstone.gemfire.management.internal.security;
import java.util.ArrayList;
import java.util.List;
+import com.gemstone.gemfire.cache.operations.OperationContext;
+
+import org.apache.shiro.authz.Permission;
+
public class TestCommand {
-
+ public static OperationContext none = null;
+ public static OperationContext everyOneAllowed = new ResourceOperationContext();
+ public static OperationContext dataRead = new ResourceOperationContext("DATA", "READ");
+ public static OperationContext dataWrite = new ResourceOperationContext("DATA", "WRITE");
+ public static OperationContext dataManage = new ResourceOperationContext("DATA", "MANAGE");
+
+ public static OperationContext regionARead = new ResourceOperationContext("DATA", "READ", "RegionA");
+ public static OperationContext regionAWrite = new ResourceOperationContext("DATA", "WRITE", "RegionA");
+
+ public static OperationContext clusterRead = new ResourceOperationContext("CLUSTER", "READ");
+ public static OperationContext clusterWrite = new ResourceOperationContext("CLUSTER", "WRITE");
+ public static OperationContext clusterManage = new ResourceOperationContext("CLUSTER", "MANAGE");
+
private static List<TestCommand> testCommands = new ArrayList<>();
static{
@@ -29,14 +45,14 @@ public class TestCommand {
}
private final String command;
- private final String permission;
+ private final OperationContext permission;
- public TestCommand(String command, String permission) {
+ public TestCommand(String command, OperationContext permission) {
this.command = command;
this.permission = permission;
}
- private static void createTestCommand(String command, String permission) {
+ private static void createTestCommand(String command, OperationContext permission) {
TestCommand instance = new TestCommand(command, permission);
testCommands.add(instance);
}
@@ -45,7 +61,7 @@ public class TestCommand {
return this.command;
}
- public String getPermission() {
+ public OperationContext getPermission() {
return this.permission;
}
@@ -53,11 +69,11 @@ public class TestCommand {
return testCommands;
}
- public static List<TestCommand> getCommandsOfPermission(String permission){
+ public static List<TestCommand> getPermittedCommands(Permission permission){
List<TestCommand> result = new ArrayList<>();
for(TestCommand testCommand:testCommands){
- String cPerm = testCommand.getPermission();
- if(cPerm!=null && cPerm.startsWith(permission)){
+ OperationContext cPerm = testCommand.getPermission();
+ if(cPerm!=null && permission.implies(cPerm)){
result.add(testCommand);
}
}
@@ -66,75 +82,75 @@ public class TestCommand {
private static void init() {
// ClientCommands
- createTestCommand("list clients", "CLUSTER:READ");
- createTestCommand("describe client --clientID=172.16.196.144", "CLUSTER:READ");
+ createTestCommand("list clients", clusterRead);
+ createTestCommand("describe client --clientID=172.16.196.144", clusterRead);
// ConfigCommands
- createTestCommand("alter runtime", "CLUSTER:MANAGE");
- createTestCommand("describe config --member=Member1", "CLUSTER:READ");
- createTestCommand("export config --member=member1", "CLUSTER:READ");
+ createTestCommand("alter runtime", clusterManage);
+ createTestCommand("describe config --member=Member1", clusterRead);
+ createTestCommand("export config --member=member1", clusterRead);
//CreateAlterDestroyRegionCommands
- createTestCommand("alter region --name=region1 --eviction-max=5000", "DATA:MANAGE");
- createTestCommand("create region --name=region12 --type=REPLICATE", "DATA:MANAGE");
- createTestCommand("destroy region --name=value", "DATA:MANAGE");
+ createTestCommand("alter region --name=region1 --eviction-max=5000", dataManage);
+ createTestCommand("create region --name=region12 --type=REPLICATE", dataManage);
+ createTestCommand("destroy region --name=value", dataManage);
//Data Commands
- createTestCommand("rebalance --include-region=region1", "DATA:MANAGE");
- createTestCommand("export data --region=region1 --file=export.txt --member=exportMember", "DATA:READ");
- createTestCommand("import data --region=region1 --file=import.txt --member=importMember", "DATA:WRITE");
- createTestCommand("put --key=key1 --value=value1 --region=region1", "DATA:WRITE");
- createTestCommand("get --key=key1 --region=region1", "DATA:READ");
- createTestCommand("remove --region=region1", "DATA:MANAGE");
- createTestCommand("query --query='SELECT * FROM /region1'", "DATA:READ");
- createTestCommand("locate entry --key=k1 --region=secureRegion", "DATA:READ");
+ createTestCommand("rebalance --include-region=regionA", dataManage);
+ createTestCommand("export data --region=regionA --file=export.txt --member=exportMember", regionARead);
+ createTestCommand("import data --region=regionA --file=import.txt --member=importMember", regionAWrite);
+ createTestCommand("put --key=key1 --value=value1 --region=regionA", regionAWrite);
+ createTestCommand("get --key=key1 --region=regionA", regionARead);
+ createTestCommand("remove --region=regionA", dataManage);
+ createTestCommand("query --query='SELECT * FROM /region1'", dataRead);
+ createTestCommand("locate entry --key=k1 --region=regionA", regionARead);
// Deploy commands
- //createTestCommand("deploy --jar=group1_functions.jar --group=Group1", "DATA:MANAGE"); // TODO: this command will fail in GfshCommandsSecurityTest at interceptor for jar file checking
- createTestCommand("undeploy --group=Group1", "DATA:MANAGE");
+ //createTestCommand("deploy --jar=group1_functions.jar --group=Group1", dataManage); // TODO: this command will fail in GfshCommandsSecurityTest at interceptor for jar file checking
+ createTestCommand("undeploy --group=Group1", dataManage);
// Diskstore Commands
- createTestCommand("backup disk-store --dir=foo", "DATA:READ");
- createTestCommand("list disk-stores", "CLUSTER:READ");
- createTestCommand("create disk-store --name=foo --dir=bar", "DATA:MANAGE");
- createTestCommand("compact disk-store --name=foo", "DATA:MANAGE");
+ createTestCommand("backup disk-store --dir=foo", dataRead);
+ createTestCommand("list disk-stores", clusterRead);
+ createTestCommand("create disk-store --name=foo --dir=bar", dataManage);
+ createTestCommand("compact disk-store --name=foo", dataManage);
createTestCommand("compact offline-disk-store --name=foo --disk-dirs=bar", null);
createTestCommand("upgrade offline-disk-store --name=foo --disk-dirs=bar", null);
- createTestCommand("describe disk-store --name=foo --member=baz", "CLUSTER:READ");
- createTestCommand("revoke missing-disk-store --id=foo", "DATA:MANAGE");
- createTestCommand("show missing-disk-stores", "CLUSTER:READ");
+ createTestCommand("describe disk-store --name=foo --member=baz", clusterRead);
+ createTestCommand("revoke missing-disk-store --id=foo", dataManage);
+ createTestCommand("show missing-disk-stores", clusterRead);
createTestCommand("describe offline-disk-store --name=foo --disk-dirs=bar", null);
createTestCommand("export offline-disk-store --name=foo --disk-dirs=bar --dir=baz", null);
createTestCommand("validate offline-disk-store --name=foo --disk-dirs=bar", null);
createTestCommand("alter disk-store --name=foo --region=xyz --disk-dirs=bar", null);
- createTestCommand("destroy disk-store --name=foo", "DATA:MANAGE");
+ createTestCommand("destroy disk-store --name=foo", dataManage);
// DurableClientCommands
- createTestCommand("close durable-client --durable-client-id=client1", "DATA:MANAGE");
- createTestCommand("close durable-cq --durable-client-id=client1 --durable-cq-name=cq1", "DATA:MANAGE");
- createTestCommand("show subscription-queue-size --durable-client-id=client1", "CLUSTER:READ");
- createTestCommand("list durable-cqs --durable-client-id=client1", "CLUSTER:READ");
+ createTestCommand("close durable-client --durable-client-id=client1", dataManage);
+ createTestCommand("close durable-cq --durable-client-id=client1 --durable-cq-name=cq1", dataManage);
+ createTestCommand("show subscription-queue-size --durable-client-id=client1", clusterRead);
+ createTestCommand("list durable-cqs --durable-client-id=client1", clusterRead);
//ExportIMportSharedConfigurationCommands
- createTestCommand("export cluster-configuration --zip-file-name=mySharedConfig.zip", "CLUSTER:READ");
- createTestCommand("import cluster-configuration --zip-file-name=value.zip", "CLUSTER:MANAGE");
+ createTestCommand("export cluster-configuration --zip-file-name=mySharedConfig.zip", clusterRead);
+ createTestCommand("import cluster-configuration --zip-file-name=value.zip", clusterManage);
//FunctionCommands
- //createTestCommand("destroy function --id=InterestCalculations", "DATA:MANAGE");
- createTestCommand("execute function --id=InterestCalculations --group=Group1", "DATA:WRITE");
- createTestCommand("list functions", "CLUSTER:READ");
+ //createTestCommand("destroy function --id=InterestCalculations", dataManage);
+ createTestCommand("execute function --id=InterestCalculations --group=Group1", dataWrite);
+ createTestCommand("list functions", clusterRead);
//GfshHelpCommands
createTestCommand("hint", null);
createTestCommand("help", null);
//IndexCommands
- createTestCommand("clear defined indexes", "DATA:MANAGE");
- createTestCommand("create defined indexes", "DATA:MANAGE");
- createTestCommand("create index --name=myKeyIndex --expression=region1.Id --region=region1 --type=key", "DATA:MANAGE");
- createTestCommand("define index --name=myIndex1 --expression=exp1 --region=/exampleRegion", "DATA:MANAGE");
- createTestCommand("destroy index --member=server2", "DATA:MANAGE");
- createTestCommand("list indexes", "CLUSTER:READ");
+ createTestCommand("clear defined indexes", dataManage);
+ createTestCommand("create defined indexes", dataManage);
+ createTestCommand("create index --name=myKeyIndex --expression=region1.Id --region=region1 --type=key", dataManage);
+ createTestCommand("define index --name=myIndex1 --expression=exp1 --region=/exampleRegion", dataManage);
+ createTestCommand("destroy index --member=server2", dataManage);
+ createTestCommand("list indexes", clusterRead);
//LauncherLifecycleCommands
createTestCommand("start jconsole", null);
@@ -145,38 +161,38 @@ public class TestCommand {
createTestCommand("start vsd", null);
createTestCommand("status locator", null);
createTestCommand("status server", null);
- //createTestCommand("stop locator --name=locator1", "CLUSTER:MANAGE");
- //createTestCommand("stop server --name=server1", "CLUSTER:MANAGE");
+ //createTestCommand("stop locator --name=locator1", clusterManage);
+ //createTestCommand("stop server --name=server1", clusterManage);
//MemberCommands
- createTestCommand("describe member --name=server1", "CLUSTER:READ");
- createTestCommand("list members", "CLUSTER:READ");
+ createTestCommand("describe member --name=server1", clusterRead);
+ createTestCommand("list members", clusterRead);
// Misc Commands
- createTestCommand("change loglevel --loglevel=severe --member=server1", "CLUSTER:WRITE");
- createTestCommand("export logs --dir=data/logs", "CLUSTER:READ");
- createTestCommand("export stack-traces --file=stack.txt", "CLUSTER:READ");
- createTestCommand("gc", "CLUSTER:MANAGE");
- createTestCommand("netstat --member=server1", "CLUSTER:READ");
- createTestCommand("show dead-locks --file=deadlocks.txt", "CLUSTER:READ");
- createTestCommand("show log --member=locator1 --lines=5", "CLUSTER:READ");
- createTestCommand("show metrics", "CLUSTER:READ");
+ createTestCommand("change loglevel --loglevel=severe --member=server1", clusterWrite);
+ createTestCommand("export logs --dir=data/logs", clusterRead);
+ createTestCommand("export stack-traces --file=stack.txt", clusterRead);
+ createTestCommand("gc", clusterManage);
+ createTestCommand("netstat --member=server1", clusterRead);
+ createTestCommand("show dead-locks --file=deadlocks.txt", clusterRead);
+ createTestCommand("show log --member=locator1 --lines=5", clusterRead);
+ createTestCommand("show metrics", clusterRead);
// PDX Commands
- createTestCommand("configure pdx --read-serialized=true", "DATA:MANAGE");
- //createTestCommand("pdx rename --old=com.gemstone --new=com.pivotal --disk-store=ds1 --disk-dirs=/diskDir1", "DATA:MANAGE");
+ createTestCommand("configure pdx --read-serialized=true", dataManage);
+ //createTestCommand("pdx rename --old=com.gemstone --new=com.pivotal --disk-store=ds1 --disk-dirs=/diskDir1", dataManage);
// Queue Commands
- createTestCommand("create async-event-queue --id=myAEQ --listener=myApp.myListener", "DATA:MANAGE");
- createTestCommand("list async-event-queues", "CLUSTER:READ");
+ createTestCommand("create async-event-queue --id=myAEQ --listener=myApp.myListener", dataManage);
+ createTestCommand("list async-event-queues", clusterRead);
//RegionCommands
- createTestCommand("describe region --name=value", "CLUSTER:READ");
- createTestCommand("list regions", "CLUSTER:READ");
+ createTestCommand("describe region --name=value", clusterRead);
+ createTestCommand("list regions", clusterRead);
// StatusCommands
- createTestCommand("status cluster-config-service", "CLUSTER:READ");
+ createTestCommand("status cluster-config-service", clusterRead);
// Shell Commands
createTestCommand("connect", null);
@@ -190,22 +206,22 @@ public class TestCommand {
// WAN Commands
- createTestCommand("create gateway-sender --id=sender1 --remote-distributed-system-id=2", "DATA:MANAGE");
- createTestCommand("start gateway-sender --id=sender1", "DATA:MANAGE");
- createTestCommand("pause gateway-sender --id=sender1", "DATA:MANAGE");
- createTestCommand("resume gateway-sender --id=sender1", "DATA:MANAGE");
- createTestCommand("stop gateway-sender --id=sender1", "DATA:MANAGE");
- createTestCommand("load-balance gateway-sender --id=sender1", "DATA:MANAGE");
- createTestCommand("list gateways", "CLUSTER:READ");
- createTestCommand("create gateway-receiver", "DATA:MANAGE");
- createTestCommand("start gateway-receiver", "DATA:MANAGE");
- createTestCommand("stop gateway-receiver", "DATA:MANAGE");
- createTestCommand("status gateway-receiver", "CLUSTER:READ");
- createTestCommand("status gateway-sender --id=sender1", "CLUSTER:READ");
+ createTestCommand("create gateway-sender --id=sender1 --remote-distributed-system-id=2", dataManage);
+ createTestCommand("start gateway-sender --id=sender1", dataManage);
+ createTestCommand("pause gateway-sender --id=sender1", dataManage);
+ createTestCommand("resume gateway-sender --id=sender1", dataManage);
+ createTestCommand("stop gateway-sender --id=sender1", dataManage);
+ createTestCommand("load-balance gateway-sender --id=sender1", dataManage);
+ createTestCommand("list gateways", clusterRead);
+ createTestCommand("create gateway-receiver", dataManage);
+ createTestCommand("start gateway-receiver", dataManage);
+ createTestCommand("stop gateway-receiver", dataManage);
+ createTestCommand("status gateway-receiver", clusterRead);
+ createTestCommand("status gateway-sender --id=sender1", clusterRead);
//ShellCommand
createTestCommand("disconnect", null);
//Misc commands
- //createTestCommand("shutdown", "CLUSTER:MANAGE");
+ //createTestCommand("shutdown", clusterManage);
};
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/auth3.json
----------------------------------------------------------------------
diff --git a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/auth3.json b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/auth3.json
index cfd43f5..635cff5 100644
--- a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/auth3.json
+++ b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/auth3.json
@@ -11,7 +11,7 @@
"operationsAllowed": [
"REGION:GET"
],
- "region": "secureRegion"
+ "regions": "secureRegion"
}
],
"users": [
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
----------------------------------------------------------------------
diff --git a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
index 01c9fd6..638ae07 100644
--- a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
+++ b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
@@ -76,16 +76,18 @@
{
"name": "region1-use",
"operationsAllowed": [
- "DATA"
+ "DATA:READ",
+ "DATA:WRITE"
],
- "region": "region1"
+ "regions": "null,region1"
},
{
"name": "secure-use",
"operationsAllowed": [
- "DATA"
+ "DATA:READ",
+ "DATA:WRITE"
],
- "regions": ["region1", "secureRegion"]
+ "regions": "null,region1,secureRegion"
}
],
"users": [
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/shiro-ini.json
----------------------------------------------------------------------
diff --git a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/shiro-ini.json b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/shiro-ini.json
new file mode 100644
index 0000000..d586fa1
--- /dev/null
+++ b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/shiro-ini.json
@@ -0,0 +1,87 @@
+{
+ "roles": [
+ {
+ "name": "admin",
+ "operationsAllowed": [
+ "CLUSTER:MANAGE",
+ "CLUSTER:WRITE",
+ "CLUSTER:READ",
+ "DATA:MANAGE",
+ "DATA:WRITE",
+ "DATA:READ"
+ ]
+ },
+ {
+ "name": "readRegionA",
+ "operationsAllowed": [
+ "DATA:READ"
+ ],
+ "regions": "RegionA"
+ },
+ {
+ "name": "useRegionA",
+ "operationsAllowed": [
+ "DATA:MANAGE",
+ "DATA:WRITE",
+ "DATA:READ"
+ ],
+ "regions": "RegionA"
+ },
+ {
+ "name": "readData",
+ "operationsAllowed": [
+ "DATA:READ"
+ ]
+ },
+ {
+ "name": "readAll",
+ "operationsAllowed": [
+ "CLUSTER:READ",
+ "DATA:READ"
+ ]
+ }
+ ],
+ "users": [
+ {
+ "name": "root",
+ "password": "secret",
+ "roles": [
+ "admin"
+ ]
+ },
+ {
+ "name": "guest",
+ "password": "guest",
+ "roles": [
+ ]
+ },
+ {
+ "name": "regionAReader",
+ "password": "password",
+ "roles": [
+ "readRegionA"
+ ]
+ },
+ {
+ "name": "regionAUser",
+ "password": "password",
+ "roles": [
+ "useRegionA"
+ ]
+ },
+ {
+ "name": "dataReader",
+ "password": "12345",
+ "roles": [
+ "readData"
+ ]
+ },
+ {
+ "name": "reader",
+ "password": "12345",
+ "roles": [
+ "readAll"
+ ]
+ }
+ ]
+}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/testInheritRole.json
----------------------------------------------------------------------
diff --git a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/testInheritRole.json b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/testInheritRole.json
deleted file mode 100644
index 3053a92..0000000
--- a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/testInheritRole.json
+++ /dev/null
@@ -1,40 +0,0 @@
-{
-"roles" : [
- {
- "name" : "jmxReader",
- "operationsAllowed" : ["QUERY"]
- },
- {
- "name" : "jmxWriter",
- "operationsAllowed" : ["CHANGE_LOG_LEVEL"]
- },
- {
- "name" : "admin",
- "operationsAllowed" : ["CMD_SHUTDOWN"]
- },
- {
- "name" : "adminSG1",
- "inherit" : [ "admin" ],
- "serverGroup" : "SG1"
- },
- {
- "name" : "adminSG2",
- "inherit" : [ "admin" , "jmxWriter"],
- "serverGroup" : "SG2"
- }
- ],
-users : [
- {
- "name" : "tushark",
- "roles" : ["jmxReader"]
- },
- {
- "name" : "admin1",
- "roles" : ["adminSG1"]
- },
- {
- "name" : "admin2",
- "roles" : ["adminSG2"]
- }
- ]
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/testSimpleUserAndRole.json
----------------------------------------------------------------------
diff --git a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/testSimpleUserAndRole.json b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/testSimpleUserAndRole.json
deleted file mode 100644
index 0542cf4..0000000
--- a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/testSimpleUserAndRole.json
+++ /dev/null
@@ -1,18 +0,0 @@
-{
- "roles": [
- {
- "name": "jmxReader",
- "operationsAllowed": [
- "QUERY:EXECUTE"
- ]
- }
- ],
- "users": [
- {
- "name": "tushark",
- "roles": [
- "jmxReader"
- ]
- }
- ]
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/testUserAndRoleRegionServerGroup.json
----------------------------------------------------------------------
diff --git a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/testUserAndRoleRegionServerGroup.json b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/testUserAndRoleRegionServerGroup.json
deleted file mode 100644
index 6bb28bf..0000000
--- a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/testUserAndRoleRegionServerGroup.json
+++ /dev/null
@@ -1,20 +0,0 @@
-{
- "roles": [
- {
- "name": "jmxReader",
- "operationsAllowed": [
- "QUERY:EXECUTE"
- ],
- "serverGroup": "SG2",
- "region": "secureRegion"
- }
- ],
- "users": [
- {
- "name": "tushark",
- "roles": [
- "jmxReader"
- ]
- }
- ]
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/testUserMultipleRole.json
----------------------------------------------------------------------
diff --git a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/testUserMultipleRole.json b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/testUserMultipleRole.json
deleted file mode 100644
index 7a07a21..0000000
--- a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/testUserMultipleRole.json
+++ /dev/null
@@ -1,26 +0,0 @@
-{
- "roles": [
- {
- "name": "jmxReader",
- "operationsAllowed": [
- "QUERY:EXECUTE"
- ]
- },
- {
- "name": "sysMonitors",
- "operationsAllowed": [
- "MEMBER:EXPORT_LOGS",
- "MEMBER:GC"
- ]
- }
- ],
- "users": [
- {
- "name": "tushark",
- "roles": [
- "jmxReader",
- "sysMonitors"
- ]
- }
- ]
-}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-core/src/test/resources/shiro.ini
----------------------------------------------------------------------
diff --git a/geode-core/src/test/resources/shiro.ini b/geode-core/src/test/resources/shiro.ini
index 37b81b2..a9746a5 100644
--- a/geode-core/src/test/resources/shiro.ini
+++ b/geode-core/src/test/resources/shiro.ini
@@ -13,6 +13,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+# the users and roles in this file needs to be kept in sync with shiro.ini
+# since they are used by the same test to test ShiroUtil
# -----------------------------------------------------------------------------
# Users and their (optional) assigned roles
# username = password, role1, role2, ..., roleN
@@ -20,7 +22,10 @@
[users]
root = secret, admin
guest = guest, guest
-stranger = 12345, none
+regionAReader = password, readRegionA
+regionAUser = password, useRegionA
+dataReader = 12345, readData
+reader = 12345, readAll
# -----------------------------------------------------------------------------
# Roles with assigned permissions
@@ -28,4 +33,8 @@ stranger = 12345, none
# -----------------------------------------------------------------------------
[roles]
admin = *
-guest = none
\ No newline at end of file
+guest = none
+readRegionA = DATA:READ:RegionA
+useRegionA = *:*:RegionA
+readData = DATA:READ
+readAll = *:READ
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-junit/src/main/java/com/gemstone/gemfire/test/junit/rules/DescribedExternalResource.java
----------------------------------------------------------------------
diff --git a/geode-junit/src/main/java/com/gemstone/gemfire/test/junit/rules/DescribedExternalResource.java b/geode-junit/src/main/java/com/gemstone/gemfire/test/junit/rules/DescribedExternalResource.java
index 543b7fc..b12bab1 100644
--- a/geode-junit/src/main/java/com/gemstone/gemfire/test/junit/rules/DescribedExternalResource.java
+++ b/geode-junit/src/main/java/com/gemstone/gemfire/test/junit/rules/DescribedExternalResource.java
@@ -14,18 +14,17 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-
-/**
- * this class extends the capability of JUnit's ExternalResource in that
- * it provides a Description object in the before and after methods, so that
- * the implementation would have access to the annotation of the test methods
- */
package com.gemstone.gemfire.test.junit.rules;
import org.junit.rules.TestRule;
import org.junit.runner.Description;
import org.junit.runners.model.Statement;
+/**
+ * this class extends the capability of JUnit's ExternalResource in that
+ * it provides a Description object in the before and after methods, so that
+ * the implementation would have access to the annotation of the test methods
+ */
public class DescribedExternalResource implements TestRule {
public Statement apply(Statement base, Description description) {
return statement(base, description);
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-pulse/src/main/java/com/vmware/gemfire/tools/pulse/internal/security/GemFireAuthentication.java
----------------------------------------------------------------------
diff --git a/geode-pulse/src/main/java/com/vmware/gemfire/tools/pulse/internal/security/GemFireAuthentication.java b/geode-pulse/src/main/java/com/vmware/gemfire/tools/pulse/internal/security/GemFireAuthentication.java
index 5253f2f..a7a611d 100644
--- a/geode-pulse/src/main/java/com/vmware/gemfire/tools/pulse/internal/security/GemFireAuthentication.java
+++ b/geode-pulse/src/main/java/com/vmware/gemfire/tools/pulse/internal/security/GemFireAuthentication.java
@@ -14,9 +14,9 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
+
package com.vmware.gemfire.tools.pulse.internal.security;
-import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import javax.management.MBeanServerConnection;
@@ -33,87 +33,59 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority;
/**
* Spring security authentication object for GemFire
- *
+ * <p>
* To use GemFire Integrated Security Model set Spring Application Profile to pulse.authentication.gemfire
- *
- * 1. Authentication :
- * 1.a GemFire profile creates JMX connection with given credentials at the login time.
- * 1.b Successful connect is considered as Successful Authentication for Pulse WebApp
- *
- *
+ * <p>
+ * 1. Authentication :
+ * 1.a GemFire profile creates JMX connection with given credentials at the login time.
+ * 1.b Successful connect is considered as Successful Authentication for Pulse WebApp
+ * <p>
+ * <p>
* 2. Authorization :
- * 2.a Using newly created authenticated connection AccessControlMXBean is called to get authentication
- * levels. See @See {@link #populateAuthorities(JMXConnector)}. This sets Spring Security Authorities
- * 2.b DataBrowser end-points are required to be authorized against Spring Granted Authority
- * @See spring-security.xml
- * 2.c When executing Data-Browser query, user-level jmx connection is used so at to put access-control
- * over the resources query is accessing.
- * @See #com.vmware.gemfire.tools.pulse.internal.data.JMXDataUpdater#executeQuery
- *
- * 3. Connection Management - Spring Security LogoutHandler closes session level connection
- *
- * TODO : Better model would be to maintain background connection map for Databrowser instead
- * of each web session creating rmi connection and map user to correct entry in the connection map
- *
+ * 2.a Using newly created authenticated connection AccessControlMXBean is called to get authentication
+ * levels. See @See {@link #populateAuthorities(JMXConnector)}. This sets Spring Security Authorities
+ * 2.b DataBrowser end-points are required to be authorized against Spring Granted Authority
* @since version 9.0
*/
-public class GemFireAuthentication extends UsernamePasswordAuthenticationToken {
+public class GemFireAuthentication extends UsernamePasswordAuthenticationToken {
private final static PulseLogWriter logger = PulseLogWriter.getLogger();
-
- private JMXConnector jmxc=null;
-
- public GemFireAuthentication(Object principal, Object credentials, Collection<GrantedAuthority> list, JMXConnector jmxc) {
- super(principal, credentials, list);
- this.jmxc = jmxc;
- }
- private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
-
-
- public void closeJMXConnection(){
- try {
- jmxc.close();
- } catch (IOException e) {
- throw new RuntimeException(e);
- }
- }
-
- public MBeanServerConnection getRemoteMBeanServer() {
- try {
- return jmxc.getMBeanServerConnection();
- } catch (IOException e) {
- throw new RuntimeException(e);
- }
- }
+ private JMXConnector jmxc = null;
+
+ public GemFireAuthentication(Object principal, Object credentials, Collection<GrantedAuthority> list, JMXConnector jmxc) {
+ super(principal, credentials, list);
+ this.jmxc = jmxc;
+ }
+
+ private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
- public static ArrayList<GrantedAuthority> populateAuthorities(JMXConnector jmxc) {
- ObjectName name;
- ArrayList<GrantedAuthority> authorities = new ArrayList<>();
- try {
- name = new ObjectName(PulseConstants.OBJECT_NAME_ACCESSCONTROL_MBEAN);
- MBeanServerConnection mbeanServer = jmxc.getMBeanServerConnection();
+ public static ArrayList<GrantedAuthority> populateAuthorities(JMXConnector jmxc) {
+ ObjectName name;
+ ArrayList<GrantedAuthority> authorities = new ArrayList<>();
+ try {
+ name = new ObjectName(PulseConstants.OBJECT_NAME_ACCESSCONTROL_MBEAN);
+ MBeanServerConnection mbeanServer = jmxc.getMBeanServerConnection();
- for(String role : PulseConstants.PULSE_ROLES){
- Object[] params = role.split(":");
- String[] signature = new String[] {String.class.getCanonicalName(), String.class.getCanonicalName()};
- boolean result = (Boolean)mbeanServer.invoke(name, "authorize", params, signature);
- if(result){
- authorities.add(new SimpleGrantedAuthority(role));
- }
- }
- }catch (Exception e){
- throw new RuntimeException(e.getMessage(), e);
- }
+ for (String role : PulseConstants.PULSE_ROLES) {
+ Object[] params = role.split(":");
+ String[] signature = new String[] { String.class.getCanonicalName(), String.class.getCanonicalName() };
+ boolean result = (Boolean) mbeanServer.invoke(name, "authorize", params, signature);
+ if (result) {
+ authorities.add(new SimpleGrantedAuthority(role));
+ }
+ }
+ }
+ catch (Exception e) {
+ throw new RuntimeException(e.getMessage(), e);
+ }
- return authorities;
+ return authorities;
- }
+ }
- public JMXConnector getJmxc() {
- return jmxc;
- }
-
-
+ public JMXConnector getJmxc() {
+ return jmxc;
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-pulse/src/main/java/com/vmware/gemfire/tools/pulse/internal/security/GemFireAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/geode-pulse/src/main/java/com/vmware/gemfire/tools/pulse/internal/security/GemFireAuthenticationProvider.java b/geode-pulse/src/main/java/com/vmware/gemfire/tools/pulse/internal/security/GemFireAuthenticationProvider.java
index 548c3a5..ee263b1 100644
--- a/geode-pulse/src/main/java/com/vmware/gemfire/tools/pulse/internal/security/GemFireAuthenticationProvider.java
+++ b/geode-pulse/src/main/java/com/vmware/gemfire/tools/pulse/internal/security/GemFireAuthenticationProvider.java
@@ -16,8 +16,12 @@
*/
package com.vmware.gemfire.tools.pulse.internal.security;
+import java.util.Collection;
+import javax.management.remote.JMXConnector;
+
import com.vmware.gemfire.tools.pulse.internal.data.Repository;
import com.vmware.gemfire.tools.pulse.internal.log.PulseLogWriter;
+
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
@@ -26,14 +30,9 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
-import javax.management.remote.JMXConnector;
-import java.util.Collection;
-
/**
* Spring security AuthenticationProvider for GemFire. It connects to gemfire manager using given credentials.
* Successful connect is treated as successful authentication and web user is authenticated
- *
- * @author Tushar Khairnar
* @since version 9.0
*/
public class GemFireAuthenticationProvider implements AuthenticationProvider {
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7c38f0d8/geode-pulse/src/main/java/com/vmware/gemfire/tools/pulse/internal/security/LogoutHandler.java
----------------------------------------------------------------------
diff --git a/geode-pulse/src/main/java/com/vmware/gemfire/tools/pulse/internal/security/LogoutHandler.java b/geode-pulse/src/main/java/com/vmware/gemfire/tools/pulse/internal/security/LogoutHandler.java
index a70925d..7309f90 100644
--- a/geode-pulse/src/main/java/com/vmware/gemfire/tools/pulse/internal/security/LogoutHandler.java
+++ b/geode-pulse/src/main/java/com/vmware/gemfire/tools/pulse/internal/security/LogoutHandler.java
@@ -16,20 +16,20 @@
*/
package com.vmware.gemfire.tools.pulse.internal.security;
+import java.io.IOException;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
import com.vmware.gemfire.tools.pulse.internal.data.Repository;
import com.vmware.gemfire.tools.pulse.internal.log.PulseLogWriter;
+
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
/**
* Handler is used to close jmx connection maintained at user-level
- * @author tushark
*
*/
public class LogoutHandler extends SimpleUrlLogoutSuccessHandler implements LogoutSuccessHandler {