You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by ji...@apache.org on 2016/03/31 17:23:14 UTC
[51/64] [abbrv] incubator-geode git commit: GEODE-693: refactor
security dunit tests
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/22ca5ef8/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientPostAuthorizationDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientPostAuthorizationDUnitTest.java b/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientPostAuthorizationDUnitTest.java
index 4381510..ce03ac6 100644
--- a/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientPostAuthorizationDUnitTest.java
+++ b/geode-cq/src/test/java/com/gemstone/gemfire/security/ClientPostAuthorizationDUnitTest.java
@@ -16,6 +16,10 @@
*/
package com.gemstone.gemfire.security;
+import static com.gemstone.gemfire.internal.AvailablePort.*;
+import static com.gemstone.gemfire.security.SecurityTestUtils.*;
+import static com.gemstone.gemfire.test.dunit.LogWriterUtils.*;
+
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
@@ -23,11 +27,14 @@ import java.util.Properties;
import java.util.Random;
import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import com.gemstone.gemfire.internal.AvailablePort;
import com.gemstone.gemfire.security.generator.AuthzCredentialGenerator;
import com.gemstone.gemfire.security.generator.CredentialGenerator;
-import com.gemstone.gemfire.test.dunit.Host;
-import com.gemstone.gemfire.test.dunit.LogWriterUtils;
+import com.gemstone.gemfire.test.junit.Retry;
+import com.gemstone.gemfire.test.junit.categories.DistributedTest;
+import com.gemstone.gemfire.test.junit.rules.RetryRule;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
/**
* Tests for authorization from client to server. This tests for authorization
@@ -36,83 +43,19 @@ import com.gemstone.gemfire.test.dunit.LogWriterUtils;
*
* @since 5.5
*/
-public class ClientPostAuthorizationDUnitTest extends
- ClientAuthorizationTestBase {
-
-
- /** constructor */
- public ClientPostAuthorizationDUnitTest(String name) {
- super(name);
- }
-
- @Override
- public final void postSetUp() throws Exception {
- final Host host = Host.getHost(0);
- server1 = host.getVM(0);
- server2 = host.getVM(1);
- client1 = host.getVM(2);
- client2 = host.getVM(3);
-
- server1.invoke(() -> SecurityTestUtil.registerExpectedExceptions( serverExpectedExceptions ));
- server2.invoke(() -> SecurityTestUtil.registerExpectedExceptions( serverExpectedExceptions ));
- client2.invoke(() -> SecurityTestUtil.registerExpectedExceptions( clientExpectedExceptions ));
- SecurityTestUtil.registerExpectedExceptions(clientExpectedExceptions);
- }
-
- // Region: Tests
-
- public void testAllPostOps() {
-
- OperationWithAction[] allOps = {
- // Test CREATE and verify with a GET
- new OperationWithAction(OperationCode.PUT),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.CHECK_NOKEY, 4),
- new OperationWithAction(OperationCode.GET, 3, OpFlags.CHECK_NOKEY
- | OpFlags.CHECK_NOTAUTHZ, 4),
-
- // OPBLOCK_END indicates end of an operation block that needs to
- // be executed on each server when doing failover
- OperationWithAction.OPBLOCK_END,
-
- // Test UPDATE and verify with a GET
- new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN
- | OpFlags.USE_NEWVAL, 4),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.USE_NEWVAL, 4),
- new OperationWithAction(OperationCode.GET, 3,
- OpFlags.USE_OLDCONN | OpFlags.CHECK_NOKEY | OpFlags.USE_NEWVAL
- | OpFlags.CHECK_NOTAUTHZ, 4),
+@Category(DistributedTest.class)
+public class ClientPostAuthorizationDUnitTest extends ClientAuthorizationTestCase {
- OperationWithAction.OPBLOCK_END,
+ @Rule
+ public RetryRule retryRule = new RetryRule();
- // Test UPDATE and verify with a KEY_SET
- new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN, 6),
- new OperationWithAction(OperationCode.KEY_SET, 2, OpFlags.NONE, 6),
- new OperationWithAction(OperationCode.KEY_SET, 3,
- OpFlags.CHECK_NOTAUTHZ, 6),
+ @Test
+ @Retry(2)
+ public void testAllPostOps() throws Exception {
+ OperationWithAction[] allOps = allOpsForTestAllPostOps();
- OperationWithAction.OPBLOCK_END,
-
- // Test UPDATE and verify with a QUERY
- new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN
- | OpFlags.USE_NEWVAL, 7),
- new OperationWithAction(OperationCode.QUERY, 2, OpFlags.USE_NEWVAL, 7),
- new OperationWithAction(OperationCode.QUERY, 3, OpFlags.USE_NEWVAL
- | OpFlags.CHECK_NOTAUTHZ, 7),
-
- OperationWithAction.OPBLOCK_END,
-
- // Test UPDATE and verify with a EXECUTE_CQ initial results
- new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN, 8),
- new OperationWithAction(OperationCode.EXECUTE_CQ, 2, OpFlags.NONE, 8),
- new OperationWithAction(OperationCode.EXECUTE_CQ, 3,
- OpFlags.CHECK_NOTAUTHZ, 8),
-
- OperationWithAction.OPBLOCK_END };
-
- Iterator iter = getDummyGeneratorCombos().iterator();
- while (iter.hasNext()) {
- AuthzCredentialGenerator gen = (AuthzCredentialGenerator)iter.next();
+ for (Iterator<AuthzCredentialGenerator> iter = getDummyGeneratorCombos().iterator(); iter.hasNext();) {
+ AuthzCredentialGenerator gen = iter.next();
CredentialGenerator cGen = gen.getCredentialGenerator();
Properties extraAuthProps = cGen.getSystemProperties();
Properties javaProps = cGen.getJavaProperties();
@@ -122,56 +65,45 @@ public class ClientPostAuthorizationDUnitTest extends
String accessor = gen.getAuthorizationCallback();
TestAuthzCredentialGenerator tgen = new TestAuthzCredentialGenerator(gen);
- LogWriterUtils.getLogWriter().info("testAllPostOps: Using authinit: " + authInit);
- LogWriterUtils.getLogWriter().info(
- "testAllPostOps: Using authenticator: " + authenticator);
- LogWriterUtils.getLogWriter().info("testAllPostOps: Using accessor: " + accessor);
+ getLogWriter().info("testAllPostOps: Using authinit: " + authInit);
+ getLogWriter().info("testAllPostOps: Using authenticator: " + authenticator);
+ getLogWriter().info("testAllPostOps: Using accessor: " + accessor);
// Start servers with all required properties
- Properties serverProps = buildProperties(authenticator, accessor, true,
- extraAuthProps, extraAuthzProps);
+ Properties serverProps = buildProperties(authenticator, accessor, true, extraAuthProps, extraAuthzProps);
+
// Get ports for the servers
- Integer port1 = new Integer(AvailablePort
- .getRandomAvailablePort(AvailablePort.SOCKET));
- Integer port2 = new Integer(AvailablePort
- .getRandomAvailablePort(AvailablePort.SOCKET));
+ int port1 = getRandomAvailablePort(SOCKET);
+ int port2 = getRandomAvailablePort(SOCKET);
// Close down any running servers
- server1.invoke(() -> SecurityTestUtil.closeCache());
- server2.invoke(() -> SecurityTestUtil.closeCache());
+ server1.invoke(() -> closeCache());
+ server2.invoke(() -> closeCache());
// Perform all the ops on the clients
List opBlock = new ArrayList();
Random rnd = new Random();
+
for (int opNum = 0; opNum < allOps.length; ++opNum) {
- // Start client with valid credentials as specified in
- // OperationWithAction
+ // Start client with valid credentials as specified in OperationWithAction
OperationWithAction currentOp = allOps[opNum];
- if (currentOp.equals(OperationWithAction.OPBLOCK_END)
- || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
- // End of current operation block; execute all the operations
- // on the servers with failover
+ if (currentOp.equals(OperationWithAction.OPBLOCK_END) || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
+ // End of current operation block; execute all the operations on the servers with failover
if (opBlock.size() > 0) {
// Start the first server and execute the operation block
- server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer(
- SecurityTestUtil.getLocatorPort(), port1, serverProps,
- javaProps ));
- server2.invoke(() -> SecurityTestUtil.closeCache());
- executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps,
- extraAuthzProps, tgen, rnd);
+ server1.invoke(() -> createCacheServer(getLocatorPort(), port1, serverProps, javaProps ));
+ server2.invoke(() -> closeCache());
+ executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, tgen, rnd);
if (!currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
// Failover to the second server and run the block again
- server2.invoke(() -> ClientAuthorizationTestBase.createCacheServer(
- SecurityTestUtil.getLocatorPort(), port2, serverProps,
- javaProps ));
- server1.invoke(() -> SecurityTestUtil.closeCache());
- executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps,
- extraAuthzProps, tgen, rnd);
+ server2.invoke(() -> createCacheServer(getLocatorPort(), port2, serverProps, javaProps ));
+ server1.invoke(() -> closeCache());
+ executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, tgen, rnd);
}
opBlock.clear();
}
- }
- else {
+
+ } else {
currentOp.setOpNum(opNum);
opBlock.add(currentOp);
}
@@ -179,57 +111,134 @@ public class ClientPostAuthorizationDUnitTest extends
}
}
- public void testAllOpsNotifications() {
+ @Test
+ public void testAllOpsNotifications() throws Exception {
+ OperationWithAction[] allOps = allOpsForTestAllOpsNotifications();
+
+ AuthzCredentialGenerator authzGenerator = getXmlAuthzGenerator();
+
+ getLogWriter().info("Executing opblocks with credential generator " + authzGenerator);
+
+ CredentialGenerator credentialGenerator = authzGenerator.getCredentialGenerator();
+ Properties extraAuthProps = credentialGenerator.getSystemProperties();
+ Properties javaProps = credentialGenerator.getJavaProperties();
+ Properties extraAuthzProps = authzGenerator.getSystemProperties();
+ String authenticator = credentialGenerator.getAuthenticator();
+ String authInit = credentialGenerator.getAuthInit();
+ String accessor = authzGenerator.getAuthorizationCallback();
+ TestAuthzCredentialGenerator tgen = new TestAuthzCredentialGenerator(authzGenerator);
+
+ getLogWriter().info("testAllOpsNotifications: Using authinit: " + authInit);
+ getLogWriter().info("testAllOpsNotifications: Using authenticator: " + authenticator);
+ getLogWriter().info("testAllOpsNotifications: Using accessor: " + accessor);
+
+ // Start servers with all required properties
+ Properties serverProps = buildProperties(authenticator, accessor, true, extraAuthProps, extraAuthzProps);
+
+ // Get ports for the servers
+ int port1 = getRandomAvailablePort(SOCKET);
+ int port2 = getRandomAvailablePort(SOCKET);
+
+ // Perform all the ops on the clients
+ List opBlock = new ArrayList();
+ Random rnd = new Random();
+
+ for (int opNum = 0; opNum < allOps.length; ++opNum) {
+ // Start client with valid credentials as specified in OperationWithAction
+ OperationWithAction currentOp = allOps[opNum];
+ if (currentOp.equals(OperationWithAction.OPBLOCK_END) || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
+ // End of current operation block; execute all the operations on the servers with failover
+ if (opBlock.size() > 0) {
+ // Start the first server and execute the operation block
+ server1.invoke(() -> createCacheServer(getLocatorPort(), port1, serverProps, javaProps ));
+ server2.invoke(() -> closeCache());
+ executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, tgen, rnd);
+ if (!currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
+ // Failover to the second server and run the block again
+ server2.invoke(() -> createCacheServer(getLocatorPort(), port2, serverProps, javaProps ));
+ server1.invoke(() -> closeCache());
+ executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, tgen, rnd);
+ }
+ opBlock.clear();
+ }
+
+ } else {
+ currentOp.setOpNum(opNum);
+ opBlock.add(currentOp);
+ }
+ }
+ }
+
+ private OperationWithAction[] allOpsForTestAllPostOps() {
+ return new OperationWithAction[] {
+ // Test CREATE and verify with a GET
+ new OperationWithAction(OperationCode.PUT),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.CHECK_NOKEY, 4),
+ new OperationWithAction(OperationCode.GET, 3, OpFlags.CHECK_NOKEY | OpFlags.CHECK_NOTAUTHZ, 4),
+
+ // OPBLOCK_END indicates end of an operation block that needs to be executed on each server when doing failover
+ OperationWithAction.OPBLOCK_END,
+
+ // Test UPDATE and verify with a GET
+ new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 4),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 4),
+ new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.CHECK_NOKEY | OpFlags.USE_NEWVAL | OpFlags.CHECK_NOTAUTHZ, 4),
+
+ OperationWithAction.OPBLOCK_END,
+
+ // Test UPDATE and verify with a KEY_SET
+ new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN, 6),
+ new OperationWithAction(OperationCode.KEY_SET, 2, OpFlags.NONE, 6),
+ new OperationWithAction(OperationCode.KEY_SET, 3, OpFlags.CHECK_NOTAUTHZ, 6),
+
+ OperationWithAction.OPBLOCK_END,
+
+ // Test UPDATE and verify with a QUERY
+ new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 7),
+ new OperationWithAction(OperationCode.QUERY, 2, OpFlags.USE_NEWVAL, 7),
+ new OperationWithAction(OperationCode.QUERY, 3, OpFlags.USE_NEWVAL | OpFlags.CHECK_NOTAUTHZ, 7),
+
+ OperationWithAction.OPBLOCK_END,
+
+ // Test UPDATE and verify with a EXECUTE_CQ initial results
+ new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN, 8),
+ new OperationWithAction(OperationCode.EXECUTE_CQ, 2, OpFlags.NONE, 8),
+ new OperationWithAction(OperationCode.EXECUTE_CQ, 3, OpFlags.CHECK_NOTAUTHZ, 8),
- OperationWithAction[] allOps = {
+ OperationWithAction.OPBLOCK_END
+ };
+ }
+
+ private OperationWithAction[] allOpsForTestAllOpsNotifications() {
+ return new OperationWithAction[]{
// Test CREATE and verify with a GET
- new OperationWithAction(OperationCode.REGISTER_INTEREST,
- OperationCode.GET, 2, OpFlags.USE_REGEX
- | OpFlags.REGISTER_POLICY_NONE, 8),
- new OperationWithAction(OperationCode.REGISTER_INTEREST,
- OperationCode.GET, 3, OpFlags.USE_REGEX
- | OpFlags.REGISTER_POLICY_NONE | OpFlags.USE_NOTAUTHZ, 8),
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, OperationCode.GET, 2, OpFlags.USE_REGEX | OpFlags.REGISTER_POLICY_NONE, 8),
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, OperationCode.GET, 3, OpFlags.USE_REGEX | OpFlags.REGISTER_POLICY_NONE | OpFlags.USE_NOTAUTHZ, 8),
new OperationWithAction(OperationCode.PUT),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP, 4),
- new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP | OpFlags.CHECK_FAIL, 4),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP, 4),
+ new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP | OpFlags.CHECK_FAIL, 4),
- // OPBLOCK_END indicates end of an operation block that needs to
- // be executed on each server when doing failover
+ // OPBLOCK_END indicates end of an operation block that needs to be executed on each server when doing failover
OperationWithAction.OPBLOCK_END,
// Test UPDATE and verify with a GET
- new OperationWithAction(OperationCode.REGISTER_INTEREST,
- OperationCode.GET, 2, OpFlags.USE_REGEX
- | OpFlags.REGISTER_POLICY_NONE, 8),
- new OperationWithAction(OperationCode.REGISTER_INTEREST,
- OperationCode.GET, 3, OpFlags.USE_REGEX
- | OpFlags.REGISTER_POLICY_NONE | OpFlags.USE_NOTAUTHZ, 8),
- new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN
- | OpFlags.USE_NEWVAL, 4),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP | OpFlags.USE_NEWVAL, 4),
- new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP | OpFlags.USE_NEWVAL | OpFlags.CHECK_FAIL, 4),
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, OperationCode.GET, 2, OpFlags.USE_REGEX | OpFlags.REGISTER_POLICY_NONE, 8),
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, OperationCode.GET, 3, OpFlags.USE_REGEX | OpFlags.REGISTER_POLICY_NONE | OpFlags.USE_NOTAUTHZ, 8),
+ new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN | OpFlags.USE_NEWVAL, 4),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP | OpFlags.USE_NEWVAL, 4),
+ new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP | OpFlags.USE_NEWVAL | OpFlags.CHECK_FAIL, 4),
OperationWithAction.OPBLOCK_END,
- // Test DESTROY and verify with GET that keys should not exist
+ // Test DESTROY and verify with GET that KEYS should not exist
new OperationWithAction(OperationCode.PUT, 3, OpFlags.NONE, 8),
- new OperationWithAction(OperationCode.REGISTER_INTEREST,
- OperationCode.GET, 2, OpFlags.USE_REGEX, 8),
- new OperationWithAction(OperationCode.REGISTER_INTEREST, 3,
- OpFlags.USE_REGEX | OpFlags.USE_OLDCONN | OpFlags.REGISTER_POLICY_NONE, 8),
- // registerInterest now clears the keys, so a dummy put to add
- // those keys back for the case when updates should not come
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, OperationCode.GET, 2, OpFlags.USE_REGEX, 8),
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, 3, OpFlags.USE_REGEX | OpFlags.USE_OLDCONN | OpFlags.REGISTER_POLICY_NONE, 8),
+ // registerInterest now clears the KEYS, so a dummy put to add those KEYS back for the case when updates should not come
new OperationWithAction(OperationCode.PUT, 3, OpFlags.USE_OLDCONN, 8),
- new OperationWithAction(OperationCode.DESTROY, 1, OpFlags.USE_OLDCONN,
- 4),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP | OpFlags.CHECK_FAIL, 4),
- new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP, 4),
+ new OperationWithAction(OperationCode.DESTROY, 1, OpFlags.USE_OLDCONN, 4),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP | OpFlags.CHECK_FAIL, 4),
+ new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP, 4),
// Repopulate the region
new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN, 8),
@@ -237,152 +246,46 @@ public class ClientPostAuthorizationDUnitTest extends
// Do REGION_CLEAR and check with GET
new OperationWithAction(OperationCode.PUT, 3, OpFlags.NONE, 8),
- new OperationWithAction(OperationCode.REGISTER_INTEREST,
- OperationCode.GET, 2, OpFlags.USE_ALL_KEYS, 1),
- new OperationWithAction(OperationCode.REGISTER_INTEREST, 3,
- OpFlags.USE_ALL_KEYS | OpFlags.USE_OLDCONN | OpFlags.REGISTER_POLICY_NONE, 1),
- // registerInterest now clears the keys, so a dummy put to add
- // those keys back for the case when updates should not come
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, OperationCode.GET, 2, OpFlags.USE_ALL_KEYS, 1),
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, 3, OpFlags.USE_ALL_KEYS | OpFlags.USE_OLDCONN | OpFlags.REGISTER_POLICY_NONE, 1),
+ // registerInterest now clears the KEYS, so a dummy put to add those KEYS back for the case when updates should not come
new OperationWithAction(OperationCode.PUT, 3, OpFlags.USE_OLDCONN, 8),
- new OperationWithAction(OperationCode.REGION_CLEAR, 1,
- OpFlags.USE_OLDCONN, 1),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP | OpFlags.CHECK_FAIL, 8),
- new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP, 8),
+ new OperationWithAction(OperationCode.REGION_CLEAR, 1, OpFlags.USE_OLDCONN, 1),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP | OpFlags.CHECK_FAIL, 8),
+ new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP, 8),
// Repopulate the region
new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN, 8),
OperationWithAction.OPBLOCK_END,
// Do REGION_CREATE and check with CREATE/GET
- new OperationWithAction(OperationCode.REGISTER_INTEREST,
- OperationCode.GET, 2, OpFlags.USE_ALL_KEYS | OpFlags.ENABLE_DRF, 1),
- new OperationWithAction(OperationCode.REGISTER_INTEREST,
- OperationCode.GET, 3, OpFlags.USE_ALL_KEYS | OpFlags.ENABLE_DRF
- | OpFlags.USE_NOTAUTHZ | OpFlags.REGISTER_POLICY_NONE, 1),
- new OperationWithAction(OperationCode.REGION_CREATE, 1,
- OpFlags.ENABLE_DRF, 1),
- new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN
- | OpFlags.USE_SUBREGION, 4),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP | OpFlags.USE_SUBREGION
- | OpFlags.NO_CREATE_SUBREGION, 4),
- new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP | OpFlags.USE_SUBREGION
- | OpFlags.NO_CREATE_SUBREGION | OpFlags.CHECK_NOREGION, 4),
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, OperationCode.GET, 2, OpFlags.USE_ALL_KEYS | OpFlags.ENABLE_DRF, 1),
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, OperationCode.GET, 3, OpFlags.USE_ALL_KEYS | OpFlags.ENABLE_DRF | OpFlags.USE_NOTAUTHZ | OpFlags.REGISTER_POLICY_NONE, 1),
+ new OperationWithAction(OperationCode.REGION_CREATE, 1, OpFlags.ENABLE_DRF, 1),
+ new OperationWithAction(OperationCode.PUT, 1, OpFlags.USE_OLDCONN | OpFlags.USE_SUBREGION, 4),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP | OpFlags.USE_SUBREGION | OpFlags.NO_CREATE_SUBREGION, 4),
+ new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP | OpFlags.USE_SUBREGION | OpFlags.NO_CREATE_SUBREGION | OpFlags.CHECK_NOREGION, 4),
// Do REGION_DESTROY of the sub-region and check with GET
- new OperationWithAction(OperationCode.REGION_DESTROY, 1,
- OpFlags.USE_OLDCONN | OpFlags.USE_SUBREGION, 1),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP | OpFlags.USE_SUBREGION
- | OpFlags.NO_CREATE_SUBREGION | OpFlags.CHECK_NOREGION, 4),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.USE_SUBREGION | OpFlags.CHECK_NOKEY
- | OpFlags.CHECK_EXCEPTION, 4),
- new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP | OpFlags.USE_SUBREGION
- | OpFlags.NO_CREATE_SUBREGION | OpFlags.CHECK_NOREGION, 4),
- new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN
- | OpFlags.USE_SUBREGION | OpFlags.CHECK_NOKEY
- | OpFlags.CHECK_EXCEPTION, 4),
+ new OperationWithAction(OperationCode.REGION_DESTROY, 1, OpFlags.USE_OLDCONN | OpFlags.USE_SUBREGION, 1),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP | OpFlags.USE_SUBREGION | OpFlags.NO_CREATE_SUBREGION | OpFlags.CHECK_NOREGION, 4),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.USE_SUBREGION | OpFlags.CHECK_NOKEY | OpFlags.CHECK_EXCEPTION, 4),
+ new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP | OpFlags.USE_SUBREGION | OpFlags.NO_CREATE_SUBREGION | OpFlags.CHECK_NOREGION, 4),
+ new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.USE_SUBREGION | OpFlags.CHECK_NOKEY | OpFlags.CHECK_EXCEPTION, 4),
OperationWithAction.OPBLOCK_END,
// Do REGION_DESTROY of the region and check with GET
new OperationWithAction(OperationCode.PUT, 3, OpFlags.NONE, 8),
- new OperationWithAction(OperationCode.REGISTER_INTEREST,
- OperationCode.GET, 2, OpFlags.USE_ALL_KEYS, 1),
- new OperationWithAction(OperationCode.REGISTER_INTEREST, 3,
- OpFlags.USE_ALL_KEYS | OpFlags.USE_OLDCONN | OpFlags.REGISTER_POLICY_NONE, 1),
- // registerInterest now clears the keys, so a dummy put to add
- // those keys back for the case when updates should not come
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, OperationCode.GET, 2, OpFlags.USE_ALL_KEYS, 1),
+ new OperationWithAction(OperationCode.REGISTER_INTEREST, 3, OpFlags.USE_ALL_KEYS | OpFlags.USE_OLDCONN | OpFlags.REGISTER_POLICY_NONE, 1),
+ // registerInterest now clears the KEYS, so a dummy put to add those KEYS back for the case when updates should not come
new OperationWithAction(OperationCode.PUT, 3, OpFlags.USE_OLDCONN, 8),
- new OperationWithAction(OperationCode.REGION_DESTROY, 1, OpFlags.NONE,
- 1),
- new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP | OpFlags.CHECK_NOREGION, 4),
- new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN
- | OpFlags.LOCAL_OP, 4),
-
- OperationWithAction.OPBLOCK_NO_FAILOVER };
-
- AuthzCredentialGenerator gen = getXmlAuthzGenerator();
- LogWriterUtils.getLogWriter().info("Executing opblocks with credential generator " + gen);
- CredentialGenerator cGen = gen.getCredentialGenerator();
- Properties extraAuthProps = cGen.getSystemProperties();
- Properties javaProps = cGen.getJavaProperties();
- Properties extraAuthzProps = gen.getSystemProperties();
- String authenticator = cGen.getAuthenticator();
- String authInit = cGen.getAuthInit();
- String accessor = gen.getAuthorizationCallback();
- TestAuthzCredentialGenerator tgen = new TestAuthzCredentialGenerator(gen);
-
- LogWriterUtils.getLogWriter().info(
- "testAllOpsNotifications: Using authinit: " + authInit);
- LogWriterUtils.getLogWriter().info(
- "testAllOpsNotifications: Using authenticator: " + authenticator);
- LogWriterUtils.getLogWriter().info(
- "testAllOpsNotifications: Using accessor: " + accessor);
-
- // Start servers with all required properties
- Properties serverProps = buildProperties(authenticator, accessor, true,
- extraAuthProps, extraAuthzProps);
- // Get ports for the servers
- Integer port1 = new Integer(AvailablePort
- .getRandomAvailablePort(AvailablePort.SOCKET));
- Integer port2 = new Integer(AvailablePort
- .getRandomAvailablePort(AvailablePort.SOCKET));
-
- // Perform all the ops on the clients
- List opBlock = new ArrayList();
- Random rnd = new Random();
- for (int opNum = 0; opNum < allOps.length; ++opNum) {
- // Start client with valid credentials as specified in
- // OperationWithAction
- OperationWithAction currentOp = allOps[opNum];
- if (currentOp.equals(OperationWithAction.OPBLOCK_END)
- || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
- // End of current operation block; execute all the operations
- // on the servers with failover
- if (opBlock.size() > 0) {
- // Start the first server and execute the operation block
- server1.invoke(() -> ClientAuthorizationTestBase.createCacheServer(
- SecurityTestUtil.getLocatorPort(), port1, serverProps,
- javaProps ));
- server2.invoke(() -> SecurityTestUtil.closeCache());
- executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps,
- extraAuthzProps, tgen, rnd);
- if (!currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
- // Failover to the second server and run the block again
- server2.invoke(() -> ClientAuthorizationTestBase.createCacheServer(
- SecurityTestUtil.getLocatorPort(), port2, serverProps,
- javaProps ));
- server1.invoke(() -> SecurityTestUtil.closeCache());
- executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps,
- extraAuthzProps, tgen, rnd);
- }
- opBlock.clear();
- }
- }
- else {
- currentOp.setOpNum(opNum);
- opBlock.add(currentOp);
- }
- }
- }
+ new OperationWithAction(OperationCode.REGION_DESTROY, 1, OpFlags.NONE, 1),
+ new OperationWithAction(OperationCode.GET, 2, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP | OpFlags.CHECK_NOREGION, 4),
+ new OperationWithAction(OperationCode.GET, 3, OpFlags.USE_OLDCONN | OpFlags.LOCAL_OP, 4),
- // End Region: Tests
-
- @Override
- public final void preTearDown() throws Exception {
- // close the clients first
- client1.invoke(() -> SecurityTestUtil.closeCache());
- client2.invoke(() -> SecurityTestUtil.closeCache());
- SecurityTestUtil.closeCache();
- // then close the servers
- server1.invoke(() -> SecurityTestUtil.closeCache());
- server2.invoke(() -> SecurityTestUtil.closeCache());
+ OperationWithAction.OPBLOCK_NO_FAILOVER
+ };
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/22ca5ef8/geode-cq/src/test/java/com/gemstone/gemfire/security/MultiUserAPIDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/test/java/com/gemstone/gemfire/security/MultiUserAPIDUnitTest.java b/geode-cq/src/test/java/com/gemstone/gemfire/security/MultiUserAPIDUnitTest.java
new file mode 100644
index 0000000..9e04f5f
--- /dev/null
+++ b/geode-cq/src/test/java/com/gemstone/gemfire/security/MultiUserAPIDUnitTest.java
@@ -0,0 +1,314 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.security;
+
+import static com.gemstone.gemfire.distributed.internal.DistributionConfig.*;
+import static com.gemstone.gemfire.security.SecurityTestUtils.*;
+import static com.gemstone.gemfire.test.dunit.Assert.*;
+import static com.gemstone.gemfire.test.dunit.LogWriterUtils.*;
+
+import java.io.IOException;
+import java.util.Properties;
+import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLHandshakeException;
+
+import com.gemstone.gemfire.cache.Region;
+import com.gemstone.gemfire.cache.client.Pool;
+import com.gemstone.gemfire.cache.execute.FunctionService;
+import com.gemstone.gemfire.cache.query.CqAttributesFactory;
+import com.gemstone.gemfire.cache.query.CqException;
+import com.gemstone.gemfire.cache.query.CqQuery;
+import com.gemstone.gemfire.cache.query.Query;
+import com.gemstone.gemfire.internal.cache.GemFireCacheImpl;
+import com.gemstone.gemfire.internal.cache.PoolManagerImpl;
+import com.gemstone.gemfire.security.generator.CredentialGenerator;
+import com.gemstone.gemfire.security.generator.DummyCredentialGenerator;
+import com.gemstone.gemfire.test.junit.categories.DistributedTest;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+@Category(DistributedTest.class)
+public class MultiUserAPIDUnitTest extends ClientAuthorizationTestCase {
+
+ private static final String[] serverIgnoredExceptions = {
+ AuthenticationRequiredException.class.getName(),
+ AuthenticationFailedException.class.getName(),
+ GemFireSecurityException.class.getName(),
+ ClassNotFoundException.class.getName(),
+ IOException.class.getName(),
+ SSLException.class.getName(),
+ SSLHandshakeException.class.getName()};
+
+ private static final String[] clientIgnoredExceptions = {
+ AuthenticationRequiredException.class.getName(),
+ AuthenticationFailedException.class.getName(),
+ SSLHandshakeException.class.getName()};
+
+ @Test
+ public void testSingleUserUnsupportedAPIs() {
+ // Start servers
+ // Start clients with multiuser-authentication set to false
+ setUpVMs(new DummyCredentialGenerator(), false);
+ client1.invoke(() -> verifyDisallowedOps(false));
+ }
+
+ @Test
+ public void testMultiUserUnsupportedAPIs() {
+ // Start servers.
+ // Start clients with multiuser-authentication set to true.
+ setUpVMs(new DummyCredentialGenerator(), true);
+ client1.invoke(() -> verifyDisallowedOps(true));
+ }
+
+ private void verifyDisallowedOps(final boolean multiUserMode) throws Exception {
+ String op = "unknown";
+ boolean success = false;
+
+ if (!multiUserMode) {
+ success = false;
+
+ try {
+ // Attempt cache.createAuthenticatedCacheView() and expect an exception, fail otherwise
+ op = "Pool.createSecureUserCache()";
+ GemFireCacheImpl.getInstance().createAuthenticatedView(new Properties(), "testPool");
+ } catch (IllegalStateException uoe) {
+ getLogWriter().info(op + ": Got expected exception: " + uoe);
+ success = true;
+ }
+
+ if (!success) {
+ fail("Did not get exception while doing " + op);
+ }
+
+ } else { // multiuser mode
+ Region realRegion = GemFireCacheImpl.getInstance().getRegion(SecurityTestUtils.REGION_NAME);
+ Region proxyRegion = SecurityTestUtils.getProxyCaches(0).getRegion(SecurityTestUtils.REGION_NAME);
+ Pool pool = PoolManagerImpl.getPMI().find("testPool");
+
+ for (int i = 0; i <= 27; i++) {
+ success = false;
+ try {
+ switch (i) {
+ // Attempt (real) Region.create/put/get/containsKeyOnServer/destroy/
+ // destroyRegion/clear/remove/registerInterest/unregisterInterest()
+ // and expect an exception, fail otherwise.
+ case 0:
+ op = "Region.create()";
+ realRegion.create("key", "value");
+ break;
+ case 1:
+ op = "Region.put()";
+ realRegion.put("key", "value");
+ break;
+ case 2:
+ op = "Region.get()";
+ realRegion.get("key");
+ break;
+ case 3:
+ op = "Region.containsKeyOnServer()";
+ realRegion.containsKeyOnServer("key");
+ break;
+ case 4:
+ op = "Region.remove()";
+ realRegion.remove("key");
+ break;
+ case 5:
+ op = "Region.destroy()";
+ realRegion.destroy("key");
+ break;
+ case 6:
+ op = "Region.destroyRegion()";
+ realRegion.destroyRegion();
+ break;
+ case 7:
+ op = "Region.registerInterest()";
+ realRegion.registerInterest("key");
+ break;
+ // case 8:
+ // op = "Region.unregisterInterest()";
+ // realRegion.unregisterInterest("key");
+ // break;
+ case 8:
+ op = "Region.clear()";
+ realRegion.clear();
+ break;
+ // Attempt ProxyRegion.createSubregion/forceRolling/
+ // getAttributesMutator/registerInterest/loadSnapShot/saveSnapshot/
+ // setUserAttribute/unregisterInterest/writeToDisk
+ // and expect an exception, fail otherwise.
+ case 9:
+ op = "ProxyRegion.createSubregion()";
+ proxyRegion.createSubregion("subregion", null);
+ break;
+ case 10:
+ op = "ProxyRegion.forceRolling()";
+ proxyRegion.forceRolling();
+ break;
+ case 11:
+ op = "ProxyRegion.getAttributesMutator()";
+ proxyRegion.getAttributesMutator();
+ break;
+ case 12:
+ op = "ProxyRegion.registerInterest()";
+ proxyRegion.registerInterest("key");
+ break;
+ case 13:
+ op = "ProxyRegion.loadSnapshot()";
+ proxyRegion.loadSnapshot(null);
+ break;
+ case 14:
+ op = "ProxyRegion.saveSnapshot()";
+ proxyRegion.saveSnapshot(null);
+ break;
+ case 15:
+ op = "ProxyRegion.setUserAttribute()";
+ proxyRegion.setUserAttribute(null);
+ break;
+ case 16:
+ op = "ProxyRegion.unregisterInterestRegex()";
+ proxyRegion.unregisterInterestRegex("*");
+ break;
+ // Attempt FunctionService.onRegion/onServer/s(pool) and expect an
+ // exception, fail otherwise.
+ case 17:
+ op = "FunctionService.onRegion()";
+ FunctionService.onRegion(realRegion);
+ break;
+ case 18:
+ op = "FunctionService.onServer(pool)";
+ FunctionService.onServer(pool);
+ break;
+ case 19:
+ op = "FunctionService.onServers(pool)";
+ FunctionService.onServers(pool);
+ break;
+ // Attempt
+ // QueryService.newQuery().execute()/newCq().execute/executeWithInitialResults()
+ case 20:
+ op = "QueryService.newQuery.execute()";
+ Query query = pool.getQueryService().newQuery("SELECT * FROM /" + SecurityTestUtils.REGION_NAME);
+ query.execute();
+ break;
+ case 21:
+ op = "QueryService.newCq.execute()";
+ CqQuery cqQuery = pool.getQueryService().newCq("SELECT * FROM /" + SecurityTestUtils.REGION_NAME, new CqAttributesFactory().create());
+ try {
+ cqQuery.execute();
+ } catch (CqException ce) {
+ throw (Exception)ce.getCause();
+ }
+ break;
+ case 22:
+ op = "QueryService.newCq.executeWithInitialResults()";
+ cqQuery = pool.getQueryService().newCq("SELECT * FROM /" + SecurityTestUtils.REGION_NAME, new CqAttributesFactory().create());
+ try {
+ cqQuery.executeWithInitialResults();
+ } catch (CqException ce) {
+ throw (Exception)ce.getCause();
+ }
+ break;
+ // Attempt ProxyQueryService.getIndex/createIndex/removeIndex() and
+ // expect an exception, fail otherwise.
+ case 23:
+ op = "ProxyQueryService().getIndexes()";
+ SecurityTestUtils.getProxyCaches(0).getQueryService().getIndexes(null);
+ break;
+ case 24:
+ op = "ProxyQueryService().createIndex()";
+ SecurityTestUtils.getProxyCaches(0).getQueryService().createIndex(null, null, null );
+ break;
+ case 25:
+ op = "ProxyQueryService().removeIndexes()";
+ SecurityTestUtils.getProxyCaches(0).getQueryService().removeIndexes();
+ break;
+ case 26:
+ op = "ProxyRegion.localDestroy()";
+ proxyRegion.localDestroy("key");
+ break;
+ case 27:
+ op = "ProxyRegion.localInvalidate()";
+ proxyRegion.localInvalidate("key");
+ break;
+ default:
+ fail("Unknown op code: " + i);
+ break;
+ }
+
+ } catch (UnsupportedOperationException uoe) {
+ getLogWriter().info(op + ": Got expected exception: " + uoe);
+ success = true;
+ }
+ if (!success) {
+ fail("Did not get exception while doing " + op);
+ }
+ }
+ }
+ }
+
+ private void setUpVMs(final CredentialGenerator gen, final boolean multiUser) {
+ Properties extraProps = gen.getSystemProperties();
+ Properties javaProps = gen.getJavaProperties();
+ String authenticator = gen.getAuthenticator();
+ String authInit = gen.getAuthInit();
+
+ getLogWriter().info("testValidCredentials: Using scheme: " + gen.classCode());
+ getLogWriter().info("testValidCredentials: Using authenticator: " + authenticator);
+ getLogWriter().info("testValidCredentials: Using authinit: " + authInit);
+
+ // Start the servers
+ int locPort1 = SecurityTestUtils.getLocatorPort();
+ int locPort2 = SecurityTestUtils.getLocatorPort();
+ String locString = SecurityTestUtils.getAndClearLocatorString();
+
+ int port1 = server1.invoke(() -> createCacheServer(locPort1, locString, authenticator, extraProps, javaProps));
+ int port2 = server2.invoke(() -> createCacheServer(locPort2, locString, authenticator, extraProps, javaProps));
+
+ // Start the clients with valid credentials
+ Properties credentials1 = gen.getValidCredentials(1);
+ Properties javaProps1 = gen.getJavaProperties();
+ getLogWriter().info("testValidCredentials: For first client credentials: " + credentials1 + " : " + javaProps1);
+
+ Properties credentials2 = gen.getValidCredentials(2);
+ Properties javaProps2 = gen.getJavaProperties();
+ getLogWriter().info("testValidCredentials: For second client credentials: " + credentials2 + " : " + javaProps2);
+
+ client1.invoke(() -> createCacheClient(authInit, credentials1, javaProps1, port1, port2, 0, multiUser, NO_EXCEPTION));
+ }
+
+ private int createCacheServer(final int dsPort, final String locatorString, final String authenticator, final Properties extraProps, final Properties javaProps) {
+ Properties authProps = new Properties();
+ if (extraProps != null) {
+ authProps.putAll(extraProps);
+ }
+
+ if (authenticator != null) {
+ authProps.setProperty(SECURITY_CLIENT_AUTHENTICATOR_NAME, authenticator);
+ }
+
+ return SecurityTestUtils.createCacheServer(authProps, javaProps, dsPort, locatorString, 0, NO_EXCEPTION);
+ }
+
+ // a
+ protected static void createCacheClient(final String authInit, final Properties authProps, final Properties javaProps, final int[] ports, final int numConnections, final boolean multiUserMode, final int expectedResult) {
+ SecurityTestUtils.createCacheClient(authInit, authProps, javaProps, ports, numConnections, multiUserMode, expectedResult); // invokes SecurityTestUtils 2
+ }
+
+ // b
+ private void createCacheClient(final String authInit, final Properties authProps, final Properties javaProps, final int port1, final int port2, final int numConnections, final boolean multiUserMode, final int expectedResult) {
+ createCacheClient(authInit, authProps, javaProps, new int[] {port1, port2}, numConnections, multiUserMode, expectedResult); // invokes a
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/22ca5ef8/geode-cq/src/test/java/com/gemstone/gemfire/security/MultiUserDurableCQAuthzDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/test/java/com/gemstone/gemfire/security/MultiUserDurableCQAuthzDUnitTest.java b/geode-cq/src/test/java/com/gemstone/gemfire/security/MultiUserDurableCQAuthzDUnitTest.java
new file mode 100644
index 0000000..632a997
--- /dev/null
+++ b/geode-cq/src/test/java/com/gemstone/gemfire/security/MultiUserDurableCQAuthzDUnitTest.java
@@ -0,0 +1,387 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.security;
+
+import static com.gemstone.gemfire.internal.AvailablePort.*;
+import static com.gemstone.gemfire.security.SecurityTestUtils.*;
+import static com.gemstone.gemfire.test.dunit.Assert.*;
+import static com.gemstone.gemfire.test.dunit.Invoke.*;
+import static com.gemstone.gemfire.test.dunit.LogWriterUtils.*;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Random;
+
+import com.gemstone.gemfire.cache.Region;
+import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
+import com.gemstone.gemfire.cache.query.CqAttributes;
+import com.gemstone.gemfire.cache.query.CqAttributesFactory;
+import com.gemstone.gemfire.cache.query.CqException;
+import com.gemstone.gemfire.cache.query.CqExistsException;
+import com.gemstone.gemfire.cache.query.CqListener;
+import com.gemstone.gemfire.cache.query.CqQuery;
+import com.gemstone.gemfire.cache.query.QueryService;
+import com.gemstone.gemfire.cache.query.RegionNotFoundException;
+import com.gemstone.gemfire.cache.query.SelectResults;
+import com.gemstone.gemfire.cache.query.cq.dunit.CqQueryTestListener;
+import com.gemstone.gemfire.cache.query.internal.cq.ClientCQImpl;
+import com.gemstone.gemfire.internal.cache.GemFireCacheImpl;
+import com.gemstone.gemfire.security.generator.AuthzCredentialGenerator;
+import com.gemstone.gemfire.security.generator.CredentialGenerator;
+import com.gemstone.gemfire.test.dunit.SerializableRunnable;
+import com.gemstone.gemfire.test.junit.categories.DistributedTest;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+@Category(DistributedTest.class)
+public class MultiUserDurableCQAuthzDUnitTest extends ClientAuthorizationTestCase {
+
+ private final Map<String, String> cqNameToQueryStrings = new HashMap<>();
+
+ @Override
+ public final void preSetUpClientAuthorizationTestBase() throws Exception {
+ getSystem();
+ invokeInEveryVM(new SerializableRunnable("getSystem") {
+ public void run() {
+ getSystem();
+ }
+ });
+ }
+
+ @Override
+ public final void postSetUpClientAuthorizationTestBase() throws Exception {
+ cqNameToQueryStrings.put("CQ_0", "SELECT * FROM ");
+ cqNameToQueryStrings.put("CQ_1", "SELECT * FROM ");
+ }
+
+ @Override
+ public final void postTearDownClientAuthorizationTestBase() throws Exception {
+ cqNameToQueryStrings.clear();
+ }
+
+ @Test
+ public void testCQForDurableClientsWithDefaultClose() throws Exception {
+ /*
+ * 1. Start a server.
+ * 2. Start a durable client in mulituser secure mode.
+ * 3. Create two users registering unique durable CQs on server.
+ * 4. Invoke GemFireCache.close() at client.
+ * 5. Put some events on server satisfying both the CQs.
+ * 6. Up the client and the two users.
+ * 7. Confirm that the users receive the events which were enqueued at server while they were away.
+ * 8. Same for ProxyCache.close()
+ */
+ int numOfUsers = 2;
+ int numOfPuts = 5;
+ boolean[] postAuthzAllowed = new boolean[] {true, true};
+
+ doTest(numOfUsers, numOfPuts, postAuthzAllowed, getXmlAuthzGenerator(), null);
+ }
+
+ @Test
+ public void testCQForDurableClientsWithCloseKeepAliveTrue() throws Exception {
+ /*
+ * 1. Start a server.
+ * 2. Start a durable client in mulituser secure mode.
+ * 3. Create two users registering unique durable CQs on server.
+ * 4. Invoke GemFireCache.close(false) at client.
+ * 5. Put some events on server satisfying both the CQs.
+ * 6. Up the client and the two users.
+ * 7. Observer the behaviour.
+ * 8. Same for ProxyCache.close(false)
+ */
+ int numOfUsers = 2;
+ int numOfPuts = 5;
+ boolean[] postAuthzAllowed = new boolean[] {true, true};
+
+ doTest(numOfUsers, numOfPuts, postAuthzAllowed, getXmlAuthzGenerator(), true);
+ }
+
+ @Test
+ public void testCQForDurableClientsWithCloseKeepAliveFalse() throws Exception {
+ /*
+ * 1. Start a server.
+ * 2. Start a durable client in mulituser secure mode.
+ * 3. Create two users registering unique durable CQs on server.
+ * 4. Invoke GemFireCache.close(true) at client.
+ * 5. Put some events on server satisfying both the CQs.
+ * 6. Up the client and the two users.
+ * 7. Observer the behaviour.
+ * 8. Same for ProxyCache.close(true)
+ */
+ int numOfUsers = 2;
+ int numOfPuts = 5;
+ boolean[] postAuthzAllowed = new boolean[] {true, true};
+
+ doTest(numOfUsers, numOfPuts, postAuthzAllowed, getXmlAuthzGenerator(), false);
+ }
+
+ /**
+ * WARNING: "final Boolean keepAlive" is treated as a ternary value: null, true, false
+ */
+ private void doTest(int numOfUsers, int numOfPuts, boolean[] postAuthzAllowed, final AuthzCredentialGenerator authzGenerator, final Boolean keepAlive) throws Exception {
+ CredentialGenerator credentialGenerator = authzGenerator.getCredentialGenerator();
+ Properties extraAuthProps = credentialGenerator.getSystemProperties();
+ Properties javaProps = credentialGenerator.getJavaProperties();
+ Properties extraAuthzProps = authzGenerator.getSystemProperties();
+ String authenticator = credentialGenerator.getAuthenticator();
+ String accessor = authzGenerator.getAuthorizationCallback();
+ String authInit = credentialGenerator.getAuthInit();
+ TestAuthzCredentialGenerator tgen = new TestAuthzCredentialGenerator(authzGenerator);
+
+ Properties serverProps = buildProperties(authenticator, accessor, true, extraAuthProps, extraAuthzProps);
+
+ Properties opCredentials;
+ credentialGenerator = tgen.getCredentialGenerator();
+ final Properties javaProps2 = credentialGenerator != null ? credentialGenerator.getJavaProperties() : null;
+
+ int[] indices = new int[numOfPuts];
+ for (int index = 0; index < numOfPuts; ++index) {
+ indices[index] = index;
+ }
+
+ Random random = new Random();
+ Properties[] authProps = new Properties[numOfUsers];
+ String durableClientId = "multiuser_durable_client_1";
+
+ Properties client2Credentials = null;
+
+ for (int i = 0; i < numOfUsers; i++) {
+ int rand = random.nextInt(100) + 1;
+ if (postAuthzAllowed[i]) {
+ opCredentials = tgen.getAllowedCredentials(
+ new OperationCode[] {OperationCode.EXECUTE_CQ, OperationCode.GET}, // For callback, GET should be allowed
+ new String[] {regionName},
+ indices,
+ rand);
+
+ } else {
+ opCredentials = tgen.getDisallowedCredentials(
+ new OperationCode[] {OperationCode.GET}, // For callback, GET should be disallowed
+ new String[] {regionName},
+ indices,
+ rand);
+ }
+
+ authProps[i] = concatProperties(new Properties[] {opCredentials, extraAuthProps, extraAuthzProps});
+
+ if (client2Credentials == null) {
+ client2Credentials = tgen.getAllowedCredentials(
+ new OperationCode[] {OperationCode.PUT},
+ new String[] {regionName},
+ indices,
+ rand);
+ }
+ }
+
+ // Get ports for the servers
+ int port1 = getRandomAvailablePort(SOCKET);
+ int port2 = getRandomAvailablePort(SOCKET);
+ int locatorPort = getRandomAvailablePort(SOCKET);
+
+ // Close down any running servers
+ server1.invoke(() -> closeCache());
+ server2.invoke(() -> closeCache());
+
+ server1.invoke(() -> createServerCache(serverProps, javaProps, locatorPort, port1));
+ client1.invoke(() -> createClientCache(javaProps2, authInit, authProps, new int[] {port1, port2}, numOfUsers, durableClientId, postAuthzAllowed));
+
+ client1.invoke(() -> createCQ(numOfUsers, true));
+ client1.invoke(() -> executeCQ(numOfUsers, new boolean[] {false, false}, numOfPuts, new String[numOfUsers]));
+ client1.invoke(() -> readyForEvents());
+
+ if (keepAlive == null) {
+ client1.invoke(() -> closeCache());
+ } else {
+ client1.invoke(() -> closeCache(keepAlive));
+ }
+
+ server1.invoke(() -> doPuts(numOfPuts, true/* put last key */));
+
+ client1.invoke(() -> createClientCache(javaProps2, authInit, authProps, new int[] {port1, port2}, numOfUsers, durableClientId, postAuthzAllowed));
+ client1.invoke(() -> createCQ(numOfUsers, true));
+ client1.invoke(() ->executeCQ(numOfUsers, new boolean[] {false, false}, numOfPuts, new String[numOfUsers]));
+ client1.invoke(() -> readyForEvents());
+
+ if (!postAuthzAllowed[0] || keepAlive == null || !keepAlive) {
+ // Don't wait as no user is authorized to receive cq events.
+ Thread.sleep(1000); // TODO: use Awaitility
+ } else {
+ client1.invoke(() -> waitForLastKey(0, true));
+ }
+
+ int numOfCreates = keepAlive == null ? 0 : (keepAlive ? numOfPuts + 1/* last key */ : 0);
+ client1.invoke(() -> checkCQListeners(numOfUsers, postAuthzAllowed, numOfCreates, 0));
+ client1.invoke(() -> proxyCacheClose(new int[] {0, 1}, keepAlive));
+ client1.invoke(() -> createProxyCache(new int[] {0, 1}, authProps));
+ client1.invoke(() -> createCQ(numOfUsers, true));
+ client1.invoke(() -> executeCQ(numOfUsers, new boolean[] {false, false}, numOfPuts, new String[numOfUsers]));
+
+ server1.invoke(() -> doPuts(numOfPuts, true/* put last key */));
+
+ if (!postAuthzAllowed[0] || keepAlive == null || !keepAlive) {
+ // Don't wait as no user is authorized to receive cq events.
+ Thread.sleep(1000); // TODO: use Awaitility
+ } else {
+ client1.invoke(() -> waitForLastKey(0, false));
+ }
+
+ int numOfUpdates = numOfPuts + 1;
+ client1.invoke(() -> checkCQListeners(numOfUsers, postAuthzAllowed, 0, numOfUpdates));
+ }
+
+ private void createServerCache(final Properties serverProps, final Properties javaProps, final int locatorPort, final int serverPort) {
+ SecurityTestUtils.createCacheServer(serverProps, javaProps, locatorPort, null, serverPort, true, NO_EXCEPTION);
+ }
+
+ private void readyForEvents() {
+ GemFireCacheImpl.getInstance().readyForEvents();
+ }
+
+ /**
+ * NOTE: "final boolean[] postAuthzAllowed" is never used
+ */
+ private void createClientCache(final Properties javaProps, final String authInit, final Properties[] authProps, final int ports[], final int numOfUsers, final String durableId, final boolean[] postAuthzAllowed) {
+ createCacheClientForMultiUserMode(numOfUsers, authInit, authProps, javaProps, ports, 0, false, durableId, NO_EXCEPTION);
+ }
+
+ private void createCQ(final int num, final boolean isDurable) throws CqException, CqExistsException {
+ for (int i = 0; i < num; i++) {
+ QueryService cqService = getProxyCaches(i).getQueryService();
+ String cqName = "CQ_" + i;
+ String queryStr = cqNameToQueryStrings.get(cqName) + getProxyCaches(i).getRegion(regionName).getFullPath();
+
+ // Create CQ Attributes.
+ CqAttributesFactory cqf = new CqAttributesFactory();
+ CqListener[] cqListeners = {new CqQueryTestListener(getLogWriter())};
+ ((CqQueryTestListener)cqListeners[0]).cqName = cqName;
+
+ cqf.initCqListeners(cqListeners);
+ CqAttributes cqa = cqf.create();
+
+ // Create CQ.
+ CqQuery cq1 = cqService.newCq(cqName, queryStr, cqa, isDurable);
+ assertTrue("newCq() state mismatch", cq1.getState().isStopped());
+ }
+ }
+
+ private void executeCQ(final int num, final boolean[] initialResults, final int expectedResultsSize, final String[] expectedErr) throws CqException, RegionNotFoundException {
+ for (int i = 0; i < num; i++) {
+ try {
+ if (expectedErr[i] != null) {
+ getLogWriter().info("<ExpectedException action=add>" + expectedErr[i]+ "</ExpectedException>");
+ }
+
+ CqQuery cq1 = null;
+ String cqName = "CQ_" + i;
+ String queryStr = cqNameToQueryStrings.get(cqName) + getProxyCaches(i).getRegion(regionName).getFullPath();
+ QueryService cqService = getProxyCaches(i).getQueryService();
+
+ // Get CqQuery object.
+ cq1 = cqService.getCq(cqName);
+ if (cq1 == null) {
+ getLogWriter().info("Failed to get CqQuery object for CQ name: " + cqName);
+ fail("Failed to get CQ " + cqName);
+
+ } else {
+ getLogWriter().info("Obtained CQ, CQ name: " + cq1.getName());
+ assertTrue("newCq() state mismatch", cq1.getState().isStopped());
+ }
+
+ if (initialResults[i]) {
+ SelectResults cqResults = null;
+
+ cqResults = cq1.executeWithInitialResults();
+
+ getLogWriter().info("initial result size = " + cqResults.size());
+ assertTrue("executeWithInitialResults() state mismatch", cq1
+ .getState().isRunning());
+ if (expectedResultsSize >= 0) {
+ assertEquals("unexpected results size", expectedResultsSize, cqResults.size());
+ }
+
+ } else {
+ cq1.execute();
+ assertTrue("execute() state mismatch", cq1.getState().isRunning());
+ }
+
+ } finally {
+ if (expectedErr[i] != null) {
+ getLogWriter().info("<ExpectedException action=remove>" + expectedErr[i]+ "</ExpectedException>");
+ }
+ }
+ }
+ }
+
+ private void doPuts(final int num, final boolean putLastKey) {
+ Region region = GemFireCacheImpl.getInstance().getRegion(regionName);
+ for (int i = 0; i < num; i++) {
+ region.put("CQ_key"+i, "CQ_value"+i);
+ }
+ if (putLastKey) {
+ region.put("LAST_KEY", "LAST_KEY");
+ }
+ }
+
+ private void waitForLastKey(final int cqIndex, final boolean isCreate) {
+ String cqName = "CQ_" + cqIndex;
+ QueryService qService = getProxyCaches(cqIndex).getQueryService();
+ ClientCQImpl cqQuery = (ClientCQImpl)qService.getCq(cqName);
+ if (isCreate) {
+ ((CqQueryTestListener)cqQuery.getCqListeners()[cqIndex]).waitForCreated("LAST_KEY");
+ } else {
+ ((CqQueryTestListener)cqQuery.getCqListeners()[cqIndex]).waitForUpdated("LAST_KEY");
+ }
+ }
+
+ private void checkCQListeners(final int numOfUsers, final boolean[] expectedListenerInvocation, final int createEventsSize, final int updateEventsSize) {
+ for (int i = 0; i < numOfUsers; i++) {
+ String cqName = "CQ_" + i;
+ QueryService qService = getProxyCaches(i).getQueryService();
+ ClientCQImpl cqQuery = (ClientCQImpl)qService.getCq(cqName);
+
+ if (expectedListenerInvocation[i]) {
+ for (CqListener listener : cqQuery.getCqListeners()) {
+ assertEquals(createEventsSize, ((CqQueryTestListener)listener).getCreateEventCount());
+ assertEquals(updateEventsSize, ((CqQueryTestListener)listener).getUpdateEventCount());
+ }
+
+ } else {
+ for (CqListener listener : cqQuery.getCqListeners()) {
+ assertEquals(0, ((CqQueryTestListener)listener).getTotalEventCount());
+ }
+ }
+ }
+ }
+
+ /**
+ * WARNING: "final Boolean keepAliveFlags" is treated as a ternary: null, true, false
+ */
+ private void proxyCacheClose(final int[] userIndices, final Boolean keepAliveFlags) {
+ if (keepAliveFlags != null) {
+ for (int i : userIndices) {
+ getProxyCaches(i).close(keepAliveFlags);
+ }
+
+ } else {
+ for (int i : userIndices) {
+ getProxyCaches(i).close();
+ }
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/22ca5ef8/geode-cq/src/test/java/com/gemstone/gemfire/security/MultiuserAPIDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/test/java/com/gemstone/gemfire/security/MultiuserAPIDUnitTest.java b/geode-cq/src/test/java/com/gemstone/gemfire/security/MultiuserAPIDUnitTest.java
deleted file mode 100644
index c5a1afe..0000000
--- a/geode-cq/src/test/java/com/gemstone/gemfire/security/MultiuserAPIDUnitTest.java
+++ /dev/null
@@ -1,381 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security;
-
-import com.gemstone.gemfire.security.generator.CredentialGenerator;
-import com.gemstone.gemfire.security.generator.DummyCredentialGenerator;
-import hydra.Log;
-
-import java.io.IOException;
-import java.util.Properties;
-
-import javax.net.ssl.SSLException;
-import javax.net.ssl.SSLHandshakeException;
-
-import com.gemstone.gemfire.cache.Region;
-import com.gemstone.gemfire.cache.client.Pool;
-import com.gemstone.gemfire.cache.execute.FunctionService;
-import com.gemstone.gemfire.cache.query.CqAttributesFactory;
-import com.gemstone.gemfire.cache.query.CqException;
-import com.gemstone.gemfire.cache.query.CqQuery;
-import com.gemstone.gemfire.cache.query.Query;
-import com.gemstone.gemfire.distributed.internal.DistributionConfig;
-import com.gemstone.gemfire.internal.cache.GemFireCacheImpl;
-import com.gemstone.gemfire.internal.cache.PoolManagerImpl;
-import com.gemstone.gemfire.test.dunit.Assert;
-import com.gemstone.gemfire.test.dunit.Host;
-import com.gemstone.gemfire.test.dunit.LogWriterUtils;
-import com.gemstone.gemfire.test.dunit.VM;
-
-public class MultiuserAPIDUnitTest extends ClientAuthorizationTestBase {
-
- /** constructor */
- public MultiuserAPIDUnitTest(String name) {
- super(name);
- }
-
- private VM server1 = null;
-
- private VM server2 = null;
-
- private VM client1 = null;
-
- private VM client2 = null;
-
- private static final String[] serverExpectedExceptions = {
- AuthenticationRequiredException.class.getName(),
- AuthenticationFailedException.class.getName(),
- GemFireSecurityException.class.getName(),
- ClassNotFoundException.class.getName(), IOException.class.getName(),
- SSLException.class.getName(), SSLHandshakeException.class.getName()};
-
- private static final String[] clientExpectedExceptions = {
- AuthenticationRequiredException.class.getName(),
- AuthenticationFailedException.class.getName(),
- SSLHandshakeException.class.getName()};
-
- @Override
- public final void postSetUp() throws Exception {
- final Host host = Host.getHost(0);
- server1 = host.getVM(0);
- server2 = host.getVM(1);
- client1 = host.getVM(2);
- client2 = host.getVM(3);
-
- server1.invoke(() -> SecurityTestUtil.registerExpectedExceptions(serverExpectedExceptions));
- server2.invoke(() -> SecurityTestUtil.registerExpectedExceptions(serverExpectedExceptions));
- client1.invoke(() -> SecurityTestUtil.registerExpectedExceptions(clientExpectedExceptions));
- client2.invoke(() -> SecurityTestUtil.registerExpectedExceptions(clientExpectedExceptions));
- }
-
- public static Integer createCacheServer(Object dsPort, Object locatorString,
- Object authenticator, Object extraProps, Object javaProps) {
-
- Properties authProps;
- if (extraProps == null) {
- authProps = new Properties();
- } else {
- authProps = (Properties)extraProps;
- }
- if (authenticator != null) {
- authProps.setProperty(
- DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME, authenticator
- .toString());
- }
- return SecurityTestUtil.createCacheServer(authProps, javaProps,
- (Integer)dsPort, (String)locatorString, null, new Integer(
- SecurityTestUtil.NO_EXCEPTION));
- }
-
- private static void createCacheClient(Object authInit, Properties authProps,
- Properties javaProps, Integer[] ports, Object numConnections,
- Boolean multiUserMode, Integer expectedResult) {
-
- String authInitStr = (authInit == null ? null : authInit.toString());
- SecurityTestUtil.createCacheClient(authInitStr, authProps, javaProps,
- ports, numConnections, multiUserMode.toString(), expectedResult);
- }
-
- public static void createCacheClient(Object authInit, Object authProps,
- Object javaProps, Integer port1, Integer port2, Object numConnections,
- Boolean multiUserMode, Integer expectedResult) {
-
- createCacheClient(authInit, (Properties)authProps, (Properties)javaProps,
- new Integer[] {port1, port2}, numConnections, multiUserMode,
- expectedResult);
- }
-
- public static void registerAllInterest() {
- Region region = SecurityTestUtil.getCache().getRegion(
- SecurityTestUtil.regionName);
- assertNotNull(region);
- region.registerInterestRegex(".*");
- }
-
- private void setUpVMs(CredentialGenerator gen, Boolean multiUser) {
- Properties extraProps = gen.getSystemProperties();
- Properties javaProps = gen.getJavaProperties();
- String authenticator = gen.getAuthenticator();
- String authInit = gen.getAuthInit();
-
- LogWriterUtils.getLogWriter().info(
- "testValidCredentials: Using scheme: " + gen.classCode());
- LogWriterUtils.getLogWriter().info(
- "testValidCredentials: Using authenticator: " + authenticator);
- LogWriterUtils.getLogWriter().info("testValidCredentials: Using authinit: " + authInit);
-
- // Start the servers
- Integer locPort1 = SecurityTestUtil.getLocatorPort();
- Integer locPort2 = SecurityTestUtil.getLocatorPort();
- String locString = SecurityTestUtil.getLocatorString();
- Integer port1 = (Integer)server1.invoke(() -> MultiuserAPIDUnitTest.createCacheServer(locPort1, locString, authenticator,
- extraProps, javaProps));
- Integer port2 = (Integer)server2.invoke(() -> MultiuserAPIDUnitTest.createCacheServer(locPort2, locString, authenticator,
- extraProps, javaProps));
-
- // Start the clients with valid credentials
- Properties credentials1 = gen.getValidCredentials(1);
- Properties javaProps1 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testValidCredentials: For first client credentials: " + credentials1
- + " : " + javaProps1);
- Properties credentials2 = gen.getValidCredentials(2);
- Properties javaProps2 = gen.getJavaProperties();
- LogWriterUtils.getLogWriter().info(
- "testValidCredentials: For second client credentials: " + credentials2
- + " : " + javaProps2);
- client1.invoke(() -> MultiuserAPIDUnitTest.createCacheClient(authInit, credentials1, javaProps1, port1, port2, null,
- multiUser, new Integer(SecurityTestUtil.NO_EXCEPTION)));
- }
-
- public void testSingleUserUnsupportedAPIs() {
- // Start servers
- // Start clients with multiuser-authentication set to false
- setUpVMs(new DummyCredentialGenerator(), Boolean.FALSE);
- client1.invoke(() -> MultiuserAPIDUnitTest.verifyDisallowedOps(Boolean.FALSE));
- }
-
- public void testMultiUserUnsupportedAPIs() {
- // Start servers.
- // Start clients with multiuser-authentication set to true.
- setUpVMs(new DummyCredentialGenerator(), Boolean.TRUE);
- client1.invoke(() -> MultiuserAPIDUnitTest.verifyDisallowedOps(Boolean.TRUE));
- }
-
- public static void verifyDisallowedOps(Boolean multiuserMode) {
- String op = "unknown";
- boolean success = false;
- if (!multiuserMode) {
- success = false;
- try {
- // Attempt cache.createAuthenticatedCacheView() and expect an exception, fail otherwise
- op = "Pool.createSecureUserCache()";
- GemFireCacheImpl.getInstance().createAuthenticatedView(new Properties(), "testPool");
- } catch (IllegalStateException uoe) {
- Log.getLogWriter().info(op + ": Got expected exception: " + uoe);
- success = true;
- } catch (Exception e) {
- Assert.fail("Got unexpected exception while doing " + op, e);
- }
- if (!success) {
- fail("Did not get exception while doing " + op);
- }
- } else { // multiuser mode
- Region realRegion = GemFireCacheImpl.getInstance().getRegion(
- SecurityTestUtil.regionName);
- Region proxyRegion = SecurityTestUtil.proxyCaches[0]
- .getRegion(SecurityTestUtil.regionName);
- Pool pool = PoolManagerImpl.getPMI().find("testPool");
- for (int i = 0; i <= 27; i++) {
- success = false;
- try {
- switch (i) {
- // Attempt (real) Region.create/put/get/containsKeyOnServer/destroy/
- // destroyRegion/clear/remove/registerInterest/unregisterInterest()
- // and expect an exception, fail otherwise.
- case 0:
- op = "Region.create()";
- realRegion.create("key", "value");
- break;
- case 1:
- op = "Region.put()";
- realRegion.put("key", "value");
- break;
- case 2:
- op = "Region.get()";
- realRegion.get("key");
- break;
- case 3:
- op = "Region.containsKeyOnServer()";
- realRegion.containsKeyOnServer("key");
- break;
- case 4:
- op = "Region.remove()";
- realRegion.remove("key");
- break;
- case 5:
- op = "Region.destroy()";
- realRegion.destroy("key");
- break;
- case 6:
- op = "Region.destroyRegion()";
- realRegion.destroyRegion();
- break;
- case 7:
- op = "Region.registerInterest()";
- realRegion.registerInterest("key");
- break;
- // case 8:
- // op = "Region.unregisterInterest()";
- // realRegion.unregisterInterest("key");
- // break;
- case 8:
- op = "Region.clear()";
- realRegion.clear();
- break;
- // Attempt ProxyRegion.createSubregion/forceRolling/
- // getAttributesMutator/registerInterest/loadSnapShot/saveSnapshot/
- // setUserAttribute/unregisterInterest/writeToDisk
- // and expect an exception, fail otherwise.
- case 9:
- op = "ProxyRegion.createSubregion()";
- proxyRegion.createSubregion("subregion",
- null);
- break;
- case 10:
- op = "ProxyRegion.forceRolling()";
- proxyRegion.forceRolling();
- break;
- case 11:
- op = "ProxyRegion.getAttributesMutator()";
- proxyRegion.getAttributesMutator();
- break;
- case 12:
- op = "ProxyRegion.registerInterest()";
- proxyRegion.registerInterest("key");
- break;
- case 13:
- op = "ProxyRegion.loadSnapshot()";
- proxyRegion.loadSnapshot(null);
- break;
- case 14:
- op = "ProxyRegion.saveSnapshot()";
- proxyRegion.saveSnapshot(null);
- break;
- case 15:
- op = "ProxyRegion.setUserAttribute()";
- proxyRegion.setUserAttribute(null);
- break;
- case 16:
- op = "ProxyRegion.unregisterInterestRegex()";
- proxyRegion.unregisterInterestRegex("*");
- break;
- // Attempt FunctionService.onRegion/onServer/s(pool) and expect an
- // exception, fail otherwise.
- case 17:
- op = "FunctionService.onRegion()";
- FunctionService.onRegion(realRegion);
- break;
- case 18:
- op = "FunctionService.onServer(pool)";
- FunctionService.onServer(pool);
- break;
- case 19:
- op = "FunctionService.onServers(pool)";
- FunctionService.onServers(pool);
- break;
- // Attempt
- // QueryService.newQuery().execute()/newCq().execute/executeWithInitialResults()
- case 20:
- op = "QueryService.newQuery.execute()";
- Query query = pool.getQueryService().newQuery(
- "SELECT * FROM /" + SecurityTestUtil.regionName);
- query.execute();
- break;
- case 21:
- op = "QueryService.newCq.execute()";
- CqQuery cqQuery = pool.getQueryService().newCq(
- "SELECT * FROM /" + SecurityTestUtil.regionName,
- new CqAttributesFactory().create());
- try {
- cqQuery.execute();
- } catch (CqException ce) {
- throw (Exception)ce.getCause();
- }
- break;
- case 22:
- op = "QueryService.newCq.executeWithInitialResults()";
- cqQuery = pool.getQueryService().newCq(
- "SELECT * FROM /" + SecurityTestUtil.regionName,
- new CqAttributesFactory().create());
- try {
- cqQuery.executeWithInitialResults();
- } catch (CqException ce) {
- throw (Exception)ce.getCause();
- }
- break;
- // Attempt ProxyQueryService.getIndex/createIndex/removeIndex() and
- // expect an exception, fail otherwise.
- case 23:
- op = "ProxyQueryService().getIndexes()";
- SecurityTestUtil.proxyCaches[0].getQueryService()
- .getIndexes(null);
- break;
- case 24:
- op = "ProxyQueryService().createIndex()";
- SecurityTestUtil.proxyCaches[0].getQueryService().createIndex(
- null, null, null );
- break;
- case 25:
- op = "ProxyQueryService().removeIndexes()";
- SecurityTestUtil.proxyCaches[0].getQueryService().removeIndexes();
- break;
- case 26:
- op = "ProxyRegion.localDestroy()";
- proxyRegion.localDestroy("key");
- break;
- case 27:
- op = "ProxyRegion.localInvalidate()";
- proxyRegion.localInvalidate("key");
- break;
- default:
- fail("Unknown op code: " + i);
- break;
- }
- } catch (UnsupportedOperationException uoe) {
- Log.getLogWriter().info(op + ": Got expected exception: " + uoe);
- success = true;
- } catch (Exception e) {
- Assert.fail("Got unexpected exception while doing " + op, e);
- }
- if (!success) {
- fail("Did not get exception while doing " + op);
- }
- }
- }
- }
-
- @Override
- public final void preTearDown() throws Exception {
- // close the clients first
- client1.invoke(() -> SecurityTestUtil.closeCache());
- client2.invoke(() -> SecurityTestUtil.closeCache());
- // then close the servers
- server1.invoke(() -> SecurityTestUtil.closeCache());
- server2.invoke(() -> SecurityTestUtil.closeCache());
- }
-}