You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by ud...@apache.org on 2016/07/22 00:19:50 UTC
[03/26] incubator-geode git commit: GEODE-420: Initial Alias
defintion and removal of deprecated SSL-ENABLED properties
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c27b85c6/geode-core/src/main/java/com/gemstone/gemfire/internal/AbstractConfig.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/AbstractConfig.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/AbstractConfig.java
index 4d0c5a8..da4209b 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/AbstractConfig.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/AbstractConfig.java
@@ -177,7 +177,7 @@ public abstract class AbstractConfig implements Config {
}
private boolean okToDisplayPropertyValue(String attName) {
- if (attName.startsWith(DistributionConfig.SECURITY_PREFIX_NAME)) {
+ if (attName.startsWith(SECURITY_PREFIX)) {
return false;
}
if (attName.startsWith(DistributionConfig.SSL_SYSTEM_PROPS_NAME)) {
@@ -208,18 +208,7 @@ public abstract class AbstractConfig implements Config {
}
public boolean isDeprecated(String attName) {
- if (attName.equals(SSL_CIPHERS)) {
- return true;
- } else if (attName.equals(SSL_ENABLED)) {
- return true;
- } else if (attName.equals(SSL_PROTOCOLS)) {
- return true;
- } else if (attName.equals(SSL_REQUIRE_AUTHENTICATION)) {
- return true;
- } else if (attName.equals(JMX_MANAGER_SSL)) {
- return true;
- }
- return false;
+ return false;
}
public Properties toProperties() {
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c27b85c6/geode-core/src/main/java/com/gemstone/gemfire/internal/admin/SSLConfig.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/admin/SSLConfig.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/admin/SSLConfig.java
index 36c553e..76ac625 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/admin/SSLConfig.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/admin/SSLConfig.java
@@ -32,10 +32,10 @@ public class SSLConfig {
//private static final String PREFIX = "javax.net.ssl.";
- private boolean enabled = DistributionConfig.DEFAULT_SSL_ENABLED;
- private String protocols = DistributionConfig.DEFAULT_SSL_PROTOCOLS;
- private String ciphers = DistributionConfig.DEFAULT_SSL_CIPHERS;
- private boolean requireAuth = DistributionConfig.DEFAULT_SSL_REQUIRE_AUTHENTICATION;
+ private boolean enabled = DistributionConfig.DEFAULT_CLUSTER_SSL_ENABLED;
+ private String protocols = DistributionConfig.DEFAULT_CLUSTER_SSL_PROTOCOLS;
+ private String ciphers = DistributionConfig.DEFAULT_CLUSTER_SSL_CIPHERS;
+ private boolean requireAuth = DistributionConfig.DEFAULT_CLUSTER_SSL_REQUIRE_AUTHENTICATION;
/**
* SSL implementation-specific key-value pairs. Each key should be prefixed
@@ -115,15 +115,15 @@ public class SSLConfig {
* @since GemFire 4.0
*/
public void toDSProperties(Properties props) {
- props.setProperty(SSL_ENABLED,
+ props.setProperty(CLUSTER_SSL_ENABLED,
String.valueOf(this.enabled));
if (this.enabled) {
- props.setProperty(SSL_PROTOCOLS,
+ props.setProperty(CLUSTER_SSL_PROTOCOLS,
this.protocols);
- props.setProperty(SSL_CIPHERS,
+ props.setProperty(CLUSTER_SSL_CIPHERS,
this.ciphers);
- props.setProperty(SSL_REQUIRE_AUTHENTICATION,
+ props.setProperty(CLUSTER_SSL_REQUIRE_AUTHENTICATION,
String.valueOf(this.requireAuth));
}
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c27b85c6/geode-core/src/main/java/com/gemstone/gemfire/management/GemFireProperties.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/GemFireProperties.java b/geode-core/src/main/java/com/gemstone/gemfire/management/GemFireProperties.java
index 5f09d7d..c5cf8f5 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/GemFireProperties.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/GemFireProperties.java
@@ -179,26 +179,26 @@ public class GemFireProperties {
* deleted. Set to zero to disable automatic log file deletion.
**/
private int logDiskSpaceLimit;
- /**
- * If true, all gemfire socket communication is configured to use SSL through
- * JSSE.
- **/
- private boolean sslEnabled;
- /**
- * A space seperated list of the SSL cipher suites to enable. Those listed
- * must be supported by the available providers.
- **/
- private String sslCiphers;
- /**
- * A space seperated list of the SSL protocols to enable. Those listed must be
- * supported by the available providers.
- **/
- private String sslProtocols;
- /**
- * If false, allow ciphers that do not require the client side of the
- * connection to be authenticated.
- **/
- private boolean sslRequireAuthentication;
+// /**
+// * If true, all gemfire socket communication is configured to use SSL through
+// * JSSE.
+// **/
+// private boolean sslEnabled;
+// /**
+// * A space seperated list of the SSL cipher suites to enable. Those listed
+// * must be supported by the available providers.
+// **/
+// private String sslCiphers;
+// /**
+// * A space seperated list of the SSL protocols to enable. Those listed must be
+// * supported by the available providers.
+// **/
+// private String sslProtocols;
+// /**
+// * If false, allow ciphers that do not require the client side of the
+// * connection to be authenticated.
+// **/
+// private boolean sslRequireAuthentication;
/**
* The number of milliseconds a thread can keep exclusive access to a socket
* that it is not actively using. Once a thread loses its lease to a socket it
@@ -590,21 +590,21 @@ public class GemFireProperties {
return logDiskSpaceLimit;
}
- public boolean isSslEnabled() {
- return sslEnabled;
- }
-
- public String getSslCiphers() {
- return sslCiphers;
- }
-
- public String getSslProtocols() {
- return sslProtocols;
- }
-
- public boolean isSslRequireAuthentication() {
- return sslRequireAuthentication;
- }
+// public boolean isSslEnabled() {
+// return sslEnabled;
+// }
+//
+// public String getSslCiphers() {
+// return sslCiphers;
+// }
+//
+// public String getSslProtocols() {
+// return sslProtocols;
+// }
+//
+// public boolean isSslRequireAuthentication() {
+// return sslRequireAuthentication;
+// }
public int getSocketLeaseTime() {
return socketLeaseTime;
@@ -885,25 +885,25 @@ public class GemFireProperties {
}
- public void setSslEnabled(boolean sslEnabled) {
- this.sslEnabled = sslEnabled;
-
- }
-
- public void setSslCiphers(String sslCiphers) {
- this.sslCiphers = sslCiphers;
-
- }
-
- public void setSslProtocols(String sslProtocols) {
- this.sslProtocols = sslProtocols;
-
- }
-
- public void setSslRequireAuthentication(boolean sslRequireAuthentication) {
- this.sslRequireAuthentication = sslRequireAuthentication;
-
- }
+// public void setSslEnabled(boolean sslEnabled) {
+// this.sslEnabled = sslEnabled;
+//
+// }
+//
+// public void setSslCiphers(String sslCiphers) {
+// this.sslCiphers = sslCiphers;
+//
+// }
+//
+// public void setSslProtocols(String sslProtocols) {
+// this.sslProtocols = sslProtocols;
+//
+// }
+//
+// public void setSslRequireAuthentication(boolean sslRequireAuthentication) {
+// this.sslRequireAuthentication = sslRequireAuthentication;
+//
+// }
public void setSocketLeaseTime(int socketLeaseTime) {
this.socketLeaseTime = socketLeaseTime;
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c27b85c6/geode-core/src/main/java/com/gemstone/gemfire/management/internal/beans/BeanUtilFuncs.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/beans/BeanUtilFuncs.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/beans/BeanUtilFuncs.java
index b802648..9d62fbf 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/beans/BeanUtilFuncs.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/beans/BeanUtilFuncs.java
@@ -14,8 +14,20 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
+
package com.gemstone.gemfire.management.internal.beans;
+import java.io.BufferedReader;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.io.RandomAccessFile;
+import java.util.Set;
+import java.util.zip.GZIPInputStream;
+import java.util.zip.GZIPOutputStream;
+
import com.gemstone.gemfire.cache.Cache;
import com.gemstone.gemfire.cache.CacheFactory;
import com.gemstone.gemfire.distributed.DistributedMember;
@@ -23,27 +35,20 @@ import com.gemstone.gemfire.distributed.internal.DistributionConfig;
import com.gemstone.gemfire.management.GemFireProperties;
import com.gemstone.gemfire.management.internal.cli.CliUtil;
-import java.io.*;
-import java.util.Set;
-import java.util.zip.GZIPInputStream;
-import java.util.zip.GZIPOutputStream;
-
/**
* Various Utility Functions to be used by MBeans
- *
- *
*/
public class BeanUtilFuncs {
/**
* returns the tail of the log file
- *
* @param logFile
* @return tail of the log file
* @throws IOException
*/
public static String tailSystemLog(File logFile, final int numLines)
- throws IOException {
+ throws IOException
+ {
if (logFile == null || logFile.equals(new File(""))) {
return null;
}
@@ -53,7 +58,7 @@ public class BeanUtilFuncs {
return null;
}
byte[] buffer = (fileLength > maxBuffer) ? new byte[maxBuffer]
- : new byte[(int) fileLength];
+ : new byte[(int) fileLength];
int readSize = buffer.length;
RandomAccessFile f = new RandomAccessFile(logFile, "r");
@@ -93,7 +98,8 @@ public class BeanUtilFuncs {
if (readSize < seekPosition) {
seekPosition = seekPosition - readSize;
- } else {
+ }
+ else {
readSize = (int) seekPosition;
seekPosition = 0;
}
@@ -105,12 +111,9 @@ public class BeanUtilFuncs {
return returnStr.toString();
}
-
-
-
+
/**
- *
* @param sc
* @return tail of log
* @throws IOException
@@ -125,9 +128,10 @@ public class BeanUtilFuncs {
}
return tailSystemLog(logFile, numLines);
}
-
+
public static DistributedMember getDistributedMemberByNameOrId(
- String memberNameOrId) {
+ String memberNameOrId)
+ {
DistributedMember memberFound = null;
if (memberNameOrId != null) {
@@ -135,7 +139,7 @@ public class BeanUtilFuncs {
Set<DistributedMember> memberSet = CliUtil.getAllMembers(cache);
for (DistributedMember member : memberSet) {
if (memberNameOrId.equals(member.getId())
- || memberNameOrId.equals(member.getName())) {
+ || memberNameOrId.equals(member.getName())) {
memberFound = member;
break;
}
@@ -143,7 +147,7 @@ public class BeanUtilFuncs {
}
return memberFound;
}
-
+
public static GemFireProperties initGemfireProperties(DistributionConfig config) {
// **TODO **/
@@ -159,11 +163,11 @@ public class BeanUtilFuncs {
gemFirePropertyData.setMemberGroups(memberGroups);
gemFirePropertyData.setMcastPort(config.getMcastPort());
gemFirePropertyData.setMcastAddress(config.getMcastAddress()
- .getHostAddress());
+ .getHostAddress());
gemFirePropertyData.setBindAddress(config.getBindAddress());
gemFirePropertyData.setTcpPort(config.getTcpPort());
gemFirePropertyData.setCacheXMLFile(config.getCacheXmlFile()
- .getAbsolutePath());
+ .getAbsolutePath());
gemFirePropertyData.setConfigFile(configFile);
gemFirePropertyData.setMcastTTL(config.getMcastTtl());
gemFirePropertyData.setServerBindAddress(config.getServerBindAddress());
@@ -172,30 +176,24 @@ public class BeanUtilFuncs {
gemFirePropertyData.setLogFile(config.getLogFile().getAbsolutePath());
gemFirePropertyData.setLogLevel(config.getLogLevel());
gemFirePropertyData.setStatisticSamplingEnabled(config
- .getStatisticSamplingEnabled());
+ .getStatisticSamplingEnabled());
gemFirePropertyData.setStatisticArchiveFile(config
- .getStatisticArchiveFile().getAbsolutePath());
+ .getStatisticArchiveFile().getAbsolutePath());
gemFirePropertyData.setIncludeFile(includeFile);
gemFirePropertyData.setAckWaitThreshold(config.getAckWaitThreshold());
gemFirePropertyData.setAckSevereAlertThreshold(config
- .getAckSevereAlertThreshold());
+ .getAckSevereAlertThreshold());
gemFirePropertyData.setArchiveFileSizeLimit(config
- .getArchiveFileSizeLimit());
+ .getArchiveFileSizeLimit());
gemFirePropertyData.setArchiveDiskSpaceLimit(config
- .getArchiveDiskSpaceLimit());
+ .getArchiveDiskSpaceLimit());
gemFirePropertyData.setLogFileSizeLimit(config.getLogFileSizeLimit());
gemFirePropertyData.setLogDiskSpaceLimit(config.getLogDiskSpaceLimit());
- gemFirePropertyData.setSslEnabled(config.getSSLEnabled());
- gemFirePropertyData.setSslCiphers(config.getSSLCiphers());
- gemFirePropertyData.setSslProtocols(config.getSSLProtocols());
- gemFirePropertyData.setSslRequireAuthentication(config
- .getSSLRequireAuthentication());
-
gemFirePropertyData.setClusterSSLEnabled(config.getClusterSSLEnabled());
gemFirePropertyData.setClusterSSLCiphers(config.getClusterSSLCiphers());
gemFirePropertyData.setClusterSSLProtocols(config.getClusterSSLProtocols());
@@ -205,7 +203,7 @@ public class BeanUtilFuncs {
gemFirePropertyData.setClusterSSLKeyStorePassword(config.getClusterSSLKeyStorePassword());
gemFirePropertyData.setClusterSSLTrustStore(config.getClusterSSLTrustStore());
gemFirePropertyData.setClusterSSLTrustStorePassword(config.getClusterSSLTrustStorePassword());
-
+
gemFirePropertyData.setServerSSLEnabled(config.getServerSSLEnabled());
gemFirePropertyData.setServerSSLCiphers(config.getServerSSLCiphers());
gemFirePropertyData.setServerSSLProtocols(config.getServerSSLProtocols());
@@ -215,7 +213,7 @@ public class BeanUtilFuncs {
gemFirePropertyData.setServerSSLKeyStorePassword(config.getServerSSLKeyStorePassword());
gemFirePropertyData.setServerSSLTrustStore(config.getServerSSLTrustStore());
gemFirePropertyData.setServerSSLTrustStorePassword(config.getServerSSLTrustStorePassword());
-
+
gemFirePropertyData.setGatewaySSLEnabled(config.getGatewaySSLEnabled());
gemFirePropertyData.setGatewaySSLCiphers(config.getGatewaySSLCiphers());
gemFirePropertyData.setGatewaySSLProtocols(config.getGatewaySSLProtocols());
@@ -225,7 +223,7 @@ public class BeanUtilFuncs {
gemFirePropertyData.setGatewaySSLKeyStorePassword(config.getGatewaySSLKeyStorePassword());
gemFirePropertyData.setGatewaySSLTrustStore(config.getGatewaySSLTrustStore());
gemFirePropertyData.setGatewaySSLTrustStorePassword(config.getGatewaySSLTrustStorePassword());
-
+
gemFirePropertyData.setJmxManagerSSLEnabled(config.getJmxManagerSSLEnabled());
gemFirePropertyData.setJmxManagerSSLCiphers(config.getJmxManagerSSLCiphers());
gemFirePropertyData.setJmxManagerSSLProtocols(config.getJmxManagerSSLProtocols());
@@ -235,7 +233,7 @@ public class BeanUtilFuncs {
gemFirePropertyData.setJmxManagerSSLKeyStorePassword(config.getJmxManagerSSLKeyStorePassword());
gemFirePropertyData.setJmxManagerSSLTrustStore(config.getJmxManagerSSLTrustStore());
gemFirePropertyData.setJmxManagerSSLTrustStorePassword(config.getJmxManagerSSLTrustStorePassword());
-
+
gemFirePropertyData.setHttpServiceSSLEnabled(config.getHttpServiceSSLEnabled());
gemFirePropertyData.setHttpServiceSSLCiphers(config.getHttpServiceSSLCiphers());
gemFirePropertyData.setHttpServiceSSLProtocols(config.getHttpServiceSSLProtocols());
@@ -245,7 +243,7 @@ public class BeanUtilFuncs {
gemFirePropertyData.setHttpServiceSSLKeyStorePassword(config.getHttpServiceSSLKeyStorePassword());
gemFirePropertyData.setHttpServiceSSLTrustStore(config.getHttpServiceSSLTrustStore());
gemFirePropertyData.setHttpServiceSSLTrustStorePassword(config.getHttpServiceSSLTrustStorePassword());
-
+
gemFirePropertyData.setSocketLeaseTime(config.getSocketLeaseTime());
gemFirePropertyData.setSocketBufferSize(config.getSocketBufferSize());
@@ -253,21 +251,21 @@ public class BeanUtilFuncs {
gemFirePropertyData.setMcastRecvBufferSize(config.getMcastRecvBufferSize());
gemFirePropertyData.setMcastByteAllowance(config.getMcastFlowControl()
- .getByteAllowance());
+ .getByteAllowance());
gemFirePropertyData.setMcastRechargeThreshold(config.getMcastFlowControl()
- .getRechargeThreshold());
+ .getRechargeThreshold());
gemFirePropertyData.setMcastRechargeBlockMs(config.getMcastFlowControl()
- .getRechargeBlockMs());
+ .getRechargeBlockMs());
gemFirePropertyData.setUdpFragmentSize(config.getUdpFragmentSize());
gemFirePropertyData.setUdpRecvBufferSize(config.getUdpRecvBufferSize());
gemFirePropertyData.setDisableTcp(config.getDisableTcp());
gemFirePropertyData.setEnableTimeStatistics(config
- .getEnableTimeStatistics());
+ .getEnableTimeStatistics());
gemFirePropertyData.setEnableNetworkPartitionDetection(config
- .getEnableNetworkPartitionDetection());
+ .getEnableNetworkPartitionDetection());
gemFirePropertyData.setMemberTimeout(config.getMemberTimeout());
gemFirePropertyData.setMembershipPortRange(config.getMembershipPortRange());
@@ -275,13 +273,13 @@ public class BeanUtilFuncs {
gemFirePropertyData.setRoles(config.getRoles());
gemFirePropertyData.setMaxWaitTimeForReconnect(config
- .getMaxWaitTimeForReconnect());
+ .getMaxWaitTimeForReconnect());
gemFirePropertyData.setMaxNumReconnectTries(config
- .getMaxNumReconnectTries());
+ .getMaxNumReconnectTries());
gemFirePropertyData.setAsyncDistributionTimeout(config
- .getAsyncDistributionTimeout());
+ .getAsyncDistributionTimeout());
gemFirePropertyData.setAsyncQueueTimeout(config.getAsyncQueueTimeout());
gemFirePropertyData.setAsyncMaxQueueSize(config.getAsyncMaxQueueSize());
@@ -289,31 +287,31 @@ public class BeanUtilFuncs {
gemFirePropertyData.setDurableClientId(config.getDurableClientId());
gemFirePropertyData.setDurableClientTimeout(config
- .getDurableClientTimeout());
+ .getDurableClientTimeout());
gemFirePropertyData.setSecurityClientAuthInit(config
- .getSecurityClientAuthInit());
+ .getSecurityClientAuthInit());
gemFirePropertyData.setSecurityClientAuthenticator(config
- .getSecurityClientAuthenticator());
+ .getSecurityClientAuthenticator());
gemFirePropertyData.setSecurityClientDHAlgo(config
- .getSecurityClientDHAlgo());
+ .getSecurityClientDHAlgo());
gemFirePropertyData.setSecurityPeerAuthInit(config
- .getSecurityPeerAuthInit());
+ .getSecurityPeerAuthInit());
gemFirePropertyData.setSecurityPeerAuthenticator(config
- .getSecurityPeerAuthenticator());
+ .getSecurityPeerAuthenticator());
gemFirePropertyData.setSecurityClientAccessor(config
- .getSecurityClientAccessor());
+ .getSecurityClientAccessor());
gemFirePropertyData.setSecurityClientAccessorPP(config
- .getSecurityClientAccessorPP());
+ .getSecurityClientAccessorPP());
gemFirePropertyData.setSecurityLogLevel(config.getSecurityLogLevel());
gemFirePropertyData.setSecurityLogFile(config.getSecurityLogFile()
- .getAbsolutePath());
+ .getAbsolutePath());
gemFirePropertyData.setSecurityPeerMembershipTimeout(config
- .getSecurityPeerMembershipTimeout());
+ .getSecurityPeerMembershipTimeout());
gemFirePropertyData.setRemoveUnresponsiveClient(config
- .getRemoveUnresponsiveClient());
+ .getRemoveUnresponsiveClient());
gemFirePropertyData.setDeltaPropagation(config.getDeltaPropagation());
gemFirePropertyData.setRedundancyZone(config.getRedundancyZone());
@@ -324,7 +322,6 @@ public class BeanUtilFuncs {
gemFirePropertyData.setJmxManager(config.getJmxManager());
gemFirePropertyData.setJmxManagerStart(config.getJmxManagerStart());
- gemFirePropertyData.setJmxManagerSSL(config.getJmxManagerSSL());
gemFirePropertyData.setJmxManagerPort(config.getJmxManagerPort());
gemFirePropertyData.setJmxManagerBindAddress(config.getJmxManagerBindAddress());
gemFirePropertyData.setJmxManagerHostnameForClients(config.getJmxManagerHostnameForClients());
@@ -339,14 +336,12 @@ public class BeanUtilFuncs {
return gemFirePropertyData;
}
-
+
/**
* Compresses a given String. It is encoded using ISO-8859-1, So any
* decompression of the compressed string should also use ISO-8859-1
- *
- * @param str
- * String to be compressed.
+ * @param str String to be compressed.
* @return compressed bytes
* @throws IOException
*/
@@ -363,9 +358,7 @@ public class BeanUtilFuncs {
}
/**
- *
- * @param bytes
- * bytes to be decompressed
+ * @param bytes bytes to be decompressed
* @return a decompressed String
* @throws IOException
*/
@@ -374,7 +367,7 @@ public class BeanUtilFuncs {
return null;
}
GZIPInputStream gis = new GZIPInputStream(new ByteArrayInputStream(bytes));
- BufferedReader bf = new BufferedReader(new InputStreamReader(gis,"UTF-8"));
+ BufferedReader bf = new BufferedReader(new InputStreamReader(gis, "UTF-8"));
String outStr = "";
String line;
while ((line = bf.readLine()) != null) {
@@ -382,5 +375,5 @@ public class BeanUtilFuncs {
}
return outStr;
}
-
+
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c27b85c6/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ShellCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ShellCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ShellCommands.java
index 09a25a6..523541c 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ShellCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ShellCommands.java
@@ -309,9 +309,9 @@ public class ShellCommands implements CommandMarker {
// Used for gfsh->locator connection & not needed for gfsh->manager connection
if (useSsl || !sslConfigProps.isEmpty()) {
//Fix for 51266 : Added an check for cluster-ssl-enabled proeprty
- if (!sslConfigProps.containsKey(DistributionConfig.CLUSTER_SSL_ENABLED_NAME)) {
- sslConfigProps.put(DistributionConfig.SSL_ENABLED_NAME, String.valueOf(true));
- }
+// if (!sslConfigProps.containsKey(DistributionConfig.CLUSTER_SSL_ENABLED_NAME)) {
+// sslConfigProps.put(DistributionConfig.SSL_ENABLED_NAME, String.valueOf(true));
+// }
sslConfigProps.put(MCAST_PORT, String.valueOf(0));
sslConfigProps.put(LOCATORS, "");
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c27b85c6/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/shell/JmxOperationInvoker.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/shell/JmxOperationInvoker.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/shell/JmxOperationInvoker.java
index a67cae3..05e5c99 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/shell/JmxOperationInvoker.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/shell/JmxOperationInvoker.java
@@ -16,6 +16,39 @@
*/
package com.gemstone.gemfire.management.internal.cli.shell;
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.text.MessageFormat;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Map.Entry;
+import java.util.Properties;
+import java.util.Set;
+import java.util.TreeSet;
+import java.util.concurrent.atomic.AtomicBoolean;
+import javax.management.AttributeNotFoundException;
+import javax.management.InstanceNotFoundException;
+import javax.management.JMX;
+import javax.management.MBeanException;
+import javax.management.MBeanServerConnection;
+import javax.management.MalformedObjectNameException;
+import javax.management.Notification;
+import javax.management.NotificationListener;
+import javax.management.ObjectName;
+import javax.management.QueryExp;
+import javax.management.ReflectionException;
+import javax.management.remote.JMXConnectionNotification;
+import javax.management.remote.JMXConnector;
+import javax.management.remote.JMXConnectorFactory;
+import javax.management.remote.JMXServiceURL;
+import javax.rmi.ssl.SslRMIClientSocketFactory;
+
+import com.gemstone.gemfire.distributed.internal.DistributionConfig;
import com.gemstone.gemfire.internal.lang.StringUtils;
import com.gemstone.gemfire.internal.util.ArrayUtils;
import com.gemstone.gemfire.internal.util.IOUtils;
@@ -29,28 +62,10 @@ import com.gemstone.gemfire.management.internal.cli.LogWrapper;
import com.gemstone.gemfire.management.internal.cli.commands.ShellCommands;
import com.gemstone.gemfire.management.internal.cli.i18n.CliStrings;
-import javax.management.*;
-import javax.management.remote.JMXConnectionNotification;
-import javax.management.remote.JMXConnector;
-import javax.management.remote.JMXConnectorFactory;
-import javax.management.remote.JMXServiceURL;
-import javax.rmi.ssl.SslRMIClientSocketFactory;
-import java.io.File;
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.text.MessageFormat;
-import java.util.*;
-import java.util.Map.Entry;
-import java.util.concurrent.atomic.AtomicBoolean;
-
import static com.gemstone.gemfire.distributed.ConfigurationProperties.*;
/**
* OperationInvoker JMX Implementation
- *
- *
* @since GemFire 7.0
*/
public class JmxOperationInvoker implements OperationInvoker {
@@ -88,9 +103,8 @@ public class JmxOperationInvoker implements OperationInvoker {
final int port,
final String userName,
final String password,
- final Map<String, String> sslConfigProps, String gfSecurityPropertiesPath)
- throws Exception
- {
+ final Map<String, String> sslConfigProps,
+ String gfSecurityPropertiesPath) throws Exception {
final Set<String> propsToClear = new TreeSet<String>();
try {
this.managerHost = host;
@@ -104,15 +118,15 @@ public class JmxOperationInvoker implements OperationInvoker {
if (userName != null && userName.length() > 0) {
env.put(JMXConnector.CREDENTIALS, new String[] { userName, password });
- }
+ }
Set<Entry<String, String>> entrySet = sslConfigProps.entrySet();
- for (Iterator<Entry<String, String>> it = entrySet.iterator(); it.hasNext();) {
+ for (Iterator<Entry<String, String>> it = entrySet.iterator(); it.hasNext(); ) {
Entry<String, String> entry = it.next();
String key = entry.getKey();
String value = entry.getValue();
- if (key.startsWith("javax.") || key.startsWith("cluster-ssl") || key.startsWith(JMX_MANAGER_SSL)) {
- key = checkforSystemPropertyPrefix(entry.getKey());
- if((key.equals(Gfsh.SSL_ENABLED_CIPHERS) || key.equals(Gfsh.SSL_ENABLED_PROTOCOLS)) && "any".equals(value)){
+ if (key.startsWith("javax.") || key.startsWith(DistributionConfig.CLUSTER_SSL_PREFIX) || key.startsWith(JMX_MANAGER_SSL_PREFIX)) {
+ key = checkforSystemPropertyPrefix(entry.getKey());
+ if ((key.equals(Gfsh.SSL_ENABLED_CIPHERS) || key.equals(Gfsh.SSL_ENABLED_PROTOCOLS)) && "any".equals(value)) {
continue;
}
System.setProperty(key, value);
@@ -120,7 +134,7 @@ public class JmxOperationInvoker implements OperationInvoker {
}
}
- if(!sslConfigProps.isEmpty()){
+ if (!sslConfigProps.isEmpty()) {
if (System.getProperty(Gfsh.SSL_KEYSTORE) != null || System.getProperty(Gfsh.SSL_TRUSTSTORE) != null) {
// use ssl to connect
env.put("com.sun.jndi.rmi.factory.socket", new SslRMIClientSocketFactory());
@@ -129,44 +143,39 @@ public class JmxOperationInvoker implements OperationInvoker {
//Check for JMX Credentials if empty put properties instance directly so that
//jmx management interceptor can read it for custom security properties
- if(!env.containsKey(JMXConnector.CREDENTIALS)) {
+ if (!env.containsKey(JMXConnector.CREDENTIALS)) {
env.put(JMXConnector.CREDENTIALS, readProperties(gfSecurityPropertiesPath));
}
- this.url = new JMXServiceURL(MessageFormat.format(JMX_URL_FORMAT, checkAndConvertToCompatibleIPv6Syntax(host), String.valueOf(port)));
+ this.url = new JMXServiceURL(MessageFormat.format(JMX_URL_FORMAT, checkAndConvertToCompatibleIPv6Syntax(host), String.valueOf(port)));
this.connector = JMXConnectorFactory.connect(url, env);
this.mbsc = connector.getMBeanServerConnection();
this.connector.addConnectionNotificationListener(new JMXConnectionListener(this), null, null);
this.distributedSystemMXBeanProxy = JMX.newMXBeanProxy(mbsc, MBeanJMXAdapter.getDistributedSystemName(), DistributedSystemMXBean.class);
- if (this.distributedSystemMXBeanProxy == null ) {
- LogWrapper.getInstance().info("DistributedSystemMXBean is not present on member with endpoints : "+this.endpoints);
+ if (this.distributedSystemMXBeanProxy == null) {
+ LogWrapper.getInstance().info("DistributedSystemMXBean is not present on member with endpoints : " + this.endpoints);
throw new JMXConnectionException(JMXConnectionException.MANAGER_NOT_FOUND_EXCEPTION);
- }
- else {
+ } else {
this.managerMemberObjectName = this.distributedSystemMXBeanProxy.getMemberObjectName();
if (this.managerMemberObjectName == null || !JMX.isMXBeanInterface(MemberMXBean.class)) {
- LogWrapper.getInstance().info("MemberMXBean with ObjectName "+this.managerMemberObjectName+" is not present on member with endpoints : "+endpoints);
+ LogWrapper.getInstance()
+ .info("MemberMXBean with ObjectName " + this.managerMemberObjectName + " is not present on member with endpoints : " + endpoints);
throw new JMXConnectionException(JMXConnectionException.MANAGER_NOT_FOUND_EXCEPTION);
- }
- else {
+ } else {
this.memberMXBeanProxy = JMX.newMXBeanProxy(mbsc, managerMemberObjectName, MemberMXBean.class);
}
}
this.isConnected.set(true);
this.clusterId = distributedSystemMXBeanProxy.getDistributedSystemId();
- }
- catch (NullPointerException e) {
+ } catch (NullPointerException e) {
throw e;
- }
- catch (MalformedURLException e) {
+ } catch (MalformedURLException e) {
throw e;
- }
- catch (IOException e) {
+ } catch (IOException e) {
throw e;
- }
- finally {
+ } finally {
for (String propToClear : propsToClear) {
System.clearProperty(propToClear);
}
@@ -195,8 +204,7 @@ public class JmxOperationInvoker implements OperationInvoker {
}
// if 'gfSecurityPropertiesPath' OR gfsecurity.properties has resolvable path
if (gfSecurityPropertiesUrl != null) {
- gfshInstance.logToFile("Using security properties file : "
- + CliUtil.decodeWithDefaultCharSet(gfSecurityPropertiesUrl.getPath()), null);
+ gfshInstance.logToFile("Using security properties file : " + CliUtil.decodeWithDefaultCharSet(gfSecurityPropertiesUrl.getPath()), null);
return loadPropertiesFromURL(gfSecurityPropertiesUrl);
}
return null;
@@ -211,9 +219,8 @@ public class JmxOperationInvoker implements OperationInvoker {
inputStream = gfSecurityPropertiesUrl.openStream();
props.load(inputStream);
} catch (IOException io) {
- throw new RuntimeException(CliStrings.format(
- CliStrings.CONNECT__MSG__COULD_NOT_READ_CONFIG_FROM_0,
- CliUtil.decodeWithDefaultCharSet(gfSecurityPropertiesUrl.getPath())), io);
+ throw new RuntimeException(CliStrings.format(CliStrings.CONNECT__MSG__COULD_NOT_READ_CONFIG_FROM_0, CliUtil.decodeWithDefaultCharSet(gfSecurityPropertiesUrl
+ .getPath())), io);
} finally {
IOUtils.close(inputStream);
}
@@ -223,9 +230,10 @@ public class JmxOperationInvoker implements OperationInvoker {
private String checkforSystemPropertyPrefix(String key) {
String returnKey = key;
- if (key.startsWith("javax."))
+ if (key.startsWith("javax.")) {
returnKey = key;
- if (key.startsWith("cluster-ssl") || key.startsWith(JMX_MANAGER_SSL)) {
+ }
+ if (key.startsWith(CLUSTER_SSL_PREFIX) || key.startsWith(JMX_MANAGER_SSL_PREFIX)) {
if (key.endsWith("keystore")) {
returnKey = Gfsh.SSL_KEYSTORE;
} else if (key.endsWith("keystore-password")) {
@@ -239,8 +247,8 @@ public class JmxOperationInvoker implements OperationInvoker {
} else if (key.endsWith("protocols")) {
returnKey = Gfsh.SSL_ENABLED_PROTOCOLS;
}
- }
- return returnKey;
+ }
+ return returnKey;
}
@Override
@@ -256,7 +264,7 @@ public class JmxOperationInvoker implements OperationInvoker {
} catch (MBeanException e) {
throw new JMXInvocationException("Exception while fetching " + attributeName + " for " + resourceName, e);
} catch (ReflectionException e) {
- throw new JMXInvocationException("Couldn't find "+attributeName+" for " + resourceName, e);
+ throw new JMXInvocationException("Couldn't find " + attributeName + " for " + resourceName, e);
} catch (NullPointerException e) {
throw new JMXInvocationException("Given resourceName is null.", e);
} catch (IOException e) {
@@ -277,12 +285,13 @@ public class JmxOperationInvoker implements OperationInvoker {
/**
* JMX Specific operation invoke caller.
- *
* @param resource
* @param operationName
* @param params
* @param signature
+ *
* @return result of JMX Operation invocation
+ *
* @throws JMXInvocationException
*/
protected Object invoke(ObjectName resource, String operationName, Object[] params, String[] signature) throws JMXInvocationException {
@@ -293,7 +302,7 @@ public class JmxOperationInvoker implements OperationInvoker {
} catch (MBeanException e) {
throw new JMXInvocationException("Exception while invoking " + operationName + " on " + resource, e);
} catch (ReflectionException e) {
- throw new JMXInvocationException("Couldn't find "+operationName+" on " + resource + " with arguments "+Arrays.toString(signature), e);
+ throw new JMXInvocationException("Couldn't find " + operationName + " on " + resource + " with arguments " + Arrays.toString(signature), e);
} catch (IOException e) {
throw new JMXInvocationException("Couldn't communicate with remote server at " + toString(), e);
}
@@ -303,8 +312,7 @@ public class JmxOperationInvoker implements OperationInvoker {
try {
return getMBeanServerConnection().queryNames(objectName, queryExpression);
} catch (IOException e) {
- throw new JMXInvocationException(String.format("Failed to communicate with the remote MBean server at (%1$s)!",
- toString()), e);
+ throw new JMXInvocationException(String.format("Failed to communicate with the remote MBean server at (%1$s)!", toString()), e);
}
}
@@ -312,10 +320,8 @@ public class JmxOperationInvoker implements OperationInvoker {
public Object processCommand(final CommandRequest commandRequest) throws JMXInvocationException {
//Gfsh.getCurrentInstance().printAsSevere(String.format("Command (%1$s)%n", commandRequest.getInput()));
if (commandRequest.hasFileData()) {
- return memberMXBeanProxy.processCommand(commandRequest.getInput(), commandRequest.getEnvironment(),
- ArrayUtils.toByteArray(commandRequest.getFileData()));
- }
- else {
+ return memberMXBeanProxy.processCommand(commandRequest.getInput(), commandRequest.getEnvironment(), ArrayUtils.toByteArray(commandRequest.getFileData()));
+ } else {
return memberMXBeanProxy.processCommand(commandRequest.getInput(), commandRequest.getEnvironment());
}
}
@@ -356,14 +362,11 @@ public class JmxOperationInvoker implements OperationInvoker {
}
public <T> T getMBeanProxy(final ObjectName objectName, final Class<T> mbeanInterface) {
- if (DistributedSystemMXBean.class.equals(mbeanInterface)
- && ManagementConstants.OBJECTNAME__DISTRIBUTEDSYSTEM_MXBEAN.equals(objectName.toString())) {
+ if (DistributedSystemMXBean.class.equals(mbeanInterface) && ManagementConstants.OBJECTNAME__DISTRIBUTEDSYSTEM_MXBEAN.equals(objectName.toString())) {
return mbeanInterface.cast(getDistributedSystemMXBean());
- }
- else if (JMX.isMXBeanInterface(mbeanInterface)) {
+ } else if (JMX.isMXBeanInterface(mbeanInterface)) {
return JMX.newMXBeanProxy(getMBeanServerConnection(), objectName, mbeanInterface);
- }
- else {
+ } else {
return JMX.newMBeanProxy(getMBeanServerConnection(), objectName, mbeanInterface);
}
}
@@ -401,11 +404,10 @@ public class JmxOperationInvoker implements OperationInvoker {
* returns the host based on RFC2732 requirements i.e. surrounds the given
* host address string with square brackets. If ":" is not found in the given
* string, simply returns the same string.
+ * @param hostAddress host address to check if it's an IPv6 address
*
- * @param hostAddress
- * host address to check if it's an IPv6 address
* @return for an IPv6 address returns compatible host address otherwise
- * returns the same string
+ * returns the same string
*/
//TODO - Abhishek: move to utility class
// Taken from GFMon
@@ -429,23 +431,23 @@ public class JmxOperationInvoker implements OperationInvoker {
/**
* A Connection Notification Listener. Notifies Gfsh when a connection gets
* terminated abruptly.
- *
* @since GemFire 7.0
*/
class JMXConnectionListener implements NotificationListener {
+
public static final String CHECK_PERIOD_PROP = "jmx.remote.x.client.connection.check.period";
- public static final long CHECK_PERIOD = 1000L;
+ public static final long CHECK_PERIOD = 1000L;
private JmxOperationInvoker invoker;
- JMXConnectionListener (JmxOperationInvoker invoker) {
+ JMXConnectionListener(JmxOperationInvoker invoker) {
this.invoker = invoker;
}
+
@Override
public void handleNotification(Notification notification, Object handback) {
if (JMXConnectionNotification.class.isInstance(notification)) {
- JMXConnectionNotification connNotif = (JMXConnectionNotification)notification;
- if (JMXConnectionNotification.CLOSED.equals(connNotif.getType()) ||
- JMXConnectionNotification.FAILED.equals(connNotif.getType())) {
+ JMXConnectionNotification connNotif = (JMXConnectionNotification) notification;
+ if (JMXConnectionNotification.CLOSED.equals(connNotif.getType()) || JMXConnectionNotification.FAILED.equals(connNotif.getType())) {
this.invoker.isConnected.set(false);
this.invoker.resetClusterId();
if (!this.invoker.isSelfDisconnect.get()) {
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c27b85c6/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/InternalDistributedSystemJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/InternalDistributedSystemJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/InternalDistributedSystemJUnitTest.java
index a59262e..2e4566f 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/InternalDistributedSystemJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/InternalDistributedSystemJUnitTest.java
@@ -694,7 +694,7 @@ public class InternalDistributedSystemJUnitTest
Properties props = new Properties();
props.setProperty(MCAST_PORT, "0");
props.setProperty(LOCATORS, "");
- props.setProperty(SSL_ENABLED, "true");
+ props.setProperty(CLUSTER_SSL_ENABLED, "true");
Config config1 = new DistributionConfigImpl(props, false);
Properties props1 = config1.toProperties();
// For the deprecated ssl-* properties a decision was made
@@ -703,12 +703,12 @@ public class InternalDistributedSystemJUnitTest
// and its use in toProperties.
// The other thing that is done is the ssl-* props are copied to cluster-ssl-*.
// The following two assertions demonstrate this.
- assertEquals(null, props1.getProperty(SSL_ENABLED));
+ assertEquals(null, props1.getProperty(CLUSTER_SSL_ENABLED));
assertEquals("true", props1.getProperty(CLUSTER_SSL_ENABLED));
Config config2 = new DistributionConfigImpl(props1, false);
assertEquals(true, config1.sameAs(config2));
Properties props3 = new Properties(props1);
- props3.setProperty(SSL_ENABLED, "false");
+ props3.setProperty(CLUSTER_SSL_ENABLED, "false");
Config config3 = new DistributionConfigImpl(props3, false);
assertEquals(false, config1.sameAs(config3));
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c27b85c6/geode-core/src/test/java/com/gemstone/gemfire/internal/AbstractConfigJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/AbstractConfigJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/AbstractConfigJUnitTest.java
index 400f872..93fc39f 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/internal/AbstractConfigJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/AbstractConfigJUnitTest.java
@@ -40,7 +40,6 @@ public class AbstractConfigJUnitTest {
assertTrue((Boolean) method.invoke(actc, CLUSTER_SSL_ENABLED));
assertFalse((Boolean) method.invoke(actc, GATEWAY_SSL_TRUSTSTORE_PASSWORD));
assertFalse((Boolean) method.invoke(actc, SERVER_SSL_KEYSTORE_PASSWORD));
- assertTrue((Boolean) method.invoke(actc, SSL_ENABLED));
assertTrue((Boolean) method.invoke(actc, CONSERVE_SOCKETS));
assertFalse((Boolean) method.invoke(actc, "javax.net.ssl.keyStorePassword"));
assertFalse((Boolean) method.invoke(actc, "javax.net.ssl.keyStoreType"));
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c27b85c6/geode-core/src/test/java/com/gemstone/gemfire/internal/JSSESocketJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/JSSESocketJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/JSSESocketJUnitTest.java
index d0d906a..30899be 100755
--- a/geode-core/src/test/java/com/gemstone/gemfire/internal/JSSESocketJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/JSSESocketJUnitTest.java
@@ -101,10 +101,10 @@ public class JSSESocketJUnitTest {
LogService.setBaseLogLevel(Level.DEBUG);
{
System.setProperty(DistributionConfig.GEMFIRE_PREFIX + MCAST_PORT, "0");
- System.setProperty(DistributionConfig.GEMFIRE_PREFIX + SSL_ENABLED, "true");
- System.setProperty(DistributionConfig.GEMFIRE_PREFIX + SSL_REQUIRE_AUTHENTICATION, "true");
- System.setProperty(DistributionConfig.GEMFIRE_PREFIX + SSL_CIPHERS, "any");
- System.setProperty(DistributionConfig.GEMFIRE_PREFIX + SSL_PROTOCOLS, "TLSv1.2");
+ System.setProperty(DistributionConfig.GEMFIRE_PREFIX + CLUSTER_SSL_ENABLED, "true");
+ System.setProperty(DistributionConfig.GEMFIRE_PREFIX + CLUSTER_SSL_REQUIRE_AUTHENTICATION, "true");
+ System.setProperty(DistributionConfig.GEMFIRE_PREFIX + CLUSTER_SSL_CIPHERS, "any");
+ System.setProperty(DistributionConfig.GEMFIRE_PREFIX + CLUSTER_SSL_PROTOCOLS, "TLSv1.2");
File jks = findTestJKS();
System.setProperty("javax.net.ssl.trustStore", jks.getCanonicalPath());
@@ -164,7 +164,7 @@ public class JSSESocketJUnitTest {
public void testClientSocketFactory() {
System.getProperties().put(DistributionConfig.GEMFIRE_PREFIX + "clientSocketFactory",
TSocketFactory.class.getName());
- System.getProperties().remove(DistributionConfig.GEMFIRE_PREFIX + SSL_ENABLED);
+ System.getProperties().remove(DistributionConfig.GEMFIRE_PREFIX + CLUSTER_SSL_ENABLED);
SocketCreator.getDefaultInstance(new Properties());
factoryInvoked = false;
try {
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c27b85c6/geode-core/src/test/java/com/gemstone/gemfire/internal/SSLConfigJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/SSLConfigJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/SSLConfigJUnitTest.java
index c8addf8..a8e4708 100755
--- a/geode-core/src/test/java/com/gemstone/gemfire/internal/SSLConfigJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/SSLConfigJUnitTest.java
@@ -104,7 +104,7 @@ public class SSLConfigJUnitTest {
public void testMCastPortWithSSL() throws Exception {
Properties props = new Properties( );
// default mcast-port is not 0.
- props.setProperty(SSL_ENABLED, "true");
+ props.setProperty(CLUSTER_SSL_ENABLED, "true");
try {
new DistributionConfigImpl( props );
@@ -144,54 +144,54 @@ public class SSLConfigJUnitTest {
boolean requireAuth = true;
DistributionConfigImpl config = new DistributionConfigImpl( new Properties() );
- isEqual( config.getSSLEnabled(), sslenabled );
- isEqual( config.getSSLProtocols(), sslprotocols );
- isEqual( config.getSSLCiphers(), sslciphers );
- isEqual( config.getSSLRequireAuthentication(), requireAuth );
+ isEqual( config.getClusterSSLEnabled(), sslenabled );
+ isEqual( config.getClusterSSLProtocols(), sslprotocols );
+ isEqual( config.getClusterSSLCiphers(), sslciphers );
+ isEqual( config.getClusterSSLRequireAuthentication(), requireAuth );
Properties props = new Properties();
sslciphers = "RSA_WITH_GARBAGE";
- props.setProperty(SSL_CIPHERS, sslciphers);
+ props.setProperty(CLUSTER_SSL_CIPHERS, sslciphers);
config = new DistributionConfigImpl( props );
- isEqual( config.getSSLEnabled(), sslenabled );
- isEqual( config.getSSLProtocols(), sslprotocols );
- isEqual( config.getSSLCiphers(), sslciphers );
- isEqual( config.getSSLRequireAuthentication(), requireAuth );
+ isEqual( config.getClusterSSLEnabled(), sslenabled );
+ isEqual( config.getClusterSSLProtocols(), sslprotocols );
+ isEqual( config.getClusterSSLCiphers(), sslciphers );
+ isEqual( config.getClusterSSLRequireAuthentication(), requireAuth );
sslprotocols = "SSLv7";
- props.setProperty(SSL_PROTOCOLS, sslprotocols);
+ props.setProperty(CLUSTER_SSL_PROTOCOLS, sslprotocols);
config = new DistributionConfigImpl( props );
- isEqual( config.getSSLEnabled(), sslenabled );
- isEqual( config.getSSLProtocols(), sslprotocols );
- isEqual( config.getSSLCiphers(), sslciphers );
- isEqual( config.getSSLRequireAuthentication(), requireAuth );
+ isEqual( config.getClusterSSLEnabled(), sslenabled );
+ isEqual( config.getClusterSSLProtocols(), sslprotocols );
+ isEqual( config.getClusterSSLCiphers(), sslciphers );
+ isEqual( config.getClusterSSLRequireAuthentication(), requireAuth );
requireAuth = false;
- props.setProperty(SSL_REQUIRE_AUTHENTICATION, String.valueOf(requireAuth));
+ props.setProperty(CLUSTER_SSL_REQUIRE_AUTHENTICATION, String.valueOf(requireAuth));
config = new DistributionConfigImpl( props );
- isEqual( config.getSSLEnabled(), sslenabled );
- isEqual( config.getSSLProtocols(), sslprotocols );
- isEqual( config.getSSLCiphers(), sslciphers );
- isEqual( config.getSSLRequireAuthentication(), requireAuth );
+ isEqual( config.getClusterSSLEnabled(), sslenabled );
+ isEqual( config.getClusterSSLProtocols(), sslprotocols );
+ isEqual( config.getClusterSSLCiphers(), sslciphers );
+ isEqual( config.getClusterSSLRequireAuthentication(), requireAuth );
sslenabled = true;
- props.setProperty(SSL_ENABLED, String.valueOf(sslenabled));
+ props.setProperty(CLUSTER_SSL_ENABLED, String.valueOf(sslenabled));
props.setProperty(MCAST_PORT, "0");
config = new DistributionConfigImpl( props );
- isEqual( config.getSSLEnabled(), sslenabled );
- isEqual( config.getSSLProtocols(), sslprotocols );
- isEqual( config.getSSLCiphers(), sslciphers );
- isEqual( config.getSSLRequireAuthentication(), requireAuth );
+ isEqual( config.getClusterSSLEnabled(), sslenabled );
+ isEqual( config.getClusterSSLProtocols(), sslprotocols );
+ isEqual( config.getClusterSSLCiphers(), sslciphers );
+ isEqual( config.getClusterSSLRequireAuthentication(), requireAuth );
config = new DistributionConfigImpl( config );
- isEqual( config.getSSLEnabled(), sslenabled );
- isEqual( config.getSSLProtocols(), sslprotocols );
- isEqual( config.getSSLCiphers(), sslciphers );
- isEqual( config.getSSLRequireAuthentication(), requireAuth );
+ isEqual( config.getClusterSSLEnabled(), sslenabled );
+ isEqual( config.getClusterSSLProtocols(), sslprotocols );
+ isEqual( config.getClusterSSLCiphers(), sslciphers );
+ isEqual( config.getClusterSSLRequireAuthentication(), requireAuth );
}
@Test
@@ -340,11 +340,12 @@ public class SSLConfigJUnitTest {
boolean jmxManagerSslRequireAuth = true;
Properties gemFireProps = new Properties();
- gemFireProps.put(JMX_MANAGER_SSL, String.valueOf(jmxManagerSsl));
- gemFireProps.put(JMX_MANAGER_SSL_ENABLED, String.valueOf(jmxManagerSslenabled));
- gemFireProps.put(JMX_MANAGER_SSL_PROTOCOLS, jmxManagerSslprotocols);
- gemFireProps.put(JMX_MANAGER_SSL_CIPHERS, jmxManagerSslciphers);
- gemFireProps.put(JMX_MANAGER_SSL_REQUIRE_AUTHENTICATION, String.valueOf(jmxManagerSslRequireAuth));
+ gemFireProps.put(CLUSTER_SSL_ENABLED, String.valueOf(jmxManagerSslenabled));
+ gemFireProps.put(CLUSTER_SSL_PROTOCOLS, jmxManagerSslprotocols);
+ gemFireProps.put(CLUSTER_SSL_CIPHERS, jmxManagerSslciphers);
+ gemFireProps.put(CLUSTER_SSL_REQUIRE_AUTHENTICATION, String.valueOf(jmxManagerSslRequireAuth));
+ //TODO -- UDO: We need to potentially have to implement JMX_MANAGER_SSL_ALIAS
+ gemFireProps.put(JMX_MANAGER_SSL_ALIAS, "");
try{
DistributionConfigImpl config = new DistributionConfigImpl( gemFireProps );
}catch(IllegalArgumentException e){
@@ -359,7 +360,6 @@ public class SSLConfigJUnitTest {
gemFireProps.put(CLUSTER_SSL_CIPHERS, sslciphers);
gemFireProps.put(CLUSTER_SSL_REQUIRE_AUTHENTICATION, String.valueOf(requireAuth));
- gemFireProps.put(JMX_MANAGER_SSL, String.valueOf(jmxManagerSsl));
gemFireProps.put(JMX_MANAGER_SSL_PROTOCOLS, jmxManagerSslprotocols);
gemFireProps.put(JMX_MANAGER_SSL_CIPHERS, jmxManagerSslciphers);
gemFireProps.put(JMX_MANAGER_SSL_REQUIRE_AUTHENTICATION, String.valueOf(jmxManagerSslRequireAuth));
@@ -394,6 +394,7 @@ public class SSLConfigJUnitTest {
gemFireProps.put(CLUSTER_SSL_CIPHERS, sslciphers);
gemFireProps.put(CLUSTER_SSL_REQUIRE_AUTHENTICATION, String.valueOf(requireAuth));
+
gemFireProps.put(SERVER_SSL_ENABLED, String.valueOf(cacheServerSslenabled));
gemFireProps.put(SERVER_SSL_PROTOCOLS, cacheServerSslprotocols);
gemFireProps.put(SERVER_SSL_CIPHERS, cacheServerSslciphers);
@@ -447,175 +448,6 @@ public class SSLConfigJUnitTest {
}
@Test
- public void testCustomizedClusterSslConfig() throws Exception {
- boolean sslenabled = true;
- String sslprotocols = "SSLv1";
- String sslciphers = "RSA_WITH_NOTHING";
- boolean requireAuth = true;
-
- boolean clusterSslenabled = true;
- String clusterSslprotocols = "SSLv7";
- String clusterSslciphers = "RSA_WITH_GARBAGE";
- boolean clusterSslRequireAuth = true;
-
- //sslEnabled and clusterSSLEnabled set at the same time
- Properties gemFireProps = new Properties();
- gemFireProps.setProperty(MCAST_PORT, "0");
- gemFireProps.put(SSL_ENABLED, "true");
- gemFireProps.put(CLUSTER_SSL_ENABLED, "false");
- DistributionConfigImpl config = null;
- try{
- config = new DistributionConfigImpl( gemFireProps );
- throw new Exception();
- }catch(IllegalArgumentException e){
- if (! e.toString().contains( "GemFire properties \'ssl-enabled\' and \'cluster-ssl-enabled\' can not be used at the same time")) {
- throw new Exception( "did not get expected exception, got this instead...", e );
- }
- }
-
- //ssl-protocol and cluster-ssl-protocol set at the same time
- gemFireProps = new Properties();
- gemFireProps.setProperty(MCAST_PORT, "0");
- gemFireProps.put(SSL_ENABLED, "true");
- gemFireProps.put(SSL_PROTOCOLS, sslprotocols);
- gemFireProps.put(CLUSTER_SSL_ENABLED, "true");
- gemFireProps.put(CLUSTER_SSL_PROTOCOLS, clusterSslprotocols);
- try{
- config = new DistributionConfigImpl( gemFireProps );
- throw new Exception();
- }catch(IllegalArgumentException e){
- if (! e.toString().contains( "GemFire properties \'ssl-protocols\' and \'cluster-ssl-protocols\' can not be used at the same time") ) {
- throw new Exception( "did not get expected exception, got this instead...", e );
- }
- }
-
- //ssl-protocol and cluster-ssl-protocol set at the same time with same value
- gemFireProps = new Properties();
- gemFireProps.setProperty(MCAST_PORT, "0");
- gemFireProps.put(SSL_ENABLED, "true");
- gemFireProps.put(SSL_PROTOCOLS, sslprotocols);
- gemFireProps.put(CLUSTER_SSL_ENABLED, "true");
- gemFireProps.put(CLUSTER_SSL_PROTOCOLS, sslprotocols);
- try{
- config = new DistributionConfigImpl( gemFireProps );
- } catch(IllegalArgumentException e){
- throw new Exception();
- }
-
- //ssl-cipher and cluster-ssl-cipher set at the same time
- gemFireProps = new Properties();
- gemFireProps.setProperty(MCAST_PORT, "0");
- gemFireProps.put(SSL_ENABLED, "true");
- gemFireProps.put(SSL_CIPHERS, sslciphers);
- gemFireProps.put(CLUSTER_SSL_ENABLED, "true");
- gemFireProps.put(CLUSTER_SSL_CIPHERS, clusterSslciphers);
- try{
- config = new DistributionConfigImpl( gemFireProps );
- throw new Exception();
- } catch(IllegalArgumentException e){
- if (! e.toString().contains( "GemFire properties \'ssl-cipher\' and \'cluster-ssl-cipher\' can not be used at the same time") ) {
- throw new Exception( "did not get expected exception, got this instead...", e );
- }
- }
-
- //ssl-cipher and cluster-ssl-cipher set at the same time with same value
- gemFireProps = new Properties();
- gemFireProps.setProperty(MCAST_PORT, "0");
- gemFireProps.put(SSL_ENABLED, "true");
- gemFireProps.put(SSL_CIPHERS, sslciphers);
- gemFireProps.put(CLUSTER_SSL_ENABLED, "true");
- gemFireProps.put(CLUSTER_SSL_CIPHERS, sslciphers);
- try{
- config = new DistributionConfigImpl( gemFireProps );
- } catch(IllegalArgumentException e){
- throw new Exception();
- }
-
- //ssl-require-authentication and cluster-ssl-require-authentication set at the same time
- gemFireProps = new Properties();
- gemFireProps.setProperty(MCAST_PORT, "0");
- gemFireProps.put(SSL_ENABLED, "true");
- gemFireProps.put(SSL_REQUIRE_AUTHENTICATION, "true");
- gemFireProps.put(CLUSTER_SSL_ENABLED, "true");
- gemFireProps.put(CLUSTER_SSL_REQUIRE_AUTHENTICATION, "false");
- try{
- config = new DistributionConfigImpl( gemFireProps );
- throw new Exception();
- } catch(IllegalArgumentException e){
- if (! e.toString().contains( "GemFire properties \'ssl-require-authentication\' and \'cluster-ssl-require-authentication\' can not be used at the same time") ) {
- throw new Exception( "did not get expected exception, got this instead...", e );
- }
- }
-
- //ssl-require-authentication and cluster-ssl-require-authentication set at the same time and have the same value
- gemFireProps = new Properties();
- gemFireProps.setProperty(MCAST_PORT, "0");
- gemFireProps.put(SSL_ENABLED, "true");
- gemFireProps.put(SSL_REQUIRE_AUTHENTICATION, "true");
- gemFireProps.put(CLUSTER_SSL_ENABLED, "true");
- gemFireProps.put(CLUSTER_SSL_REQUIRE_AUTHENTICATION, "true");
- try{
- config = new DistributionConfigImpl( gemFireProps );
- } catch(IllegalArgumentException e){
- throw new Exception();
- }
-
- // only ssl-* properties provided. same should reflect in cluster-ssl properties
- gemFireProps = new Properties();
- gemFireProps.setProperty(MCAST_PORT, "0");
- gemFireProps.put(SSL_ENABLED, String.valueOf(sslenabled));
- gemFireProps.put(SSL_REQUIRE_AUTHENTICATION, String.valueOf(requireAuth));
- gemFireProps.put(SSL_CIPHERS, sslciphers);
- gemFireProps.put(SSL_PROTOCOLS, sslprotocols);
-
- gemFireProps.putAll(getGfSecurityPropertiesSSL());
-
- config = new DistributionConfigImpl(gemFireProps);
-
- isEqual(sslenabled, config.getSSLEnabled());
- isEqual(sslprotocols, config.getSSLProtocols());
- isEqual(sslciphers, config.getSSLCiphers());
- isEqual(requireAuth, config.getSSLRequireAuthentication());
-
- isEqual(sslenabled, config.getClusterSSLEnabled());
- isEqual(sslprotocols, config.getClusterSSLProtocols());
- isEqual(sslciphers, config.getClusterSSLCiphers());
- isEqual(requireAuth, config.getClusterSSLRequireAuthentication());
-
- Properties sslProperties = config.getSSLProperties();
- isEqual( SSL_PROPS_MAP , sslProperties);
-
- Properties clusterSSLProperties = config.getClusterSSLProperties();
- isEqual( SSL_PROPS_MAP, clusterSSLProperties );
-
- //only clutser-ssl-properties provided.
- gemFireProps = new Properties();
- gemFireProps.setProperty(MCAST_PORT, "0");
- gemFireProps.put(CLUSTER_SSL_ENABLED, String.valueOf(clusterSslenabled));
- gemFireProps.put(CLUSTER_SSL_REQUIRE_AUTHENTICATION, String.valueOf(clusterSslRequireAuth));
- gemFireProps.put(CLUSTER_SSL_CIPHERS, clusterSslciphers);
- gemFireProps.put(CLUSTER_SSL_PROTOCOLS, clusterSslprotocols);
-
- gemFireProps.putAll(getGfSecurityPropertiesCluster(false));
-
- config = new DistributionConfigImpl(gemFireProps);
-
- isEqual(clusterSslenabled, config.getClusterSSLEnabled());
- isEqual(clusterSslprotocols, config.getClusterSSLProtocols());
- isEqual(clusterSslciphers, config.getClusterSSLCiphers());
- isEqual(clusterSslRequireAuth, config.getClusterSSLRequireAuthentication());
-
- isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_KEYSTORE), config.getClusterSSLKeyStore());
- isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_KEYSTORE_TYPE), config.getClusterSSLKeyStoreType());
- isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_KEYSTORE_PASSWORD), config.getClusterSSLKeyStorePassword());
- isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_TRUSTSTORE), config.getClusterSSLTrustStore());
- isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_TRUSTSTORE_PASSWORD), config.getClusterSSLTrustStorePassword());
-
- clusterSSLProperties = config.getClusterSSLProperties();
- isEqual( SSL_PROPS_MAP, clusterSSLProperties );
- }
-
- @Test
public void testCustomizedManagerSslConfig() throws Exception {
boolean sslenabled = false;
String sslprotocols = "any";